中文字幕av专区_日韩电影在线播放_精品国产精品久久一区免费式_av在线免费观看网站

溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

基于Java驗證jwttoken代碼怎么寫

發布時間:2021-10-15 17:59:43 來源:億速云 閱讀:163 作者:柒染 欄目:編程語言

這篇文章給大家介紹基于Java驗證jwttoken代碼怎么寫,內容非常詳細,感興趣的小伙伴們可以參考借鑒,希望對大家能有所幫助。

1.HS256對稱加密

package jwt; import java.io.FileInputStream;import java.io.IOException;import java.security.KeyFactory;import java.security.PrivateKey;import java.security.PublicKey;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.Base64;import java.util.Date;import java.util.Vector;import java.util.Map; import sun.misc.BASE64Decoder; import com.auth0.jwt.JWT;import com.auth0.jwt.algorithms.Algorithm;import com.auth0.jwt.exceptions.JWTVerificationException;import com.auth0.jwt.interfaces.Claim;import com.auth0.jwt.interfaces.DecodedJWT;  public class JWTValidator {  private static String JWT_Type = "JWT";     protected boolean validated;  protected Object[] claims;     public JWTValidator() {    setValidated(false);    setClaims(null);  }  public String Generate(String secret, String issuer, String audience, String subject){    try {      Algorithm algorithm = Algorithm.HMAC256(secret); // HS256      String token = JWT.create()        .withIssuer(issuer)        .withAudience(audience)        .withSubject(subject)        .sign(algorithm);      System.out.println(token);      return token;    } catch (Exception exception){      //UTF-8 encoding not supported      return "";    }  }      public void Validate(String token, String secret, String issuer, String audience, String subject) {    DecodedJWT jwt = null;    setValidated(false);         if (token == null || secret == null || issuer == null || audience == null || subject == null)      return;         try {      jwt = JWT.require(Algorithm.HMAC256(secret.getBytes())).build().verify(token);    } catch (JWTVerificationException e) {      return;    }         if (jwt == null || jwt.getType() == null || !jwt.getType().contentEquals(JWT_Type))      return;         if (!jwt.getIssuer().contentEquals(issuer) ||      !jwt.getAudience().contains(audience) ||      !jwt.getSubject().contentEquals(subject))      return;         Date now = new Date();         if ((jwt.getNotBefore() != null && jwt.getNotBefore().after(now)) ||      (jwt.getExpiresAt() != null && jwt.getExpiresAt().before(now)))      return;         setValidated(true);     Map<String, Claim> claimsMap = jwt.getClaims();    Vector<Claim> claimsVector = new Vector<Claim>();         if (claimsMap != null) {      for (Map.Entry<String, Claim> entry : claimsMap.entrySet()) {        String key = entry.getKey();        if (key != null && !key.matches("aud|sub|iss|exp|iat")) {                   //claimsVector.add(new Claim(key, entry.getValue().asString()));        }      }       }     setClaims(claimsVector.isEmpty() ? null : claimsVector.toArray());  }   public boolean isValidated() { return validated; }  public void setValidated(boolean val) { validated = val; }   public Object[] getClaims() { return claims; }  public void setClaims(Object[] val) { claims = (val == null ? new Object[0] : val); }}

2.RS256不對稱加密,需要用public cert來驗證

package jwt; import junit.framework.TestCase;import org.apache.commons.codec.binary.Base64;import org.apache.commons.io.IOUtils;import org.jose4j.jws.AlgorithmIdentifiers;import org.jose4j.jws.JsonWebSignature;import org.jose4j.jwt.JwtClaims;import org.jose4j.jwt.consumer.JwtConsumer;import org.jose4j.jwt.consumer.JwtConsumerBuilder;import org.jose4j.lang.JoseException;import sun.security.util.DerInputStream;import sun.security.util.DerValue; import java.io.ByteArrayInputStream;import java.io.FileInputStream;import java.io.FileNotFoundException;import java.io.IOException;import java.math.BigInteger;import java.security.*;import java.security.cert.CertificateException;import java.security.cert.CertificateFactory;import java.security.cert.X509Certificate;import java.security.spec.InvalidKeySpecException;import java.security.spec.RSAPrivateCrtKeySpec;import java.security.spec.X509EncodedKeySpec;import java.text.SimpleDateFormat;import java.util.UUID; public class JWTValidatorForRSA extends TestCase{   public void testCreateToken() throws IOException {    System.out.println(createToken());  }   public void testVerifyToken() throws Exception {    String token = createToken();    System.out.println(token);         String pkeyPath = "D:\\temp\\idsrv4.crt";    JwtClaims jwtClaims = verifyToken(token,pkeyPath);    System.out.println(jwtClaims.getClaimValue("name"));    System.out.println(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(jwtClaims.getIssuedAt().getValueInMillis()));    System.out.println(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(jwtClaims.getExpirationTime().getValueInMillis()));  }   /**   * 生成jwt,SHA256加密   * @return   * @throws IOException   */  public String createToken() throws IOException {    String privateKeyPath = "D:\\temp\\idsrv4.key";    PrivateKey privateKey = getPrivateKey(getStringFromFile(privateKeyPath));    final JwtClaims claims = new JwtClaims();    claims.setClaim("name", "jack");    claims.setSubject("a@a.com");    claims.setAudience("test");//用于驗證簽名是否合法,驗證方必須包含這些內容才驗證通過    claims.setExpirationTimeMinutesInTheFuture(-1); // 60*24*30);    claims.setIssuedAtToNow();     // Generate the payload    final JsonWebSignature jws = new JsonWebSignature();    jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);    jws.setPayload(claims.toJson());    jws.setKeyIdHeaderValue(UUID.randomUUID().toString());     // Sign using the private key    jws.setKey(privateKey);    try {      return jws.getCompactSerialization();    } catch (JoseException e) {      return null;    }  }   /**   * 驗證jwt   * @param token   * @return   * @throws Exception   */  public JwtClaims verifyToken(String token,String publicKeyPath) throws Exception {     try {      PublicKey publicKey = getPublicKey(publicKeyPath);       JwtConsumer jwtConsumer = new JwtConsumerBuilder()          .setRequireExpirationTime()          .setVerificationKey(publicKey)          .setExpectedAudience("test")//用于驗證簽名是否合法,可以設置多個,且可設置必須存在項,如果jwt中不包含這些內容則不通過          .build();       return jwtConsumer.processToClaims(token);    } catch (Exception e) {      throw new RuntimeException(e);    }  }   private String getStringFromFile(String filePath) throws IOException {    //  生成方法:安裝openssl,執行   openssl genrsa -out private.pem 2048    return IOUtils.toString(new FileInputStream(filePath));  }   /**   * 獲取PublicKey對象   * @param publicKeyBase64   * @return   * @throws NoSuchAlgorithmException   * @throws InvalidKeySpecException   * @throws CertificateException   * @throws FileNotFoundException   */  private PublicKey getPublicKey(String publicKeyPath) throws NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, FileNotFoundException {    /* Not work : data isn't an object ID (tag = 2)    String pem = publicKeyBase64        .replaceAll("\\-*BEGIN.*CERTIFICATE\\-*", "")        .replaceAll("\\-*END.*CERTIFICATE\\-*", "");    java.security.Security.addProvider(        new org.bouncycastle.jce.provider.BouncyCastleProvider()    );    System.out.println(pem);         X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(pem));    KeyFactory keyFactory = KeyFactory.getInstance("RSA");     PublicKey publicKey = keyFactory.generatePublic(pubKeySpec);    */         CertificateFactory fact = CertificateFactory.getInstance("X.509");    FileInputStream is = new FileInputStream (publicKeyPath);    X509Certificate cer = (X509Certificate) fact.generateCertificate(is);    PublicKey publicKey = cer.getPublicKey();         System.out.println(publicKey);         return publicKey;  }   /**   * 獲取PrivateKey對象   * @param privateKeyBase64   * @return   */  private PrivateKey getPrivateKey(String privateKeyBase64) {    String privKeyPEM = privateKeyBase64        .replaceAll("\\-*BEGIN.*KEY\\-*", "")        .replaceAll("\\-*END.*KEY\\-*", "");     // Base64 decode the data    byte[] encoded = Base64.decodeBase64(privKeyPEM);     try {      DerInputStream derReader = new DerInputStream(encoded);      DerValue[] seq = derReader.getSequence(0);       if (seq.length < 9) {        throw new GeneralSecurityException("Could not read private key");      }       // skip version seq[0];      BigInteger modulus = seq[1].getBigInteger();      BigInteger publicExp = seq[2].getBigInteger();      BigInteger privateExp = seq[3].getBigInteger();      BigInteger primeP = seq[4].getBigInteger();      BigInteger primeQ = seq[5].getBigInteger();      BigInteger expP = seq[6].getBigInteger();      BigInteger expQ = seq[7].getBigInteger();      BigInteger crtCoeff = seq[8].getBigInteger();       RSAPrivateCrtKeySpec keySpec = new RSAPrivateCrtKeySpec(modulus, publicExp, privateExp,          primeP, primeQ, expP, expQ, crtCoeff);       KeyFactory factory = KeyFactory.getInstance("RSA");      return factory.generatePrivate(keySpec);    } catch (Exception e) {      e.printStackTrace();    }    return null;  }}

關于基于Java驗證jwttoken代碼怎么寫就分享到這里了,希望以上內容可以對大家有一定的幫助,可以學到更多知識。如果覺得文章不錯,可以把它分享出去讓更多的人看到。

向AI問一下細節

免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。

AI

黎川县| 当雄县| 祁连县| 平乡县| 大安市| 蒙阴县| 苍山县| 宁河县| 施秉县| 齐齐哈尔市| 葵青区| 泰安市| 积石山| 阳江市| 宁蒗| 常德市| 平安县| 罗田县| 吴忠市| 枞阳县| 巫山县| 大荔县| 荃湾区| 称多县| 通江县| 梅州市| 正宁县| 石阡县| 潢川县| 郧西县| 滁州市| 定边县| 黄冈市| 固安县| 武威市| 上蔡县| 阜城县| 荣昌县| 宝清县| 阳东县| 迭部县|