1 引入依赖
<!--引入jwt--> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.3.0</version> </dependency>
2 Jwt工具类
package com.ai.aiga.util.token;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import java.util.HashMap; import java.util.Map; public class JwtUtil { /** * 生成签名 * @param userName * @param userId * @return 加密的token * @throws Exception */ public static String createToken(String userId, String userName) throws Exception{ Map<String, Object> map = new HashMap<String, Object>(); map.put("alg", "HS256"); map.put("typ", "JWT"); String token = JWT.create() .withHeader(map)//header .withClaim("userId", userId) .withClaim("userName", userName) .sign(Algorithm.HMAC256("xx"));//xx为私钥 return token; } /** * 验证token * @param token * @return 验证的结果 * @throws Exception */ public static boolean verifyToken(String token) { try{ JWTVerifier verifier = JWT.require(Algorithm.HMAC256("xx")).build(); DecodedJWT jwt = verifier.verify(token); return true; }catch(Exception e){ return false; } } }
3 基于spring-mvc的token认证
3.1 配置spring-mvc.xml文件
<mvc:interceptors> <mvc:interceptor> <!--模糊匹配需要拦截的url路径--> <mvc:mapping path="/**/arch/archQry/**"/> <!--自定义的拦截器--> <bean class="com.ai.aiga.util.token.TokenInterceptor"></bean> </mvc:interceptor> </mvc:interceptors>
3.2 添加拦截器
package com.ai.aiga.util.token;
import com.ai.aiga.view.json.base.JsonBean;
import com.alibaba.fastjson.JSON;
import net.sf.json.JSONObject;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class TokenInterceptor implements HandlerInterceptor { /** * @param request * @param response * @param handler * @return * @throws Exception */ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { request.setCharacterEncoding("utf-8"); String token = request.getHeader("accessToken"); if(null != token){ boolean result =JwtUtil.verifyToken(token); if(result){ return true; } } JsonBean bean = new JsonBean(); bean.setRetCode("502"); bean.setRetMessage("error"); response.getWriter().write(JSON.toJSONString(bean)); return false; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { } }
4 基于shiro的token认证
4.1 配置spring-shiro.xml文件
<!-- Shiro Filter --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <property name="filters"> <map> <entry key="token"> <bean class="com.ai.aiga.security.shiro.TokenInterceptor" /> </entry> </map> </property> <property name="filterChainDefinitions"> <value> /**/arch/archQry/** = token </value> </property> </bean>
4.2 添加拦截器
package com.ai.aiga.security.shiro;
import com.ai.aiga.util.token.JwtUtil;
import com.ai.aiga.view.json.base.JsonBean;
import com.alibaba.fastjson.JSON;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.apache.shiro.web.util.WebUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Map; public class TokenInterceptor extends AdviceFilter { /** * @param request * @param response * @return * @throws Exception */ protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { request.setCharacterEncoding("utf-8"); String token = WebUtils.toHttp(request).getHeader("accessToken"); if(null != token){ boolean result =JwtUtil.verifyToken(token); if(result){ return true; } } WebUtils.toHttp(response).setHeader("Content-type", "text/html;charset=UTF-8"); response.setCharacterEncoding("utf-8"); JsonBean bean = new JsonBean(); bean.setRetCode("502"); bean.setRetMessage("token认证失败"); response.getWriter().write(JSON.toJSONString(bean)); return false; } }