| | |
|---|
| | | import com.auth0.jwt.JWTVerifier; |
|---|
| | | import com.auth0.jwt.algorithms.Algorithm; |
|---|
| | | import com.auth0.jwt.exceptions.JWTDecodeException; |
|---|
| | | import com.auth0.jwt.interfaces.Claim; |
|---|
| | | import com.auth0.jwt.interfaces.DecodedJWT; |
|---|
| | | import com.fasterxml.jackson.databind.ObjectMapper; |
|---|
| | | import com.gkhy.assess.common.api.CommonResult; |
|---|
| | | import com.gkhy.assess.common.exception.ApiException; |
|---|
| | | import io.swagger.models.auth.In; |
|---|
| | | import org.apache.commons.lang3.StringUtils; |
|---|
| | | import org.apache.shiro.crypto.hash.Md5Hash; |
|---|
| | | import org.slf4j.Logger; |
|---|
| | |
|---|
| | | import java.io.IOException; |
|---|
| | | import java.io.OutputStream; |
|---|
| | | import java.util.Date; |
|---|
| | | import java.util.HashMap; |
|---|
| | | import java.util.Map; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * JwtToken生成的工具类 |
|---|
| | |
|---|
| | | * @param secret 用户密码 |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | public static boolean verify(String token,String username,String secret){ |
|---|
| | | public static boolean verify(String token,String username,String secret,Integer identity){ |
|---|
| | | try { |
|---|
| | | Algorithm algorithm = Algorithm.HMAC256(secret); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build(); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username) |
|---|
| | | .withClaim("identity",identity).build(); |
|---|
| | | DecodedJWT jwt = verifier.verify(token); |
|---|
| | | return true; |
|---|
| | | }catch (Exception e){ |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | public static boolean isNeedUpdate(String token,String username,String secret){ |
|---|
| | | public static boolean isNeedUpdate(String token, String username, String secret,Integer identity){ |
|---|
| | | Date expertsAt =null; |
|---|
| | | try { |
|---|
| | | Algorithm algorithm = Algorithm.HMAC256(secret); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build(); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username) |
|---|
| | | .withClaim("identity",identity).build(); |
|---|
| | | expertsAt = verifier.verify(token).getExpiresAt(); |
|---|
| | | }catch (Exception e){ |
|---|
| | | throw new ApiException("token非法无效"); |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 获取token中的信息 无需secret解密也能获得 |
|---|
| | | * @param token |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | public static Integer getIdentity(String token){ |
|---|
| | | try { |
|---|
| | | DecodedJWT jwt = JWT.decode(token); |
|---|
| | | return jwt.getClaim("identity").asInt(); |
|---|
| | | }catch (JWTDecodeException e){ |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 生成签名 |
|---|
| | | * @param username |
|---|
| | | * @param secret |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | public static String sign(String username,String secret){ |
|---|
| | | public static String sign(String username,String secret,Integer identity){ |
|---|
| | | Date date=new Date(System.currentTimeMillis()+EXPIRATION*1000); |
|---|
| | | Algorithm algorithm=Algorithm.HMAC256(secret); |
|---|
| | | return JWT.create().withClaim("username",username).withExpiresAt(date).sign(algorithm); |
|---|
| | | return JWT.create().withClaim("username",username) |
|---|
| | | .withClaim("identity",identity).withExpiresAt(date).sign(algorithm); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
