package com.nuvole.util;
|
|
import cn.hutool.core.convert.Convert;
|
import io.jsonwebtoken.Claims;
|
import io.jsonwebtoken.Jwts;
|
import io.jsonwebtoken.SignatureAlgorithm;
|
|
import java.util.Date;
|
import java.util.Map;
|
|
/**
|
* @ClassName JWTUtil
|
* @Description JWT工具类
|
* @Author Chen Long
|
* @Date 2019/8/20
|
* @Version 1.0
|
*/
|
public class JWTUtil {
|
|
/**
|
* PC类型JWT
|
*/
|
public static final String JWT_TYPE_PC = "PC";
|
|
/**
|
* 客户经理类型jwt
|
*/
|
public static final String JWT_TYPE_MANAGER_WX_MINI = "MANAGER_WX_MINI";
|
/**
|
* APP类型JWT
|
*/
|
public static final String JWT_TYPE_APP = "APP";
|
|
/**
|
* SCANPAY JWT
|
*/
|
public static final String JWT_TYPE_SCANPAY = "SCANPAY";
|
|
/**
|
* PC类型JWT超时时长
|
*/
|
public static final long JWT_TYPE_PC_EXPIRE = 2 * 60 * 60 * 1000;
|
|
/**
|
* 客户经理小程序类型JWT超时时长
|
*/
|
public static final long JWT_TYPE_MANAGER_WX_MINI_EXPIRE = 7 * 24 * 60 * 60 * 1000;
|
|
|
/**
|
* APP类型JWT超时时长
|
*/
|
public static final long JWT_TYPE_APP_EXPIRE = 2 * 60 * 60 * 1000;
|
|
/**
|
* SCANPAY JWT超时时长
|
*/
|
public static final long JWT_TYPE_SCANPAY_EXPIRE = 2 * 60 * 60 * 1000;
|
|
/**
|
* 自定义前缀
|
*/
|
private static final String JWT_SIGN_PREFIX = "o6t48fVSqCUCu";
|
/**
|
* 加密密钥
|
*/
|
private static final String JWT_SECRET = "sHyPanQN8wAt3sKBix9Fla7iGvwWs4hfE4YhluMYvbtBdX6sOiEeGU4lHhVgdrsO";
|
|
|
/**
|
* 创建 JWT
|
*
|
* @param jwtType
|
* @param claims
|
* @return
|
* @Description jwt荷载
|
* iss: jwt签发者
|
* sub: jwt所面向的用户
|
* aud: 接收jwt的一方
|
* exp: jwt的过期时间,这个过期时间必须要大于签发时间
|
* nbf: 定义在什么时间之前,该jwt都是不可用的.
|
* iat: jwt的签发时间
|
* jti: jwt的唯一身份标识,主要用来作为一次性token,从而回避重放攻击。
|
*/
|
public static String generateJwt(String jwtType, Map<String, Object> claims) {
|
|
//签发时间
|
long nowMillis = System.currentTimeMillis();
|
//超时时间
|
long expMillis = 0;
|
if (jwtType.equalsIgnoreCase(JWT_TYPE_PC)) {
|
expMillis = nowMillis + JWT_TYPE_PC_EXPIRE;
|
} else if (jwtType.equalsIgnoreCase(JWT_TYPE_APP)) {
|
expMillis = nowMillis + JWT_TYPE_APP_EXPIRE;
|
} else if (jwtType.equalsIgnoreCase(JWT_TYPE_SCANPAY)) {
|
expMillis = nowMillis + JWT_TYPE_SCANPAY_EXPIRE;
|
} else if (jwtType.equalsIgnoreCase(JWT_TYPE_MANAGER_WX_MINI)) {
|
expMillis = nowMillis + JWT_TYPE_MANAGER_WX_MINI_EXPIRE;
|
}
|
|
for (Map.Entry<String, Object> entry : claims.entrySet()) {
|
entry.setValue(AESUtil.encode(
|
Convert.toStr(
|
entry.getValue())));
|
|
}
|
|
String compactJws = Jwts.builder()
|
.setClaims(claims)
|
.setIssuedAt(new Date(nowMillis))
|
.setExpiration(new Date(expMillis))
|
.signWith(SignatureAlgorithm.HS512, JWT_SECRET)
|
.compact();
|
|
return JWT_SIGN_PREFIX + compactJws;
|
}
|
|
/**
|
* 校验jwt是否合法
|
*
|
* @param jwt
|
* @return
|
*/
|
public static boolean checkJWT(String jwt) {
|
try {
|
getClaims(jwt);
|
return true;
|
} catch (Exception e) {
|
e.printStackTrace();
|
return false;
|
}
|
}
|
|
/**
|
* 获取claims
|
*
|
* @param jwt
|
* @return
|
*/
|
public static Claims getClaims(String jwt) {
|
jwt = jwt.substring(JWT_SIGN_PREFIX.length());
|
Claims claims;
|
claims = Jwts.parser()
|
.setSigningKey(JWT_SECRET)
|
.parseClaimsJws(jwt)
|
.getBody();
|
return claims;
|
}
|
|
/**
|
* 获取claims sub
|
*
|
* @param jwt
|
* @return
|
*/
|
public static String getSubOfClaims(String jwt) {
|
return getValOfClaims(jwt, "sub");
|
}
|
|
/**
|
* 获取claims roles
|
*
|
* @param jwt
|
* @return
|
*/
|
public static String getRolesOfClaims(String jwt) {
|
return getValOfClaims(jwt, "roles");
|
}
|
|
/**
|
* @param jwt
|
* @param key
|
* @Method getValOfClaims
|
* @Description 根据key获取claims值
|
* @Return java.lang.String
|
* @Author Chen Long
|
* @Date 2019/8/27
|
* @Version 1.0
|
*/
|
public static String getValOfClaims(String jwt, String key) {
|
return AESUtil.decode(
|
Convert.toStr(
|
getClaims(jwt).get(key)));
|
}
|
|
|
}
|
