package com.nuvole.util; import cn.hutool.core.convert.Convert; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import java.util.Date; import java.util.Map; /** * @ClassName JWTUtil * @Description JWT工具类 * @Author Chen Long * @Date 2019/8/20 * @Version 1.0 */ public class JWTUtil { /** * PC类型JWT */ public static final String JWT_TYPE_PC = "PC"; /** * 客户经理类型jwt */ public static final String JWT_TYPE_MANAGER_WX_MINI = "MANAGER_WX_MINI"; /** * APP类型JWT */ public static final String JWT_TYPE_APP = "APP"; /** * SCANPAY JWT */ public static final String JWT_TYPE_SCANPAY = "SCANPAY"; /** * PC类型JWT超时时长 */ public static final long JWT_TYPE_PC_EXPIRE = 2 * 60 * 60 * 1000; /** * 客户经理小程序类型JWT超时时长 */ public static final long JWT_TYPE_MANAGER_WX_MINI_EXPIRE = 7 * 24 * 60 * 60 * 1000; /** * APP类型JWT超时时长 */ public static final long JWT_TYPE_APP_EXPIRE = 2 * 60 * 60 * 1000; /** * SCANPAY JWT超时时长 */ public static final long JWT_TYPE_SCANPAY_EXPIRE = 2 * 60 * 60 * 1000; /** * 自定义前缀 */ private static final String JWT_SIGN_PREFIX = "o6t48fVSqCUCu"; /** * 加密密钥 */ private static final String JWT_SECRET = "sHyPanQN8wAt3sKBix9Fla7iGvwWs4hfE4YhluMYvbtBdX6sOiEeGU4lHhVgdrsO"; /** * 创建 JWT * * @param jwtType * @param claims * @return * @Description jwt荷载 * iss: jwt签发者 * sub: jwt所面向的用户 * aud: 接收jwt的一方 * exp: jwt的过期时间,这个过期时间必须要大于签发时间 * nbf: 定义在什么时间之前,该jwt都是不可用的. * iat: jwt的签发时间 * jti: jwt的唯一身份标识,主要用来作为一次性token,从而回避重放攻击。 */ public static String generateJwt(String jwtType, Map claims) { //签发时间 long nowMillis = System.currentTimeMillis(); //超时时间 long expMillis = 0; if (jwtType.equalsIgnoreCase(JWT_TYPE_PC)) { expMillis = nowMillis + JWT_TYPE_PC_EXPIRE; } else if (jwtType.equalsIgnoreCase(JWT_TYPE_APP)) { expMillis = nowMillis + JWT_TYPE_APP_EXPIRE; } else if (jwtType.equalsIgnoreCase(JWT_TYPE_SCANPAY)) { expMillis = nowMillis + JWT_TYPE_SCANPAY_EXPIRE; } else if (jwtType.equalsIgnoreCase(JWT_TYPE_MANAGER_WX_MINI)) { expMillis = nowMillis + JWT_TYPE_MANAGER_WX_MINI_EXPIRE; } for (Map.Entry entry : claims.entrySet()) { entry.setValue(AESUtil.encode( Convert.toStr( entry.getValue()))); } String compactJws = Jwts.builder() .setClaims(claims) .setIssuedAt(new Date(nowMillis)) .setExpiration(new Date(expMillis)) .signWith(SignatureAlgorithm.HS512, JWT_SECRET) .compact(); return JWT_SIGN_PREFIX + compactJws; } /** * 校验jwt是否合法 * * @param jwt * @return */ public static boolean checkJWT(String jwt) { try { getClaims(jwt); return true; } catch (Exception e) { e.printStackTrace(); return false; } } /** * 获取claims * * @param jwt * @return */ public static Claims getClaims(String jwt) { jwt = jwt.substring(JWT_SIGN_PREFIX.length()); Claims claims; claims = Jwts.parser() .setSigningKey(JWT_SECRET) .parseClaimsJws(jwt) .getBody(); return claims; } /** * 获取claims sub * * @param jwt * @return */ public static String getSubOfClaims(String jwt) { return getValOfClaims(jwt, "sub"); } /** * 获取claims roles * * @param jwt * @return */ public static String getRolesOfClaims(String jwt) { return getValOfClaims(jwt, "roles"); } /** * @param jwt * @param key * @Method getValOfClaims * @Description 根据key获取claims值 * @Return java.lang.String * @Author Chen Long * @Date 2019/8/27 * @Version 1.0 */ public static String getValOfClaims(String jwt, String key) { return AESUtil.decode( Convert.toStr( getClaims(jwt).get(key))); } }