Use of JSON Web tokens and jsonwebtoken

Source: Internet
Author: User

Use of JSON Web tokens and jsonwebtoken

JSON Web Token (JWT) is a lightweight specification. This specification allows us to use JWT to transmit secure and reliable information between users and servers.
1,

1 <dependency>2     <groupId>io.jsonwebtoken</groupId>3     <artifactId>jjwt</artifactId>4     <version>0.6.0</version>5 </dependency>

2. Create a TokenUtils class

1 package xxxxxx; 2 3 import java. security. key; 4 import java. util. date; 5 import java. util. map; 6 7 import javax. crypto. spec. secretKeySpec; 8 9 import org. apache. commons. codec. binary. base64; 10 11 import xxxxxx. cst; 12 13 import io. jsonwebtoken. claims; 14 import io. jsonwebtoken. jws; 15 import io. jsonwebtoken. jwtBuilder; 16 import io. jsonwebtoken. jwts; 17 import io. jsonwebtoken. signatureAlgorithm; 18 import io. jsonwebtoken. impl. crypto. macProvider; 19 20 public class TokenUtils {21 // version 22 public static String TOKEN_VERSION = "1"; 23 // set ISSUER 24 public static String ISSUER = "zhicall "; 25 // set the abstract topic 26 public static String SUBJECT = "subject"; 27 28 // HS256 Private Key 29 public static String HS256KEY = "xxxxxx "; 30 31 public static SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm. HS256; 32 33 public static Key signingKey = new SecretKeySpec (Base64.decodeBase64 (HS256KEY), signatureAlgorithm. getJcaName (); 34 35 public static String getJWTString (String login, Map <String, Object> claims) {36 37 long nowMillis = System. currentTimeMillis (); 38 claims. put (Claims. ID, TOKEN_VERSION); 39 claims. put (Claims. ISSUER, ISSUER); 40 claims. put (Claims. SUBJECT, SUBJECT); 41 claims. put (Claims. AUDIENCE, login); 42 claims. put (Claims. EXPIRATION, new Date (nowMillis + (Cst. TOKEN_TIMEOUT_MIN * 60*1000); 43 claims. put (Claims. ISSUED_AT, new Date (nowMillis); 44 45 JwtBuilder jwtBuilder = cmdts. builder (). setClaims (claims); 46 // System. out. println (System. currentTimeMillis ()-nowMillis); 47 jwtBuilder. signWith (signatureAlgorithm, signingKey); 48 return jwtBuilder. compact (); 49} 50 51 public static boolean isValid (String token) {52 try {53 Jws <Claims> extends sclaims = ts. parser (). setSigningKey (signingKey ). parseClaimsJws (token. trim (); 54 Long exp = (Long) extends sclaims. getBody (). get (Claims. EXPIRATION); 55 // System. out. println (exp-System. currentTimeMillis (); 56 return exp-System. currentTimeMillis ()> 0; 57} catch (Exception e) {58 e. printStackTrace (); 59 return false; 60} 61} 62 63 public static Map <String, Object> parseJWTtoMap (String token) {64 Claims claims = ts. parser (). setSigningKey (signingKey ). parseClaimsJws (token. trim ()). getBody (); 65 return claims; 66} 67 68 public static String getHS512Key () {69 Key key = MacProvider. generateKey (SignatureAlgorithm. HS512); 70 String keyStr = Base64.encodeBase64String (key. getEncoded (); 71 return keyStr; 72} 73}

3. Call the getJWTString (String login, Map <String, Object> claims) method to create a token, claims is a map, and other information such as permissions and roles can be passed in,

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.