当前位置:网站首页>JWT快速入门
JWT快速入门
2022-07-26 07:28:00 【STATICHIT静砸】
· 什么是JWT?
JSON Web Token。通过数字签名的方式,以JSON对象为载体,在不同的服务器终端之间安全的传输信息。
· JWT有什么用?
JWT最常见的场景就是授权认证,一旦用户登录,后续每个请求都将包含JWT,系统在每次处理用户请求的之前,都要先进行JWT安全校验,通过之后再进行处理。
· JWT的组成:
JWT由3部分组成,并用 . 拼接
例如:
这三部分分别是(例如):
· Header
· Payload
· Signatrue
首先,要实现jwt还需要导入一些包(下面省略了json)
<!--JWT-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-core</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>实践:创建token和提取token中的数据
import io.jsonwebtoken.*;
import java.util.Date;
import java.util.UUID;
public class JWT {
private long time = 1000*60*60*24;
private String signature = "admin";
@org.junit.Test
public void makeJWT(){
JwtBuilder jwtBuilder = Jwts.builder();
String jwtToken = jwtBuilder
//header
.setHeaderParam("typ","JWT")
.setHeaderParam("alg","HS256")
//payload
.claim("username","tom")
.claim("role","admin")
.setSubject("admin-test")
.setExpiration(new Date(System.currentTimeMillis()+time))
.setId(UUID.randomUUID().toString())
//signature
.signWith(SignatureAlgorithm.HS256,signature)
.compact();
System.out.println(jwtToken);
}
@org.junit.Test
public void parse(){
String token ="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NTg4MjMyODEsImp0aSI6ImE1Y2M3Y2IzLTM4NTItNGJmYS05NjAyLTllYjdjNTY2MjY5NCJ9.WOP5_VomcD_Ds1fgRlydAGPWIHBWtoiPqPJLxR93Q6o";
JwtParser jwtParser = Jwts.parser();
Jws<Claims> claimsJws = jwtParser.setSigningKey(signature).parseClaimsJws(token);
Claims claims = claimsJws.getBody();
System.out.println(claims.get("username"));
System.out.println(claims.get("role"));
System.out.println(claims.getId());
System.out.println(claims.getSubject());
System.out.println(claims.getExpiration());
}
}
第一个和第二个测试分别得到的结果是:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1
pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NTg4MjMyODEsImp0aSI6ImE1Y2M3Y2IzL
TM4NTItNGJmYS05NjAyLTllYjdjNTY2MjY5NCJ9.WOP5_VomcD_Ds1fgRlydAGPWIHBWto
iPqPJLxR93Q6o
边栏推荐
猜你喜欢
Deep learning model deployment
NLP natural language processing - Introduction to machine learning and natural language processing (3)
NFT数字藏品开发:数字藏品与NFT的六大区别
金融任务实例实时、离线跑批Apache DolphinScheduler在新网银行的三大场景与五大优化
基于Thinkphp的开源管理系统
PXE efficient batch network installation
机器学习相关比赛网站
Compose Canvas line chart
QT: list box, table, tree control
记一次路由器频繁掉线问题的分析、解决与发展
随机推荐
Learning Efficient Convolutional Networks Through Network Slimming
Hcip--- MPLS detailed explanation and BGP route filtering
College degree sales career, from the third tier 4K to the first tier 20k+, I am very satisfied with myself
ShardingSphere数据分片
中国联通改造 Apache DolphinScheduler 资源中心,实现计费环境跨集群调用与数据脚本一站式访问
此章节用于补充2
C# 使用Log4Net记录日志(基础篇)
什么是消息订阅和发布?
此章节用于补充
「论文笔记」Next-item Recommendations in Short Sessions
倒计时2日!基于 Apache DolphinScheduler&TiDB 的交叉开发实践,从编写到调度让你大幅提升效率
Typora免费版下载安装
Taishan Office Technology Lecture: how to calculate page blank (margin)
NFT数字藏品系统开发:NFT数藏 的最佳数字营销策略有哪些
Regular expression rules and common regular expressions
PR subtitle production
记一次路由器频繁掉线问题的分析、解决与发展
This section is intended to supplement
DevExpress.XtraEditors.DataNavigator用法
Taishan office lecture: word error about inconsistent values of page margins