| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- package com.zksy.gateway.utils;
- import cn.hutool.core.exceptions.ValidateException;
- import cn.hutool.jwt.JWT;
- import cn.hutool.jwt.JWTValidator;
- import cn.hutool.jwt.signers.JWTSigner;
- import cn.hutool.jwt.signers.JWTSignerUtil;
- import com.zksy.common.exception.UnauthorizedException;
- import org.springframework.stereotype.Component;
- import java.security.KeyPair;
- import java.time.Duration;
- import java.util.Date;
- @Component
- public class JwtTool {
- private final JWTSigner jwtSigner;
- public JwtTool(KeyPair keyPair) {
- this.jwtSigner = JWTSignerUtil.createSigner("rs256", keyPair);
- }
- /**
- * 创建 access-token
- *
- * @param userId 用户信息
- * @return access-token
- */
- public String createToken(Long userId, Duration ttl) {
- // 1.生成jws
- return JWT.create()
- .setPayload("user", userId)
- .setExpiresAt(new Date(System.currentTimeMillis() + ttl.toMillis()))
- .setSigner(jwtSigner)
- .sign();
- }
- /**
- * 解析token
- *
- * @param token token
- * @return 解析刷新token得到的用户信息
- */
- public Long parseToken(String token) {
- // 1.校验token是否为空
- if (token == null) {
- throw new UnauthorizedException("未登录");
- }
- // 2.校验并解析jwt
- JWT jwt;
- try {
- jwt = JWT.of(token).setSigner(jwtSigner);
- } catch (Exception e) {
- throw new UnauthorizedException("无效的token", e);
- }
- // 2.校验jwt是否有效
- if (!jwt.verify()) {
- // 验证失败
- throw new UnauthorizedException("无效的token");
- }
- // 3.校验是否过期
- try {
- JWTValidator.of(jwt).validateDate();
- } catch (ValidateException e) {
- throw new UnauthorizedException("token已经过期");
- }
- // 4.数据格式校验
- Object userPayload = jwt.getPayload("user");
- if (userPayload == null) {
- // 数据为空
- throw new UnauthorizedException("无效的token");
- }
- // 5.数据解析
- try {
- return Long.valueOf(userPayload.toString());
- } catch (RuntimeException e) {
- // 数据格式有误
- throw new UnauthorizedException("无效的token");
- }
- }
- }
|
