package com.zzx.utils; import com.zzx.config.JwtConfig; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import java.io.Serializable; import java.util.*; @Component public class JwtTokenUtil implements Serializable { private static final long serialVersionUID = -5625635588908941275L; private static final String CLAIM_KEY_USERNAME = "sub"; private static final String CLAIM_KEY_CREATED = "created"; private static final String CLAIM_KEY_ROLES = "roles"; @Autowired private JwtConfig jwtConfig; /** * 从request中获取用户名 * * @param request * @return */ public String getUsernameFromRequest(HttpServletRequest request) { String token = request.getHeader(jwtConfig.getHeader()); token = token.substring(jwtConfig.getPrefix().length()); return token == null ? null : getUsernameFromToken(token); } /** * 从token中获取用户名 * * @param token * @return */ public String getUsernameFromToken(String token) { String username; try { final Claims claims = getClaimsFromToken(token); username = claims.getSubject(); } catch (Exception e) { username = null; } return username; } public Date getCreatedDateFromToken(String token) { Date created; try { final Claims claims = getClaimsFromToken(token); created = new Date((Long)claims.get(CLAIM_KEY_CREATED)); } catch (Exception e) { created = null; } return created; } /** * 从token中获取过期时间 * * @param token * @return */ public Date getExpirationDateFromToken(String token) { Date expiration; try { final Claims claims = getClaimsFromToken(token); expiration = claims.getExpiration(); } catch (Exception e) { expiration = null; } return expiration; } private Claims getClaimsFromToken(String token) { Claims claims; try { claims = Jwts.parser() .setSigningKey(jwtConfig.getSecret()) .parseClaimsJws(token) .getBody(); } catch (Exception e) { claims = null; } return claims; } /** * 生成过期时间 单位[ms] * * @return */ private Date generateExpirationDate() { return new Date(System.currentTimeMillis() + jwtConfig.getTime() * 1000); } /** * token是否过期 * true 过期 false 未过期 * * @param token * @return */ public Boolean isTokenExpired(String token) { final Date expiration = getExpirationDateFromToken(token); boolean isExpired = expiration.before(new Date()); return isExpired; } private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) { return (lastPasswordReset != null && created.before(lastPasswordReset)); } /** * 生成token * * @param userDetails * @return */ public String generateToken(UserDetails userDetails) { Map<String, Object> claims = new HashMap<>(3); claims.put(CLAIM_KEY_USERNAME, userDetails.getUsername()); //放入用户名 claims.put(CLAIM_KEY_CREATED, new Date());//放入token生成时间 List<String> roles = new ArrayList<>(); Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities(); for (GrantedAuthority authority : authorities) { roles.add(authority.getAuthority()); } claims.put(CLAIM_KEY_ROLES, roles);//放入用户权限 return generateToken(claims); } /** * 生成token * * @param claims * @return */ private String generateToken(Map<String, Object> claims) { return Jwts.builder() .setClaims(claims) .setExpiration(generateExpirationDate()) .signWith(SignatureAlgorithm.HS512, jwtConfig.getSecret()) .compact(); } public Boolean canTokenBeRefreshed(String token) { return !isTokenExpired(token); } public String refreshToken(String token) { String refreshedToken; try { final Claims claims = getClaimsFromToken(token); claims.put(CLAIM_KEY_CREATED, new Date()); refreshedToken = generateToken(claims); } catch (Exception e) { refreshedToken = null; } return refreshedToken; } /** * 校验token * * @param token * @param userDetails * @return */ public Boolean validateToken(String token, UserDetails userDetails) { final String username = getUsernameFromToken(token); //从token中取出用户名 return (username.equals(userDetails.getUsername()) && !isTokenExpired(token) //校验是否过期 ); } /** * 从token中获取用户角色 * * @param authToken * @return */ public List<String> getRolesFromToken(String authToken) { List<String> roles; try { final Claims claims = getClaimsFromToken(authToken); roles = (List<String>)claims.get(CLAIM_KEY_ROLES); } catch (Exception e) { roles = null; } return roles; } }