package com.wyy.web.rest.util;
import com.alibaba.fastjson.JSONObject;
import javax.servlet.http.HttpServletRequest;
import java.util.Base64;
public final class JwtUtil {
private JwtUtil() {
}
public static String getUserLogin(HttpServletRequest httpServletRequest) {
String authorization = httpServletRequest.getHeader("authorization");
if (null == authorization) {
// 请求头中没有携带JWT,表示非登录用户
return null;
}
String jwt = authorization.substring(7); // 去除前缀“bearer ”
String payloadBase64 = jwt.substring(jwt.indexOf(".") + 1, jwt.lastIndexOf(".")); // 取出JWT中第二部分
Base64.Decoder decoder = Base64.getDecoder();
String payloadString;
try {
payloadString = new String(decoder.decode(payloadBase64), "UTF-8");
} catch (Exception e) {
return null;
}
JSONObject payloadJson = JSONObject.parseObject(payloadString);
String userLogin = payloadJson.getString("user_name");
if (null == userLogin) {
return "system"; // 如果JWT中没有携带用户名,则应该是微服务见内部调用,此时将用户名强制设为system返回。
} else {
return userLogin;
}
}
public static String getUserRoles(HttpServletRequest httpServletRequest) {
String authorization = httpServletRequest.getHeader("authorization");
if (null == authorization) {
// 请求头中没有携带JWT,表示非登录用户
return null;
}
String jwt = authorization.substring(7); // 去除前缀“bearer ”
String payloadBase64 = jwt.substring(jwt.indexOf(".") + 1, jwt.lastIndexOf(".")); // 取出JWT中第二部分
Base64.Decoder decoder = Base64.getDecoder();
String payloadString;
try {
payloadString = new String(decoder.decode(payloadBase64), "UTF-8");
} catch (Exception e) {
return null;
}
JSONObject payloadJson = JSONObject.parseObject(payloadString);
return payloadJson.getString("authorities");
}
}
