Java jwt使用公钥字符串验证解析token锁方法详解
爱学习的大雄 人气:0引言
本文主要示例如何通过已知的公钥(字符串),来使用java-jwt
校验token锁。
由于java-jwt中校验时所需要的公钥是RSAPublicKey
对象而我们目前的公钥是字符串,所以我们需要进行转化,本篇文章主要就是记录如何进行这个转化
如果需要了解公钥、私钥的概念,请百度其它文章。
代码
<!-- java-jwt --> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>4.2.1</version> </dependency>
/** * 根据公钥字符串生成PublicKey对象 * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ private static PublicKey getPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException { String pem = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWCkZn1ksPM+DBLzgaffe2je6/Kr168fDI/CAM23Ardh4+w5yprtCmNfibCLcNZ66OzPC164p4ufboc9fxXqd5mv0ZtaHGG2pATH5e7z+Gla3Bd3QX8WqJi5LkAtsdP23IQqhz8UHA+Vmd6pTzobcQBhF1K7K/zcK9QDTFon4tCxL12wSOl40CDlWnaHortvljmJ5T3zD1iPjHjpVejI5YQReqxXEuqFVTqu2nhdTWAmfX8KrlVbPGPCevruKFmNvnl09N0Kk2CZGRlLq5aE7UZxH3GOkNWKkVWMO7tUgoJK9r8v/EIrIcuO5SX7RuyyhyY0/fsx3f+CTrUATkfgVwIDAQAB"; X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(pem)); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicKey = keyFactory.generatePublic(pubKeySpec); System.out.println(publicKey); return publicKey; } /** * 校验token * @param token * @return * @throws Exception */ public static DecodedJWT verifierToken(String token)throws Exception{ //其实按照规定只需要传递 publicKey 来校验即可,这可能是auth0 的缺点 Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) getPublicKey(),null); JWTVerifier verifier = JWT.require(algorithm) //.withIssuer(ISSUER) .build(); //Reusable verifier instance 可复用的验证实例 DecodedJWT jwt = verifier.verify(token); return jwt; }
测试
@SpringBootTest(classes = KeycloakdemoApplication.class) @RunWith(SpringRunner.class) public class DemoTest { @Test public void testGetInstance() throws Exception { DecodedJWT verify = JWTUtils.verifierToken("eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxdGtoMFBXanE1SmpOalVjc1hNYnJ1TldQVngtM2tQekJpekJGTDZfUDFJIn0.eyJleHAiOjE2NzM0NTc3MjYsImlhdCI6MTY3MzQ1NzQyNiwiYXV0aF90aW1lIjoxNjczNDU2MTU1LCJqdGkiOiJiMDZlNDljNS1kMTk5LTQ4ZWItYWE4NS1iNWJjMTMxNDVhMWIiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODEvYXV0aC9yZWFsbXMvbXlSZWFsbSIsInN1YiI6ImI4ZTAwM2Y1LTIxNDktNDUwMC04ZTE1LTZkZTU1YWM1MGRmMyIsInR5cCI6IkJlYXJlciIsImF6cCI6Im15Y2xpZW50Iiwic2Vzc2lvbl9zdGF0ZSI6ImRlM2Q4ZjZhLTE4YzAtNGYzYS1hNmQwLWNlNTBjNmM2ZmNjMyIsImFjciI6IjAiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiYWRtaW4iXX0sInNjb3BlIjoib3BlbmlkIGVtYWlsIHByb2ZpbGUiLCJzaWQiOiJkZTNkOGY2YS0xOGMwLTRmM2EtYTZkMC1jZTUwYzZjNmZjYzMiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIn0.sGblDdBIkwnDDUcGd7-2QlCeA17gnmuvXosqpZ0T_zGlKtr6Ta-z1QSgwdc8K5ivekyIQmcYAIh-eHmfVxjCLKZ6fR-AdTeqenXdkNJuMREzwKpnOFx1Wq2LZUb-hqWKJimBKi2iUPlu4ENAVbFOWxcMwIedySpN74RHF3yP4BKr4YfAmr5u9CSX3EYw0LMiMVlt6l_FKNssKnTLlBq0IPDlBdwV9D1l6qpDXu_uIbvUzb_w8rnSoUGMqqqxI-RNF6m5dit29KWinFfkat5-g-lvbiVz8l0wYfMBGb9ESwC0aXJARcEG7PdhtqYLPjsGFVrjqHMq1ci_BVivAt3Htw"); System.out.println(verify); System.out.println(verify.getExpiresAt()); System.out.println(verify.getClaim("scope")); System.out.println(verify.getExpiresAtAsInstant()); System.out.println(verify.getClaims()); } }
加载全部内容