APP端传递token,后端进行解密,获取用户名后需要给springmvc传递“username”参数,这样就保证应用功能能够拿到“userrname”来进行响应操作。
import io.jsonwebtoken.Claims;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;
import java.util.concurrent.ConcurrentHashMap;
public class RSAFilter implements Filter {
private FilterConfig filterConfig;
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
public void destroy() {
this.filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
Map<String, Object> paramter = new HashMap<String, Object>();
String uri = ((HttpServletRequest)request).getRequestURI();
if (uri.toLowerCase().indexOf("app") >= 0) {
/**
* 获取token
*/
String access_token = ((HttpServletRequest)request).getHeader("X-Access-Token");
if(access_token != null){
/**
* 获取jwt对象
*/
Claims access_claims = JwtUtil.parseToken(access_token, JwtUtil.KEY);
if(access_claims != null){
paramter.put("access_token_user_id",access_claims.get("userId"));
paramter.put("yhdm",access_claims.get("userId"));
paramter.put("username",access_claims.get("userId"));
}
}
chain.doFilter(new RSARequestWrapper((HttpServletRequest) request,paramter), response);
}else{
chain.doFilter(request, response);
}
}
}
class RSARequestWrapper extends HttpServletRequestWrapper {
private Map<String, String[]> params = new HashMap<>();
/**
* 必须要实现的构造方法
* @param request
*/
public RSARequestWrapper(HttpServletRequest request) {
super(request);
//将参数表,赋予给当前的Map以便于持有request中的参数
this.params.putAll(request.getParameterMap());
}
/**
* 重载构造方法
* @param request
* @param extendParams
*/
public RSARequestWrapper(HttpServletRequest request, Map<String, Object> extendParams) {
this(request);
//这里将扩展参数写入参数表
addAllParameters(extendParams);
}
/**
* 在获取所有的参数名,必须重写此方法,否则对象中参数值映射不上
* @return
*/
({ "unchecked", "rawtypes" })
public Enumeration<String> getParameterNames() {
return new Vector(params.keySet()).elements();
}
/**
* 增加多个参数
* @param otherParams 增加的多个参数
*/
public void addAllParameters(Map<String, Object> otherParams) {
for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
addParameter(entry.getKey(), entry.getValue());
}
}
/**
* 增加参数
* getParameterMap()中的类型是<String,String[]>类型的,所以这里要将其value转为String[]类型
* @param name 参数名
* @param value 参数值
*/
public void addParameter(String name, Object value) {
if (value != null) {
if (value instanceof String[]) {
params.put(name, (String[]) value);
} else if (value instanceof String) {
params.put(name, new String[]{(String) value});
} else {
params.put(name, new String[]{String.valueOf(value)});
}
}
}
public String[] getParameterValues(String name) {
String[] access_token_user_id = params.get("access_token_user_id");
String[] values = params.get(name);//getValue(name);
if (values == null || access_token_user_id==null){
return null;
}
return values;
}
public String getParameter(String name) {
String[] access_token_user_id = params.get("access_token_user_id");
String[] values = params.get(name);//getValue(name);
if (values == null || access_token_user_id==null){
return null;
}
return values[0];
}
/**
* jwt获取用户名
* @param name
* @return
*/
private String[] getValue(String name){
String value[] = null;
String uri = super.getRequestURI();
if (uri.toLowerCase().indexOf("app") >= 0) {
/**
* 获取token
*/
String access_token = super.getHeader("X-Access-Token");
if(access_token != null){
/**
* 获取jwt对象
*/
Claims access_claims = JwtUtil.parseToken(access_token, JwtUtil.KEY);
if(access_claims != null){
if("yhdm".equals(name) || "username".equals(name)){
value = new String[]{(String)access_claims.get("userId")};
}else {
value = super.getParameterValues(name);
}
}
}else {
}
}else {
value = super.getParameterValues(name);
}
return value;
}
}JwtUtil工具类
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.security.Key;
import java.text.SimpleDateFormat;
import java.util.Date;
/**
* @ClassName: JwtUtil
* @Description: token工具类
* @author: DingQiMing
* @date: 2022/06/17 15:42
* @version: V 1.0.0
* @since: (jdk_1.8 / 1.7)
* 依赖 jjwt-0.9.1.jar 、 jackson-databind-2.9.3.jar、jackson-core-2.9.3.jar、jackson-annotations-2.9.3.jar
*/
public class JwtUtil {
public static final String KEY = "###################################";
public static final int EXPIRE_MINUTES = 60*72;
/**
* 获取token中的参数
* @param token
* @return
*/
public static Claims parseToken(String token, String key) {
if ("".equals(token)) {
return null;
}
try {
return Jwts.parser()
.setSigningKey(DatatypeConverter.parseBase64Binary(key))
.parseClaimsJws(token).getBody();
} catch (Exception ex) {
return null;
}
}
/**
* 生成 access_token 获取到用户信息,作为鉴权的依据
* @param userId
* @param username
* @param key
* @param expireMinutes 失效时间,单位分钟
* @return
*/
public static String createAccessToken(String userId, String username, String key, int expireMinutes) {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
//生成签名密钥
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(key);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
int expire_time = 60000 * expireMinutes;// expire_time为token有效时长, 单位毫秒
Date expiresDate = new Date(System.currentTimeMillis() + expire_time);
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm::ss");
//添加构成JWT的参数
JwtBuilder builder = Jwts.builder()
.claim("userId", userId) // 设置载荷信息
.claim("username", username)
.claim("expire_minutes", expireMinutes)
.claim("expires_date", simpleDateFormat.format(expiresDate))
.setExpiration(expiresDate)// 设置超时时间
.signWith(signatureAlgorithm, signingKey);
//生成JWT
return builder.compact();
}
/**
* 生成 refresh_token 用于刷新access_token
* @param userId
* @param username
* @param key
* @param expireMinutes
* @return
*/
public static String createRefreshToken(String userId, String username, String key, int expireMinutes,String accessToken) {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
//生成签名密钥
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(key);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
int expire_time = 60000 * expireMinutes;// expire_time为token有效时长, 单位毫秒
Date expiresDate = new Date(System.currentTimeMillis() + expire_time);
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm::ss");
//添加构成JWT的参数
JwtBuilder builder = Jwts.builder()
.claim("userId", userId) // 设置载荷信息
.claim("username", username)
.claim("expire_minutes", expireMinutes)
.claim("expires_date", simpleDateFormat.format(expiresDate))
.claim("access_token", accessToken)
.setExpiration(expiresDate)// 设置超时时间
.signWith(signatureAlgorithm, signingKey);
//生成JWT
return builder.compact();
}
public static void main(String[] args) {
//access_token 获取到用户信息,作为鉴权的依据
String access_token = JwtUtil.createAccessToken("1", "zhangsan", JwtUtil.KEY, JwtUtil.EXPIRE_MINUTES);
System.out.println(access_token);
Claims access_claims = JwtUtil.parseToken(access_token, "admin");
System.out.println(access_claims);
//刷新token
String refresh_token = JwtUtil.createRefreshToken("1", "zhangsan", JwtUtil.KEY, JwtUtil.EXPIRE_MINUTES,access_token);
System.out.println(refresh_token);
Claims refresh_claims = JwtUtil.parseToken(refresh_token, "admin");
System.out.println(refresh_claims);
}
}
