生成RSA的token
生成RSA密钥对
可以选择在线生成,百度上找,有很多工具。或者本地用openssl生成
genrsa -out privateKey.pem 1024 //生成私钥
rsa -in privateKey.pem -pubout -out publicKey.pem //生成公钥
注意的是,不管是在线还是本地生成的密钥,都会带-----BEGIN XXX KEY-----、-----END XXX KEY-----,这些头尾的信息我们不要的,后续生成token用的密钥对字符串也不能带上这些头尾信息
项目导入依赖
<!--jwt包-->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.8.3</version>
</dependency>
生成token
package com.CmJava.utils;
import com.CmJava.entity.User;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
@Component
public class RsaUtil {
//密钥对字符串不能有头尾信息哦
public static final String publicKey0="MIIBIjAXXXXXXXXXXXXXXXXXXXXNBQAB";
public static final String privateKey0="MIIEvgXXXXXXXXXXXXXXXXXXXXXXmC4";
public static KeyFactory keyFactory = null;
static {
try {
keyFactory = KeyFactory.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
public static String getToken(User user){
RSAPublicKey rsaPublicKey = getRsaPublicKey();
RSAPrivateKey rsaPrivateKey = getRsaPrivateKey();
String token = JWT.create()
.withClaim("userAccount", user.getUserAccount()) //载荷,随便写几个都可以
.withClaim("userPassword", user.getUserPassword()) //载荷,随便写几个都可以
.sign(Algorithm.RSA256(rsaPublicKey, rsaPrivateKey));
return token;
}
//获取rsa公钥
private static RSAPublicKey getRsaPublicKey(){
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKey0));
try {
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(x509EncodedKeySpec);
return rsaPublicKey;
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return null;
}
//获取rsa私钥
private static RSAPrivateKey getRsaPrivateKey(){
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey0));
try {
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8EncodedKeySpec);
return rsaPrivateKey;
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return null;
}
}
生成HS256的token
项目导入依赖
<!--jwt包-->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.8.3</version>
</dependency>
生成token
public static String getHS256Token(User user){
String key="123456";
String token = JWT.create()
.withClaim("userAccount", user.getUserAccount()) //载荷,随便写几个都可以
.withClaim("userPassword", user.getUserPassword()) //载荷,随便写几个都可以
.sign(Algorithm.HMAC256(key));
return token;
}
评论区