标签搜索

目 录CONTENT

文章目录

手动生成jwt_token(HS256、RSA算法)

陈铭
2021-06-24 / 0 评论 / 0 点赞 / 481 阅读 / 520 字 / 正在检测是否收录...

生成RSA的token

生成RSA密钥对

可以选择在线生成,百度上找,有很多工具。或者本地用openssl生成

genrsa -out privateKey.pem 1024 //生成私钥
rsa -in privateKey.pem -pubout -out publicKey.pem  //生成公钥

注意的是,不管是在线还是本地生成的密钥,都会带-----BEGIN XXX KEY-----、-----END XXX KEY-----,这些头尾的信息我们不要的,后续生成token用的密钥对字符串也不能带上这些头尾信息

项目导入依赖

        <!--jwt包-->
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.8.3</version>
        </dependency>

生成token

package com.CmJava.utils;

import com.CmJava.entity.User;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;

@Component
public class RsaUtil {
     //密钥对字符串不能有头尾信息哦
    public static final String publicKey0="MIIBIjAXXXXXXXXXXXXXXXXXXXXNBQAB";
    public static final String privateKey0="MIIEvgXXXXXXXXXXXXXXXXXXXXXXmC4";

    public static KeyFactory keyFactory = null;

    static {
        try {
            keyFactory = KeyFactory.getInstance("RSA");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }

    public static String getToken(User user){
        RSAPublicKey rsaPublicKey = getRsaPublicKey();
        RSAPrivateKey rsaPrivateKey = getRsaPrivateKey();

        String token = JWT.create()
                .withClaim("userAccount", user.getUserAccount())    //载荷,随便写几个都可以
                .withClaim("userPassword", user.getUserPassword())    //载荷,随便写几个都可以
                .sign(Algorithm.RSA256(rsaPublicKey, rsaPrivateKey));
        return token;
    }

    //获取rsa公钥
    private static RSAPublicKey getRsaPublicKey(){
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKey0));
        try {
            RSAPublicKey rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(x509EncodedKeySpec);
            return rsaPublicKey;
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
        }
        return null;
    }

    //获取rsa私钥
    private static RSAPrivateKey getRsaPrivateKey(){
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey0));
        try {
            RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8EncodedKeySpec);
            return rsaPrivateKey;
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
        }
        return null;
    }
}

生成HS256的token

项目导入依赖

        <!--jwt包-->
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.8.3</version>
        </dependency>

生成token

    public static String getHS256Token(User user){
        String key="123456";

        String token = JWT.create()
                .withClaim("userAccount", user.getUserAccount())    //载荷,随便写几个都可以
                .withClaim("userPassword", user.getUserPassword())    //载荷,随便写几个都可以
                .sign(Algorithm.HMAC256(key));
        return token;
    }
0

评论区