Jwt令牌颁发

2024-04-20 21:27:55 +08:00 · 2024-04-20 21:27:55 +08:00 · 16e06994c2
parent 0c7a42c4e8
commit 16e06994c2
6 changed files with 79 additions and 7 deletions
--- a/pom.xml
+++ b/pom.xml
@ -52,6 +52,11 @@
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+            <version>4.3.0</version>
+        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
--- a/src/main/java/com/example/config/SecurityConfiguration.java
+++ b/src/main/java/com/example/config/SecurityConfiguration.java
@ -1,6 +1,9 @@
 package com.example.config;

-import com.example.RestBean;
+import com.example.entity.RestBean;
+import com.example.entity.vo.response.AuthorizeV0;
+import com.example.utils.JwtUtils;
+import jakarta.annotation.Resource;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@ -11,15 +14,15 @@ import org.springframework.security.config.annotation.web.configurers.AbstractHt
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

 import java.io.IOException;

@Configuration
 public class SecurityConfiguration {
+    @Resource
+    JwtUtils utils;
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
@ -49,8 +52,15 @@ public class SecurityConfiguration {
                                        HttpServletResponse response,
                                        Authentication authentication) throws IOException, ServletException {
        response.setContentType("application/json;charset=utf-8");
+        User user = (User) authentication.getPrincipal();

-        response.getWriter().write(RestBean.success().asJsonString());
+        String token = utils.createJwt(user , 1 , "小明"); //随便起一个id和用户名 作为令牌的
+        AuthorizeV0 v0 = new AuthorizeV0();
+        v0.setExpire(utils.expireTime());
+        v0.setRole("");
+        v0.setToken(token);
+        v0.setUsername("小明");
+        response.getWriter().write(RestBean.success(v0).asJsonString()); //将实体对象v0返回
    }

    public void onAuthenticationFailure(HttpServletRequest request,
--- a/src/main/java/com/example/entity/RestBean.java
+++ b/src/main/java/com/example/entity/RestBean.java
@ -1,4 +1,4 @@
-package com.example;
+package com.example.entity;

 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
--- a/src/main/java/com/example/entity/vo/response/AuthorizeV0.java
+++ b/src/main/java/com/example/entity/vo/response/AuthorizeV0.java
@ -0,0 +1,13 @@
+package com.example.entity.vo.response;
+
+import lombok.Data;
+
+import java.util.Date;
+
+@Data
+public class AuthorizeV0 {
+    String username;
+    String role;
+    String token;
+    Date expire;
+}
--- a/src/main/java/com/example/utils/JwtUtils.java
+++ b/src/main/java/com/example/utils/JwtUtils.java
@ -0,0 +1,39 @@
+package com.example.utils;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+
+import java.util.Calendar;
+import java.util.Date;
+
+@Component
+public class JwtUtils {
+    @Value("${spring.security.jwt.key}")
+    String key;
+
+    @Value("${spring.security.jwt.expire}")
+    int expire;
+
+    public String createJwt(UserDetails details , int id , String username){
+        Algorithm algorithm = Algorithm.HMAC256(key);
+        Date expire = this.expireTime();
+        return JWT.create()
+                .withClaim("id",id)
+                .withClaim("name",username)
+                .withClaim("authorities",details.getAuthorities().stream().map(GrantedAuthority::getAuthority).toList())
+                .withExpiresAt(expire)
+                .withIssuedAt(new Date())
+                .sign(algorithm);
+    }
+    public Date expireTime(){
+        Calendar calendar = Calendar.getInstance();
+        calendar.add(Calendar.HOUR , expire * 24);
+        return calendar.getTime();
+    }
+
+}
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@ -1 +1,6 @@
-spring.application.name=my-project-backend
+
+spring:
+  security:
+    jwt:
+      key: abcdefgh
+      expire: 7