京东商城商务网站建设目的,网站设计制作的服务机构,网络营销工作内容和职责,专业网站建设新闻一、需求如下对指定的API路径进行签名认证#xff0c;对于没有指定的无需认证#xff0c;认证具体到方法。二、查阅资料与开发1.了解JWT#xff0c;实际上用的开源jjwt2.编写自定义注解3.编写拦截器#xff0c;主要是拦截特定的url进行签名验证#xff0c;这里解析请求的h…一、需求如下对指定的API路径进行签名认证对于没有指定的无需认证认证具体到方法。二、查阅资料与开发1.了解JWT实际上用的开源jjwt2.编写自定义注解3.编写拦截器主要是拦截特定的url进行签名验证这里解析请求的handler是否有包含自定义注解确定思路后开始编写代码A、写工具我在网上找的代码不复杂一看就懂代码如下/*** Title: TokenUtils.java* Description:* Copyright: Copyright (c) 2018* Company:http://www.sinocon.cn* author Administrator* date 2018年8月21日* version 1.0*/package cn.sinocon.hive.utils;import java.security.Key;import java.util.Date;import javax.crypto.spec.SecretKeySpec;import javax.xml.bind.DatatypeConverter;import cn.hutool.core.date.DateUtil;import io.jsonwebtoken.Claims;import io.jsonwebtoken.JwtBuilder;import io.jsonwebtoken.Jwts;import io.jsonwebtoken.SignatureAlgorithm;/*** Title: TokenUtils* Description:* author:Administrator* date 2018年8月21日*/public class TokenUtils {/*** 签名秘钥*/public static final String SECRET LHqDYnwpy7jzhmWdIy7EW3ER64mNlAGKRZWLKFvSKIyWWX;/*** 生成token** param id* 一般传入userName* return*/public static String createJwtToken(String id) {String issuer www.zuidaima.com;String subject 8vfu3wqEidZve2;long ttlMillis System.currentTimeMillis();return createJwtToken(id, issuer, subject, ttlMillis);}/*** 生成Token** param id* 编号* param issuer* 该JWT的签发者是否使用是可选的* param subject* 该JWT所面向的用户是否使用是可选的* param ttlMillis* 签发时间* return token String*/public static String createJwtToken(String id, String issuer, String subject, long ttlMillis) {// 签名算法 将对token进行签名SignatureAlgorithm signatureAlgorithm SignatureAlgorithm.HS256;// 生成签发时间long nowMillis System.currentTimeMillis();Date now new Date(nowMillis);// 通过秘钥签名JWTbyte[] apiKeySecretBytes DatatypeConverter.parseBase64Binary(SECRET);Key signingKey new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());// Lets set the JWT ClaimsJwtBuilder builder Jwts.builder().setId(id).setIssuedAt(now).setSubject(subject).setIssuer(issuer).signWith(signatureAlgorithm, signingKey);// if it has been specified, lets add the expirationif (ttlMillis 0) {long expMillis nowMillis ttlMillis;Date exp new Date(expMillis);builder.setExpiration(exp);}// Builds the JWT and serializes it to a compact, URL-safe stringreturn builder.compact();}// Sample method to validate and read the JWTpublic static Claims parseJWT(String jwt) {// This line will throw an exception if it is not a signed JWS (as// expected)Claims claims Jwts.parser().setSigningKey(DatatypeConverter.parseBase64Binary(SECRET)).parseClaimsJws(jwt).getBody();return claims;}public static void main(String[] args) {System.out.println(TokenUtils.createJwtToken(page10));}}B、编写注解/*** Title: RequireSignature.java* Description:* Copyright: Copyright (c) 2018* Company:http://www.sinocon.cn* author Administrator* date 2018年8月18日* version 1.0*/package cn.sinocon.hive.annotation;import java.lang.annotation.ElementType;import java.lang.annotation.Retention;import java.lang.annotation.RetentionPolicy;import java.lang.annotation.Target;/*** Title: RequireSignature* Description:* author:Administrator* date 2018年8月18日*/Target({ElementType.METHOD})// 可用在方法名上Retention(RetentionPolicy.RUNTIME)// 运行时有效public interface RequireSignature {}C。编写拦截器/*** Title: LoginInterceptor.java* Description:* Copyright: Copyright (c) 2018* Company:http://www.sinocon.cn* author Administrator* date 2018年8月18日* version 1.0*/package cn.sinocon.hive.interceptor;import java.lang.reflect.Method;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.commons.lang.StringUtils;import org.springframework.stereotype.Component;import org.springframework.util.ObjectUtils;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.ModelAndView;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;import cn.hutool.core.date.DateUtil;import cn.hutool.core.util.ObjectUtil;import cn.sinocon.hive.annotation.RequireSignature;import cn.sinocon.hive.utils.TokenUtils;import io.jsonwebtoken.Claims;/*** Title: LoginInterceptor* Description:* author:Administrator* date 2018年8月18日*/Componentpublic class LoginInterceptor extends HandlerInterceptorAdapter {public final static String ACCESS_TOKEN accessToken;public final static String EXCEPTION_MSG signature does not match locally computed signature,error code:;Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception {if (!(handler instanceof HandlerMethod)) {return true;}HandlerMethod handlerMethod (HandlerMethod) handler;Method method handlerMethod.getMethod();RequireSignature methodAnnotation method.getAnnotation(RequireSignature.class);// 有 RequireSignature 注解需要认证if (ObjectUtil.isNotNull(methodAnnotation)) {// 判断是否存在令牌信息如果存在则允许登录String accessToken request.getParameter(ACCESS_TOKEN);if (StringUtils.isBlank(accessToken)) {// 需要认证才行throw new RuntimeException(EXCEPTION_MSG 400003);}Claims claims null;try {claims TokenUtils.parseJWT(accessToken);} catch (Exception e) {throw new RuntimeException(EXCEPTION_MSG 400005);}// 签名格式错误请按照约定生成签名String[] firstParam claims.getId().split();if (ObjectUtils.isEmpty(firstParam)) {throw new RuntimeException(EXCEPTION_MSG 400005);}// 签名被篡改String parameter request.getParameter(firstParam[0]);if (!firstParam[1].equals(parameter)) {throw new RuntimeException(EXCEPTION_MSG 400006);}boolean validation false;// 获取签名生成的时间签名有效10分钟try {long timeInMillis DateUtil.calendar(Long.parseLong(claims.get(exp) )).getTimeInMillis();validation DateUtil.calendar(System.currentTimeMillis()).getTimeInMillis() (timeInMillis 10 * 60 * 1000);} catch (Exception e) {throw new RuntimeException(EXCEPTION_MSG 400005);}// 超时if (validation) {throw new RuntimeException(EXCEPTION_MSG 400007);}}return super.preHandle(request, response, handler);}}D。配置拦截器/*** Title: ResourceConfig.java* Description:* Copyright: Copyright (c) 2018* Company:http://www.sinocon.cn* author Administrator* date 2018年8月6日* version 1.0*/package cn.sinocon.hive.config;import org.springframework.context.annotation.Configuration;import org.springframework.web.servlet.config.annotation.InterceptorRegistry;import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;import cn.sinocon.hive.interceptor.LoginInterceptor;/*** Title: ResourceConfig* Description:* author:Administrator* date 2018年8月6日*/Configurationpublic class ResourceConfig implements WebMvcConfigurer {/** 默认首页的设置当输入域名是可以自动跳转到默认指定的网页** Title: addViewControllers** Description: ** param registry** see org.springframework.web.servlet.config.annotation.WebMvcConfigurer#* addViewControllers(org.springframework.web.servlet.config.annotation.* ViewControllerRegistry)**/Overridepublic void addViewControllers(ViewControllerRegistry registry) {registry.addViewController(/).setViewName(forward:/index.html);}/* (non-Javadoc)* Title: addInterceptors* Description: 拦截器配置* param registry* see org.springframework.web.servlet.config.annotation.WebMvcConfigurer#addInterceptors(org.springframework.web.servlet.config.annotation.InterceptorRegistry)*/Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(new LoginInterceptor()).addPathPatterns(/api/**);WebMvcConfigurer.super.addInterceptors(registry);}}E、在调用的controller方法中加上注解RequireSignature大功告成
