From a4c2ec1272a2ec9dff334b21c9bbffcb2f0921bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E6=B5=B7?= Date: Wed, 4 Dec 2019 14:08:45 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9JwtUtil=E7=9A=84=E9=83=A8?= =?UTF-8?q?=E5=88=86=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cn/celess/blog/enmu/ResponseEnum.java | 5 ++ .../java/cn/celess/blog/util/JwtUtil.java | 58 +++++++++------ .../java/cn/celess/blog/util/JwtUtilTest.java | 72 +++++++++++++------ 3 files changed, 93 insertions(+), 42 deletions(-) diff --git a/src/main/java/cn/celess/blog/enmu/ResponseEnum.java b/src/main/java/cn/celess/blog/enmu/ResponseEnum.java index 0e16b0f..7e4f0e4 100644 --- a/src/main/java/cn/celess/blog/enmu/ResponseEnum.java +++ b/src/main/java/cn/celess/blog/enmu/ResponseEnum.java @@ -31,6 +31,11 @@ public enum ResponseEnum { PWD_SAME(360, "新密码与原密码相同"), LOGIN_EXPIRED(370, "登陆过期"), + JWT_EXPIRED(381, "Token过期"), + JWT_MALFORMED(382, "Token格式不对"), + JWT_SIGNATURE(383, "Token签名错误"), + JWT_NOT_SUPPORT(384, "不支持的Token"), + //标签 TAG_NOT_EXIST(401, "标签不存在"), TAG_HAS_EXIST(402, "标签已存在"), diff --git a/src/main/java/cn/celess/blog/util/JwtUtil.java b/src/main/java/cn/celess/blog/util/JwtUtil.java index 31eeb7b..6e1a10e 100644 --- a/src/main/java/cn/celess/blog/util/JwtUtil.java +++ b/src/main/java/cn/celess/blog/util/JwtUtil.java @@ -1,10 +1,10 @@ package cn.celess.blog.util; +import cn.celess.blog.enmu.ResponseEnum; import cn.celess.blog.entity.User; -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.ExpiredJwtException; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; +import cn.celess.blog.exception.MyException; +import io.jsonwebtoken.*; +import lombok.extern.log4j.Log4j2; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; @@ -19,6 +19,7 @@ import java.util.Map; * @Description: JWT工具类 */ @Component +@Log4j2 public class JwtUtil { private static final String CLAIM_KEY_USERNAME = "sub"; @@ -48,46 +49,63 @@ public class JwtUtil { .compact(); } - public Boolean validateToken(String token, User user) { - String username = getUsernameFromToken(token); - - return (username.equals(user.getEmail()) && !isTokenExpired(token)); + public String updateTokenDate(String token) { + Claims claims = Jwts.parser().setSigningKey(SECRET).parseClaimsJws(token).getBody(); + return Jwts.builder() + .setClaims(claims) + .setExpiration(new Date(claims.getExpiration().getTime() + EXPIRATION_SHORT_TIME)) + .signWith(SignatureAlgorithm.HS512, SECRET) + .compact(); } /** * 获取token是否过期 */ public Boolean isTokenExpired(String token) { - try { - Date expiration = getExpirationDateFromToken(token); - return expiration.before(new Date()); - } catch (ExpiredJwtException e) { - return true; - } + Date expiration = getExpirationDateFromToken(token); + return expiration == null || expiration.before(new Date()); } /** * 根据token获取username */ public String getUsernameFromToken(String token) { - return getClaimsFromToken(token).getSubject(); + Claims claims = getClaimsFromToken(token); + return claims == null ? null : claims.getSubject(); } /** * 获取token的过期时间 */ public Date getExpirationDateFromToken(String token) { - return getClaimsFromToken(token).getExpiration(); + Claims claims = getClaimsFromToken(token); + return claims == null ? null : claims.getExpiration(); } /** * 解析JWT */ private Claims getClaimsFromToken(String token) { - Claims claims = Jwts.parser() - .setSigningKey(SECRET) - .parseClaimsJws(token) - .getBody(); + Claims claims = null; + try { + claims = Jwts.parser() + .setSigningKey(SECRET) + .parseClaimsJws(token) + .getBody(); + } catch (ExpiredJwtException e) { + log.info("JWT令牌过期"); + } catch (UnsupportedJwtException e) { + log.info("不支持的JWT令牌"); + throw new MyException(ResponseEnum.JWT_NOT_SUPPORT); + } catch (MalformedJwtException e) { + log.info("JWT令牌格式错误"); + throw new MyException(ResponseEnum.JWT_MALFORMED); + } catch (SignatureException e) { + log.info("JWT签名错误"); + throw new MyException(ResponseEnum.JWT_SIGNATURE); + } catch (IllegalArgumentException e) { + log.debug("JWT非法参数"); + } return claims; } diff --git a/src/test/java/cn/celess/blog/util/JwtUtilTest.java b/src/test/java/cn/celess/blog/util/JwtUtilTest.java index 2a41ec4..402c37b 100644 --- a/src/test/java/cn/celess/blog/util/JwtUtilTest.java +++ b/src/test/java/cn/celess/blog/util/JwtUtilTest.java @@ -2,51 +2,79 @@ package cn.celess.blog.util; import cn.celess.blog.BaseTest; import cn.celess.blog.entity.User; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import org.junit.FixMethodOrder; import org.junit.Test; +import org.junit.runners.MethodSorters; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; + +import java.time.Instant; +import java.util.Date; import static org.junit.Assert.*; +@FixMethodOrder(MethodSorters.NAME_ASCENDING) public class JwtUtilTest extends BaseTest { @Autowired JwtUtil jwtUtil; - + @Value("${jwt.secret}") + private String secret; @Test - public void generateToken() { + public void testGenerateToken() { User user = new User(); user.setEmail("a@celess.cn"); - String s = jwtUtil.generateToken(user, true); - System.out.println(s); + String s = jwtUtil.generateToken(user, false); assertNotNull(s); + String str = null; + try { + str = jwtUtil.generateToken(null, false); + } catch (Exception e) { + // ignore + } + assertNull(str); } @Test - public void validateToken() { + public void testIsTokenExpired() throws InterruptedException { + String s = Jwts.builder() + .setClaims(null) + .setExpiration(new Date(Instant.now().toEpochMilli() + 1000)) + .signWith(SignatureAlgorithm.HS512, secret) + .compact(); + Thread.sleep(1010); + assertTrue(jwtUtil.isTokenExpired(s)); + assertFalse(jwtUtil.isTokenExpired(jwtUtil.generateToken(new User(), false))); + } + + @Test + public void testGetUsernameFromToken() { User user = new User(); user.setEmail("a@celess.cn"); - assertTrue(jwtUtil.validateToken(createToken(), user)); + String s = jwtUtil.generateToken(user, false); + assertEquals(user.getEmail(), jwtUtil.getUsernameFromToken(s)); + user.setEmail("example@celess.cn"); + assertNotEquals(user.getEmail(), jwtUtil.getUsernameFromToken(s)); } @Test - public void isTokenExpired() { - assertFalse(jwtUtil.isTokenExpired(createToken())); - } - - @Test - public void getUsernameFromToken() { - assertEquals("a@celess.cn", jwtUtil.getUsernameFromToken(createToken())); - } - - @Test - public void getExpirationDateFromToken() { - assertNotNull(jwtUtil.getExpirationDateFromToken(createToken())); - } - - private String createToken() { + public void testGetExpirationDateFromToken() { User user = new User(); user.setEmail("a@celess.cn"); - return jwtUtil.generateToken(user, true); + String s = jwtUtil.generateToken(user, false); + assertNotNull(jwtUtil.getExpirationDateFromToken(s)); + } + + @Test + public void updateTokenDate() { + User user = new User(); + user.setEmail("a@celess.cn"); + String s = jwtUtil.generateToken(user, false); + Date before = jwtUtil.getExpirationDateFromToken(s); + String s1 = jwtUtil.updateTokenDate(s); + assertTrue(jwtUtil.getExpirationDateFromToken(s1).getTime() - jwtUtil.getExpirationDateFromToken(s).getTime() > 0); } } \ No newline at end of file