基于Java验证jwt token代码实例

这篇文章主要介绍了基于Java验证jwt token代码实例,文中通过示例代码介绍的非常详细，对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下

How to load public certificate from pem file..?地址

1.HS256对称加密

package jwt; import java.io.FileInputStream;import java.io.IOException;import java.security.KeyFactory;import java.security.PrivateKey;import java.security.PublicKey;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.Base64;import java.util.Date;import java.util.Vector;import java.util.Map; import sun.misc.BASE64Decoder; import com.auth0.jwt.JWT;import com.auth0.jwt.algorithms.Algorithm;import com.auth0.jwt.exceptions.JWTVerificationException;import com.auth0.jwt.interfaces.Claim;import com.auth0.jwt.interfaces.DecodedJWT;  public class JWTValidator {  private static String JWT_Type = "JWT";     protected boolean validated;  protected Object[] claims;     public JWTValidator() {    setValidated(false);    setClaims(null);  }  public String Generate(String secret, String issuer, String audience, String subject){    try {      Algorithm algorithm = Algorithm.HMAC256(secret); // HS256      String token = JWT.create()        .withIssuer(issuer)        .withAudience(audience)        .withSubject(subject)        .sign(algorithm);      System.out.println(token);      return token;    } catch (Exception exception){      //UTF-8 encoding not supported      return "";    }  }      public void Validate(String token, String secret, String issuer, String audience, String subject) {    DecodedJWT jwt = null;    setValidated(false);         if (token == null || secret == null || issuer == null || audience == null || subject == null)      return;         try {      jwt = JWT.require(Algorithm.HMAC256(secret.getBytes())).build().verify(token);    } catch (JWTVerificationException e) {      return;    }         if (jwt == null || jwt.getType() == null || !jwt.getType().contentEquals(JWT_Type))      return;         if (!jwt.getIssuer().contentEquals(issuer) ||      !jwt.getAudience().contains(audience) ||      !jwt.getSubject().contentEquals(subject))      return;         Date now = new Date();         if ((jwt.getNotBefore() != null && jwt.getNotBefore().after(now)) ||      (jwt.getExpiresAt() != null && jwt.getExpiresAt().before(now)))      return;         setValidated(true);     Map<String, Claim> claimsMap = jwt.getClaims();    Vector<Claim> claimsVector = new Vector<Claim>();         if (claimsMap != null) {      for (Map.Entry<String, Claim> entry : claimsMap.entrySet()) {        String key = entry.getKey();        if (key != null && !key.matches("aud|sub|iss|exp|iat")) {                   //claimsVector.add(new Claim(key, entry.getValue().asString()));        }      }       }     setClaims(claimsVector.isEmpty() ? null : claimsVector.toArray());  }   public boolean isValidated() { return validated; }  public void setValidated(boolean val) { validated = val; }   public Object[] getClaims() { return claims; }  public void setClaims(Object[] val) { claims = (val == null ? new Object[0] : val); }}