wisdomisite-java/src/main/java/com/zhgd/xmgl/security/JwtTokenProvider.java

package com.zhgd.xmgl.security;

import com.zhgd.exception.CustomException;
import io.jsonwebtoken.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import java.util.Base64;
import java.util.Date;
import java.util.concurrent.ConcurrentHashMap;

/**
 * @program: devManage
 * @description: JWTtoken生成工具
 * @author: Mr.Peng
 * @create: 2019-09-24 10:46
 **/
@Component
public class JwtTokenProvider {
    @Value("${security.jwt.token.secret-key}")
    private String secretKey;


    private static ConcurrentHashMap<String, String> userMap = new ConcurrentHashMap<>();

    @Autowired
    private MyUserDetailsImpl myUserDetailsImpl;

    @PostConstruct
    protected void init() {
        secretKey = Base64.getEncoder().encodeToString(secretKey.getBytes());
    }

    /**
     * @param username
     * @param validityInMilliseconds 单位是秒
     * @return
     */
    public String createToken(String username, Integer validityInMilliseconds) {
        Claims claims = Jwts.claims().setSubject(username);
        Date now = new Date();
        Date validity = new Date(now.getTime() + validityInMilliseconds * 1000);
        String token = Jwts.builder()//
                .setClaims(claims)//
                .setIssuedAt(now)//
                .setExpiration(validity)//过期时间秒
                .signWith(SignatureAlgorithm.HS256, secretKey)//
                .compact();
        userMap.put(username, token);
        return token;
    }

    public Authentication getAuthentication(String token) {
        UserDetails userDetails = myUserDetailsImpl.loadUserByUsername(getUsername(token));
        return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
    }

    public String getUsername(String token) {
        return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();
    }

    public String resolveToken(HttpServletRequest req) {
        //String bearerToken=req.getParameter("token");
        String bearerToken = req.getHeader("Authorization");
        if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
            return bearerToken.substring(7);
        }
        return bearerToken;
    }

    public boolean validateToken(String token) {
        try {
            Jws<Claims> claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
            if (claims.getBody().getExpiration().before(new Date())) {
                return false;
            }
            return true;
        } catch (JwtException | IllegalArgumentException e) {
            throw new CustomException("Expired or invalid JWT token", HttpStatus.FORBIDDEN);
            //throw new CustomException("Expired or invalid JWT token", HttpStatus.OK);
            //throw new OpenAlertException(403,"Expired or invalid JWT token");
        }
    }

    public void valiadteLogin(String token) {
        String userName = getUsername(token);
        if (userMap.containsKey(userName)) {
            if (!token.equals(userMap.get(userName))) {
                throw new CustomException("该账户已其他地方登录", HttpStatus.FORBIDDEN);
            }
        } else {
            userMap.put(userName, token);
        }
    }


}
Initial commit 2023-02-16 15:28:15 +08:00			`package com.zhgd.xmgl.security;`

			`import com.zhgd.exception.CustomException;`
			`import io.jsonwebtoken.*;`
			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.beans.factory.annotation.Value;`
			`import org.springframework.http.HttpStatus;`
			`import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;`
			`import org.springframework.security.core.Authentication;`
			`import org.springframework.security.core.userdetails.UserDetails;`
			`import org.springframework.stereotype.Component;`

			`import javax.annotation.PostConstruct;`
			`import javax.servlet.http.HttpServletRequest;`
			`import java.util.Base64;`
			`import java.util.Date;`
			`import java.util.concurrent.ConcurrentHashMap;`

			`/**`
			`* @program: devManage`
			`* @description: JWTtoken生成工具`
			`* @author: Mr.Peng`
			`* @create: 2019-09-24 10:46`
			`**/`
			`@Component`
			`public class JwtTokenProvider {`
			`@Value("${security.jwt.token.secret-key}")`
			`private String secretKey;`


			`private static ConcurrentHashMap<String, String> userMap = new ConcurrentHashMap<>();`

			`@Autowired`
			`private MyUserDetailsImpl myUserDetailsImpl;`

			`@PostConstruct`
			`protected void init() {`
			`secretKey = Base64.getEncoder().encodeToString(secretKey.getBytes());`
			`}`

			`/**`
			`* @param username`
			`* @param validityInMilliseconds 单位是秒`
			`* @return`
			`*/`
			`public String createToken(String username, Integer validityInMilliseconds) {`
			`Claims claims = Jwts.claims().setSubject(username);`
			`Date now = new Date();`
			`Date validity = new Date(now.getTime() + validityInMilliseconds * 1000);`
			`String token = Jwts.builder()//`
			`.setClaims(claims)//`
			`.setIssuedAt(now)//`
			`.setExpiration(validity)//过期时间秒`
			`.signWith(SignatureAlgorithm.HS256, secretKey)//`
			`.compact();`
			`userMap.put(username, token);`
			`return token;`
			`}`

			`public Authentication getAuthentication(String token) {`
			`UserDetails userDetails = myUserDetailsImpl.loadUserByUsername(getUsername(token));`
			`return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());`
			`}`

			`public String getUsername(String token) {`
			`return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();`
			`}`

			`public String resolveToken(HttpServletRequest req) {`
			`//String bearerToken=req.getParameter("token");`
			`String bearerToken = req.getHeader("Authorization");`
			`if (bearerToken != null && bearerToken.startsWith("Bearer ")) {`
			`return bearerToken.substring(7);`
			`}`
			`return bearerToken;`
			`}`

			`public boolean validateToken(String token) {`
			`try {`
			`Jws<Claims> claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);`
			`if (claims.getBody().getExpiration().before(new Date())) {`
			`return false;`
			`}`
			`return true;`
			`} catch (JwtException \| IllegalArgumentException e) {`
			`throw new CustomException("Expired or invalid JWT token", HttpStatus.FORBIDDEN);`
			`//throw new CustomException("Expired or invalid JWT token", HttpStatus.OK);`
			`//throw new OpenAlertException(403,"Expired or invalid JWT token");`
			`}`
			`}`

			`public void valiadteLogin(String token) {`
			`String userName = getUsername(token);`
			`if (userMap.containsKey(userName)) {`
			`if (!token.equals(userMap.get(userName))) {`
			`throw new CustomException("该账户已其他地方登录", HttpStatus.FORBIDDEN);`
			`}`
			`} else {`
			`userMap.put(userName, token);`
			`}`
			`}`


			`}`