系列文章目录
构建SpringCloud alibaba项目(一、构建父工程、公共库、网关)
构建SpringCloud alibaba项目(二、构建微服务鉴权子工程store-authority-service)
文章目录
- 系列文章目录
- 前言
- 1、在公共库增加 UserInfo类
- 2、微服务鉴权子工程store-authority-service
- 2.1、创建子工程store-authority-service
- 2.2、修改pom.xml配置
- 2.3、修改application.yml配置
- 2.4、配置JWT
- 2.5、编写JWT测试类
- 2.5.1、运行结果
- 2.6、对外发布鉴权API - AuthController
- 总结
前言
构建微服务鉴权子工程store-authority-service,集成JWT,提供权限验证功能。
1、在公共库增加 UserInfo类
微服务鉴权子工程,需要用到用户信息类,存放在JWT生成的Token信息里。
package com.kelvin.common.entity;import lombok.Data;/**** @title UserInfo* @desctption <TODO description class purpose>* @author Administrator* @create 2023/6/19 17:05**/
@Data
public class UserInfo {private long id;private String userAccount;private String userName;private String pwd;}2、微服务鉴权子工程store-authority-service
2.1、创建子工程store-authority-service
创建Module,store-authority-service
2.2、修改pom.xml配置
加入依赖:springboot、JWT、nacos-discovery、公共库等
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>com.kelvin</groupId><artifactId>onlinestore</artifactId><version>1.0-SNAPSHOT</version></parent><artifactId>store-authority-service</artifactId><packaging>jar</packaging><name>authority-service</name><url>http://maven.apache.org</url><properties><project.build.sourceEncoding>UTF-8</project.build.sourceEncoding></properties><dependencies><dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt</artifactId><version>0.7.0</version></dependency><dependency><groupId>com.auth0</groupId><artifactId>java-jwt</artifactId><version>3.4.0</version></dependency><dependency><groupId>com.alibaba.cloud</groupId><artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-devtools</artifactId><scope>runtime</scope><optional>true</optional></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-autoconfigure</artifactId></dependency><dependency><groupId>com.kelvin</groupId><artifactId>store-common</artifactId></dependency><dependency><groupId>com.google.code.gson</groupId><artifactId>gson</artifactId><version>2.7</version></dependency></dependencies>
</project>2.3、修改application.yml配置
server:port: 7777
spring:application:name: store-auth-servicecloud:nacos:discovery:server-addr: localhost:8848 #Nacos server 的地址
config:jwt:# 加密密钥secret: kelvin# token有效时长expire: 200# header 名称header: token2.4、配置JWT
package com.kelvin.authority.config;/**** @title JwtConfig* @desctption JWT配置类* @author kelvin* @create 2023/6/8 9:39**/
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
import java.util.Date;@Component
@ConfigurationProperties(prefix = "config.jwt")
@Data
public class JwtConfig {/*** 密钥*/private String secret;/*** 过期时间*/private Long expire;/*** 头部*/private String header;/*** 生成token* @param subject* @return*/public String createToken(String subject){Date nowDate = new Date();Date expireDate = new Date(nowDate.getTime() + expire * 1000);return Jwts.builder().setHeaderParam("typ","JWT").setSubject(subject).setIssuedAt(nowDate).setExpiration(expireDate).signWith(SignatureAlgorithm.HS512,secret).compact();}/*** 获取token中的注册信息* @param token* @return*/public Claims getTokenClaim(String token){try{return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();}catch (Exception e){return null;}}/*** 验证token是否过期* @param expirationTime* @return*/public boolean isTokenExpired(Date expirationTime){if(null == expirationTime){return true;}else{return expirationTime.before(new Date());}}/*** 获取token的失效时间* @param token* @return*/public Date getExpirationDateFromToken(String token){Claims tokenClaim = this.getTokenClaim(token);if(tokenClaim == null){return null;}else{return this.getTokenClaim(token).getExpiration();}}/*** 获取token中的用户名* @param token* @return*/public String getUserNameFromToken(String token){return this.getTokenClaim(token).getSubject();}/*** 获取token中发布时间* @param token* @return*/public Date getIssuedDateFromToken(String token){return this.getTokenClaim(token).getIssuedAt();}}2.5、编写JWT测试类
package com.kelvin.authority.test;import com.google.gson.Gson;
import com.kelvin.authority.config.JwtConfig;
import com.kelvin.common.entity.UserInfo;/**** @title JwtMain* @desctption JWT本地测试类* @author Administrator* @create 2023/6/8 15:04**/
public class JwtMain {public static void main(String[] args) {JwtConfig jwtConfig = new JwtConfig();jwtConfig.setExpire(10L);jwtConfig.setSecret("kelvin");jwtConfig.setHeader("token");UserInfo userInfo = new UserInfo();userInfo.setId(10000000001L);userInfo.setUserAccount("zhangsan");userInfo.setUserName("张三");String token = jwtConfig.createToken(new Gson() .toJson(userInfo));System.out.println("token: " + token);boolean aBoolean = jwtConfig.isTokenExpired(jwtConfig.getExpirationDateFromToken(token));System.out.println("aBoolean: " + aBoolean);System.out.println( "user: " + jwtConfig.getUserNameFromToken(token));}
}2.5.1、运行结果
token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ7XCJpZFwiOjEwMDAwMDAwMDAxLFwidXNlckFjY291bnRcIjpcInpoYW5nc2FuXCIsXCJ1c2VyTmFtZVwiOlwi5byg5LiJXCJ9IiwiaWF0IjoxNjg3MTY2MTc1LCJleHAiOjE2ODcxNjYxODV9.KZz-WrpslG3MOKyVd_9MXofCMh3STOvR3IwseRslreuYAS56UGuBBV6qVkHErLxxy3ELlRkWpiPZBj5eyFn2fwaBoolean: falseuser: {"id":10000000001,"userAccount":"zhangsan","userName":"张三"}
2.6、对外发布鉴权API - AuthController
- 提供【登录】接口,返回token信息
- 提供【token是否过期】接口,返回是否过期
package com.kelvin.authority.controller;/**** @title AuthController* @desctption 用户鉴权API* @author Kelvin* @create 2023/6/8 9:40**/
import com.kelvin.authority.config.JwtConfig;
import com.kelvin.common.dto.TokenDTO;
import com.kelvin.common.entity.UserInfo;
import com.kelvin.common.http.HttpResultGenerator;
import com.kelvin.common.http.ResultDTO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.Map;
@CrossOrigin("*")
@RestController
@RequestMapping("/auth")
public class AuthController {@Autowiredprivate JwtConfig jwtConfig;@PostMapping("/login")public ResultDTO login(@RequestBody UserInfo userInfo){String token = jwtConfig.createToken(userInfo.getUserAccount());Map<String, String> map = new HashMap<String, String>();map.put("token",token);return HttpResultGenerator.success(map);}/*** token是否过期* @param token* @return*/@PostMapping("/isTokenExpiration")public Boolean isTokenExpiration(@RequestBody TokenDTO token){return this.jwtConfig.isTokenExpired(this.jwtConfig.getExpirationDateFromToken(token.getToken()));}
}总结
以上就是今天要讲的内容,本文简单介绍了JWT的使用,对外提供提供【登录接口】、【token是否过期接口】,为分布式系统提供鉴权微服务功能。
