spring cloud oauth2 jwt 解析示例-蒲公英云

spring cloud oauth2 jwt 解析示例

**********************

相关类及接口

JwtHelper：jwt编解码、获取header

public class JwtHelper {
    static byte[] PERIOD = Codecs.utf8Encode(".");
*************
构造方法
    public JwtHelper() {
    }
*************
普通方法
    public static Jwt decode(String token) {          //解码操作
    public static Jwt decodeAndVerify(String token, SignatureVerifier verifier) {
    public static Jwt encode(CharSequence content, Signer signer) {  //编码操作
    public static Jwt encode(CharSequence content, Signer signer, Map<String, String> headers) {
    public static Map<String, String> headers(String token) {  //获取header

Jwt：jwt接口

public interface Jwt extends BinaryFormat {
    String getClaims();   //获取编码的原始信息，为json字符串
    String getEncoded();  //获取原始信息编码后的字符串
    void verifySignature(SignatureVerifier var1);
}

OAuth2AuthenticationDetails：认证信息

public class OAuth2AuthenticationDetails implements Serializable {
    private static final long serialVersionUID = -4809832298438307309L;
    public static final String ACCESS_TOKEN_VALUE = OAuth2AuthenticationDetails.class.getSimpleName() + ".ACCESS_TOKEN_VALUE";
    public static final String ACCESS_TOKEN_TYPE = OAuth2AuthenticationDetails.class.getSimpleName() + ".ACCESS_TOKEN_TYPE";
    private final String remoteAddress;
    private final String sessionId;
    private final String tokenValue;
    private final String tokenType;
    private final String display;
    private Object decodedDetails;
***********
构造方法
    public OAuth2AuthenticationDetails(HttpServletRequest request) {
***********
普通方法
    public void setDecodedDetails(Object decodedDetails) {
    public String getTokenValue() {      //获取token字符串的值
    public String getTokenType() {
    public String getRemoteAddress() {
    public String getSessionId() {
    public Object getDecodedDetails() {

**********************

示例

认证服务器配置参照spring cloud oauth2 jwt 使用示例

*********************

资源服务器

HelloController

@RestController
public class HelloController {
    @Value("${security.oauth2.client.access-token-uri}")
    private String accessTokenUri;
    @RequestMapping("/hello")
    public String hello(){
        return "hello world";
    }
    @RequestMapping("/redirect") //获取授权码时的回调地址，使用获得的授权码获取access_token
    public Map get(@RequestParam(value = "code") String code){
        OkHttpClient httpClient=new OkHttpClient();
        RequestBody requestBody=new FormBody.Builder()
                .add("grant_type","authorization_code")
                .add("client","user")
                .add("redirect_uri","http://localhost:8082/redirect")
                .add("code",code)
                .build();
        Request request=new Request.Builder()
                .url(accessTokenUri)
                .post(requestBody)
                .addHeader("Authorization","Basic dXNlcjoxMjM0NTY=")
                .build();
        Map result=null;
        try {
            Response response=httpClient.newCall(request).execute();
            System.out.println(response);
            ObjectMapper objectMapper=new ObjectMapper();
            result=objectMapper.readValue(Objects.requireNonNull(response.body()).string(),Map.class);
            System.out.println("access_token："+result.get("access_token"));
            System.out.println("token_type："+result.get("token_type"));
            System.out.println("refresh_token："+result.get("refresh_token"));
            System.out.println("expires_in："+result.get("expires_in"));
            System.out.println("scope："+result.get("scope"));
        }catch (Exception e){
            System.out.println(e.getMessage());
        }
        return result;
    }
    @RequestMapping("/parse")
    public Object parse(Authentication authentication){  //解析jwt
        OAuth2AuthenticationDetails oAuth2AuthenticationDetails=(OAuth2AuthenticationDetails) authentication.getDetails();
        String token=oAuth2AuthenticationDetails.getTokenValue();
        Jwt jwt=JwtHelper.decode(token);
        String claims=jwt.getClaims();
        String encoded=jwt.getEncoded();
        System.out.println("claims 原始信息："+claims);       //获取原始信息json字符串
        System.out.println("access token编码信息："+encoded); //获取编码后的字符串
        return JwtHelper.decode(token);
    }
}

**********************

使用测试

认证获取token后，调用：localhost:8082/parse，header设置为

key：uthorization
value：eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHRlbnNpb24iOiJqd3Qg5ouT5bGV5L-h5oGvIiwidXNlcl9uYW1lIjoiZ3RseCIsInNjb3BlIjpbInVzZXIiXSwiZXhwIjoxNTgxMTY5ODgwLCJhdXRob3JpdGllcyI6WyJhZG1pbiJdLCJqdGkiOiJjY2E5NWNiMy1jMWEyLTQ4N2QtOTIyMi1hNTczODI3MTAwMjkiLCJjbGllbnRfaWQiOiJ1c2VyIn0.j2To3Q4rlZwqvjZGp1VornK9CfXXkV81J9G_9_jxwWU
          ![watermark_type_ZmFuZ3poZW5naGVpdGk_shadow_10_text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MzkzMTYyNQ_size_16_color_FFFFFF_t_70][]

控制台输出

claims 原始信息：{"extension":"jwt 拓展信息","user_name":"gtlx","scope":["user"],"exp":1581169880,"authorities":["admin"],"jti":"cca95cb3-c1a2-487d-9222-a57382710029","client_id":"user"}
access token编码信息：eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHRlbnNpb24iOiJqd3Qg5ouT5bGV5L-h5oGvIiwidXNlcl9uYW1lIjoiZ3RseCIsInNjb3BlIjpbInVzZXIiXSwiZXhwIjoxNTgxMTY5ODgwLCJhdXRob3JpdGllcyI6WyJhZG1pbiJdLCJqdGkiOiJjY2E5NWNiMy1jMWEyLTQ4N2QtOTIyMi1hNTczODI3MTAwMjkiLCJjbGllbnRfaWQiOiJ1c2VyIn0.j2To3Q4rlZwqvjZGp1VornK9CfXXkV81J9G_9_jxwWU