lsm/sa-token
1
0
Fork 0
mirror of https://gitee.com/dromara/sa-token.git synced 2025-10-27 11:09:01 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

在解析jwt令牌时强制指定签名算法

Browse Source
This commit is contained in:
click33
2023-06-16 23:13:15 +08:00
parent 12118e5bb1
commit bb5e61a554
2 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
sa-token-demo/sa-token-demo-jwt/src/main/java/com/pj/SaTokenJwtDemoApplication.java
View File

@@ -1,16 +1,15 @@
package com.pj; package com.pj;
import cn.dev33.satoken.SaManager;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import cn.dev33.satoken.SaManager;
@SpringBootApplication @SpringBootApplication
public class SaTokenJwtDemoApplication { public class SaTokenJwtDemoApplication {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(SaTokenJwtDemoApplication.class, args); SpringApplication.run(SaTokenJwtDemoApplication.class, args);
System.out.println("\n启动成功Sa-Token配置如下" + SaManager.getConfig()); System.out.println("\n启动成功Sa-Token配置如下" + SaManager.getConfig());
} }
} }

26
sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/SaJwtTemplate.java
View File

@@ -15,9 +15,6 @@
*/ */
package cn.dev33.satoken.jwt; package cn.dev33.satoken.jwt;
import java.util.Map;
import java.util.Objects;
import cn.dev33.satoken.dao.SaTokenDao; import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.jwt.error.SaJwtErrorCode; import cn.dev33.satoken.jwt.error.SaJwtErrorCode;
import cn.dev33.satoken.jwt.exception.SaJwtException; import cn.dev33.satoken.jwt.exception.SaJwtException;
@@ -25,6 +22,11 @@ import cn.dev33.satoken.util.SaFoxUtil;
import cn.hutool.json.JSONObject; import cn.hutool.json.JSONObject;
import cn.hutool.jwt.JWT; import cn.hutool.jwt.JWT;
import cn.hutool.jwt.JWTException; import cn.hutool.jwt.JWTException;
import cn.hutool.jwt.signers.JWTSigner;
import cn.hutool.jwt.signers.JWTSignerUtil;
import java.util.Map;
import java.util.Objects;
/** /**
* jwt 操作模板方法封装 * jwt 操作模板方法封装
@@ -139,9 +141,19 @@ public class SaJwtTemplate {
* @return 根据 JWT 对象和 keyt 秘钥,生成的 token 字符串 * @return 根据 JWT 对象和 keyt 秘钥,生成的 token 字符串
*/ */
public String generateToken (JWT jwt, String keyt) { public String generateToken (JWT jwt, String keyt) {
return jwt.setKey(keyt.getBytes()).sign(); return jwt.setKey(keyt.getBytes()).setSigner(createSigner(keyt)).sign();
} }
/**
* 返回 jwt 使用的签名算法
*
* @param keyt 秘钥
* @return /
*/
public JWTSigner createSigner (String keyt) {
return JWTSignerUtil.hs256(keyt.getBytes());
}
// ------ 解析 // ------ 解析
/** /**
@@ -174,8 +186,8 @@ public class SaJwtTemplate {
} }
JSONObject payloads = jwt.getPayloads(); JSONObject payloads = jwt.getPayloads();
// 校验 Token 签名 // 校验 Token 签名
boolean verify = jwt.setKey(keyt.getBytes()).verify(); boolean verify = jwt.setKey(keyt.getBytes()).setSigner(createSigner(keyt)).verify();
if( ! verify) { if( ! verify) {
throw new SaJwtException("jwt 签名无效:" + token).setCode(SaJwtErrorCode.CODE_30202); throw new SaJwtException("jwt 签名无效:" + token).setCode(SaJwtErrorCode.CODE_30202);
} }