POM

1
2
3
4
5
<dependency>
    <groupId>io.jsonwebtoken</groupId>
    <artifactId>jjwt</artifactId>
    <version>0.9.1</version>
</dependency>
cs



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
    @Override
    public String makeJwt(HttpServletRequest res) throws Exception {
        String secretKey = PropertiesService.getPropertiesValue(Constants.PROP_KEY_JWT_SECRET);
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
        Date expireTime = new Date();
        
        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(secretKey);
        Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
        
        Map<String, Object> headerMap = new HashMap<String, Object>();
        headerMap.put("typ","JWT");
        headerMap.put("alg","HS256");
        
        expireTime.setTime(expireTime.getTime() + 1000 * 60 * 1);
        String name = res.getParameter("name");
        String email = res.getParameter("email");
        
        Map<String, Object> map= new HashMap<String, Object>();
        map.put("name", name);
        map.put("email", email);
        
        JwtBuilder builder = Jwts.builder().setHeader(headerMap)
            .setClaims(map)
            .setExpiration(expireTime)
            .signWith(signatureAlgorithm, signingKey);
        
        return builder.compact();
    }
   
    @Override
    public HashMap<StringString> checkJwt(String jwt) throws Exception {
        HashMap<StringString> jwtInfo = new HashMap<StringString>();
        
        try {
            String secretKey = PropertiesService.getPropertiesValue(Constants.PROP_KEY_JWT_SECRET);
            logger.info("- token: "+ jwt);
            
            // base64 none
            byte[] token = secretKey.getBytes("UTF-8");
            // base64 check
//            byte[] token = DatatypeConverter.parseBase64Binary(secretKey);
            Claims claims = Jwts.parser().setSigningKey(token)
                    .parseClaimsJws(jwt).getBody(); // 정상 수행된다면 해당 토큰은 정상토큰
            jwtInfo.put("exp", claims.getExpiration().toString());
            jwtInfo.put("sno", claims.get("sno").toString());
            jwtInfo.put("result""OK");
            logger.info("- expireTime :" + claims.getExpiration());
            logger.info("- sno: "+ claims.get("sno").toString());
        } catch (ExpiredJwtException exception) {
            logger.info("token expired");
            jwtInfo.put("result""False");
        } catch (JwtException exception) {
            logger.info("token falsified");
            jwtInfo.put("result""False");
        }
        return jwtInfo;
    }
cs

반응형

'back' 카테고리의 다른 글

[Java] 일급콜렉션 : First Class Collection  (0) 2022.10.06
[TDD] 테스트주도개발  (0) 2022.10.04
[gradle] jar build, war build  (0) 2020.03.25

+ Recent posts