POM
|
1
2
3
4
5
|
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
|
cs |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
@Override
public String makeJwt(HttpServletRequest res) throws Exception {
String secretKey = PropertiesService.getPropertiesValue(Constants.PROP_KEY_JWT_SECRET);
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
Date expireTime = new Date();
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(secretKey);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
Map<String, Object> headerMap = new HashMap<String, Object>();
headerMap.put("typ","JWT");
headerMap.put("alg","HS256");
expireTime.setTime(expireTime.getTime() + 1000 * 60 * 1);
String name = res.getParameter("name");
String email = res.getParameter("email");
Map<String, Object> map= new HashMap<String, Object>();
map.put("name", name);
map.put("email", email);
JwtBuilder builder = Jwts.builder().setHeader(headerMap)
.setClaims(map)
.setExpiration(expireTime)
.signWith(signatureAlgorithm, signingKey);
return builder.compact();
}
@Override
public HashMap<String, String> checkJwt(String jwt) throws Exception {
HashMap<String, String> jwtInfo = new HashMap<String, String>();
try {
String secretKey = PropertiesService.getPropertiesValue(Constants.PROP_KEY_JWT_SECRET);
logger.info("- token: "+ jwt);
// base64 none
byte[] token = secretKey.getBytes("UTF-8");
// base64 check
// byte[] token = DatatypeConverter.parseBase64Binary(secretKey);
Claims claims = Jwts.parser().setSigningKey(token)
.parseClaimsJws(jwt).getBody(); // 정상 수행된다면 해당 토큰은 정상토큰
jwtInfo.put("exp", claims.getExpiration().toString());
jwtInfo.put("sno", claims.get("sno").toString());
jwtInfo.put("result", "OK");
logger.info("- expireTime :" + claims.getExpiration());
logger.info("- sno: "+ claims.get("sno").toString());
} catch (ExpiredJwtException exception) {
logger.info("token expired");
jwtInfo.put("result", "False");
} catch (JwtException exception) {
logger.info("token falsified");
jwtInfo.put("result", "False");
}
return jwtInfo;
}
|
cs |
반응형
'back' 카테고리의 다른 글
| [Java] 일급콜렉션 : First Class Collection (0) | 2022.10.06 |
|---|---|
| [TDD] 테스트주도개발 (0) | 2022.10.04 |
| [gradle] jar build, war build (0) | 2020.03.25 |