* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE; * you may not use this file except in compliance with the License. * You may obtain a copy of the License at *
* http://www.gnu.org/licenses/lgpl.html *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springblade.core.secure.utils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springblade.core.secure.BladeUser;
import org.springblade.core.tool.date.DateField;
import org.springblade.core.tool.date.DateTime;
import org.springblade.core.tool.date.DateUtil;
import org.springblade.core.tool.utils.Func;
import org.springblade.core.tool.utils.WebUtil;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.xml.bind.DatatypeConverter;
import java.security.Key;
import java.util.Date;
import java.util.Map;
/**
* Secure工具类
*/
public class SecureUtil {
public final static String header = "Authorization";
public final static String bearer = "bearer";
public final static String account = "account";
public final static String userId = "userId";
public final static String roleId = "roleId";
public final static String userName = "userName";
public final static String roleName = "roleName";
private static String base64Security = DatatypeConverter.printBase64Binary("SpringBlade".getBytes());
/**
* 获取用户信息
*
* @return
*/
public static BladeUser getUser() {
return getUser(WebUtil.getRequest());
}
/**
* 获取用户信息
*
* @return
*/
public static BladeUser getUser(HttpServletRequest request) {
Claims claims = getClaims(request);
if (claims == null) {
return new BladeUser();
}
Integer userId = Func.toInt(claims.get(SecureUtil.userId));
String roleId = Func.toStr(claims.get(SecureUtil.roleId));
String account = Func.toStr(claims.get(SecureUtil.account));
String roleName = Func.toStr(claims.get(SecureUtil.roleName));
BladeUser bladeUser = new BladeUser();
bladeUser.setAccount(account);
bladeUser.setUserId(userId);
bladeUser.setRoleId(roleId);
bladeUser.setRoleName(roleName);
return bladeUser;
}
/**
* 获取Claims
*
* @return
*/
public static Claims getClaims(HttpServletRequest request) {
String auth = request.getHeader(SecureUtil.header);
if ((auth != null) && (auth.length() > 7)) {
String HeadStr = auth.substring(0, 6).toLowerCase();
if (HeadStr.compareTo(SecureUtil.bearer) == 0) {
auth = auth.substring(7);
return SecureUtil.parseJWT(auth);
}
}
return null;
}
/**
* 获取请求头
*
* @return
*/
public static String getHeader() {
return getHeader(WebUtil.getRequest());
}
/**
* 获取请求头
*
* @param request
* @return
*/
public static String getHeader(HttpServletRequest request) {
return request.getHeader(header);
}
/**
* 解析jsonWebToken
*
* @param jsonWebToken
* @return
*/
public static Claims parseJWT(String jsonWebToken) {
try {
Claims claims = Jwts.parser()
.setSigningKey(DatatypeConverter.parseBase64Binary(base64Security))
.parseClaimsJws(jsonWebToken).getBody();
return claims;
} catch (Exception ex) {
return null;
}
}
/**
* 创建jwt
*
* @param user 用户
* @param audience audience
* @param issuer issuer
* @param isExpire isExpire
* @return
*/
public static String createJWT(Map