java与第三方对接，JWT实现单点登录

1、依赖下载地址

jose4j-0.9.2.jar下载地址：https://repo1.maven.org/maven2/org/bitbucket/b_c/jose4j/0.9.3/jose4j-0.9.3.jar

JWT-SDK-1.1.1_1.8.jar下载地址（我的是JDK1.8）：
https://idaas-hangzhou-developer.oss-cn-hangzhou.aliyuncs.com/developer/java/jwt/JWT-SDK-1.1.1_1.8.zip?spm=a2c4g.11186623.0.0.60f26945OSTv22&file=JWT-SDK-1.1.1_1.8.zip

2、引入JWT依赖
JWT-SDK-1.1.1_1.8.jar、jose4j-0.9.2.jar

3、编写代码

package sso12;import com.alibaba.fastjson.JSON;
import com.idsmanager.dingdang.jwt.DingdangUserRetriever;
import org.apache.commons.lang.StringUtils;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.jose4j.lang.JoseException;
import turboweb.sso.Oauth2Entrance;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;import java.io.IOException;/*** @author zhouhj* @date 2023-02-07 15:09**/
@WebServlet(name = "jwtlogin", urlPatterns = { "/jwtlogin" })
public class JWTLogin extends HttpServlet {//外部访问该servlet的地址: http://自己ip跟端口/jwtlogin/id_token="..." //JWT开发文档地址：https://help.aliyun.com/document_detail/167870.html?spm=a2c4g.11186623.0.0.2ddd5967V45zNs//PublicKey秘钥用于signature(签名)部分加密解密 ，填写生成id_token时的秘钥（或三方给你的）  private static final String PublicKey="...";protected void doPost(HttpServletRequest req, HttpServletResponse resp) {//获取id_tokenString id_token = req.getParameter("id_token");System.out.println("######zy_jwtlogin id_token :"+id_token);//验证id_tokenif(StringUtils.isNotEmpty(id_token)){String verifyMsg = verify(id_token, PublicKey);System.out.println("########verify state:" + verifyMsg);}}protected String verify(String id_token, String PublicKey){//1.使用公钥，解析 id_token;使用PublicKey解析上一步获取的 id_token 令牌，并验证id_token//DingdangUserRetriever retriever = new DingdangUserRetriever(id_token,PublicKey);JWTLogin.Dingdang retriever = new JWTLogin.Dingdang(id_token,PublicKey);DingdangUserRetriever.User user = null;String account = null;try {//2.获取用户信息user = retriever.retrieve();if(user != null){account = user.getUsername();String email = user.getEmail();account = account !=null ? account : email;System.out.println("########mailaccount:"+account);//3.判断邮箱账号是否存在，调用自己系统方法boolean isExistAccount = isExistedAccount(account);if (isExistAccount) {//4.如果用户存在,则登录成功，跳转到首页//TODO} else {return "user not exist";}}else{return "userinfo is null";}} catch (Exception e) {return "zy_jwtlogin sso login error";}return "ok";}static class Dingdang extends DingdangUserRetriever{public Dingdang(String jwtToken, String publicKey) {super(jwtToken, publicKey);}/*** 验证token是否正确* @return* @throws JoseException* @throws IOException*/@Overridepublic DingdangUserRetriever.User retrieve() throws JoseException, IOException {JsonWebSignature jws = this.initJWTSignature();jws.setKey(JsonWebKey.Factory.newJwk(this.publicKey).getKey());boolean verifySignature = jws.verifySignature();System.out.println("####### id_token verify result:"+verifySignature);return verifySignature ? checkingAndGetUser(jws) : null;}/*** 获取载荷信息赋给User对象* @param jws* @return* @throws JoseException* @throws IOException*/@Overrideprotected DingdangUserRetriever.User checkingAndGetUser(JsonWebSignature jws) throws JoseException, IOException {String payload = jws.getPayload();DingdangUserRetriever.User user = JSON.parseObject(payload,DingdangUserRetriever.User.class);System.out.println("#########userInfo:"+user.toString());if (this.checkingExpired) {try {boolean expired = this.checkingIdTokenExpired(payload);if (expired) {System.out.println("########## id_token expired check fail");return null;}} catch (InvalidJwtException | MalformedClaimException var5) {throw new JoseException("Invalid JWT, payload: " + payload, var5);}}return user;}}protected void doGet(HttpServletRequest req, HttpServletResponse resp) {this.doPost(req, resp);}
}

本文来自互联网用户投稿，文章观点仅代表作者本人，不代表本站立场，不承担相关法律责任。如若转载，请注明出处。 如若内容造成侵权/违法违规/事实不符，请点击【内容举报】进行投诉反馈！