iboss-server-oauth/src/main/java/com/dk/oauth/util/JwtUtil.java

package com.dk.oauth.util;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.dk.common.infrastructure.constant.OauthConstants;
import lombok.extern.slf4j.Slf4j;
import org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest;

import javax.servlet.http.HttpServletRequest;
import java.util.Date;

@Slf4j
public class JwtUtil {
    public static final String SHIRO_USER_NAME = "username";
    public static final String SHIRO_USER_ID = "userId";
    public static final String SHIRO_USER_WX_ID = "userWxId";
    public static final String SHIRO_CP_ID = "cpId";
    public static final String SHIRO_CP_CODE = "cpCode";
    public static final String SHIRO_CLIENT_ID = "clientId";
    public static final String SHIRO_APP_CODE = "appCode";
    public static final String SHIRO_USER_SALT = "salt";
    public static final String SHIRO_ISSUER = "Issuer";
    public static final String SHIRO_SUBJECT = "long_token";
    public static final String SHIRO_GRANT_TYPE = "grantType";
    public static final String SHIRO_APP_LANG = "lang";

    /**
     * 校验token是否正确
     *
     * @param token 密钥
     * @param salt  盐值
     * @return 是否正确
     */
    public static boolean verify(String token, String salt) {
        try {
            Algorithm algorithm = Algorithm.HMAC256(salt);
            JWTVerifier verifier = JWT.require(algorithm)
                    // 签发人
                    .withIssuer(SHIRO_ISSUER)
                    // 主题
                    .withSubject(SHIRO_SUBJECT)
                    // 签发的目标
                    //.withAudience(jwtProperties.getAudience())
                    .build();
            DecodedJWT jwt = verifier.verify(token);
            if (jwt != null) {
                return true;
            }
        } catch (Exception e) {
            log.error("The token is invalid{}", e.getMessage());
        }
        return false;
    }

    /**
     * 获取AES解密token
     *
     * @param request
     * @return
     */
    public static String getDecryptToken(HttpServletRequest request, String AESKey) {
        String token = "";
        try {
            // 构建 OAuth2 资源请求
            OAuthAccessResourceRequest oauthRequest = new OAuthAccessResourceRequest(request);
            // 获取Access Token
            String accessToken = oauthRequest.getAccessToken();
            token = AESSecurityUtil.decrypt(AESKey, accessToken);
            return token;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /**
     * @desc : 获取token中UserName
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getUserName(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_USER_NAME).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * @desc : 获取token中UserId
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getUserId(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_USER_ID).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * @desc : 获取token中UserWxId
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getUserWxId(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_USER_WX_ID).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * @desc : 获取token中CpId
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getCPId(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_CP_ID).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * @desc : 获取token中CpCode
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getCpCode(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_CP_CODE).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * @desc : 获取token中Lang
     * @author : 周兴
     * @date : 2023/2/26 16:32
     */
    public static String getLang(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_APP_LANG).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    public static String getGrantType(String token) {
        try {
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim(SHIRO_GRANT_TYPE).asString();
        } catch (JWTDecodeException e) {
            log.error("error：{}", e.getMessage());
            return null;
        }
    }

    /**
     * 解析token，获取token数据
     *
     * @param token
     * @return
     */
    public static DecodedJWT getJwtInfo(String token) {
        return JWT.decode(token);
    }

    /**
     * 生成TOKEN,24小时后过期
     *
     * @param username 用户名
     * @param salt     盐值
     * @return 加密的token
     */
    public static String sign(String username, String userId, String userWxId, String appCode, String clientId, String salt, String cpId, String cpCode, String lang) {
        Date expireDate = new Date(System.currentTimeMillis() + OauthConstants.EXPIRES_IN);
        //加盐值
        Algorithm algorithm = Algorithm.HMAC256(salt);
        // 附带username信息
        return JWT.create()
                .withClaim(SHIRO_USER_NAME, username)
                .withClaim(SHIRO_USER_ID, userId)
                .withClaim(SHIRO_USER_WX_ID, userWxId)
                .withClaim(SHIRO_CP_ID, cpId)
                .withClaim(SHIRO_CP_CODE, cpCode)
                .withClaim(SHIRO_APP_CODE, appCode)
                .withClaim(SHIRO_CLIENT_ID, clientId)
                .withClaim(SHIRO_USER_SALT, salt)
                .withClaim(SHIRO_APP_LANG, lang)
                // jwt唯一id
                .withJWTId(uuid32())
                // 签发人
                .withIssuer(SHIRO_ISSUER)
                // 主题
                .withSubject(SHIRO_SUBJECT)
                // 签发的目标
                //.withAudience(jwtProperties.getAudience())
                // 签名时间
                .withIssuedAt(new Date())
                // token过期时间
                .withExpiresAt(expireDate)
                // 签名
                .sign(algorithm);
    }

    public static String sign(String username, String userId, String userWxId, String appCode, String clientId, String salt, String grantType, String cpId, String cpCode, String lang) {
        Date expireDate = new Date(System.currentTimeMillis() + OauthConstants.EXPIRES_IN);
        //加盐值
        Algorithm algorithm = Algorithm.HMAC256(salt);
        // 附带username信息
        return JWT.create()
                .withClaim(SHIRO_USER_NAME, username)
                .withClaim(SHIRO_USER_ID, userId)
                .withClaim(SHIRO_USER_WX_ID, userWxId)
                .withClaim(SHIRO_CP_ID, cpId)
                .withClaim(SHIRO_CP_CODE, cpCode)
                .withClaim(SHIRO_APP_CODE, appCode)
                .withClaim(SHIRO_CLIENT_ID, clientId)
                .withClaim(SHIRO_USER_SALT, salt)
                .withClaim(SHIRO_GRANT_TYPE, grantType)
                .withClaim(SHIRO_APP_LANG, lang)
                // jwt唯一id
                .withJWTId(uuid32())
                // 签发人
                .withIssuer(SHIRO_ISSUER)
                // 主题
                .withSubject(SHIRO_SUBJECT)
                // 签发的目标
                //.withAudience(jwtProperties.getAudience())
                // 签名时间
                .withIssuedAt(new Date())
                // token过期时间
                .withExpiresAt(expireDate)
                // 签名
                .sign(algorithm);
    }

    public static String sign(String username, String clientId, String salt, String cpId, String cpCode, String lang) {
        Date expireDate = new Date(System.currentTimeMillis() + OauthConstants.EXPIRES_IN);
        //加盐值
        Algorithm algorithm = Algorithm.HMAC256(salt);
        // 附带username信息
        return JWT.create()
                .withClaim(SHIRO_USER_NAME, username)
                .withClaim(SHIRO_CP_ID, cpId)
                .withClaim(SHIRO_CP_CODE, cpCode)
                .withClaim(SHIRO_CLIENT_ID, clientId)
                .withClaim(SHIRO_USER_SALT, salt)
                .withClaim(SHIRO_APP_LANG, lang)
                // jwt唯一id
                .withJWTId(uuid32())
                // 签发人
                .withIssuer(SHIRO_ISSUER)
                // 主题
                .withSubject(SHIRO_SUBJECT)
                // 签发的目标
                //.withAudience(jwtProperties.getAudience())
                // 签名时间
                .withIssuedAt(new Date())
                // token过期时间
                .withExpiresAt(expireDate)
                // 签名
                .sign(algorithm);
    }

    public static String uuid32() {
        return java.util.UUID.randomUUID().toString().replace("-", "");
    }


}