JSON 具有 HMAC 保护的 Web 令牌 (JWT) - 导致版本 4.23 出错

JSON Web Token (JWT) with HMAC protection - causing error with version 4.23

我之前使用的是 nimbus-jose-jwt 版本 3.12,下面的代码运行良好。但是当我更新 nimbus-jose-jwt 版本 4.23 时,我看到以下错误

java.lang.Error: Unresolved compilation problems: 
    The constructor JWTClaimsSet() is undefined
    The method setSubject(String) is undefined for the type JWTClaimsSet
    The method setIssuer(String) is undefined for the type JWTClaimsSet
    The method setExpirationTime(Date) is undefined for the type JWTClaimsSet

    at springdemo.jwt.JWTWithHMACProtection.test(JWTWithHMACProtection.java:32)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.junit.runners.model.FrameworkMethod.runReflectiveCall(FrameworkMethod.java:50)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:290)
    at org.junit.runners.ParentRunner.schedule(ParentRunner.java:71)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
    at org.junit.runners.ParentRunner.access[=11=]0(ParentRunner.java:58)
    at org.junit.runners.ParentRunner.evaluate(ParentRunner.java:268)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
    at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
    at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)

不知道需要修改什么代码,请指导

参考代码:

@Test
    public void test() throws KeyLengthException {
        // Generate random 256-bit (32-byte) shared secret
        SecureRandom random = new SecureRandom();
        byte[] sharedSecret = new byte[32];
        random.nextBytes(sharedSecret);

        // Create HMAC signer
        JWSSigner signer = new MACSigner(sharedSecret);

        // Prepare JWT with claims set
        JWTClaimsSet claimsSet = new JWTClaimsSet();
        claimsSet.setSubject("alice");
        claimsSet.setIssuer("https://c2id.com");
        claimsSet.setExpirationTime(new Date(new Date().getTime() + 60 * 1000));

        SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);

        // Apply the HMAC protection
        signedJWT.sign(signer);

        // Serialize to compact form, produces something like
        // eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
        String s = signedJWT.serialize();

        // On the consumer side, parse the JWS and verify its HMAC
        signedJWT = SignedJWT.parse(s);

        JWSVerifier verifier = new MACVerifier(sharedSecret);

        Assert.assertTrue(signedJWT.verify(verifier));

        // Retrieve / verify the JWT claims according to the app requirements
        Assert.assertEquals("alice", signedJWT.getJWTClaimsSet().getSubject());
        Assert.assertEquals("https://c2id.com", signedJWT.getJWTClaimsSet().getIssuer());
        Assert.assertTrue(new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime()));
    }

我找到了这个问题的解决方案。只需使用以下代码。完毕!最新代码

@Test
    public void test() throws JOSEException, ParseException {
        // Generate random 256-bit (32-byte) shared secret
        SecureRandom random = new SecureRandom();
        byte[] sharedSecret = new byte[32];
        random.nextBytes(sharedSecret);

        // Create HMAC signer
        JWSSigner signer = new MACSigner(sharedSecret);

        // Prepare JWT with claims set
        JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
                 .subject("alice")
                 .issuer("https://c2id.com")
                 .expirationTime(addOneHour(new Date()))
                 .claim("http://example.com/is_root", true)
                 .build();

        SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);

        // Apply the HMAC protection
        signedJWT.sign(signer);

        // Serialize to compact form, produces something like
        // eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
        String token = signedJWT.serialize();
        System.out.println("Token : "+token);

        // On the consumer side, parse the JWS and verify its HMAC
        signedJWT = SignedJWT.parse(token);

        JWSVerifier verifier = new MACVerifier(sharedSecret);

        Assert.assertTrue(signedJWT.verify(verifier));

        // Retrieve / verify the JWT claims according to the app requirements
        Assert.assertEquals("alice", signedJWT.getJWTClaimsSet().getSubject());
        Assert.assertEquals("https://c2id.com", signedJWT.getJWTClaimsSet().getIssuer());

        Date date1 = new Date();
        Date date2 = signedJWT.getJWTClaimsSet().getExpirationTime();

        Assert.assertTrue(date1.compareTo(date2) > 0);
    }

    private Date addOneHour(Date currentDate){
        DateTime dateTime = new DateTime(currentDate);
        Date plusOnehour = dateTime.toDate();
        return plusOnehour;
    }