从 jwt 令牌中提取值
Extracting values from jwt token
我正在尝试创建一个新用户并使用 JWT 令牌对用户进行身份验证。正在创建令牌,但是当我尝试从令牌中提取值时,所有值都以 null 的形式返回。 jwtUtil.extractClaims() 应该从令牌中提取值,但所有值都是空值。
@GetMapping("/register/code/{token}")
public HashMap<String, Object> register(@PathVariable("token") String token, HttpServletResponse httpServletResponse) {
HashMap<String, Object> response = new HashMap<>();
System.out.println(token);
if (!jwtUtil.isTokenExpired(token)){
System.out.println("User");
User user = new User(
(String) jwtUtil.extractAllClaims(token).get("email"),
(String) jwtUtil.extractAllClaims(token).get("phoneNumber"),
(String) jwtUtil.extractAllClaims(token).get("ppUrl"),
(String) jwtUtil.extractAllClaims(token).get("password")
);
System.out.println("User email "+jwtUtil.extractAllClaims(token).get("email"));
String encodedPassword = passwordEncoder.encode(user.getPassword());
// System.out.println(encodedPassword + " THIS IS THE ENCODED PASSWORD" +
// authenticationRequest.getPassword());
user.setPassword(encodedPassword);
if (user.getProfilePicture() == null) {
user.setProfilePicture("default.png");
}
User savedUser = userRepository.save(user);
response.put("success", true);
response.put("message", "User Registered is Succesfull");
System.out.println("mail verified");
try {
httpServletResponse.sendRedirect("/app");
} catch (IOException e) {
e.printStackTrace();
}
return response;
} else {
response.put("success", false);
response.put("message", "User Registered is not Succesfull!");
return response;
}
}
extractClaims()如下:
public Claims extractAllClaims(String token) {
System.out.println(Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody());
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
}
我还能如何从令牌中提取值。
编辑以添加令牌生成代码:
public String generateToken(User user) {
Map<String, Object> claims = new HashMap<>();
claims.put("user", user);
return createToken(claims);
}
private String createToken(Map<String, Object> claims) {
System.out.println("Claims inside createToken "+claims);
return Jwts.builder().setClaims(claims).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();
}
尝试使用 extractClaim 而不是 extractAllClaims。所以像这样:
public String extractUsername(String token) {
return extractClaim(token, Claims::getSubject);
}
并创建方法 extractClaim:
public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
编辑:
您应该在使用 setSubject:
执行 Jwts 构建器时添加用户
return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();
您的代码的唯一问题是您将对象 (user) 添加到 Claims 并在 Claims 中调用对象的值而不用调用对象 (user).
首先你需要将物体拿在手中并从中获取信息。
尝试创建这样的用户:
System.out.println("User");
LinkedHashMap userVariables = jwtUtil.extractAllClaims(token)
.get("user", LinkedHashMap.class);
User user = new User(
(String) userVariables.get("email"),
(String) userVariables.get("phoneNumber"),
(String) userVariables.get("ppUrl"),
(String) userVariables.get("password")
);
我正在尝试创建一个新用户并使用 JWT 令牌对用户进行身份验证。正在创建令牌,但是当我尝试从令牌中提取值时,所有值都以 null 的形式返回。 jwtUtil.extractClaims() 应该从令牌中提取值,但所有值都是空值。
@GetMapping("/register/code/{token}")
public HashMap<String, Object> register(@PathVariable("token") String token, HttpServletResponse httpServletResponse) {
HashMap<String, Object> response = new HashMap<>();
System.out.println(token);
if (!jwtUtil.isTokenExpired(token)){
System.out.println("User");
User user = new User(
(String) jwtUtil.extractAllClaims(token).get("email"),
(String) jwtUtil.extractAllClaims(token).get("phoneNumber"),
(String) jwtUtil.extractAllClaims(token).get("ppUrl"),
(String) jwtUtil.extractAllClaims(token).get("password")
);
System.out.println("User email "+jwtUtil.extractAllClaims(token).get("email"));
String encodedPassword = passwordEncoder.encode(user.getPassword());
// System.out.println(encodedPassword + " THIS IS THE ENCODED PASSWORD" +
// authenticationRequest.getPassword());
user.setPassword(encodedPassword);
if (user.getProfilePicture() == null) {
user.setProfilePicture("default.png");
}
User savedUser = userRepository.save(user);
response.put("success", true);
response.put("message", "User Registered is Succesfull");
System.out.println("mail verified");
try {
httpServletResponse.sendRedirect("/app");
} catch (IOException e) {
e.printStackTrace();
}
return response;
} else {
response.put("success", false);
response.put("message", "User Registered is not Succesfull!");
return response;
}
}
extractClaims()如下:
public Claims extractAllClaims(String token) {
System.out.println(Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody());
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
}
我还能如何从令牌中提取值。
编辑以添加令牌生成代码:
public String generateToken(User user) {
Map<String, Object> claims = new HashMap<>();
claims.put("user", user);
return createToken(claims);
}
private String createToken(Map<String, Object> claims) {
System.out.println("Claims inside createToken "+claims);
return Jwts.builder().setClaims(claims).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();
}
尝试使用 extractClaim 而不是 extractAllClaims。所以像这样:
public String extractUsername(String token) {
return extractClaim(token, Claims::getSubject);
}
并创建方法 extractClaim:
public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
编辑: 您应该在使用 setSubject:
执行 Jwts 构建器时添加用户return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();
您的代码的唯一问题是您将对象 (user) 添加到 Claims 并在 Claims 中调用对象的值而不用调用对象 (user).
首先你需要将物体拿在手中并从中获取信息。
尝试创建这样的用户:
System.out.println("User");
LinkedHashMap userVariables = jwtUtil.extractAllClaims(token)
.get("user", LinkedHashMap.class);
User user = new User(
(String) userVariables.get("email"),
(String) userVariables.get("phoneNumber"),
(String) userVariables.get("ppUrl"),
(String) userVariables.get("password")
);