jwt是json web token的缩写,常用于安全校验
jwt的组成
jwt有三部分组成,用.
拼接
这三部分是
-
Header(数据类型和加密算法类型)
{ 'typ': 'JWT', 'alg': 'HS256' }
-
Payload (存放有效信息)
{ 'sub': '1234567890', 'name': 'john', 'admin': true }
-
signatrue 对前两个部分进行再编码
var encodeString = base64UrlEncode(header) + '.' + base64UrlEncode(payload) var signatrue = HMACSHA256(encodedString, 'secret')
依赖
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-core</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>