【jwt】完善jwt的校验机制

2021-01-02 19:48:23 +08:00 · 2021-01-02 19:48:23 +08:00 · f9f016698d
parent 75ae49bfa9
commit f9f016698d
4 changed files with 35 additions and 10 deletions
--- a/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/JwtApi.java
+++ b/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/JwtApi.java
@ -55,6 +55,13 @@ public interface JwtApi {

    /**
     * 校验jwt token是否正确
+     * <p>
+     * 不正确的token有两种：
+     * <p>
+     * 1. 第一种是jwt token过期了
+     * 2. 第二种是jwt本身是错误的
+     * <p>
+     * 本方法只会响应正确还是错误
     *
     * @param token jwt的token
     * @return true-token正确，false-token错误或失效
@ -64,7 +71,12 @@ public interface JwtApi {
    boolean validateToken(String token);

    /**
-     * 校验jwt token是否正确，如果jwt异常，或者jwt过期，则直接抛出异常
+     * 校验jwt token是否正确，如果参数token是错误的会抛出对应异常
+     * <p>
+     * 不正确的token有两种：
+     * <p>
+     * 1. 第一种是jwt token过期了
+     * 2. 第二种是jwt本身是错误的
     *
     * @param token jwt的token
     * @throws JwtException Jwt相关的业务异常
@ -74,13 +86,13 @@ public interface JwtApi {
    void validateTokenWithException(String token) throws JwtException;

    /**
-     * 获取 token 的失效时间
+     * 校验jwt token是否失效了
     *
     * @param token jwt token
     * @return true-token失效，false-token没失效
     * @author fengshuonan
     * @date 2020/10/21 11:56
     */
-    boolean getTokenExpiredFlag(String token);
+    boolean validateTokenIsExpired(String token);

 }
--- a/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/exception/JwtException.java
+++ b/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/exception/JwtException.java
@ -1,5 +1,6 @@
 package cn.stylefeng.roses.kernel.jwt.api.exception;

+import cn.hutool.core.util.StrUtil;
 import cn.stylefeng.roses.kernel.jwt.api.constants.JwtConstants;
 import cn.stylefeng.roses.kernel.rule.abstracts.AbstractExceptionEnum;
 import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
@ -12,8 +13,8 @@ import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
 */
 public class JwtException extends ServiceException {

-    public JwtException(AbstractExceptionEnum exception, String userTip) {
-        super(JwtConstants.JWT_MODULE_NAME, exception.getErrorCode(), userTip);
+    public JwtException(AbstractExceptionEnum exception, Object... params) {
+        super(JwtConstants.JWT_MODULE_NAME, exception.getErrorCode(), StrUtil.format(exception.getUserTip(), params));
    }

    public JwtException(AbstractExceptionEnum exception) {
--- a/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/exception/enums/JwtExceptionEnum.java
+++ b/kernel-d-jwt/jwt-api/src/main/java/cn/stylefeng/roses/kernel/jwt/api/exception/enums/JwtExceptionEnum.java
@ -17,7 +17,12 @@ public enum JwtExceptionEnum implements AbstractExceptionEnum {
    /**
     * jwt解析异常
     */
-    JWT_PARSE_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + JwtConstants.JWT_EXCEPTION_STEP_CODE + "01", "jwt解析错误！jwt为：{}");
+    JWT_PARSE_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + JwtConstants.JWT_EXCEPTION_STEP_CODE + "01", "jwt解析错误！jwt为：{}"),
+
+    /**
+     * jwt过期了
+     */
+    JWT_EXPIRED_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + JwtConstants.JWT_EXCEPTION_STEP_CODE + "02", "jwt过期了！jwt为：{}");

    /**
     * 错误编码
--- a/kernel-d-jwt/jwt-sdk/src/main/java/cn/stylefeng/roses/kernel/jwt/JwtTokenOperator.java
+++ b/kernel-d-jwt/jwt-sdk/src/main/java/cn/stylefeng/roses/kernel/jwt/JwtTokenOperator.java
@ -4,9 +4,9 @@ import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.date.DateTime;
 import cn.hutool.core.date.DateUtil;
-import cn.hutool.core.util.StrUtil;
 import cn.stylefeng.roses.kernel.jwt.api.JwtApi;
 import cn.stylefeng.roses.kernel.jwt.api.exception.JwtException;
+import cn.stylefeng.roses.kernel.jwt.api.exception.enums.JwtExceptionEnum;
 import cn.stylefeng.roses.kernel.jwt.api.pojo.config.JwtConfig;
 import cn.stylefeng.roses.kernel.jwt.api.pojo.payload.DefaultJwtPayload;
 import io.jsonwebtoken.Claims;
@ -90,16 +90,23 @@ public class JwtTokenOperator implements JwtApi {

    @Override
    public void validateTokenWithException(String token) throws JwtException {
+
+        // 1.先判断是否是token过期了
+        boolean tokenIsExpired = this.validateTokenIsExpired(token);
+        if (tokenIsExpired) {
+            throw new JwtException(JwtExceptionEnum.JWT_EXPIRED_ERROR, token);
+        }
+
+        // 2.判断是否是jwt本身的错误
        try {
            getJwtPayloadClaims(token);
        } catch (io.jsonwebtoken.JwtException jwtException) {
-            String userTip = StrUtil.format(JWT_PARSE_ERROR.getUserTip(), token);
-            throw new JwtException(JWT_PARSE_ERROR, userTip);
+            throw new JwtException(JWT_PARSE_ERROR, token);
        }
    }

    @Override
-    public boolean getTokenExpiredFlag(String token) {
+    public boolean validateTokenIsExpired(String token) {
        try {
            Claims claims = getJwtPayloadClaims(token);
            final Date expiration = claims.getExpiration();