如何使用ApacheCommons编解码器在java中解码JWT(头和体)?
我正在寻找使用ApacheCommons编解码器解码以下如何使用ApacheCommons编解码器在java中解码JWT(头和体)?,apache,jwt,apache-commons-codec,Apache,Jwt,Apache Commons Codec,我正在寻找使用ApacheCommons编解码器解码以下JWT。我们如何做到这一点 eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX0FETUlOIiwiaXNzIjoibXlzZ WxmIiwiZXhwIjoxNDcxMDg2MzgxfQ.1EI2haSz9aMsHjFUXNVz2Z4mtC0nMdZo6bo3-x-aRpw 这应该检索标题,正文和签名部分。代码是什么?给你: import org.apache.co
JWT
。我们如何做到这一点
eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX0FETUlOIiwiaXNzIjoibXlzZ
WxmIiwiZXhwIjoxNDcxMDg2MzgxfQ.1EI2haSz9aMsHjFUXNVz2Z4mtC0nMdZo6bo3-x-aRpw
这应该检索标题
,正文
和签名
部分。代码是什么?给你:
import org.apache.commons.codec.binary.Base64;
@Test
public void testDecodeJWT(){
String jwtToken = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX0FETUlOIiwiaXNzIjoibXlzZWxmIiwiZXhwIjoxNDcxMDg2MzgxfQ.1EI2haSz9aMsHjFUXNVz2Z4mtC0nMdZo6bo3-x-aRpw";
System.out.println("------------ Decode JWT ------------");
String[] split_string = jwtToken.split("\\.");
String base64EncodedHeader = split_string[0];
String base64EncodedBody = split_string[1];
String base64EncodedSignature = split_string[2];
System.out.println("~~~~~~~~~ JWT Header ~~~~~~~");
Base64 base64Url = new Base64(true);
String header = new String(base64Url.decode(base64EncodedHeader));
System.out.println("JWT Header : " + header);
System.out.println("~~~~~~~~~ JWT Body ~~~~~~~");
String body = new String(base64Url.decode(base64EncodedBody));
System.out.println("JWT Body : "+body);
}
输出结果如下:
------------ Decode JWT ------------
~~~~~~~~~ JWT Header ~~~~~~~
JWT Header : {"alg":"HS256"}
~~~~~~~~~ JWT Body ~~~~~~~
JWT Body : {"sub":"test","roles":"ROLE_ADMIN","iss":"myself","exp":1471086381}
以下是一种非包导入方式:
java.util.Base64.Decoder decoder = java.util.Base64.getUrlDecoder();
String[] parts = jwtToken.split("\\."); // split out the "parts" (header, payload and signature)
String headerJson = new String(decoder.decode(parts[0]));
String payloadJson = new String(decoder.decode(parts[1]));
//String signatureJson = new String(decoder.decode(parts[2]));
不管怎样(不管是org.apache.commons.codec.binary.Base64 SiKing'sanswer的替代方案)。。。您可能还希望将这些json片段推送到pojo
然后,您可以将这些json片段转换为pojo
头是“动态的”(如中所示,您事先不知道所有的头名称),因此您可能希望转换为键值对(在java中称为“映射”)
如果将来不再存在,只需在互联网上搜索“online json to pojo”,您可能会发现一些东西
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Map;
public class JwtTokenHeaders {
private final Map<String, Object> jsonMap; // = new HashMap<String, Object>();
public JwtTokenHeaders(String jsonString) {
ObjectMapper mapper = new ObjectMapper();
//String jsonString = "{\"name\":\"JavaInterviewPoint\", \"department\":\"blogging\"}";
//Map<String, Object> jsonMap = new HashMap<String, Object>();
try {
// convert JSON string to Map
this.jsonMap = mapper.readValue(jsonString,
new TypeReference<Map<String, String>>() {
});
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
@Override
public String toString() {
return org.apache.commons.lang3.builder.ToStringBuilder.reflectionToString(this);
}
}
//import com.fasterxml.jackson.databind.DeserializationFeature;
//import com.fasterxml.jackson.databind.ObjectMapper;
ObjectMapper mapper = new ObjectMapper();
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
MyPojo tp = mapper.readValue(payloadJson, MyPojo.class);