package foundation.token; import java.util.Date; import java.util.HashMap; import java.util.Map; import org.json.JSONObject; import com.nimbusds.jose.JOSEObjectType; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSHeader; import com.nimbusds.jose.JWSObject; import com.nimbusds.jose.JWSVerifier; import com.nimbusds.jose.Payload; import com.nimbusds.jose.crypto.MACSigner; import com.nimbusds.jose.crypto.MACVerifier; import foundation.server.config.Configer; import foundation.util.ContentBuilder; import foundation.util.Util; @SuppressWarnings("deprecation") public class UserToken { private static int OverMinute = 20; private static JWSHeader header; private static String secretKey; private String userId; private String onlineCode; private long createTime; private long expireTime; private String encrypted; private boolean valid; private boolean empty; static { OverMinute = Integer.parseInt(Configer.getString("tokenOverTime")); header = new JWSHeader(JWSAlgorithm.HS256, JOSEObjectType.JWT, null, null, null, null, null, null, null, null, null, null, null); secretKey = "kwq8a_B6WMqHOrEi-gFR5rRPmPL7qoShZJn0VFfXpXc1Yfw6BfVrliAP9C4";//Configer.getString("tokenSecretKey", "foundation"); } public static UserToken getInstance(String token) { String encrypted = token; UserToken result = new UserToken(); if (Util.isEmpty(encrypted)) { return result; } try { result.encrypted = encrypted; result.parse(); } catch (Exception e) { result.userId = token; } return result; } public static UserToken getInstance(String userId, String onlineCode) { UserToken result = new UserToken(); result.userId = userId; result.onlineCode = onlineCode; result.createTime = (new Date()).getTime(); result.expireTime = result.createTime + 1000 * 60 * OverMinute; result.compile(); return result; } private UserToken() { } private void parse() throws Exception { if (Util.isEmpty(encrypted)) { valid = false; } JWSObject jwsObject = JWSObject.parse(encrypted); Payload payload = jwsObject.getPayload(); JWSVerifier verifier = new MACVerifier(secretKey.getBytes()); if(!jwsObject.verify(verifier)) { throw new Exception("invalid token"); } String value = payload.toString(); JSONObject json = new JSONObject(value); if (json.has("userId")) { userId = json.getString("userId"); } if (json.has("onlineCode")) { onlineCode = json.getString("onlineCode"); } if (json.has("expiretime")) { expireTime = json.getLong("expiretime"); } if (json.has("createtime")) { createTime = json.getLong("createtime"); } } private void compile() { try { Map dataMap = new HashMap(); dataMap.put("userId", userId); dataMap.put("onlineCode", String.valueOf(createTime)); // dataMap.put("createtime", createTime); dataMap.put("expiretime", expireTime); //1. JSONObject jsonObject = new JSONObject(dataMap); byte[] bytes = jsonObject.toString().getBytes(); Payload payload = new Payload(bytes); //2. JWSObject jwsObject = new JWSObject(header, payload); jwsObject.sign(new MACSigner(secretKey.getBytes())); //3. encrypted = jwsObject.serialize(); valid = true; } catch (Exception e) { e.printStackTrace(); } } public boolean validate() { if (Util.isEmpty(userId)) { return false; } long curTime = new Date().getTime(); if (curTime > expireTime && expireTime != 0) { return false; } return true; } public String getContent() { return encrypted; } public boolean isValid() { return valid; } public boolean isEmpty() { return empty; } public String getUserId() { return userId; } public String getOnlineCode() { return onlineCode; } @Override public String toString() { ContentBuilder result = new ContentBuilder(", "); result.append("userId=" + userId); result.append("onlineCode=" + onlineCode); result.append("createTime=" + createTime); result.append("expireTime=" + expireTime); result.append("secretKey=" + secretKey); result.append("encrypted=" + encrypted); return result.toString(); } public static void main(String[] args) { UserToken userToken = UserToken.getInstance("admin", "1234567890"); System.out.println(userToken.getContent()); } }