我正在尝试创建一个新用户,并使用JWT令牌对用户进行身份验证。令牌正在创建,但当我试图从令牌中提取值时,所有值都被返回为null。jwtUtil.extractClaims()应该从令牌中提取值,但所有值都为空。
@GetMapping("/register/code/{token}")
public HashMap<String, Object> register(@PathVariable("token") String token, HttpServletResponse httpServletResponse) {
HashMap<String, Object> response = new HashMap<>();
System.out.println(token);
if (!jwtUtil.isTokenExpired(token)){
System.out.println("User");
User user = new User(
(String) jwtUtil.extractAllClaims(token).get("email"),
(String) jwtUtil.extractAllClaims(token).get("phoneNumber"),
(String) jwtUtil.extractAllClaims(token).get("ppUrl"),
(String) jwtUtil.extractAllClaims(token).get("password")
);
System.out.println("User email "+jwtUtil.extractAllClaims(token).get("email"));
String encodedPassword = passwordEncoder.encode(user.getPassword());
// System.out.println(encodedPassword + " THIS IS THE ENCODED PASSWORD" +
// authenticationRequest.getPassword());
user.setPassword(encodedPassword);
if (user.getProfilePicture() == null) {
user.setProfilePicture("default.png");
}
User savedUser = userRepository.save(user);
response.put("success", true);
response.put("message", "User Registered is Succesfull");
System.out.println("mail verified");
try {
httpServletResponse.sendRedirect("/app");
} catch (IOException e) {
e.printStackTrace();
}
return response;
} else {
response.put("success", false);
response.put("message", "User Registered is not Succesfull!");
return response;
}
}
extractClaims()如下:
public Claims extractAllClaims(String token) {
System.out.println(Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody());
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
}
我还可以如何从令牌中提取值。
编辑添加令牌生成代码:
public String generateToken(User user) {
Map<String, Object> claims = new HashMap<>();
claims.put("user", user);
return createToken(claims);
}
private String createToken(Map<String, Object> claims) {
System.out.println("Claims inside createToken "+claims);
return Jwts.builder().setClaims(claims).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();
}
您的代码的唯一问题是,您添加了一个对象(用户)Claims,并调用Claims中对象的值,而不调用对象(用户)。
首先,你需要把物体拿在手里,从中获取信息。
尝试创建一个这样的用户:
System.out.println("User");
LinkedHashMap userVariables = jwtUtil.extractAllClaims(token)
.get("user", LinkedHashMap.class);
User user = new User(
(String) userVariables.get("email"),
(String) userVariables.get("phoneNumber"),
(String) userVariables.get("ppUrl"),
(String) userVariables.get("password")
);
尝试使用extractClaim而不是extractAllClaims。像这样:
public String extractUsername(String token) {
return extractClaim(token, Claims::getSubject);
}
并创建方法extractClaim:
public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
编辑:您应该在使用setSubject:
执行Jwts构建器时添加用户。return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
.signWith(SignatureAlgorithm.HS256, secret).compact();