现在我正在使用此代码生成JWT令牌,并在我的项目中设置过期时间:
SecretKey secretKey = new SecretKeySpec(jwtSignKey.getBytes(), SignatureAlgorithm.HS256.getJcaName());
JwtPayload jwtPayload = new JwtPayload();
jwtPayload.setUserId(user.getId());
jwtPayload.setDeviceId(request.getDeviceId());
jwtPayload.setAppId(Long.valueOf(request.getApp().getKey()));
byte[] bytesEncoded = Base64.encodeBase64(JSON.toJSONString(jwtPayload).getBytes());
String accessToken = Jwts.builder().setPayload(new String(bytesEncoded))
.setExpiration(new Date(System.currentTimeMillis() + 30*1000))
.signWith(secretKey).compact();
但它告诉我:
Both 'payload' and 'claims' cannot both be specified. Choose either one.
那么我应该如何设置令牌的过期时间?
根据这一点,Payload必须是明文(NON-JSON(字符串。您可以尝试对该值进行base64编码,或者可能通过Jwts.claims()
创建索赔
你能详细说明你的目标是什么吗?
playload和claim应该选择其中一个,setExpiration
属于claim,所以只需像这样调整代码:
public static String generateAccessToken(String jwtSignKey, JwtPayload jwtPayload) {
SecretKey secretKey = new SecretKeySpec(jwtSignKey.getBytes(), SignatureAlgorithm.HS256.getJcaName());
ObjectMapper objectMapper = new ObjectMapper();
Map claims = objectMapper.convertValue(jwtPayload, Map.class);
String accessToken = Jwts.builder().setClaims(claims)
.setExpiration(new Date(System.currentTimeMillis() + 30 * 1000))
.signWith(secretKey).compact();
return accessToken;
}