package com.yuanchu.limslaboratory.shiro.utils;
|
|
import com.auth0.jwt.JWT;
|
import com.auth0.jwt.JWTVerifier;
|
import com.auth0.jwt.algorithms.Algorithm;
|
import com.auth0.jwt.exceptions.JWTVerificationException;
|
import org.apache.shiro.authc.AuthenticationInfo;
|
import org.apache.shiro.authc.AuthenticationToken;
|
import org.apache.shiro.authc.credential.CredentialsMatcher;
|
import org.springframework.stereotype.Component;
|
|
@Component
|
public class JwtCredentialsMatcher implements CredentialsMatcher {
|
/**
|
* JwtCredentialsMatcher只需验证JwtToken内容是否合法
|
*/
|
@Override
|
public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
|
|
String token = authenticationToken.getCredentials().toString();
|
String account = authenticationToken.getPrincipal().toString();
|
try {
|
Algorithm algorithm = Algorithm.HMAC256(JwtUtils.getSecret());
|
JWTVerifier verifier = JWT.require(algorithm).withClaim("account", account).build();
|
verifier.verify(token);
|
return true;
|
} catch (JWTVerificationException e) {
|
|
} catch (Exception e){
|
e.printStackTrace();
|
}
|
return false;
|
}
|
}
|
