Akka-CQRS（15）- Http标准安全解决方案：OAuth2+JWT - Scala

TOP

Akka-CQRS（15）- Http标准安全解决方案：OAuth2+JWT(二)

2019-08-15 00:10:43 【大中小】浏览:148次

HS256 or HmacSHA256) * @throws JwtNonSupportedAlgorithm in case the string doesn't match any known algorithm */ def fromString(algo: String): JwtAlgorithm = algo match { case "HMD5" => HMD5 case "HS224" => HS224 case "HS256" => HS256 case "HS384" => HS384 case "HS512" => HS512 case "RS256" => RS256 case "RS384" => RS384 case "RS512" => RS512 case "ES256" => ES256 case "ES384" => ES384 case "ES512" => ES512 case _ => throw new JwtNonSupportedAlgorithm(algo) // Missing PS256 PS384 PS512 }

key可以是任意字符串。

JWT decode 代码如下：

  /** Will try to decode a JSON Web Token to raw strings using a HMAC algorithm
    *
    * @return if successful, a tuple of 3 strings, the header, the claim and the signature
    * @param token $token
    * @param key $key
    * @param algorithms $algos
    */
  def decodeRawAll(token: String, key: String, algorithms: Seq[JwtHmacAlgorithm], options: JwtOptions): Try[(String, String, String)] = Try {
    val (header64, header, claim64, claim, signature) = splitToken(token)
    validate(header64, parseHeader(header), claim64, parseClaim(claim), signature, key, algorithms, options)
    (header, claim, signature)
  }

  def decodeRawAll(token: String, key: String, algorithms: Seq[JwtHmacAlgorithm]): Try[(String, String, String)] =
    decodeRawAll(token, key, algorithms, JwtOptions.DEFAULT)

另外，验证JWT方法如下：

  /** An alias for `isValid` if you want to directly pass a string as the key for HMAC algorithms
    *
    * @return a boolean value indicating if the token is valid or not
    * @param token $token
    * @param key $key
    * @param algorithms $algos
    */
  def isValid(token: String, key: String, algorithms: Seq[JwtHmacAlgorithm], options: JwtOptions): Boolean =
    try {
      validate(token, key, algorithms, options)
      true
    } catch {
      case _ : Throwable => false
    }

  def isValid(token: String, key: String, algorithms: Seq[JwtHmacAlgorithm]): Boolean = isValid(token, key, algorithms, JwtOptions.DEFAULT)

下面是一段示范代码：

import pdi.jwt._
import org.json4s._
import org.json4s.jackson.JsonMethods._

object JwtDemo extends App{

  import scala.util._

  var clms = JwtClaim() ++ ("shopid" -> "1101") ++ ("userid" -> "102") ++ ("vchnum" -> 23)
  val token = Jwt.encode(clms,"OpenSesame", JwtAlgorithm.HS256)
  println(token)
  println(Jwt.isValid(token,"OpenSesame",Seq(JwtAlgorithm.HS256)))
  val claims = Jwt.decodeRawAll(token,"OpenSesame",Seq(JwtAlgorithm.HS256))
  println(claims)

  claims match {
    case Success(json) => println(((parse(json._2).asInstanceOf[JObject]) \ "shopid").values)
    case Failure(err) => println(s"Error: ${err.getMessage}")
  }

}

现在我们把上次的OAuth2示范代码改改，用JWT替换access_token：

import akka.actor._
import akka.stream._
import akka.http.scaladsl.Http
import akka.http.scaladsl.server.Directives._
import akka.http.scaladsl.server.directives.Credentials
import pdi.jwt._
import org.json4s._
import org.json4s.jackson.JsonMethods._
import scala.util._

//import akka.http.scaladsl.marshallers.sprayjson._
//import spray.json._

object JsonMarshaller { // extends  SprayJsonS

首页上一页 1 2 3 4 5 下一页尾页 2/5/5
【大中小】【打印】【繁体】【投稿】【收藏】【推荐】【举报】【评论】【关闭】【返回顶部】

上一篇：Spark家族：Win10系统下搭建Scala..	下一篇：Akka-CQRS（14）- Http标准安全解..