jwt
pluginjwt
plug-in is for the token
attribute or authorization
of the http request header to carry the attribute value for authentication judgment and judge OAuth2.0
.shenyu-plugin-jwt
.org.apache.shenyu.plugin.jwt.JwtPlugin
.<dependency> <groupId>org.apache.shenyu</groupId> <artifactId>shenyu-spring-boot-starter-plugin-jwt</artifactId> <version>${project.version}</version> </dependency>
secretKey
: The private key when using jwt
to generate token
, it is required.custom covert algorithm:custom-jwt-covert-algorithm
https://jwt.io/
in your browser and fill in the corresponding parameters.HEADER
in https://jwt.io/
PAYLOAD
in https://jwt.io/
VERIFY SIGNATURE
in https://jwt.io/
public final class JwtPluginTest { public void generateJwtCode() { final String secreteKey = "shenyu-test-shenyu-test-shenyu-test"; Map<String, String> map = new HashMap<>(); map.put("id", "1"); map.put("name", "xiaoming"); Date date = new Date(); date.setTime(1655524800000L); String token = Jwts.builder() .setIssuedAt(date) .setExpiration(new Date()) .setClaims(map) .signWith(Keys.hmacShaKeyFor(secreteKey.getBytes(StandardCharsets.UTF_8)), SignatureAlgorithm.HS256) .compact(); System.out.println(token); } }
token: eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoieGlhb21pbmciLCJpZCI6IjEifQ.LdRzGlB49alhq204chwF7pf3C0z8ZpuowPvoQdJmSRw
in your request header.Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoieGlhb21pbmciLCJpZCI6IjEifQ.LdRzGlB49alhq204chwF7pf3C0z8ZpuowPvoQdJmSRw
in your request header.{ "code": 401, "message": "Illegal authorization" }
{ "id": "123", "name": "hello world save order" }
shenyu-admin
--> BasicConfig --> Plugin --> jwt
set Status disable.