|
17 | 17 | import io.jsonwebtoken.Claims; |
18 | 18 | import io.jsonwebtoken.ExpiredJwtException; |
19 | 19 | import io.jsonwebtoken.Jwts; |
20 | | -import io.jsonwebtoken.MalformedJwtException; |
21 | | -import io.jsonwebtoken.security.Keys; |
22 | | -import lombok.extern.slf4j.Slf4j; |
23 | | -import org.springframework.beans.factory.annotation.Autowired; |
24 | | -import org.springframework.stereotype.Component; |
25 | | - |
26 | | -import javax.crypto.SecretKey; |
27 | | -import java.util.ArrayList; |
28 | | -import java.util.Date; |
29 | | -import java.util.HashMap; |
30 | | -import java.util.List; |
31 | | -import java.util.Map; |
32 | | -import java.util.Optional; |
33 | | -import java.util.stream.Collectors; |
| 20 | +import io.jsonwebtoken.MalformedJwtException; |
| 21 | +import io.jsonwebtoken.security.Keys; |
| 22 | +import jakarta.annotation.PostConstruct; |
| 23 | +import lombok.extern.slf4j.Slf4j; |
| 24 | +import org.springframework.beans.factory.annotation.Autowired; |
| 25 | +import org.springframework.stereotype.Component; |
| 26 | + |
| 27 | +import javax.crypto.SecretKey; |
| 28 | +import java.nio.charset.StandardCharsets; |
| 29 | +import java.util.ArrayList; |
| 30 | +import java.util.Date; |
| 31 | +import java.util.HashMap; |
| 32 | +import java.util.List; |
| 33 | +import java.util.Map; |
| 34 | +import java.util.stream.Collectors; |
34 | 35 |
|
35 | 36 | /** |
36 | 37 | * Jwt util |
|
39 | 40 | @Slf4j |
40 | 41 | public class JwtUtil { |
41 | 42 |
|
42 | | - @Autowired |
43 | | - private TokenBlacklistService tokenBlacklistService; |
44 | | - |
45 | | - private static final long EXPIRATION_TIME = 21600000L; // 6小时 = 6 * 60 * 60 * 1000 = 21600000 毫秒 |
46 | | - private static final String DEFAULT_SECRET = "tiny-engine-backend-secret-key-at-jwt-login"; |
47 | | - |
48 | | - // 避免启动时环境变量未加载的问题 |
49 | | - private static String getSecretString() { |
50 | | - return Optional.ofNullable(System.getenv("SECRET_STRING")) |
51 | | - .orElse(DEFAULT_SECRET); |
52 | | - } |
53 | | - |
54 | | - public static SecretKey getSecretKey() { |
55 | | - |
56 | | - return Keys.hmacShaKeyFor(getSecretString().getBytes()); |
57 | | - } |
| 43 | + @Autowired |
| 44 | + private TokenBlacklistService tokenBlacklistService; |
| 45 | + |
| 46 | + private static final long EXPIRATION_TIME = 21600000L; // 6小时 = 6 * 60 * 60 * 1000 = 21600000 毫秒 |
| 47 | + private static final String SECRET_ENV_NAME = "SECRET_STRING"; |
| 48 | + |
| 49 | + @PostConstruct |
| 50 | + public void validateSecretConfiguration() { |
| 51 | + try { |
| 52 | + getSecretKey(); |
| 53 | + } catch (Exception e) { |
| 54 | + throw new IllegalStateException( |
| 55 | + "JWT secret is not configured correctly. Set environment variable " |
| 56 | + + SECRET_ENV_NAME + " to a strong value before starting the service.", |
| 57 | + e |
| 58 | + ); |
| 59 | + } |
| 60 | + } |
| 61 | + |
| 62 | + private static String getSecretString() { |
| 63 | + String secret = System.getenv(SECRET_ENV_NAME); |
| 64 | + if (secret == null || secret.isBlank()) { |
| 65 | + throw new IllegalStateException( |
| 66 | + "Missing required environment variable " + SECRET_ENV_NAME + " for JWT signing." |
| 67 | + ); |
| 68 | + } |
| 69 | + return secret; |
| 70 | + } |
| 71 | + |
| 72 | + public static SecretKey getSecretKey() { |
| 73 | + return Keys.hmacShaKeyFor(getSecretString().getBytes(StandardCharsets.UTF_8)); |
| 74 | + } |
58 | 75 |
|
59 | 76 | /** |
60 | 77 | * 生成包含完整用户信息的 JWT Token(支持 Tenant 对象和 Map 两种格式) |
|
0 commit comments