具有HMAC保护的JSON Web令牌(JWT) - 导致版本4.23出错

时间:2016-08-12 13:29:21

标签: nimbus

我之前使用的是nimbus-jose-jwt版本3.12,而且下面的代码效果很好。但是当我更新nimbus-jose-jwt版本4.23时,我发现以下错误

java.lang.Error: Unresolved compilation problems: 
    The constructor JWTClaimsSet() is undefined
    The method setSubject(String) is undefined for the type JWTClaimsSet
    The method setIssuer(String) is undefined for the type JWTClaimsSet
    The method setExpirationTime(Date) is undefined for the type JWTClaimsSet

    at springdemo.jwt.JWTWithHMACProtection.test(JWTWithHMACProtection.java:32)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
    at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
    at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)

我不确定我需要修改哪些代码,请指导

参考代码:

@Test
    public void test() throws KeyLengthException {
        // Generate random 256-bit (32-byte) shared secret
        SecureRandom random = new SecureRandom();
        byte[] sharedSecret = new byte[32];
        random.nextBytes(sharedSecret);

        // Create HMAC signer
        JWSSigner signer = new MACSigner(sharedSecret);

        // Prepare JWT with claims set
        JWTClaimsSet claimsSet = new JWTClaimsSet();
        claimsSet.setSubject("alice");
        claimsSet.setIssuer("https://c2id.com");
        claimsSet.setExpirationTime(new Date(new Date().getTime() + 60 * 1000));

        SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);

        // Apply the HMAC protection
        signedJWT.sign(signer);

        // Serialize to compact form, produces something like
        // eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
        String s = signedJWT.serialize();

        // On the consumer side, parse the JWS and verify its HMAC
        signedJWT = SignedJWT.parse(s);

        JWSVerifier verifier = new MACVerifier(sharedSecret);

        Assert.assertTrue(signedJWT.verify(verifier));

        // Retrieve / verify the JWT claims according to the app requirements
        Assert.assertEquals("alice", signedJWT.getJWTClaimsSet().getSubject());
        Assert.assertEquals("https://c2id.com", signedJWT.getJWTClaimsSet().getIssuer());
        Assert.assertTrue(new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime()));
    }

1 个答案:

答案 0 :(得分:0)

我得到了这个问题的解决方案。只需使用以下代码即可。完成!它带有最新的代码

@Test
    public void test() throws JOSEException, ParseException {
        // Generate random 256-bit (32-byte) shared secret
        SecureRandom random = new SecureRandom();
        byte[] sharedSecret = new byte[32];
        random.nextBytes(sharedSecret);

        // Create HMAC signer
        JWSSigner signer = new MACSigner(sharedSecret);

        // Prepare JWT with claims set
        JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
                 .subject("alice")
                 .issuer("https://c2id.com")
                 .expirationTime(addOneHour(new Date()))
                 .claim("http://example.com/is_root", true)
                 .build();

        SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);

        // Apply the HMAC protection
        signedJWT.sign(signer);

        // Serialize to compact form, produces something like
        // eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
        String token = signedJWT.serialize();
        System.out.println("Token : "+token);

        // On the consumer side, parse the JWS and verify its HMAC
        signedJWT = SignedJWT.parse(token);

        JWSVerifier verifier = new MACVerifier(sharedSecret);

        Assert.assertTrue(signedJWT.verify(verifier));

        // Retrieve / verify the JWT claims according to the app requirements
        Assert.assertEquals("alice", signedJWT.getJWTClaimsSet().getSubject());
        Assert.assertEquals("https://c2id.com", signedJWT.getJWTClaimsSet().getIssuer());

        Date date1 = new Date();
        Date date2 = signedJWT.getJWTClaimsSet().getExpirationTime();

        Assert.assertTrue(date1.compareTo(date2) > 0);
    }

    private Date addOneHour(Date currentDate){
        DateTime dateTime = new DateTime(currentDate);
        Date plusOnehour = dateTime.toDate();
        return plusOnehour;
    }
相关问题
最新问题