在响应正文中发送JWT令牌Java Spring

时间:2018-08-24 07:34:49

标签: java spring-boot spring-security jwt

我在标头中发送JWT的令牌, 但客户需要在响应主体中使用它, 我怎样才能把它放在响应中:

    @Override
    protected void successfulAuthentication(
            HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult)
            throws IOException, ServletException {

User springUser = (User) authResult.getPrincipal(); String jwt = Jwts.builder() .setSubject(springUser.getUsername()) .setExpiration(new Date(System.currentTimeMillis()+SecurityConstants.EXPIRATION_TIME)) .signWith(SignatureAlgorithm.HS256, SecurityConstants.SECRET) .claim("roles",springUser.getAuthorities()) .compact(); response.addHeader(SecurityConstants.HEADER_STRING, SecurityConstants.TOKEN_PREFIX+jwt); }

我需要将令牌放入响应中

1 个答案:

答案 0 :(得分:3)

如果我对您的理解正确,那么您只需创建一个响应正文

response.setContentType("application/json");
    response.setCharacterEncoding("UTF-8");
    response.getWriter().write(
            "{\"" + SecurityConstants.HEADER_STRING + "\":\"" + SecurityConstants.TOKEN_PREFIX+jwt + "\"}"
    );

看看How do you return a JSON object from a Java Servlet