在使用拦截器是出现异常如下:
出现异常的代码如下:
拦截器配置:
拦截器实现类:
@Slf4j
public class TokenHandlerInterceptor implements HandlerInterceptor {
/* 签名key
*/
public static final String SIGNING_KEY = "spring-security-@Jwt!&Secret^#";
/**
* 持票人
*/
public static final String BEARER = "Bearer ";
/**
* 在头部标签中存放Token的key
*/
public static final String HEADER_KEY = "Authorization";
public static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
return getAuthentication(request, response);
}
private boolean getAuthentication(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
long start = System.currentTimeMillis();
String token = request.getHeader(HEADER_KEY);
if (StringUtils.isEmpty(token) || !token.startsWith(BEARER)) {
return false;
}
// parse the token.
Claims claims = Jwts.parser().setSigningKey(SIGNING_KEY).parseClaimsJws(token.replace(BEARER, "")).getBody();
// token签发时间
long issuedAt = claims.getIssuedAt().getTime();
// 当前时间
long currentTimeMillis = System.currentTimeMillis();
// token过期时间
long expirationTime = claims.getExpiration().getTime();
// 1. 签发时间 < 当前时间 < (签发时间+((token过期时间-token签发时间)/2)) 不刷新token
// 2. (签发时间+((token过期时间-token签发时间)/2)) < 当前时间 < token过期时间 刷新token并返回给前端
// 3. tokne过期时间 < 当前时间 跳转登录,重新登录获取token
// 验证token时间有效性
if ((issuedAt + ((expirationTime - issuedAt) / 2)) < currentTimeMillis && currentTimeMillis < expirationTime) {
// 重新生成token start
Calendar calendar = Calendar.getInstance();
Date now = calendar.getTime();
// 设置签发时间
calendar.setTime(new Date());
// 设置过期时间
calendar.add(Calendar.MINUTE, 5);// 5分钟
Date time = calendar.getTime();
String refreshToken = Jwts.builder()
.setSubject(claims.getSubject())
.setIssuedAt(now)//签发时间
.setExpiration(time)//过期时间
.signWith(SignatureAlgorithm.HS512, SIGNING_KEY) //采用什么算法是可以自己选择的,不一定非要采用HS512
.compact();
// 重新生成token end
// 主动刷新token,并返回给前端
response.addHeader("refreshToken", refreshToken);
}
long end = System.currentTimeMillis();
log.info("执行时间: {}", (end - start) + " 毫秒");
} catch (ExpiredJwtException e) {
// 异常捕获、发送到ExpiredJwtException
request.setAttribute("expiredJwtException", e);
// 将异常分发到ExpiredJwtException控制器
request.getRequestDispatcher("/expiredJwtException").forward(request, response);
} catch (UnsupportedJwtException e) {
// 异常捕获、发送到UnsupportedJwtException
request.setAttribute("unsupportedJwtException", e);
// 将异常分发到UnsupportedJwtException控制器
request.getRequestDispatcher("/unsupportedJwtException").forward(request, response);
} catch (MalformedJwtException e) {
// 异常捕获、发送到MalformedJwtException
request.setAttribute("malformedJwtException", e);
// 将异常分发到MalformedJwtException控制器
request.getRequestDispatcher("/malformedJwtException").forward(request, response);
} catch (IllegalArgumentException e) {
// 异常捕获、发送到IllegalArgumentException
request.setAttribute("illegalArgumentException", e);
// 将异常分发到IllegalArgumentException控制器
request.getRequestDispatcher("/illegalArgumentException").forward(request, response);
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
请各路好汉不吝指教,帮兄弟答疑解惑,谢谢了
