整合Shiro

pom.xml

@@ -15,6 +15,7 @@
     <description>netstate-proc</description>
     <properties>
         <java.version>17</java.version>
+        <org.mapstruct.version>1.5.5.Final</org.mapstruct.version>
     </properties>
     <dependencies>
         <dependency>
@@ -48,6 +49,18 @@
             <version>1.11.0</version>
         </dependency>
 
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+            <version>4.4.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.mapstruct</groupId>
+            <artifactId>mapstruct</artifactId>
+            <version>${org.mapstruct.version}</version>
+        </dependency>
+
     </dependencies>
 
     <build>
@@ -64,6 +77,22 @@
                     </excludes>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.8.1</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                    <annotationProcessorPaths>
+                        <path>
+                            <groupId>org.mapstruct</groupId>
+                            <artifactId>mapstruct-processor</artifactId>
+                            <version>${org.mapstruct.version}</version>
+                        </path>
+                    </annotationProcessorPaths>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 

src/main/java/com/wuyiqi/netstateproc/config/NetStateRealm.java

@@ -1,23 +0,0 @@
-package com.wuyiqi.netstateproc.config;
-
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.realm.Realm;
-
-public class NetStateRealm implements Realm {
-    @Override
-    public String getName() {
-        return null;
-    }
-
-    @Override
-    public boolean supports(AuthenticationToken token) {
-        return false;
-    }
-
-    @Override
-    public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
-        return null;
-    }
-}

src/main/java/com/wuyiqi/netstateproc/config/shiro/JwtToken.java

@@ -0,0 +1,47 @@
+package com.wuyiqi.netstateproc.config.shiro;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTVerificationException;
+import com.auth0.jwt.interfaces.JWTVerifier;
+import com.auth0.jwt.interfaces.Payload;
+import com.wuyiqi.netstateproc.convert.JwtConvert;
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.crypto.hash.Sha256Hash;
+import org.mapstruct.factory.Mappers;
+
+import java.time.Instant;
+import java.util.List;
+
+@Data
+public class JwtToken implements AuthenticationToken {
+
+    private String token;
+
+    private String secret;
+
+    private static final JwtConvert jwtConvert = Mappers.getMapper(JwtConvert.class);
+
+    @Override
+    public String getPrincipal() {
+        return JWT.decode(token).getSubject();
+    }
+
+    @Override
+    public Payload getCredentials() throws JWTVerificationException {
+        Algorithm algorithm = Algorithm.HMAC256(Sha256Hash.toString(secret.getBytes()));
+        JWTVerifier verifier = JWT.require(algorithm).build();
+        return verifier.verify(token);
+    }
+
+    public static String generate(String subject, Long expire, List<Integer> rules, String secret) {
+        Algorithm algorithm = Algorithm.HMAC256(Sha256Hash.toString(secret.getBytes()));
+        Claims claims = new Claims(subject, Instant.now().plusSeconds(expire), Instant.now(), rules);
+        return JWT.create().withPayload(jwtConvert.conv2Map(claims)).sign(algorithm);
+    }
+
+    public record Claims(String subject, Instant expiresAt, Instant issuedAt, List<Integer> roles) {}
+
+}

src/main/java/com/wuyiqi/netstateproc/config/shiro/NetStateRealm.java

@@ -0,0 +1,22 @@
+package com.wuyiqi.netstateproc.config.shiro;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.subject.PrincipalCollection;
+
+public class NetStateRealm extends AuthorizingRealm {
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        return null;
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+        return null;
+    }
+}

src/main/java/com/wuyiqi/netstateproc/config/shiro/ShiroConfig.java

@@ -1,4 +1,4 @@
-package com.wuyiqi.netstateproc.config;
+package com.wuyiqi.netstateproc.config.shiro;
 
 import org.apache.catalina.Realm;
 import org.apache.shiro.spring.config.ShiroAnnotationProcessorConfiguration;

src/main/java/com/wuyiqi/netstateproc/convert/JwtConvert.java

@@ -0,0 +1,11 @@
+package com.wuyiqi.netstateproc.convert;
+
+import com.wuyiqi.netstateproc.config.shiro.JwtToken;
+import org.mapstruct.Mapper;
+
+import java.util.Map;
+
+@Mapper
+public interface JwtConvert {
+    Map<String, Object> conv2Map(JwtToken.Claims claims);
+}