用于Java的JWT（JSON Web Token）库 [英] JWT (JSON Web Token) library for Java

问题描述

我正在开发使用Java和AngularJS开发的Web应用程序，并选择实现令牌身份验证和授权。
出于练习目的，我已经到了将证书发送到服务器，生成随机令牌存储它并将其发送回客户端的位置。
在每次向服务器发出请求时，我都会在标头中附加令牌，它可以完美地运行。
对于身份验证的观点是完美的，不需要更多。

但是，我现在想要跟踪用户类型（admin，regular user ...），以及它的id或任何其他唯一字段;据我所知，我必须在登录操作期间将其发送回客户端的令牌中加密。这是正确的吗？

您使用过的JWT库是否可以生成，加密和解密这些令牌？
非常感谢图书馆的API和Maven依赖项的链接。

谢谢

如果有人需要答案，

我使用了这个库：http://connect2id.com/products/nimbus-jose-jwt
Maven：http://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt/2.10.1

I am working on a web application developed using Java and AngularJS and chose to implement token authentication and authorization. For the exercise purpose, I've come to the point where I send the credentials to the server, generate a random token store it and send it back to the client. At every request to the server I'm attaching the token in the header and it works perfectly. For the authentication point of view is perfect and wouldn't need more.

However, I now want to keep track of the user type (admin, regular user...), as well as it's id, or any other unique field; as I understood I have to encrypt that in the token that I'm sending back to the client during the log in action. Is that correct?

Is there any JWT library that you used and can generate, encrypt and decrypt such tokens? A link to the library's API and Maven dependency would be much appreciated.

Thanks

解决方案

If anyone in the need for an answer,

I used this library: http://connect2id.com/products/nimbus-jose-jwt Maven here: http://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt/2.10.1

这篇关于用于Java的JWT（JSON Web Token）库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！