Telegram Group & Telegram Channel
Telegram Group Β» Canada Β» Java Β» Telegram Webview Β» Post 1861
Java
πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWT

Если Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях, Ρ‚Π΅Π±Π΅ пригодится Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° ΠΎΡ‚ [Auth0](https://github.com/auth0/java-jwt) для Ρ€Π°Π±ΠΎΡ‚Ρ‹ с JWT.

πŸ“Œ Π§Ρ‚ΠΎ Ρ‚Π°ΠΊΠΎΠ΅ JWT?
JWT (JSON Web Token) β€” это стандарт, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰ΠΈΠΉ бСзопасно ΠΏΠ΅Ρ€Π΅Π΄Π°Π²Π°Ρ‚ΡŒ Π΄Π°Π½Π½Ρ‹Π΅ ΠΌΠ΅ΠΆΠ΄Ρƒ участниками ΠΊΠ°ΠΊ JSON-ΠΎΠ±ΡŠΠ΅ΠΊΡ‚Ρ‹. Он ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅Ρ‚ΡΡ для Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠΈ, Π²Π΅Ρ€ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠΈ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ ΠΈ ΠΎΠ±ΠΌΠ΅Π½Π° Π΄Π°Π½Π½Ρ‹ΠΌΠΈ Π±Π΅Π· сСссий.

🧰 Auth0 Java JWT позволяСт:
- Π“Π΅Π½Π΅Ρ€ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с кастомными claim'Π°ΠΌΠΈ
- ΠŸΠΎΠ΄ΠΏΠΈΡΡ‹Π²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ HMAC ΠΈΠ»ΠΈ RSA
- Π’Π°Π»ΠΈΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹
- ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΡ‚ΡŒ срок дСйствия (exp), Π°ΡƒΠ΄ΠΈΡ‚ΠΎΡ€ΠΈΡŽ, ΡΡƒΠ±ΡŠΠ΅ΠΊΡ‚ ΠΈ ΠΏΡ€ΠΎΡ‡Π΅Π΅

πŸ§ͺ ΠŸΡ€ΠΈΠΌΠ΅Ρ€: гСнСрация Ρ‚ΠΎΠΊΠ΅Π½Π°

Algorithm algorithm = Algorithm.HMAC256("secret");
String token = JWT.create()
    .withIssuer("auth0")
    .withClaim("userId", 123)
    .withExpiresAt(new Date(System.currentTimeMillis() + 3600_000))
    .sign(algorithm);


πŸ” ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Π½ΠΈΠ΅ Ρ‚ΠΎΠΊΠ΅Π½Π°

JWTVerifier verifier = JWT.require(algorithm)
    .withIssuer("auth0")
    .build();

DecodedJWT jwt = verifier.verify(token);
System.out.println(jwt.getClaim("userId").asInt());


πŸ›‘οΈ ΠŸΡ€Π΅ΠΈΠΌΡƒΡ‰Π΅ΡΡ‚Π²Π°:
- ΠŸΡ€ΠΎΡΡ‚ΠΎΡ‚Π° API
- Π₯ΠΎΡ€ΠΎΡˆΠ°Ρ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΈ докумСнтация
- БСзопасноС ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ ΠΈ подписями

πŸ“š Π‘Ρ‚Π°Ρ‚ΡŒΡ с ΠΏΡ€ΠΈΠΌΠ΅Ρ€Π°ΠΌΠΈ ΠΈ пояснСниями:
πŸ‘‰ https://www.blackslate.io/articles/manage-jwt-

Если Ρ‚Ρ‹ пишСшь backend Π½Π° Java ΠΈ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠ΅ΠΉ β€” эта Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° Ρ‚ΠΎΡ‡Π½ΠΎ стоит Ρ‚Π²ΠΎΠ΅Π³ΠΎ внимания.

@javatg
www.tg-me.com/ca/Java/com.javatg/1861
2.8K views



tg-me.com/javatg/1861
Create:
Last Update:

πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWT

Если Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях, Ρ‚Π΅Π±Π΅ пригодится Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° ΠΎΡ‚ [Auth0](https://github.com/auth0/java-jwt) для Ρ€Π°Π±ΠΎΡ‚Ρ‹ с JWT.

πŸ“Œ Π§Ρ‚ΠΎ Ρ‚Π°ΠΊΠΎΠ΅ JWT?
JWT (JSON Web Token) β€” это стандарт, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰ΠΈΠΉ бСзопасно ΠΏΠ΅Ρ€Π΅Π΄Π°Π²Π°Ρ‚ΡŒ Π΄Π°Π½Π½Ρ‹Π΅ ΠΌΠ΅ΠΆΠ΄Ρƒ участниками ΠΊΠ°ΠΊ JSON-ΠΎΠ±ΡŠΠ΅ΠΊΡ‚Ρ‹. Он ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅Ρ‚ΡΡ для Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠΈ, Π²Π΅Ρ€ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠΈ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ ΠΈ ΠΎΠ±ΠΌΠ΅Π½Π° Π΄Π°Π½Π½Ρ‹ΠΌΠΈ Π±Π΅Π· сСссий.

🧰 Auth0 Java JWT позволяСт:
- Π“Π΅Π½Π΅Ρ€ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с кастомными claim'Π°ΠΌΠΈ
- ΠŸΠΎΠ΄ΠΏΠΈΡΡ‹Π²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ HMAC ΠΈΠ»ΠΈ RSA
- Π’Π°Π»ΠΈΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹
- ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΡ‚ΡŒ срок дСйствия (exp), Π°ΡƒΠ΄ΠΈΡ‚ΠΎΡ€ΠΈΡŽ, ΡΡƒΠ±ΡŠΠ΅ΠΊΡ‚ ΠΈ ΠΏΡ€ΠΎΡ‡Π΅Π΅

πŸ§ͺ ΠŸΡ€ΠΈΠΌΠ΅Ρ€: гСнСрация Ρ‚ΠΎΠΊΠ΅Π½Π°


Algorithm algorithm = Algorithm.HMAC256("secret");
String token = JWT.create()
    .withIssuer("auth0")
    .withClaim("userId", 123)
    .withExpiresAt(new Date(System.currentTimeMillis() + 3600_000))
    .sign(algorithm);


πŸ” ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Π½ΠΈΠ΅ Ρ‚ΠΎΠΊΠ΅Π½Π°

JWTVerifier verifier = JWT.require(algorithm)
    .withIssuer("auth0")
    .build();

DecodedJWT jwt = verifier.verify(token);
System.out.println(jwt.getClaim("userId").asInt());


πŸ›‘οΈ ΠŸΡ€Π΅ΠΈΠΌΡƒΡ‰Π΅ΡΡ‚Π²Π°:
- ΠŸΡ€ΠΎΡΡ‚ΠΎΡ‚Π° API
- Π₯ΠΎΡ€ΠΎΡˆΠ°Ρ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΈ докумСнтация
- БСзопасноС ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ ΠΈ подписями

πŸ“š Π‘Ρ‚Π°Ρ‚ΡŒΡ с ΠΏΡ€ΠΈΠΌΠ΅Ρ€Π°ΠΌΠΈ ΠΈ пояснСниями:
πŸ‘‰ https://www.blackslate.io/articles/manage-jwt-

Если Ρ‚Ρ‹ пишСшь backend Π½Π° Java ΠΈ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠ΅ΠΉ β€” эта Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° Ρ‚ΠΎΡ‡Π½ΠΎ стоит Ρ‚Π²ΠΎΠ΅Π³ΠΎ внимания.

@javatg

BY Java




Share with your friend now:
tg-me.com/javatg/1861

View MORE
Open in Telegram


Java Telegram | DID YOU KNOW?

Date: |

Pinterest (PINS) Stock Sinks As Market Gains

Pinterest (PINS) closed at $71.75 in the latest trading session, marking a -0.18% move from the prior day. This change lagged the S&P 500's daily gain of 0.1%. Meanwhile, the Dow gained 0.9%, and the Nasdaq, a tech-heavy index, lost 0.59%. Heading into today, shares of the digital pinboard and shopping tool company had lost 17.41% over the past month, lagging the Computer and Technology sector's loss of 5.38% and the S&P 500's gain of 0.71% in that time. Investors will be hoping for strength from PINS as it approaches its next earnings release. The company is expected to report EPS of $0.07, up 170% from the prior-year quarter. Our most recent consensus estimate is calling for quarterly revenue of $467.87 million, up 72.05% from the year-ago period.

Telegram Gives Up On Crypto Blockchain Project

Durov said on his Telegram channel today that the two and a half year blockchain and crypto project has been put to sleep. Ironically, after leaving Russia because the government wanted his encryption keys to his social media firm, Durov’s cryptocurrency idea lost steam because of a U.S. court. β€œThe technology we created allowed for an open, free, decentralized exchange of value and ideas. TON had the potential to revolutionize how people store and transfer funds and information,” he wrote on his channel. β€œUnfortunately, a U.S. court stopped TON from happening.”

Java from ca


πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWTЕсли Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях

 Java TG
Webview: 1861
Java.Telegram Webview
Java Telegram TG Channel
Telegram Updated:
Telegram Java
FROM USA