Telegram Group & Telegram Channel
Telegram Group Β» Netherlands Β» Java Β» Telegram Webview Β» Post 1861
Java
πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWT

Если Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях, Ρ‚Π΅Π±Π΅ пригодится Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° ΠΎΡ‚ [Auth0](https://github.com/auth0/java-jwt) для Ρ€Π°Π±ΠΎΡ‚Ρ‹ с JWT.

πŸ“Œ Π§Ρ‚ΠΎ Ρ‚Π°ΠΊΠΎΠ΅ JWT?
JWT (JSON Web Token) β€” это стандарт, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰ΠΈΠΉ бСзопасно ΠΏΠ΅Ρ€Π΅Π΄Π°Π²Π°Ρ‚ΡŒ Π΄Π°Π½Π½Ρ‹Π΅ ΠΌΠ΅ΠΆΠ΄Ρƒ участниками ΠΊΠ°ΠΊ JSON-ΠΎΠ±ΡŠΠ΅ΠΊΡ‚Ρ‹. Он ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅Ρ‚ΡΡ для Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠΈ, Π²Π΅Ρ€ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠΈ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ ΠΈ ΠΎΠ±ΠΌΠ΅Π½Π° Π΄Π°Π½Π½Ρ‹ΠΌΠΈ Π±Π΅Π· сСссий.

🧰 Auth0 Java JWT позволяСт:
- Π“Π΅Π½Π΅Ρ€ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с кастомными claim'Π°ΠΌΠΈ
- ΠŸΠΎΠ΄ΠΏΠΈΡΡ‹Π²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ HMAC ΠΈΠ»ΠΈ RSA
- Π’Π°Π»ΠΈΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹
- ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΡ‚ΡŒ срок дСйствия (exp), Π°ΡƒΠ΄ΠΈΡ‚ΠΎΡ€ΠΈΡŽ, ΡΡƒΠ±ΡŠΠ΅ΠΊΡ‚ ΠΈ ΠΏΡ€ΠΎΡ‡Π΅Π΅

πŸ§ͺ ΠŸΡ€ΠΈΠΌΠ΅Ρ€: гСнСрация Ρ‚ΠΎΠΊΠ΅Π½Π°

Algorithm algorithm = Algorithm.HMAC256("secret");
String token = JWT.create()
    .withIssuer("auth0")
    .withClaim("userId", 123)
    .withExpiresAt(new Date(System.currentTimeMillis() + 3600_000))
    .sign(algorithm);


πŸ” ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Π½ΠΈΠ΅ Ρ‚ΠΎΠΊΠ΅Π½Π°

JWTVerifier verifier = JWT.require(algorithm)
    .withIssuer("auth0")
    .build();

DecodedJWT jwt = verifier.verify(token);
System.out.println(jwt.getClaim("userId").asInt());


πŸ›‘οΈ ΠŸΡ€Π΅ΠΈΠΌΡƒΡ‰Π΅ΡΡ‚Π²Π°:
- ΠŸΡ€ΠΎΡΡ‚ΠΎΡ‚Π° API
- Π₯ΠΎΡ€ΠΎΡˆΠ°Ρ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΈ докумСнтация
- БСзопасноС ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ ΠΈ подписями

πŸ“š Π‘Ρ‚Π°Ρ‚ΡŒΡ с ΠΏΡ€ΠΈΠΌΠ΅Ρ€Π°ΠΌΠΈ ΠΈ пояснСниями:
πŸ‘‰ https://www.blackslate.io/articles/manage-jwt-

Если Ρ‚Ρ‹ пишСшь backend Π½Π° Java ΠΈ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠ΅ΠΉ β€” эта Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° Ρ‚ΠΎΡ‡Π½ΠΎ стоит Ρ‚Π²ΠΎΠ΅Π³ΠΎ внимания.

@javatg
www.tg-me.com/nl/Java/com.javatg/1861
2.8K views



tg-me.com/javatg/1861
Create:
Last Update:

πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWT

Если Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях, Ρ‚Π΅Π±Π΅ пригодится Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° ΠΎΡ‚ [Auth0](https://github.com/auth0/java-jwt) для Ρ€Π°Π±ΠΎΡ‚Ρ‹ с JWT.

πŸ“Œ Π§Ρ‚ΠΎ Ρ‚Π°ΠΊΠΎΠ΅ JWT?
JWT (JSON Web Token) β€” это стандарт, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰ΠΈΠΉ бСзопасно ΠΏΠ΅Ρ€Π΅Π΄Π°Π²Π°Ρ‚ΡŒ Π΄Π°Π½Π½Ρ‹Π΅ ΠΌΠ΅ΠΆΠ΄Ρƒ участниками ΠΊΠ°ΠΊ JSON-ΠΎΠ±ΡŠΠ΅ΠΊΡ‚Ρ‹. Он ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅Ρ‚ΡΡ для Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠΈ, Π²Π΅Ρ€ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠΈ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ ΠΈ ΠΎΠ±ΠΌΠ΅Π½Π° Π΄Π°Π½Π½Ρ‹ΠΌΠΈ Π±Π΅Π· сСссий.

🧰 Auth0 Java JWT позволяСт:
- Π“Π΅Π½Π΅Ρ€ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с кастомными claim'Π°ΠΌΠΈ
- ΠŸΠΎΠ΄ΠΏΠΈΡΡ‹Π²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ HMAC ΠΈΠ»ΠΈ RSA
- Π’Π°Π»ΠΈΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠΊΠ΅Π½Ρ‹
- ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΡ‚ΡŒ срок дСйствия (exp), Π°ΡƒΠ΄ΠΈΡ‚ΠΎΡ€ΠΈΡŽ, ΡΡƒΠ±ΡŠΠ΅ΠΊΡ‚ ΠΈ ΠΏΡ€ΠΎΡ‡Π΅Π΅

πŸ§ͺ ΠŸΡ€ΠΈΠΌΠ΅Ρ€: гСнСрация Ρ‚ΠΎΠΊΠ΅Π½Π°


Algorithm algorithm = Algorithm.HMAC256("secret");
String token = JWT.create()
    .withIssuer("auth0")
    .withClaim("userId", 123)
    .withExpiresAt(new Date(System.currentTimeMillis() + 3600_000))
    .sign(algorithm);


πŸ” ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΈ Π΄Π΅ΠΊΠΎΠ΄ΠΈΡ€ΠΎΠ²Π°Π½ΠΈΠ΅ Ρ‚ΠΎΠΊΠ΅Π½Π°

JWTVerifier verifier = JWT.require(algorithm)
    .withIssuer("auth0")
    .build();

DecodedJWT jwt = verifier.verify(token);
System.out.println(jwt.getClaim("userId").asInt());


πŸ›‘οΈ ΠŸΡ€Π΅ΠΈΠΌΡƒΡ‰Π΅ΡΡ‚Π²Π°:
- ΠŸΡ€ΠΎΡΡ‚ΠΎΡ‚Π° API
- Π₯ΠΎΡ€ΠΎΡˆΠ°Ρ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΈ докумСнтация
- БСзопасноС ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ ΠΈ подписями

πŸ“š Π‘Ρ‚Π°Ρ‚ΡŒΡ с ΠΏΡ€ΠΈΠΌΠ΅Ρ€Π°ΠΌΠΈ ΠΈ пояснСниями:
πŸ‘‰ https://www.blackslate.io/articles/manage-jwt-

Если Ρ‚Ρ‹ пишСшь backend Π½Π° Java ΠΈ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°Π²Ρ‚ΠΎΡ€ΠΈΠ·Π°Ρ†ΠΈΠ΅ΠΉ β€” эта Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° Ρ‚ΠΎΡ‡Π½ΠΎ стоит Ρ‚Π²ΠΎΠ΅Π³ΠΎ внимания.

@javatg

BY Java




Share with your friend now:
tg-me.com/javatg/1861

View MORE
Open in Telegram


Java Telegram | DID YOU KNOW?

Date: |

Pinterest (PINS) Stock Sinks As Market Gains

Pinterest (PINS) closed at $71.75 in the latest trading session, marking a -0.18% move from the prior day. This change lagged the S&P 500's daily gain of 0.1%. Meanwhile, the Dow gained 0.9%, and the Nasdaq, a tech-heavy index, lost 0.59%. Heading into today, shares of the digital pinboard and shopping tool company had lost 17.41% over the past month, lagging the Computer and Technology sector's loss of 5.38% and the S&P 500's gain of 0.71% in that time. Investors will be hoping for strength from PINS as it approaches its next earnings release. The company is expected to report EPS of $0.07, up 170% from the prior-year quarter. Our most recent consensus estimate is calling for quarterly revenue of $467.87 million, up 72.05% from the year-ago period.

Telegram is riding high, adding tens of million of users this year. Now the bill is coming due.Telegram is one of the few significant social-media challengers to Facebook Inc., FB -1.90% on a trajectory toward one billion users active each month by the end of 2022, up from roughly 550 million today.

Java from nl


πŸ” Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ JWT-Ρ‚ΠΎΠΊΠ΅Π½Π°ΠΌΠΈ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ Auth0 Java JWTЕсли Ρ‚Ρ‹ Ρ€Π°Π±ΠΎΡ‚Π°Π΅ΡˆΡŒ с Π°ΡƒΡ‚Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒΡŽ Π² Java-прилоТСниях

 Java TG
Webview: 1861
Java.Telegram Webview
Java Telegram TG Channel
Telegram Updated:
Telegram Java
FROM USA