개발/Security

[SpringBoot] Security + JWT(Access , Refresh) - JwtTokenUtil

코딩하는 흰둥이 2024. 9. 25. 16:22

이전글

https://greed-yb.tistory.com/288

 

[SpringBoot] Security + JWT(Access , Refresh) - SecurityConfig

권한에 따른 인증/인가 방식은 이전글을 참고하길 바란다https://greed-yb.tistory.com/223 [SpringBoot] Security 로그인 인증, 인가(1) - 환경설정Java 17MavenSpring Boot 3.0.3Spring Security 6.0.2Oracle 11gMybatisIntelliJ Ultima

greed-yb.tistory.com

 

 

util.class
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.springframework.stereotype.Component;

import java.util.Date;

@Component
public class JwtTokenUtil {

    private static final String SECRET_KEY = "jwttoken_secret_key";
    private static final String REFRESH_SECRET_KEY = "jwttoken_refresh_secret_key";
    private static final long ACCESS_TOKEN_EXPIRATION = 60 * 60 * 1000; // 60분
    private static final long REFRESH_TOKEN_EXPIRATION = 7 * 24 * 60 * 60 * 1000; // 7일

//    private static final long ACCESS_TOKEN_EXPIRATION = 1 * 60 * 1000; // 1분
//    private static final long REFRESH_TOKEN_EXPIRATION = 5 * 60 * 1000; // 5분


    // Access Token 생성
    public String generateAccessToken(String username) {
        return JWT.create()
                .withSubject(username)
                .withExpiresAt(new Date(System.currentTimeMillis() + ACCESS_TOKEN_EXPIRATION))
                .sign(Algorithm.HMAC512(SECRET_KEY.getBytes()));
    }

    // Refresh Token 생성
    public String generateRefreshToken(String username) {
        return JWT.create()
                .withSubject(username)
                .withExpiresAt(new Date(System.currentTimeMillis() + REFRESH_TOKEN_EXPIRATION))
                .sign(Algorithm.HMAC512(REFRESH_SECRET_KEY.getBytes()));
    }

    // 검증 된 Access Token 에서 username 추출
    public String getUsernameFromAccessToken(String token) {
        DecodedJWT jwt = JWT.require(Algorithm.HMAC512(SECRET_KEY.getBytes()))
                .build()
                .verify(token);
        return jwt.getSubject();
    }

    // 검증 된 Refresh Token 에서 username 추출
    public String getUsernameFromRefreshToken(String token) {
        DecodedJWT jwt = JWT.require(Algorithm.HMAC512(REFRESH_SECRET_KEY.getBytes()))
                .build()
                .verify(token);
        return jwt.getSubject();
    }

    // 유효한 Access Token 인지 검증
    public boolean validateAccessToken(String token) {
        try {
            JWT.require(Algorithm.HMAC512(SECRET_KEY.getBytes()))
                    .build()
                    .verify(token);
            return true;
        } catch (Exception e) {
            return false;
        }
    }
    // 유효한 Refresh Token 인지 검증
    public boolean validateRefreshToken(String token) {
        try {
            JWT.require(Algorithm.HMAC512(REFRESH_SECRET_KEY.getBytes()))
                    .build()
                    .verify(token);
            return true;
        } catch (Exception e) {
            return false;
        }
    }
}
저작자표시 (새창열림)