From 49818978b2c3d3991dbecc7da802bf9d6f241e3f Mon Sep 17 00:00:00 2001 From: Looly Date: Wed, 22 Oct 2025 00:41:33 +0800 Subject: [PATCH] fix test --- .../main/java/cn/hutool/v7/json/jwt/JWT.java | 9 +++- .../java/cn/hutool/v7/json/jwt/JWTUtil.java | 2 +- .../hutool/v7/json/jwt/IssueI6IS5BTest.java | 4 +- .../hutool/v7/json/jwt/JWTValidatorTest.java | 42 +++++++++---------- 4 files changed, 32 insertions(+), 25 deletions(-) diff --git a/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWT.java b/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWT.java index da31ecb6e..013f613b7 100644 --- a/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWT.java +++ b/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWT.java @@ -136,7 +136,7 @@ public class JWT implements RegisteredPayload { * @return this */ public JWT setKey(final byte[] key) { - return setSigner(getAlgorithm(), key); + return setSigner(StrUtil.defaultIfNull(getAlgorithm(), "HS256"), key); } /** @@ -182,6 +182,13 @@ public class JWT implements RegisteredPayload { */ public JWT setSigner(final JWTSigner signer) { this.signer = signer; + + // 检查头信息中是否有算法信息 + final String algorithm = (String) this.header.getClaim(JWTHeader.ALGORITHM); + if (StrUtil.isBlank(algorithm)) { + this.header.setAlgorithm(AlgorithmUtil.getId(signer.getAlgorithm())); + } + return this; } diff --git a/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWTUtil.java b/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWTUtil.java index 08687e92b..ab1c7d109 100644 --- a/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWTUtil.java +++ b/hutool-json/src/main/java/cn/hutool/v7/json/jwt/JWTUtil.java @@ -34,7 +34,7 @@ public class JWTUtil { * @return JWT Token */ public static String createToken(final Map payload, final byte[] key) { - return createToken(MapUtil.of(JWTHeader.TYPE, "JWT"), payload, key); + return createToken(MapUtil.ofKvs(false,JWTHeader.TYPE, "JWT", JWTHeader.ALGORITHM, "HS256"), payload, key); } /** diff --git a/hutool-json/src/test/java/cn/hutool/v7/json/jwt/IssueI6IS5BTest.java b/hutool-json/src/test/java/cn/hutool/v7/json/jwt/IssueI6IS5BTest.java index 05c3b37dd..a60789437 100644 --- a/hutool-json/src/test/java/cn/hutool/v7/json/jwt/IssueI6IS5BTest.java +++ b/hutool-json/src/test/java/cn/hutool/v7/json/jwt/IssueI6IS5BTest.java @@ -44,7 +44,7 @@ public class IssueI6IS5BTest { final JSONObject payloadsData = JSONUtil.parseObj(jwtToken, JSONConfig.of().setDateFormat(DateFormatManager.FORMAT_SECONDS)); final String token = JWTUtil.createToken(payloadsData, "123".getBytes(StandardCharsets.UTF_8)); - Assertions.assertEquals("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2Nzc3NzI4MDB9.SXU_mm1wT5lNoK-Dq5Y8f3BItv_44zuAlyeWLqajpXg", token); + Assertions.assertEquals("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2Nzc3NzI4MDB9.W88PB2ovAqCXV4QdbeKbdFW-P057xOTXEosD8hbOa9U", token); final JSONObject payloads = JWTUtil.parseToken(token).getPayloads(); Assertions.assertEquals("{\"iat\":1677772800}", payloads.toString()); final JwtToken o = payloads.toBean(JwtToken.class); @@ -65,7 +65,7 @@ public class IssueI6IS5BTest { final JSONObject payloadsData = JSONUtil.parseObj(jwtToken, JSONConfig.of().setDateFormat(DateFormatManager.FORMAT_SECONDS)); final String token = JWTUtil.createToken(payloadsData, "123".getBytes(StandardCharsets.UTF_8)); - Assertions.assertEquals("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2Nzc3NzI4MDB9.SXU_mm1wT5lNoK-Dq5Y8f3BItv_44zuAlyeWLqajpXg", token); + Assertions.assertEquals("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2Nzc3NzI4MDB9.W88PB2ovAqCXV4QdbeKbdFW-P057xOTXEosD8hbOa9U", token); final JSONObject payloads = JWTUtil.parseToken(token).getPayloads(); Assertions.assertEquals("{\"iat\":1677772800}", payloads.toString()); final JwtToken2 o = payloads.toBean(JwtToken2.class); diff --git a/hutool-json/src/test/java/cn/hutool/v7/json/jwt/JWTValidatorTest.java b/hutool-json/src/test/java/cn/hutool/v7/json/jwt/JWTValidatorTest.java index 2f66c4ce0..26fbfeabe 100644 --- a/hutool-json/src/test/java/cn/hutool/v7/json/jwt/JWTValidatorTest.java +++ b/hutool-json/src/test/java/cn/hutool/v7/json/jwt/JWTValidatorTest.java @@ -27,16 +27,16 @@ import java.util.Date; public class JWTValidatorTest { @Test - public void expiredAtTest(){ - Assertions.assertThrows(ValidateException.class, ()->{ + public void expiredAtTest() { + Assertions.assertThrows(ValidateException.class, () -> { final String token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0Nzc1OTJ9.isvT0Pqx0yjnZk53mUFSeYFJLDs-Ls9IsNAm86gIdZo"; JWTValidator.of(token).validateDate(DateUtil.now()); }); } @Test - public void issueAtTest(){ - Assertions.assertThrows(ValidateException.class, ()->{ + public void issueAtTest() { + Assertions.assertThrows(ValidateException.class, () -> { final String token = JWT.of() .setIssuedAt(DateUtil.now()) .setKey("123456".getBytes()) @@ -48,19 +48,19 @@ public class JWTValidatorTest { } @Test - public void issueAtPassTest(){ + public void issueAtPassTest() { final String token = JWT.of() - .setIssuedAt(DateUtil.now()) - .setKey("123456".getBytes()) - .sign(); + .setIssuedAt(DateUtil.now()) + .setKey("123456".getBytes()) + .sign(); // 签发时间早于被检查的时间 JWTValidator.of(token).validateDate(DateUtil.now()); } @Test - public void notBeforeTest(){ - Assertions.assertThrows(ValidateException.class, ()->{ + public void notBeforeTest() { + Assertions.assertThrows(ValidateException.class, () -> { final JWT jwt = JWT.of() .setNotBefore(DateUtil.now()); @@ -69,25 +69,25 @@ public class JWTValidatorTest { } @Test - public void notBeforePassTest(){ + public void notBeforePassTest() { final JWT jwt = JWT.of() - .setNotBefore(DateUtil.now()); + .setNotBefore(DateUtil.now()); JWTValidator.of(jwt).validateDate(DateUtil.now()); } @Test - public void validateAlgorithmTest(){ + public void validateAlgorithmTest() { final String token = JWT.of() - .setNotBefore(DateUtil.now()) - .setKey("123456".getBytes()) - .sign(); + .setNotBefore(DateUtil.now()) + .setKey("123456".getBytes()) + .sign(); // 验证算法 JWTValidator.of(token).validateAlgorithm(JWTSignerUtil.hs256("123456".getBytes())); } @Test - public void validateTest(){ + public void validateTest() { final String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJNb0xpIiwiZXhwIjoxNjI0OTU4MDk0NTI4LCJpYXQiOjE2MjQ5NTgwMzQ1MjAsInVzZXIiOiJ1c2VyIn0.L0uB38p9sZrivbmP0VlDe--j_11YUXTu3TfHhfQhRKc"; final byte[] key = "1234567890".getBytes(); final boolean validate = JWT.of(token).setKey(key).validate(0); @@ -95,8 +95,8 @@ public class JWTValidatorTest { } @Test - public void validateDateTest(){ - Assertions.assertThrows(ValidateException.class, ()->{ + public void validateDateTest() { + Assertions.assertThrows(ValidateException.class, () -> { final JWT jwt = JWT.of() .setPayload("id", 123) .setPayload("username", "hutool") @@ -107,7 +107,7 @@ public class JWTValidatorTest { } @Test - public void issue2329Test(){ + public void issue2329Test() { final long now = System.currentTimeMillis(); final Date nowTime = new Date(now); final long expired = 3 * 1000L; @@ -115,7 +115,7 @@ public class JWTValidatorTest { // 使用这种方式生成token final String token = JWT.of().setPayload("sub", "blue-light").setIssuedAt(nowTime).setNotBefore(expiredTime) - .setExpiresAt(expiredTime).setKey("123456".getBytes()).sign(); + .setExpiresAt(expiredTime).setKey("123456".getBytes()).sign(); // 使用这种方式验证token JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now - 4000), 10);