Java TokenProcessor令牌校验工具类
关于TokenProcessor令牌校验工具类废话不多说了,直接给大家贴代码了,一切内容就在下面一段代码中,具体代码详情如下所示:
| 代码如下 | 复制代码 |
|
publicclassTokenProcessor { privatelongprivious;// 上次生成表单标识号得时间值 privatestaticTokenProcessor instance =newTokenProcessor(); publicstaticString FORM_TOKEN_KEY ="FORM_TOKEN_KEY"; privateTokenProcessor() { } publicstaticTokenProcessor getInstance() { returninstance; } /** * 验证请求中得标识号是否有效,如果请求中的表单标识与当前用户session中的相同,返回结果true= */ publicsynchronizedbooleanisTokenValid(HttpServletRequest request) { // 为避免session对象不存在时候创建Session对象 HttpSession session = request.getSession(false); if(session ==null) { returnfalse; } String saved = (String) session.getAttribute(FORM_TOKEN_KEY); if(saved ==null) { returnfalse; } String token = (String) request.getParameter(FORM_TOKEN_KEY); if(token ==null) { returnfalse; } returnsaved.equals(token); } /** * 验证请求中得标识号是否有效,如果请求中的表单标识与当前用户session中的相同,返回结果true= */ publicsynchronizedbooleanisTokenValid(HttpServletRequest request,String token) { // 未避免session对象不存在时候创建Session对象 HttpSession session = request.getSession(false); if(session ==null) { returnfalse; } String saved = (String) session.getAttribute(FORM_TOKEN_KEY); if(saved ==null) { returnfalse; } if(token ==null) { returnfalse; } returnsaved.equals(token); } /** * 清除存储在当前用户session中的表单标识号 */ publicsynchronizedvoidreset(HttpServletRequest request) { HttpSession session = request.getSession(false); if(session ==null) { return; } session.removeAttribute(FORM_TOKEN_KEY); } /** * 产生表单标识号并将之保存在当前用户得session中 */ publicsynchronizedvoidsaveToken(HttpServletRequest request) { HttpSession session = request.getSession(); try{ byteid[] = session.getId().getBytes(); longcurrent = System.currentTimeMillis(); if(current == privious) { current++; } privious = current; bytenow[] = String.valueOf(current).getBytes(); MessageDigest md = MessageDigest.getInstance("MD5"); md.update(id); md.update(now); String token = toHex(md.digest()); session.setAttribute(FORM_TOKEN_KEY, token); }catch(NoSuchAlgorithmException e) { } } /** * 将一个字节数转换成十六进制得字符串 */ publicString toHex(bytebuffer[]) { StringBuffer sb =newStringBuffer(buffer.length *2); for(inti =0; i sb.append(Character.forDigit((buffer[i] &0x60) >>4,16)); sb.append(Character.forDigit(buffer[i] &0x0f,16)); } returnsb.toString(); } } | |
