Java TokenProcessor令牌校验工具类

publicclassTokenProcessor {

 privatelongprivious;// 上次生成表单标识号得时间值

 privatestaticTokenProcessor instance =newTokenProcessor();

 publicstaticString FORM_TOKEN_KEY ="FORM_TOKEN_KEY";

 privateTokenProcessor() {

 }

 publicstaticTokenProcessor getInstance() {

  returninstance;

 }

 /**

  * 验证请求中得标识号是否有效，如果请求中的表单标识与当前用户session中的相同，返回结果true=

  */

 publicsynchronizedbooleanisTokenValid(HttpServletRequest request) {

  // 为避免session对象不存在时候创建Session对象

  HttpSession session = request.getSession(false);

  if(session ==null) {

   returnfalse;

  }

  String saved = (String) session.getAttribute(FORM_TOKEN_KEY);

  if(saved ==null) {

   returnfalse;

  }

  String token = (String) request.getParameter(FORM_TOKEN_KEY);

  if(token ==null) {

   returnfalse;

  }

  returnsaved.equals(token);

 }

 /**

  * 验证请求中得标识号是否有效，如果请求中的表单标识与当前用户session中的相同，返回结果true=

  */

 publicsynchronizedbooleanisTokenValid(HttpServletRequest request,String token) {

  // 未避免session对象不存在时候创建Session对象

  HttpSession session = request.getSession(false);

  if(session ==null) {

   returnfalse;

  }

  String saved = (String) session.getAttribute(FORM_TOKEN_KEY);

  if(saved ==null) {

   returnfalse;

  }

  if(token ==null) {

   returnfalse;

  }

  returnsaved.equals(token);

 }

 /**

  * 清除存储在当前用户session中的表单标识号

  */

 publicsynchronizedvoidreset(HttpServletRequest request) {

  HttpSession session = request.getSession(false);

  if(session ==null) {

   return;

  }

  session.removeAttribute(FORM_TOKEN_KEY);

 }

 /**

  * 产生表单标识号并将之保存在当前用户得session中

  */

 publicsynchronizedvoidsaveToken(HttpServletRequest request) {

  HttpSession session = request.getSession();

  try{

   byteid[] = session.getId().getBytes();

   longcurrent = System.currentTimeMillis();

   if(current == privious) {

    current++;

   }

   privious = current;

   bytenow[] = String.valueOf(current).getBytes();

   MessageDigest md = MessageDigest.getInstance("MD5");

   md.update(id);

   md.update(now);

   String token = toHex(md.digest());

   session.setAttribute(FORM_TOKEN_KEY, token);

  }catch(NoSuchAlgorithmException e) {

  }

 }

 /**

  * 将一个字节数转换成十六进制得字符串

  */

 publicString toHex(bytebuffer[]) {

  StringBuffer sb =newStringBuffer(buffer.length *2);

  for(inti =0; i < buffer.length; i++) {

   sb.append(Character.forDigit((buffer[i] &0x60) >>4,16));

   sb.append(Character.forDigit(buffer[i] &0x0f,16));

  }

  returnsb.toString();

 }

}