我们将引入一个JWT解析库并将其添加到Gateway服务器的pom.xml文件中。有多个令牌解析器可用,但我们选择了Apache Commons Codec和 org.json 包来解析JSON体。
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</dependency>
<dependency>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
<version>20190722</version>
</dependency>
private String getUsername(HttpHeaders requestHeaders){
String username = "";
if (filterUtils.getAuthToken(requestHeaders)!=null){
String authToken = filterUtils.getAuthToken(requestHeaders)
.replace("Bearer ","");
JSONObject jsonObj = decodeJWT(authToken);
try {
username = jsonObj.getString("preferred_username");
}catch(Exception e) {
logger.debug(e.getMessage());
}
}
return username;
}
private JSONObject decodeJWT(String JWTToken) {
String[] split_string = JWTToken.split("\\.");
String base64EncodedBody = split_string[1];
Base64 base64Url = new Base64(true);
String body = new String(base64Url.decode(base64EncodedBody));
JSONObject jsonObj = new JSONObject(body);
return jsonObj;
}
tmx-correlation-id found in tracking filter: 26f2b2b7-51f0-4574-9d84-07e563577641.
The authentication name from the token is : admin