refactor: 生成 Token 时添加 username

Author: cadecode

simple-application/src/test/java/top/cadecode/common/util/TokenUtilTest.java

@@ -24,7 +24,7 @@ public class TokenUtilTest {
 
     @Test
     public void generateToken() {
-        String token = tokenUtil.generateToken(1, Collections.singletonList("user"));
+        String token = tokenUtil.generateToken(1, "user", Collections.singletonList("user"));
         log.info("token: {}", token);
         JWTClaimsSet set = tokenUtil.verifyToken(token);
         log.info("set: {}", set);

simple-common/src/main/java/top/cadecode/common/util/TokenUtil.java

@@ -14,6 +14,7 @@
 import top.cadecode.common.core.exception.CommonException;
 import top.cadecode.common.enums.FrameErrorEnum;
 
+import java.text.ParseException;
 import java.util.Date;
 import java.util.List;
 
@@ -33,19 +34,24 @@ public class TokenUtil {
     private Long refreshExpiration;
     private String secret;
 
+    private static final String ID_KEY = "id";
+    private static final String NAME_KEY = "name";
+    private static final String ROLES_KEY = "roles";
+
     /**
      * 生成 token
      *
      * @param id    用户 ID
      * @param roles 角色
      * @return token 字符串
      */
-    public String generateToken(long id, List<String> roles) {
+    public String generateToken(long id, String name, List<String> roles) {
         long expiredTime = System.currentTimeMillis() + expiration * 1000;
         JWSHeader jwsHeader = new JWSHeader(JWSAlgorithm.HS256);
         JWTClaimsSet jwtClaimsSet = new JWTClaimsSet.Builder()
-                .claim("id", id).
-                claim("roles", roles)
+                .claim(ID_KEY, id)
+                .claim(NAME_KEY, name)
+                .claim(ROLES_KEY, roles)
                 .expirationTime(new Date(expiredTime)).build();
         SignedJWT signedJWT = new SignedJWT(jwsHeader, jwtClaimsSet);
         try {
@@ -71,10 +77,41 @@ public JWTClaimsSet verifyToken(String token) {
                 return signedJWT.getJWTClaimsSet();
             }
             return null;
-        } catch (CommonException e) {
-            throw e;
         } catch (Exception e) {
             throw CommonException.of(FrameErrorEnum.JWT_VERIFY_ERROR).suppressed(e);
         }
     }
+
+    /**
+     * 从 claimsSet 获取 id
+     *
+     * @param claimsSet claims
+     * @return id
+     * @throws ParseException 转换异常
+     */
+    public long getIdFromClaims(JWTClaimsSet claimsSet) throws ParseException {
+        return claimsSet.getLongClaim(ID_KEY);
+    }
+
+    /**
+     * 从 claimsSet 获取 name
+     *
+     * @param claimsSet claims
+     * @return name
+     * @throws ParseException 转换异常
+     */
+    public String getNameFromClaims(JWTClaimsSet claimsSet) throws ParseException {
+        return claimsSet.getStringClaim(NAME_KEY);
+    }
+
+    /**
+     * 从 claimsSet 获取 roles
+     *
+     * @param claimsSet claims
+     * @return roles
+     * @throws ParseException 转换异常
+     */
+    public List<String> getRolesFromClaims(JWTClaimsSet claimsSet) throws ParseException {
+        return claimsSet.getStringListClaim(ROLES_KEY);
+    }
 }

simple-framework/src/main/java/top/cadecode/framework/security/LoginSuccessHandler.java

@@ -36,21 +36,22 @@ public class LoginSuccessHandler implements AuthenticationSuccessHandler {
 
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
-                                        Authentication authentication)  {
+                                        Authentication authentication) {
         // 从认证信息中获取用户对象
         SecurityUser securityUser = (SecurityUser) authentication.getPrincipal();
         // 创建用户 VO，并设置属性
         SecurityUserVo securityUserVo = new SecurityUserVo();
         BeanUtils.copyProperties(securityUser, securityUserVo);
-        // 获取用户名和角色
+        // 获取 ID，用户名和角色
         Long id = securityUser.getId();
+        String username = securityUser.getUsername();
         List<String> roles = securityUser.getAuthorities().stream()
                 .map(GrantedAuthority::getAuthority)
                 .collect(Collectors.toList());
         // 为用户 VO 设置角色
         securityUserVo.setRoles(roles);
         // 为用户 VO 设置 JWT Token
-        securityUserVo.setToken(tokenUtil.generateToken(id, roles));
+        securityUserVo.setToken(tokenUtil.generateToken(id, username, roles));
         // 为用户 VO 设置刷新 Token
         String refreshToken = UUID.randomUUID().toString();
         securityUserVo.setRefreshToken(refreshToken);