The problem of realizing JWT Refresh by integrating Shiro with SpringBoot

SpringBoot integrates Shiro to realize JWT refresh. In which class should refresh token be implemented and how to return a new token (how to get a new token in Controller) to the user when the request is returned?

currently my code is like this: do JWT verification in the login authentication of Realm, but I don"t know how to write it when I judge that the JWT has expired but can still be refreshed. Should I throw an exception to the custom ShiroFilter and redirect a new request or something? Ask the great god for an answer, thank you! 

public class MyRealm extends AuthorizingRealm{

    private Logger LOGGER = LoggerFactory.getLogger(this.getClass());
    
    @Resource
    private UserBiz userBiz;
    
    /**
     * Shiro
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JWTToken;
    }

    
    /**
     * 
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        String token = principals.getPrimaryPrincipal().toString();
        LOGGER.info("Realm:"+token);
        String username = JWTUtil.getUsername(token);
        System.out.println("Realmusername:"+username);
        User user = userBiz.findByName(username);
        
        List<Role> roles = userBiz.selectRoleByUser(user);
        for(Role role : roles){
            simpleAuthorizationInfo.addRole(role.getName());
            List<Permission> permissions = userBiz.selectPermissionByRole(role);
            for(Permission per : permissions){
                simpleAuthorizationInfo.addStringPermission(per.getName());
            }
        }
        
        return simpleAuthorizationInfo;
    }


    /**
     * 
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws TokenExpiredException,AuthenticationException {
        String token = auth.getPrincipal().toString();
        LOGGER.info("Realm:"+token);
        String username = JWTUtil.getUsername(token);
        if(username == null){
            LOGGER.info("tokenusername");
            return null;
        }
        
        User user = userBiz.findByName(username);
        if(user == null){
            return null;
        }
        
        try {
            JWTUtil.verify(token, username, user.getPassword());
        } catch (TokenExpiredException e) {
            //,token,
            LOGGER.info("token");
            if(JWTUtil.verifySignDate(token)){
                LOGGER.info("token,token");
                //token
                return null;
            }
        } catch (Exception e) {
            LOGGER.info("");
            return null;
        }
        
        return new SimpleAuthenticationInfo(token, token, "my_realm");

    }
}
Springboot shiro jwt
Sep.16,2021

Previous: How to check whether an application is installed in ios in H5

Next: How many numbers are extracted from a string of numbers?

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu