生成公钥

1.使用命令行工具keytool生成密钥 - 更具体地说.jks文件：

# keypass和storepass保持一致
$ keytool -genkeypair -alias wcm-key -keyalg RSA -dname "CN=Goddy,OU=unknown,O=unknown,L=Beijing,S=china,C=CN" -keypass wcm520 -keystore jwt-key.jks -storepass wcm520

2.从生成的JKS中导出公钥

keytool -list -rfc --keystore jwt-key.jks | openssl x509 -inform pem -pubkey

3.把PUBLIC KEY部分复制到Resource Server 的 src/main/resources/public.txt
4.认证服务端设置

@Bean  
protected JwtAccessTokenConverter jwtTokenEnhancer() {  
    KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("jwt-key.jks"), "wcm520".toCharArray());  
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();  
    converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt-key"));  
    return converter;  
}  
  
@Bean  
public TokenStore tokenStore() {  
    return new JwtTokenStore(accessTokenConverter());  
}  

5.资源服务端设置

@Bean  
public JwtAccessTokenConverter accessTokenConverter() {  
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();  
    Resource resource = new ClassPathResource("public.txt");  
    String publicKey = null;  
    try {  
        publicKey = IOUtils.toString(resource.getInputStream());  
    } catch (final IOException e) {  
        throw new RuntimeException(e);  
    }  
    converter.setVerifierKey(publicKey);  
    return converter;  
}  
  
@Bean  
public TokenStore tokenStore() {  
    return new JwtTokenStore(accessTokenConverter());  
} 

参考资料

• csdn - Spring Security OAuth2实现使用JWT