From 51c29c89c3ceedbdf3b6e3300ed32ca14ebab069 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=99=88=E6=B2=85?= <907037276@qq.com> Date: Mon, 26 Jun 2023 11:50:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=99=BA=E4=BA=91=E5=B9=B3=E5=8F=B0=E5=8D=95?= =?UTF-8?q?=E7=82=B9=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/security/AuthenticationFilter.java | 5 +- .../config/security/TokenProvider.java | 62 ++++++++++++++++++- .../controller/UserController.java | 49 +++++---------- .../forex/trading_trading/util/RsaUtil.java | 28 +++++++++ 4 files changed, 106 insertions(+), 38 deletions(-) diff --git a/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java b/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java index 716c2fb..6db8493 100644 --- a/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java +++ b/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java @@ -23,11 +23,12 @@ import java.util.List; /** * 系统登陆认证拦截 * - * @author 陈沅 + * @author 陈沅 */ public class AuthenticationFilter extends OncePerRequestFilter { private final PathMatcher matcher = new AntPathMatcher(); private final TokenProvider tokenProvider; + public AuthenticationFilter(TokenProvider tokenProvider) { this.tokenProvider = tokenProvider; } @@ -53,7 +54,7 @@ public class AuthenticationFilter extends OncePerRequestFilter { throw new UnAuthorizedException("令牌错误: 缺失Bearer.."); } JwtUser currentUser = TokenProvider.getJWTUser(token); - Authentication authentication = new UsernamePasswordAuthenticationToken(currentUser, "****", currentUser.getAuthorities()); + Authentication authentication = new UsernamePasswordAuthenticationToken(currentUser, token == null ? "****" : token, currentUser.getAuthorities()); request.getUserPrincipal(); SecurityContextHolder.getContext().setAuthentication(authentication); filterChain.doFilter(request, response); diff --git a/src/main/java/com/sztzjy/forex/trading_trading/config/security/TokenProvider.java b/src/main/java/com/sztzjy/forex/trading_trading/config/security/TokenProvider.java index 598328c..590cda9 100644 --- a/src/main/java/com/sztzjy/forex/trading_trading/config/security/TokenProvider.java +++ b/src/main/java/com/sztzjy/forex/trading_trading/config/security/TokenProvider.java @@ -1,13 +1,17 @@ package com.sztzjy.forex.trading_trading.config.security; -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; +import com.sztzjy.forex.trading_trading.config.exception.UnAuthorizedException; +import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; import org.springframework.stereotype.Component; import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.StandardCharsets; import java.security.Key; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.util.Base64; import java.util.Date; @Component @@ -16,6 +20,7 @@ public class TokenProvider { private final static String SECRET = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAghgsx+OLLThi7c+/HgCaRla8n+/QLHt++uscoK22dMeaVa3WJvRb5C5qtHGzj9V74pI96JpxdWWCN3Zr1QtanQIDAQABAkB2fWRUD1jVMBVS+rPctLnPNPMKTRdzXGv0SC5D3tRfGZqdcfsmZg8hzBVndHxngmwZS73d+hPjofcdefDDnXq1AiEAz/r1AMF7fweN70mbKgBJuTja37puJMsH2Szwrvb5jlcCIQCgIaLZ5d9J7OomL0NwH8ghba/xgBEpKzErfGbFnTfeKwIgc8ptczFFV1DWZb2eJIEqinOr79l0jwl2YiQSD+cyw1sCIHqxCvv1Wx5jPgy/zeYNE+Q5DMP3Ii7u/x+Yk436JiI9AiEAio84hFm44YTUuV7YCYsbyvnCn/vtcAaqZlczbeHlP1I="; private final static long EXP_TIME = 1000 * 60 * 60 * 2; + private final static String SECRET_ZHIYUN = "zy_wh_mnjy_fp76ckwuczzmb67w0a8x0"; /** * 解析jwtToken * @@ -63,4 +68,55 @@ public class TokenProvider { .signWith(key, SignatureAlgorithm.HS512) .compact(); } + + /** + * 解析智云平台的token + */ + public static JwtUser getJWTUserByZhiYun(String token) { +// token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InR6czAwMSIsInVzZXJJZCI6" + +// "NDg3LCJuYW1lIjoi5Zev5ZO8IiwicGFzc3dvcmQiOiIxMjNxd2UiLCJyb2xlSWQiOjQsInNjaG9" + +// "vbElkIjoxLCJzY2hvb2xOYW1lIjoi5aSp5oup5aSn5a2mIi" + +// "wiY2xhc3NJZCI6MjAsImNsYXNzTmFtZSI6IuWkqeaLqea8lOekujHnj60iLCJsZXZlbElkIjo1fQ" + +// ".5fVdEtC7eDC2HuUX8jnodomdTUw_nPOzkOJUXCw5Fqc"; + try { + Claims claims = Jwts.parser() + .setSigningKey(Keys.hmacShaKeyFor(SECRET_ZHIYUN.getBytes())) + .parseClaimsJws(token) + .getBody(); + + JwtUser jwtUser = new JwtUser(); + jwtUser.setName(claims.get("name").toString()); + jwtUser.setUserId(claims.get("userId").toString()); + jwtUser.setRoleId(Integer.valueOf(claims.get("roleId").toString())); + jwtUser.setClassId(Integer.valueOf(claims.get("classId").toString())); + jwtUser.setSchoolId(Integer.valueOf(claims.get("schoolId").toString())); + jwtUser.setUsername(claims.get("name").toString()); + return jwtUser; + } catch (Exception e) { + throw new UnAuthorizedException("token解析失败"); + } + } + + + //生成智云平台32字节密钥 + public static void main(String[] args) { +// String prefix = "zy_wh_mnjy_"; +// String generatedKey = generateKey(prefix); +// System.out.println("Generated Key: " + generatedKey); + getJWTUserByZhiYun(null); + } + + public static String generateKey(String prefix) { + String characters = "0123456789abcdefghijklmnopqrstuvwxyz"; + SecureRandom random = new SecureRandom(); + + StringBuilder keyBuilder = new StringBuilder(prefix); + while (keyBuilder.length() < 32) { + int randomIndex = random.nextInt(characters.length()); + char randomChar = characters.charAt(randomIndex); + keyBuilder.append(randomChar); + } + return keyBuilder.toString(); + } + } diff --git a/src/main/java/com/sztzjy/forex/trading_trading/controller/UserController.java b/src/main/java/com/sztzjy/forex/trading_trading/controller/UserController.java index b97a230..18f2423 100644 --- a/src/main/java/com/sztzjy/forex/trading_trading/controller/UserController.java +++ b/src/main/java/com/sztzjy/forex/trading_trading/controller/UserController.java @@ -18,16 +18,14 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; -import java.nio.charset.StandardCharsets; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Collections; @Api(tags = "用户管理模块") @RestController @@ -35,9 +33,6 @@ import java.util.Collections; @RequiredArgsConstructor public class UserController { - @Resource - private AuthenticationManager authenticationManager; - @AnonymousAccess @OperateLog(description = "用户登录") @ApiOperation(value = "用户登录", httpMethod = "POST") @@ -51,9 +46,8 @@ public class UserController { } catch (Exception e) { throw new IllegalArgumentException("密码错误"); } - - String md5Pwd = calculateMD5(password); - String hashPwd = formatHash(md5Pwd); + String md5Pwd =RsaUtil.calculateMD5(password); + String hashPwd = RsaUtil.formatHash(md5Pwd); JwtUser jwtUser = TzApi.foreignExchangeTradingLogin(username, hashPwd); Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); @@ -61,31 +55,20 @@ public class UserController { return new ResultEntity(LoginResult.create(jwtUser, token)); } - public static String calculateMD5(String input) { - try { - MessageDigest md = MessageDigest.getInstance("MD5"); - byte[] hashBytes = md.digest(input.getBytes(StandardCharsets.UTF_8)); - StringBuilder sb = new StringBuilder(); - for (byte b : hashBytes) { - sb.append(String.format("%02X", b)); - } - return sb.toString(); - } catch (NoSuchAlgorithmException e) { - e.printStackTrace(); - return null; - } - } - public static String formatHash(String hash) { - StringBuilder formattedHash = new StringBuilder(); - for (int i = 0; i < hash.length(); i += 2) { - formattedHash.append(hash.substring(i, i + 2)); - if (i < hash.length() - 2) { - formattedHash.append("-"); - } - } - return formattedHash.toString(); + @AnonymousAccess + @OperateLog(description = "通过智云平台token单点登录") + @ApiOperation(value = "通过智云平台token单点登录", httpMethod = "POST") + @PostMapping("loginByZhiYunToken") + public ResultEntity loginByZhiYunToken(@ApiParam("智云平台token") @RequestParam String zhiYunToken) { + Assert.isTrue(StringUtils.hasText(zhiYunToken), "token不能为空"); + JwtUser jwtUser = TokenProvider.getJWTUserByZhiYun(zhiYunToken); + Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities()); + SecurityContextHolder.getContext().setAuthentication(authentication); + String token = TokenProvider.createToken(jwtUser); + return new ResultEntity(LoginResult.create(jwtUser, token)); } + } diff --git a/src/main/java/com/sztzjy/forex/trading_trading/util/RsaUtil.java b/src/main/java/com/sztzjy/forex/trading_trading/util/RsaUtil.java index 44d4ef8..acf61d9 100644 --- a/src/main/java/com/sztzjy/forex/trading_trading/util/RsaUtil.java +++ b/src/main/java/com/sztzjy/forex/trading_trading/util/RsaUtil.java @@ -100,6 +100,34 @@ public class RsaUtil { } + + public static String calculateMD5(String input) { + try { + MessageDigest md = MessageDigest.getInstance("MD5"); + byte[] hashBytes = md.digest(input.getBytes(StandardCharsets.UTF_8)); + StringBuilder sb = new StringBuilder(); + for (byte b : hashBytes) { + sb.append(String.format("%02X", b)); + } + return sb.toString(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + return null; + } + } + + public static String formatHash(String hash) { + StringBuilder formattedHash = new StringBuilder(); + for (int i = 0; i < hash.length(); i += 2) { + formattedHash.append(hash.substring(i, i + 2)); + if (i < hash.length() - 2) { + formattedHash.append("-"); + } + } + return formattedHash.toString(); + } + + /** * RSA密钥对对象 */