Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
sureness
Sureness
提交
fb5311e8
Sureness
项目概览
sureness
/
Sureness
大约 1 年 前同步成功
通知
32
Star
813
Fork
161
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
Sureness
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fb5311e8
编写于
10月 21, 2020
作者:
sinat_25235033
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
update jwt util set hmac algorithm as default
上级
c74f07d4
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
49 addition
and
31 deletion
+49
-31
core/pom.xml
core/pom.xml
+14
-2
core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
...c/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
+23
-16
core/src/test/java/com/usthe/sureness/subject/creater/JwtSubjectServletCreatorTest.java
...ureness/subject/creater/JwtSubjectServletCreatorTest.java
+2
-3
core/src/test/java/com/usthe/sureness/util/JsonWebTokenUtilTest.java
...st/java/com/usthe/sureness/util/JsonWebTokenUtilTest.java
+3
-4
sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/AccountController.java
...reness/sample/bootstrap/controller/AccountController.java
+1
-2
sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/AccountController.java
...the/sureness/sample/tom/controller/AccountController.java
+1
-2
sample-tom/src/main/java/com/usthe/sureness/sample/tom/sureness/config/SurenessConfiguration.java
...ess/sample/tom/sureness/config/SurenessConfiguration.java
+5
-2
未找到文件。
core/pom.xml
浏览文件 @
fb5311e8
...
...
@@ -50,7 +50,7 @@
<project.build.sourceEncoding>
UTF-8
</project.build.sourceEncoding>
<javax.servlet.version>
3.1.0
</javax.servlet.version>
<javax.ws.rs.version>
2.1.1
</javax.ws.rs.version>
<jjwt.version>
0.
9.0
</jjwt.version>
<jjwt.version>
0.
11.2
</jjwt.version>
<yaml.version>
1.17
</yaml.version>
<xml.bind.version>
2.3.0
</xml.bind.version>
<slf4j.version>
1.7.21
</slf4j.version>
...
...
@@ -83,9 +83,21 @@
<!-- jwt util -->
<dependency>
<groupId>
io.jsonwebtoken
</groupId>
<artifactId>
jjwt
</artifactId>
<artifactId>
jjwt
-api
</artifactId>
<version>
${jjwt.version}
</version>
</dependency>
<dependency>
<groupId>
io.jsonwebtoken
</groupId>
<artifactId>
jjwt-impl
</artifactId>
<version>
${jjwt.version}
</version>
<scope>
runtime
</scope>
</dependency>
<dependency>
<groupId>
io.jsonwebtoken
</groupId>
<artifactId>
jjwt-jackson
</artifactId>
<!-- or jjwt-gson if Gson is preferred -->
<version>
${jjwt.version}
</version>
<scope>
runtime
</scope>
</dependency>
<!-- yaml file load -->
<dependency>
<groupId>
org.yaml
</groupId>
...
...
core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
浏览文件 @
fb5311e8
...
...
@@ -6,32 +6,42 @@ import io.jsonwebtoken.ExpiredJwtException;
import
io.jsonwebtoken.JwtBuilder
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.MalformedJwtException
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.SignatureException
;
import
io.jsonwebtoken.UnsupportedJwtException
;
import
io.jsonwebtoken.security.Keys
;
import
javax.xml.bind.DatatypeConverter
;
import
java.security.Key
;
import
java.util.Date
;
import
java.util.List
;
/**
* json web token相关工具类
* use hmac algorithm, can change the secretKey by setDefaultSecretKey
* @author tomsun28
* @date 16:29 2018/3/8
*/
public
class
JsonWebTokenUtil
{
/** 默认SUBJECT加密解密签名KEY **/
private
static
final
String
DEFAULT_SECRET_KEY
=
"?::4390fsf4sdl6opf):"
;
private
static
final
String
DEFAULT_SECRET_KEY
=
"MIIEowIBAl+f/dKhaX0csgOCTlCxq20yhmUea6H6JIpST3ST1SE2Rwp"
+
"LnfKefTjsIfJLBa2YkhEqE/GtcHDTNe4CU6+9y/S5z50Kik70LsP43r"
+
"RnLN7XNn4wARoQXizIv6MHUsIV+EFfiMw/x7R0ntu4aWr/CWuApcFaj"
+
"4mWEa6EwrPHTZmbT5Mt45AM2UYhzDHK+0F0rUq3MwH+oXsm+L3F/zjj"
+
"M6EByXIO+SV5+8tVt4bisXQ13rbN0oxhUZR73+LDj9mxa6rFhMW+lfx"
+
"CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R+YYzGMRIqcBIp6AKA98"
+
"GM2RIqcBIp6-?::4390fsf4sdl6opf)4ZI:tdQMtcQQ14pkOAQdQ546"
;
/** JWT格式3个点 **/
private
static
final
int
COUNT_3
=
3
;
/** 加密解密签名 **/
private
static
String
secretKey
;
private
static
Key
secretKey
;
static
{
secretKey
=
DEFAULT_SECRET_KEY
;
byte
[]
secretKeyBytes
=
DatatypeConverter
.
parseBase64Binary
(
DEFAULT_SECRET_KEY
);
secretKey
=
Keys
.
hmacShaKeyFor
(
secretKeyBytes
);
}
...
...
@@ -44,16 +54,13 @@ public class JsonWebTokenUtil {
* @param roles 访问主张-角色
* @param permissions 访问主张-权限
* @param isRefresh 是否是刷新token
* @param algorithm 加密算法
* @return java.lang.String jwt
*/
public
static
String
issueJwt
(
String
id
,
String
subject
,
String
issuer
,
Long
period
,
List
<
String
>
roles
,
List
<
String
>
permissions
,
Boolean
isRefresh
,
SignatureAlgorithm
algorithm
)
{
Boolean
isRefresh
)
{
// 当前时间戳
long
currentTimeMillis
=
System
.
currentTimeMillis
();
// 秘钥
byte
[]
secretKeyBytes
=
DatatypeConverter
.
parseBase64Binary
(
secretKey
);
JwtBuilder
jwtBuilder
=
Jwts
.
builder
();
if
(
id
!=
null
)
{
jwtBuilder
.
setId
(
id
);
...
...
@@ -82,7 +89,7 @@ public class JsonWebTokenUtil {
// 压缩,可选GZIP
jwtBuilder
.
compressWith
(
CompressionCodecs
.
DEFLATE
);
// 加密设置
jwtBuilder
.
signWith
(
algorithm
,
secretKeyBytes
);
jwtBuilder
.
signWith
(
secretKey
);
return
jwtBuilder
.
compact
();
}
...
...
@@ -107,10 +114,9 @@ public class JsonWebTokenUtil {
* @throws IllegalArgumentException 非法参数
*/
public
static
Claims
parseJwt
(
String
jwt
)
throws
ExpiredJwtException
,
UnsupportedJwtException
,
MalformedJwtException
,
SignatureException
,
IllegalArgumentException
{
return
Jwts
.
parser
()
.
setSigningKey
(
DatatypeConverter
.
parseBase64Binary
(
secretKey
))
.
parseClaimsJws
(
jwt
)
.
getBody
();
return
Jwts
.
parserBuilder
().
setSigningKey
(
secretKey
).
build
()
.
parseClaimsJws
(
jwt
).
getBody
();
// 令牌ID -- claims.getId()
// 客户标识 -- claims.getSubject()
...
...
@@ -124,9 +130,10 @@ public class JsonWebTokenUtil {
/**
* 设置新的JWT加密解密签名
* @param secretNowKey
签名KEY
* @param secretNowKey
Value key value
*/
public
static
void
setSecretKey
(
String
secretNowKey
)
{
secretKey
=
secretNowKey
;
public
static
void
setDefaultSecretKey
(
String
secretNowKeyValue
)
{
byte
[]
secretKeyBytes
=
DatatypeConverter
.
parseBase64Binary
(
secretNowKeyValue
);
secretKey
=
Keys
.
hmacShaKeyFor
(
secretKeyBytes
);
}
}
core/src/test/java/com/usthe/sureness/subject/creater/JwtSubjectServletCreatorTest.java
浏览文件 @
fb5311e8
...
...
@@ -2,7 +2,6 @@ package com.usthe.sureness.subject.creater;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
org.junit.Before
;
import
org.junit.Test
;
...
...
@@ -35,7 +34,7 @@ public class JwtSubjectServletCreatorTest {
public
void
canSupportSubject
()
{
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
"tom"
,
"token-server"
,
36000L
,
Arrays
.
asList
(
"role2"
,
"rol3"
),
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
HttpServletRequest
request
=
createNiceMock
(
HttpServletRequest
.
class
);
expect
(
request
.
getHeader
(
AUTHORIZATION
)).
andReturn
(
BEARER
+
" "
+
jwt
);
replay
(
request
);
...
...
@@ -47,7 +46,7 @@ public class JwtSubjectServletCreatorTest {
public
void
createSubject
()
{
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
"tom"
,
"token-server"
,
36000L
,
Arrays
.
asList
(
"role2"
,
"rol3"
),
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
HttpServletRequest
request
=
createNiceMock
(
HttpServletRequest
.
class
);
expect
(
request
.
getHeader
(
AUTHORIZATION
)).
andReturn
(
BEARER
+
" "
+
jwt
);
expect
(
request
.
getRequestURI
()).
andReturn
(
"/api/v1/book"
);
...
...
core/src/test/java/com/usthe/sureness/util/JsonWebTokenUtilTest.java
浏览文件 @
fb5311e8
package
com.usthe.sureness.util
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
org.junit.Test
;
import
static
org
.
junit
.
Assert
.*;
...
...
@@ -18,7 +17,7 @@ public class JsonWebTokenUtilTest {
public
void
issueJwt
()
{
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
"tom"
,
"token-server"
,
36000L
,
Arrays
.
asList
(
"role2"
,
"rol3"
),
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
assertNotNull
(
jwt
);
}
...
...
@@ -26,7 +25,7 @@ public class JsonWebTokenUtilTest {
public
void
isNotJsonWebToken
()
{
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
"tom"
,
"token-server"
,
36000L
,
Arrays
.
asList
(
"role2"
,
"rol3"
),
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
boolean
flag
=
JsonWebTokenUtil
.
isNotJsonWebToken
(
jwt
);
assertFalse
(
flag
);
flag
=
JsonWebTokenUtil
.
isNotJsonWebToken
(
"gsgdsghdbhegxhsgdjsdj"
);
...
...
@@ -37,7 +36,7 @@ public class JsonWebTokenUtilTest {
public
void
parseJwt
()
{
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
"tom"
,
"token-server"
,
36000L
,
Arrays
.
asList
(
"role2"
,
"rol3"
),
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
assertNotNull
(
JsonWebTokenUtil
.
parseJwt
(
jwt
));
}
}
\ No newline at end of file
sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/AccountController.java
浏览文件 @
fb5311e8
...
...
@@ -5,7 +5,6 @@ import com.usthe.sureness.provider.SurenessAccount;
import
com.usthe.sureness.provider.SurenessAccountProvider
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
com.usthe.sureness.util.Md5Util
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.web.bind.annotation.PostMapping
;
...
...
@@ -63,7 +62,7 @@ public class AccountController {
long
refreshPeriodTime
=
36000L
;
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
appId
,
"token-server"
,
refreshPeriodTime
>>
1
,
roles
,
null
,
Boolean
.
FALSE
,
SignatureAlgorithm
.
HS512
);
null
,
Boolean
.
FALSE
);
Map
<
String
,
String
>
body
=
Collections
.
singletonMap
(
"token"
,
jwt
);
return
ResponseEntity
.
ok
().
body
(
body
);
}
...
...
sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/AccountController.java
浏览文件 @
fb5311e8
...
...
@@ -4,7 +4,6 @@ import com.usthe.sureness.sample.tom.pojo.dto.Account;
import
com.usthe.sureness.sample.tom.pojo.dto.Message
;
import
com.usthe.sureness.sample.tom.service.AccountService
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.http.HttpStatus
;
...
...
@@ -47,7 +46,7 @@ public class AccountController {
long
refreshPeriodTime
=
36000L
;
String
jwt
=
JsonWebTokenUtil
.
issueJwt
(
UUID
.
randomUUID
().
toString
(),
account
.
getUsername
(),
"tom-auth-server"
,
refreshPeriodTime
>>
1
,
ownRole
,
null
,
false
,
SignatureAlgorithm
.
HS512
);
null
,
false
);
Map
<
String
,
String
>
responseData
=
Collections
.
singletonMap
(
"token"
,
jwt
);
Message
message
=
Message
.
builder
().
data
(
responseData
).
build
();
if
(
log
.
isDebugEnabled
())
{
...
...
sample-tom/src/main/java/com/usthe/sureness/sample/tom/sureness/config/SurenessConfiguration.java
浏览文件 @
fb5311e8
...
...
@@ -34,7 +34,10 @@ public class SurenessConfiguration {
/**
* jwt secret key
*/
private
static
final
String
TOM_SECRET_KEY
=
"?::4s9ssf2sf4sed45pf):"
;
private
static
final
String
TOM_SECRET_KEY
=
"?::4s9ssf2sf4sed45pf):"
+
"RnLN7XNn4wARoQXizIv6MHUsIV+EFfiMw/x7R0ntu4aWr/CWuApcFaj"
+
"CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R+YYzGMRIqcBIp6AKA98"
+
"GM2RIqcBIp6-?::4390fsf4sdl6opf)4ZI:tdQMtcQQ14pkOAQdQ546"
;
@Bean
ProcessorManager
processorManager
(
SurenessAccountProvider
accountProvider
)
{
...
...
@@ -76,7 +79,7 @@ public class SurenessConfiguration {
@Bean
SurenessSecurityManager
securityManager
(
ProcessorManager
processorManager
,
TreePathRoleMatcher
pathRoleMatcher
,
SubjectFactory
subjectFactory
)
{
JsonWebTokenUtil
.
setSecretKey
(
TOM_SECRET_KEY
);
JsonWebTokenUtil
.
set
Default
SecretKey
(
TOM_SECRET_KEY
);
// surenessSecurityManager init
SurenessSecurityManager
securityManager
=
SurenessSecurityManager
.
getInstance
();
securityManager
.
setPathRoleMatcher
(
pathRoleMatcher
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录