Merge branch 'fix/password' into 'develop'

feature/[用户认证]登录密码加密接口支持 See merge request o2oa/o2oa!616

Merge branch 'fix/password' into 'develop'
feature/[用户认证]登录密码加密接口支持 See merge request o2oa/o2oa!616
31c4f3a4 · NoSubject · c5086c69 · bca94cd3 · 31c4f3a4 · 31c4f3a4
6 changed file
--- a/o2server/x_console/src/main/java/com/x/server/console/CommandFactory.java
+++ b/o2server/x_console/src/main/java/com/x/server/console/CommandFactory.java
@@ -17,9 +17,11 @@ public class CommandFactory {

 	public static final Pattern test_pattern = Pattern.compile("^ {0,}test {0,}$", Pattern.CASE_INSENSITIVE);

-	public static final Pattern create_encrypt_key_pattern = Pattern.compile("^ {0,}create encrypt key {0,}$",
+	//public static final Pattern create_encrypt_key_pattern = Pattern.compile("^ {0,}create encrypt key {0,}$",Pattern.CASE_INSENSITIVE);
+	
+	public static final Pattern create_encrypt_key_pattern = Pattern.compile("^ {0,}create encrypt key (.+)$",
 			Pattern.CASE_INSENSITIVE);
-
+	
 	public static final Pattern start_pattern = Pattern
 			.compile("^ {0,}start {0,}(data|storage|center|application|web|all|) {0,}$", Pattern.CASE_INSENSITIVE);


--- a/o2server/x_console/src/main/java/com/x/server/console/action/ActionCreateEncryptKey.java
+++ b/o2server/x_console/src/main/java/com/x/server/console/action/ActionCreateEncryptKey.java
 package com.x.server.console.action;

+import java.io.BufferedReader;
 import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStreamReader;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.util.Date;
@@ -9,6 +14,8 @@ import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang3.StringUtils;

+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import com.x.base.core.project.config.Config;
 import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
@@ -37,10 +44,48 @@ public class ActionCreateEncryptKey extends ActionBase {
 		File privateKeyFile = new File(Config.base(), "config/private.key");
 		FileUtils.write(publicKeyFile, Base64.encodeBase64URLSafeString(pair.getPublic().getEncoded()),
 				DefaultCharset.charset, false);
+		
 		FileUtils.write(privateKeyFile, Base64.encodeBase64URLSafeString(pair.getPrivate().getEncoded()),
 				DefaultCharset.charset, false);
-		System.out.println("public key: config/public.key, private key: config/private.key, create key success!");
+		
+		//为前端提供publicKey,为密码加密
+		this.writeConfigFile(new String(Base64.encodeBase64(pair.getPublic().getEncoded())));
+		
 		return true;
 	}
+	
+	public static void main(String[] args) throws Exception {
+		ActionCreateEncryptKey actionCreateEncryptKey = new ActionCreateEncryptKey();
+		actionCreateEncryptKey.writeConfigFile("ssxx");
+	}
+
+	public  boolean writeConfigFile(String publicKey) {
+	    File dir;
+		StringBuffer stringBuffer = new StringBuffer();
+		try {
+			dir = new File(Config.base(), "servers/webServer/x_desktop/res/config");
+			FileUtils.forceMkdir(dir);
+			File fileConfig = new File(dir, "config.json");
+			
+			BufferedReader bufferedReader = 
+					new BufferedReader(new InputStreamReader(new FileInputStream(fileConfig), "UTF-8"));
+			String line;
+			while((line=bufferedReader.readLine()) != null) {
+				stringBuffer.append(line);
+			}
+			
+			JsonObject jsonObject = (JsonObject) new JsonParser().parse(stringBuffer.toString());
+			jsonObject.addProperty("publicKey", publicKey);

+			 FileUtils.write(fileConfig, jsonObject.toString(),DefaultCharset.charset, false);
+					
+		} catch (FileNotFoundException e) {
+			e.printStackTrace();
+		} catch (IOException e) {
+			e.printStackTrace();
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+	   return true;
+  }
 }
\ No newline at end of file
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/factory/PersonFactory.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/factory/PersonFactory.java
@@ -123,7 +123,17 @@ public class PersonFactory extends AbstractFactory {
 		List<String> list = em.createQuery(cq.where(p).distinct(true)).getResultList();
 		if (list.size() == 1) {
 			return list.get(0);
-		} else {
+		}else if(list.size() > 1){
+			String temp = "";
+			for (int i = 0; i < list.size(); i++) {
+				if(temp.equalsIgnoreCase("")) {
+					temp = list.get(i);
+				}else{
+					temp = temp + "," + list.get(i);
+				}
+			}
+		    return temp;
+		}else {
 			return null;
 		}
 	}

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
@@ -3,6 +3,7 @@ package com.x.organization.assemble.authentication.jaxrs.authentication;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;

@@ -35,6 +36,16 @@ class ActionCaptchaLogin extends BaseAction {
 			Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 			String credential = wi.getCredential();
 			String password = wi.getPassword();
+			
+			String isEncrypted = wi.getIsEncrypted();
+			
+			//RSA解秘
+			if (!StringUtils.isEmpty(isEncrypted)) {
+				if(isEncrypted.trim().equalsIgnoreCase("y")) {
+			    	password = decryptRSA(password);
+				}
+			}
+			
 			String captcha = wi.getCaptcha();
 			String captchaAnswer = wi.getCaptchaAnswer();
 			if (StringUtils.isEmpty(credential)) {
@@ -58,12 +69,27 @@ class ActionCaptchaLogin extends BaseAction {
 				}
 				wo = this.manager(request, response, business, Wo.class);
 			} else {
-				/* 普通用户登录,也有可能拥有管理员角色 */
+				/* 普通用户登录,也有可能拥有管理员角色.增加同中文的认证 */
 				String personId = business.person().getWithCredential(credential);
 				if (StringUtils.isEmpty(personId)) {
 					throw new ExceptionPersonNotExistOrInvalidPassword();
 				}
-				Person o = emc.find(personId, Person.class);
+				
+				Person o = null;
+				//处理同中文问题
+				if(personId.indexOf(",") > -1) {
+					String[] arrPersion = personId.split(",");
+					for(int i =0 ; i<arrPersion.length ; i++) {
+						 personId = arrPersion[i];
+						 o = emc.find(personId, Person.class);
+						 if (StringUtils.equals(Crypto.encrypt(password, Config.token().getKey()), o.getPassword())) {
+							 break;
+						 }
+					}
+				}else {
+					 o = emc.find(personId, Person.class);
+				}
+
 				if (BooleanUtils.isTrue(Config.person().getSuperPermission())
 						&& StringUtils.equals(Config.token().getPassword(), password)) {
 					logger.warn("user: {} use superPermission.", credential);
@@ -79,6 +105,8 @@ class ActionCaptchaLogin extends BaseAction {
 						}
 					}
 				}
+				
+				
 				wo = this.user(request, response, business, o, Wo.class);
 				audit.log(o.getDistinguishedName(), "登录");
 			}
@@ -87,6 +115,63 @@ class ActionCaptchaLogin extends BaseAction {
 		}
 	}

+	 //加密
+		public String encryptRSA(String strEncrypt) {
+			String encrypt = null;
+			try {
+				 String publicKey = Config.publicKey();
+				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
+				 
+				encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB)));
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+		
+			return encrypt;
+		}
+		
+		//解密
+		public String decryptRSA(String strDecrypt) {
+			String privateKey;
+			String decrypt = null;
+			try {
+				privateKey = getPrivateKey();
+			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+		
+			return decrypt;
+		}
+		
+		//获取PublicKey
+		public String  getPublicKey() {
+			String publicKey = "";
+			 try {
+				 publicKey = Config.publicKey();
+				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
+				 publicKey = new String(Base64.encodeBase64(publicKeyB));
+				 
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+			return publicKey;
+		}
+		
+		
+		//获取privateKey
+		public String  getPrivateKey() {
+			 String privateKey = "";
+			 try {
+				 privateKey = Config.privateKey();
+				 byte[] privateKeyB = Base64.decodeBase64(privateKey);
+				 privateKey = new String(Base64.encodeBase64(privateKeyB));
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+			return privateKey;
+		}
+		
 	public static class Wi extends GsonPropertyObject {

 		@FieldDescribe("凭证")
@@ -101,6 +186,9 @@ class ActionCaptchaLogin extends BaseAction {
 		@FieldDescribe("图片认证码")
 		private String captchaAnswer;

+		@FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key")
+		private String isEncrypted;
+		
 		public String getPassword() {
 			return password;
 		}
@@ -132,7 +220,13 @@ class ActionCaptchaLogin extends BaseAction {
 		public void setCaptchaAnswer(String captchaAnswer) {
 			this.captchaAnswer = captchaAnswer;
 		}
+		public String getIsEncrypted() {
+			return isEncrypted;
+		}

+		public void setIsEncrypted(String isEncrypted) {
+			this.isEncrypted = isEncrypted;
+		}
 	}

 	public static class Wo extends AbstractWoAuthentication {

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLoginRSAPublicKey.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLoginRSAPublicKey.java
+package com.x.organization.assemble.authentication.jaxrs.authentication;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.codec.binary.Base64;
+import com.x.base.core.project.annotation.FieldDescribe;
+import com.x.base.core.project.config.Config;
+import com.x.base.core.project.gson.GsonPropertyObject;
+import com.x.base.core.project.http.ActionResult;
+import com.x.base.core.project.http.EffectivePerson;
+import com.x.base.core.project.logger.Logger;
+import com.x.base.core.project.logger.LoggerFactory;
+
+
+public class ActionCaptchaLoginRSAPublicKey extends BaseAction{
+	private static Logger logger = LoggerFactory.getLogger(ActionCaptchaLoginRSAPublicKey.class);
+
+	ActionResult<Wo> execute(HttpServletRequest request, HttpServletResponse response, EffectivePerson effectivePerson) throws Exception {
+			ActionResult<Wo> result = new ActionResult<>();
+			Wo wo = new Wo();
+			wo.setPublicKey(getPublicKey());
+			result.setData(wo);
+			return result;
+		}
+
+	//获取PublicKey
+	public String  getPublicKey() {
+		String publicKey = "";
+		 try {
+			 publicKey = Config.publicKey();
+			 byte[] publicKeyB = Base64.decodeBase64(publicKey);
+			 publicKey = new String(Base64.encodeBase64(publicKeyB));
+			 //logger.info("publicKey=" + publicKey);
+			 
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return publicKey;
+	}
+	
+	
+	//获取privateKey
+	public String  getPrivateKey() {
+		 String privateKey = "";
+		 try {
+			 privateKey = Config.privateKey();
+			 byte[] privateKeyB = Base64.decodeBase64(privateKey);
+			 privateKey = new String(Base64.encodeBase64(privateKeyB));
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return privateKey;
+	}
+	
+
+	public static class Wo  extends GsonPropertyObject {
+
+		@FieldDescribe("RSA公钥")
+		private String publicKey;
+
+		public String getPublicKey() {
+			return publicKey;
+		}
+
+		public void setPublicKey(String publicKey) {
+			this.publicKey = publicKey;
+		}
+	}
+
+}
\ No newline at end of file
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java
@@ -140,7 +140,7 @@ public class AuthenticationAction extends StandardJaxrsAction {
 		}
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
 	}
-
+	
 	@JaxrsMethodDescribe(value = "获取图片验证码.", action = ActionCaptcha.class)
 	@GET
 	@Path("captcha/width/{width}/height/{height}")
@@ -160,6 +160,25 @@ public class AuthenticationAction extends StandardJaxrsAction {
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
 	}

+
+	@JaxrsMethodDescribe(value = "获取公钥publicKey", action = ActionCaptchaLoginRSAPublicKey.class)
+	@GET
+	@Path("captchaRSAPublicKey")
+	@Produces(HttpMediaType.APPLICATION_JSON_UTF_8)
+	@Consumes(MediaType.APPLICATION_JSON)
+	public void captchaRSAPublicKey(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
+			@Context HttpServletResponse response) {
+		ActionResult<ActionCaptchaLoginRSAPublicKey.Wo> result = new ActionResult<>();
+		EffectivePerson effectivePerson = this.effectivePerson(request);
+		try {
+			result = new ActionCaptchaLoginRSAPublicKey().execute(request, response, effectivePerson);
+		} catch (Exception e) {
+			logger.error(e, effectivePerson, request, null);
+			result.error(e);
+		}
+		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
+	}
+	
 	@JaxrsMethodDescribe(value = "用户登录.credential=xxxx,codeAnswer=xxxx,使用短信验证码登录.", action = ActionCodeLogin.class)
 	@POST
 	@Path("code")