新增jwt和rsa工具类

zlt-commons/zlt-auth-client-spring-boot-starter/src/main/java/com/central/oauth2/common/store/ResJwtTokenStore.java

 package com.central.oauth2.common.store;
 
 import cn.hutool.core.util.StrUtil;
+import com.central.common.constant.SecurityConstants;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
 import org.springframework.context.annotation.Bean;
@@ -28,8 +29,6 @@ import java.util.stream.Collectors;
  * @date 2018/8/20 9:25
  */
 public class ResJwtTokenStore {
-    private static final String PUBLIC_KEY = "pubkey.txt";
-
     @Autowired
     private ResourceServerProperties resource;
 
@@ -50,7 +49,7 @@ public class ResJwtTokenStore {
      * @return 公钥 Key
      */
     private String getPubKey() {
-        Resource res = new ClassPathResource(ResJwtTokenStore.PUBLIC_KEY);
+        Resource res = new ClassPathResource(SecurityConstants.RSA_PUBLIC_KEY);
         try (BufferedReader br = new BufferedReader(new InputStreamReader(res.getInputStream()))) {
             return br.lines().collect(Collectors.joining("\n"));
         } catch (IOException ioe) {

zlt-commons/zlt-auth-client-spring-boot-starter/src/main/java/com/central/oauth2/common/util/JwtUtils.java

+package com.central.oauth2.common.util;
+
+import com.alibaba.fastjson.JSONObject;
+import com.central.common.constant.SecurityConstants;
+import com.central.common.utils.RsaUtils;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+import org.springframework.security.jwt.Jwt;
+import org.springframework.security.jwt.JwtHelper;
+import org.springframework.security.jwt.crypto.sign.RsaVerifier;
+import org.springframework.security.jwt.crypto.sign.SignatureVerifier;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.security.interfaces.RSAPublicKey;
+import java.util.stream.Collectors;
+
+/**
+ * jwt工具类
+ *
+ * @author zlt
+ * @date 2019/7/21
+ */
+public class JwtUtils {
+    private static final String PUBKEY_START = "-----BEGIN PUBLIC KEY-----";
+    private static final String PUBKEY_END = "-----END PUBLIC KEY-----";
+
+    /**
+     * 通过classpath获取公钥值
+     */
+    public static RSAPublicKey getPubKeyObj() {
+        Resource res = new ClassPathResource(SecurityConstants.RSA_PUBLIC_KEY);
+        try (BufferedReader br = new BufferedReader(new InputStreamReader(res.getInputStream()))) {
+            String pubKey = br.lines().collect(Collectors.joining("\n"));
+            pubKey = pubKey.substring(PUBKEY_START.length(), pubKey.indexOf(PUBKEY_END));
+            return RsaUtils.getPublicKey(pubKey);
+        } catch (Exception ioe) {
+            ioe.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * {"exp":1563256084,"user_name":"admin","authorities":["ADMIN"],"jti":"4ce02f54-3d1c-4461-8af1-73f0841a35df","client_id":"webApp","scope":["app"]}
+     * @param jwtToken token值
+     * @param rsaPublicKey 公钥
+     * @return
+     */
+    public static JSONObject decodeAndVerify(String jwtToken, RSAPublicKey rsaPublicKey) {
+        SignatureVerifier rsaVerifier = new RsaVerifier(rsaPublicKey);
+        Jwt jwt = JwtHelper.decodeAndVerify(jwtToken, rsaVerifier);
+        return JSONObject.parseObject(jwt.getClaims());
+    }
+
+    /**
+     * {"exp":1563256084,"user_name":"admin","authorities":["ADMIN"],"jti":"4ce02f54-3d1c-4461-8af1-73f0841a35df","client_id":"webApp","scope":["app"]}
+     * @param jwtToken token值
+     * @return
+     */
+    public static JSONObject decodeAndVerify(String jwtToken) {
+        return decodeAndVerify(jwtToken, getPubKeyObj());
+    }
+
+    /**
+     * 判断jwt是否过期
+     * @param claims jwt内容
+     * @param currTime 当前时间
+     * @return 未过期：true，已过期：false
+     */
+    public static boolean checkExp(JSONObject claims, long currTime) {
+        long exp = claims.getLong("exp");
+        if (exp < currTime) {
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * 判断jwt是否过期
+     * @param claims jwt内容
+     * @return 未过期：true，已过期：false
+     */
+    public static boolean checkExp(JSONObject claims) {
+        return checkExp(claims, System.currentTimeMillis());
+    }
+}

zlt-commons/zlt-common-spring-boot-starter/src/main/java/com/central/common/constant/SecurityConstants.java

@@ -157,4 +157,8 @@ public interface SecurityConstants {
      * redis中用户名对应的token集合的key
      */
     String REDIS_UNAME_TO_ACCESS = "uname_to_access:";
+    /**
+     * rsa公钥
+     */
+    String RSA_PUBLIC_KEY = "pubkey.txt";
 }

zlt-commons/zlt-common-spring-boot-starter/src/main/java/com/central/common/utils/RsaUtils.java

+package com.central.common.utils;
+
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+import javax.crypto.Cipher;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+/**
+ * RSA加解密工具类
+ *
+ * @author zlt
+ * @date 2019/7/16
+ */
+public class RsaUtils {
+    /**
+     * 默认"RSA"="RSA/ECB/PKCS1Padding"
+     */
+    private static final String CIPHER_INSTANCE = "RSA/ECB/PKCS1Padding";
+
+    /**
+     * 公钥加密
+     * @param content 要加密的内容
+     * @param publicKey 公钥
+     */
+    public static String encrypt(String content, PublicKey publicKey) {
+        try{
+            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
+            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+            byte[] output = cipher.doFinal(content.getBytes());
+            BASE64Encoder encoder = new BASE64Encoder();
+            return encoder.encode(output);
+        }catch (Exception e){
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 公钥加密
+     * @param content 要加密的内容
+     * @param publicKey 公钥
+     */
+    public static byte[] encrypt(byte[] content, PublicKey publicKey) {
+        try{
+            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
+            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+            return  cipher.doFinal(content);
+        }catch (Exception e){
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 私钥解密
+     * @param content 要解密的内容
+     * @param privateKey 私钥
+     */
+    public static byte[] decrypt(byte[] content, PrivateKey privateKey) {
+        try {
+            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
+            cipher.init(Cipher.DECRYPT_MODE, privateKey);
+            return cipher.doFinal(content);
+        } catch (Exception e){
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 私钥解密
+     * @param content 要解密的内容
+     * @param privateKey 私钥
+     */
+    public static String decrypt(String content, PrivateKey privateKey) {
+        try {
+            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
+            cipher.init(Cipher.DECRYPT_MODE, privateKey);
+            byte [] b = cipher.doFinal(content.getBytes());
+            BASE64Encoder encoder = new BASE64Encoder();
+            return encoder.encode(b);
+        } catch (Exception e){
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * String转公钥PublicKey
+     * @param key 公钥字符
+     */
+    public static RSAPublicKey getPublicKey(String key) throws Exception {
+        byte[] keyBytes;
+        keyBytes = (new BASE64Decoder()).decodeBuffer(key);
+        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+        return (RSAPublicKey)keyFactory.generatePublic(keySpec);
+    }
+
+    /**
+     * String转私钥PrivateKey
+     * @param key 私钥字符
+     */
+    public static PrivateKey getPrivateKey(String key) throws Exception {
+        byte[] keyBytes;
+        keyBytes = (new BASE64Decoder()).decodeBuffer(key);
+        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+        return keyFactory.generatePrivate(keySpec);
+    }
+}

zlt-uaa/src/test/java/com/central/oauth2/common/util/JwtUtilsTest.java

+package com.central.oauth2.common.util;
+
+import com.alibaba.fastjson.JSONObject;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.junit4.SpringRunner;
+
+/**
+ * 测试工具类
+ *
+ * @author zlt
+ * @date 2019/7/16
+ */
+@RunWith(SpringRunner.class)
+public class JwtUtilsTest {
+    @Test
+    public void test() {
+        String jwtToken = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXN0IjoiYWJjIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJzY29wZSI6WyJhcHAiXSwiZXhwIjoxNTYzNjgyMTI4LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiJlMDFlNGU0Yi1hZDVkLTRlMTQtODhiMC00OGQ4YzBjN2U5YjkiLCJjbGllbnRfaWQiOiJ3ZWJBcHAifQ.Qrh2aEoN4TL_WIQ9UpxDrW12aqqoVqxeY826sjbea2LB24RBNDYQl1J5vwXzMaQlG9AgjHRL4bTQihwBYYfdL-VuJXx0_l0xONbz9sHPq60a3gAhxOnekNS5-Qet5feTw7j4o2OwNlxo-xty5s8u2lsQY21zCe0tes_T4XeM76JTBpRbQUFGUU3EKxtUFi3Nk9AII4zerW1AbQNvLo4YW2Wvj___0lq5a-xNdCcHlJid8vKgzEF3v3wECOv6OjgL-fUN8VpUsYVt1-_QZp8opPAf-t3OVTtrVIWrJZ_vWV9d6DN5mynKtZ7_mDyMwo_5w3roAZ0ahoBKPKrtYQyEwQ";
+        JSONObject claims = JwtUtils.decodeAndVerify(jwtToken);
+        //token内容
+        System.out.println(claims);
+        boolean isValid = JwtUtils.checkExp(claims);
+        //是否有效
+        System.out.println(isValid);
+    }
+}