liuchang/mall-ebtp-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2.3.0版本

Browse Source
This commit is contained in:
zhangqinbin
2024-04-16 17:05:15 +08:00
parent 5d1a6227e8
commit adeb21fa9e
3 changed files with 66 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/RSAcheck.java
View File

@ -299,25 +299,29 @@ public class RSAcheck {
System.out.println("字符类型私钥:" + privateKey); System.out.println("字符类型私钥:" + privateKey);
System.out.println("公钥加密——私钥解密---------------"); System.out.println("公钥加密——私钥解密---------------");
SimpleDateFormat format = new SimpleDateFormat("yyyyMMddHHmmss"); long newDateLong = System.currentTimeMillis();
String source = "831357ef-3a80-40b3-9563-6451a7a8d605_"+(format.format(new Date())); String source = "831357ef-3a80-40b3-9563-6451a7a8d605_"+(newDateLong);
// System.out.println("\r加密前文字\r\n" + source); System.out.println(source);
// byte[] data = source.getBytes();
// byte[] encodedData = encryptByPublicKey(data, publicKey);
//
// System.out.println("加密后文字:\r\n" + encryptBASE64(encodedData));
// byte[] decodedData = decryptByPrivateKey(encodedData, privateKey);
// String target = new String(decodedData);
// System.out.println("解密后文字: \r\n" + target);
System.out.println("\r加密前文字\r\n" + source); System.out.println("\r加密前文字\r\n" + source);
String ciphertext = encryptDatafd(source, publicKey); byte[] data = source.getBytes();
System.out.println(ciphertext); byte[] encodedData = encryptByPublicKey(data, publicKey);
//
System.out.println("加密后文字:\r\n" + encryptBASE64(encodedData));
//byte[] encodedData2 = Base64.getDecoder().decode("");
// byte[] decodedData = decryptByPrivateKey(encodedData2, privateKey);
// String target = new String(decodedData);
String s = encryptBASE64(encodedData);//
String v = decrypt(s,privateKey);
System.out.println("解密后文字: \r\n" + v);
String data = decryptDatafd(ciphertext, privateKey); // System.out.println("\r加密前文字\r\n" + source);
System.out.println(data); // String ciphertext = encryptDatafd(source, publicKey);
String data2 = decryptDatafd("IaDxV6UytgKPh2g/4fh2jvuiKJV7bRrbaSG7jqZ+94oOsCsxvL1wMl09tAF8B2N2Eex4vKtt/LQvouLJXdlBVg==", privateKey); // System.out.println(ciphertext);
System.out.println(data2); //
// String data = decryptDatafd(ciphertext, privateKey);
// System.out.println(data);
// String data2 = decryptDatafd("IaDxV6UytgKPh2g/4fh2jvuiKJV7bRrbaSG7jqZ+94oOsCsxvL1wMl09tAF8B2N2Eex4vKtt/LQvouLJXdlBVg==", privateKey);
// System.out.println(data2);
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();

22
uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/ExternalAllows.java Normal file
View File

@ -0,0 +1,22 @@
package com.chinaunicom.mall.ebtp.cloud.security.starter.entity;
import lombok.Data;
import lombok.experimental.Accessors;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import java.util.List;
/**
* @author f
*/
@Data
@Configuration
@ConfigurationProperties(prefix = "external")
@Accessors(chain = true)
public class ExternalAllows {
private List<String> apis;
}

28
uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
View File

@ -5,6 +5,7 @@ import cn.hutool.core.exceptions.ExceptionUtil;
import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants;
import com.chinaunicom.mall.ebtp.cloud.security.starter.common.RSAcheck; import com.chinaunicom.mall.ebtp.cloud.security.starter.common.RSAcheck;
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows;
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.ExternalAllows;
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority;
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService; import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
@ -63,6 +64,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
@Autowired @Autowired
private AuthAllows allows; private AuthAllows allows;
@Autowired
private ExternalAllows eAllows;
//private String checkprivateKey="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc="; //private String checkprivateKey="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc=";
@ -88,10 +92,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
log.info("--------" + method + " - " + api + "?" + Optional.ofNullable(request.getQueryString()).orElse("")); log.info("--------" + method + " - " + api + "?" + Optional.ofNullable(request.getQueryString()).orElse(""));
} }
String check_header = request.getHeader(HEADER_CHECK_TOKEN); String check_header = request.getHeader(HEADER_CHECK_TOKEN);
log.info("HEADER_CHECK_TOKEN:"+HEADER_CHECK_TOKEN);
log.info("check_header:"+check_header);
String isFeginKey = request.getHeader("isFegin"); String isFeginKey = request.getHeader("isFegin");
log.info("isFeginKey: " + isFeginKey);
String isFegin = null; String isFegin = null;
if(isFeginKey!=null&&!"".equals(isFeginKey)) { if(isFeginKey!=null&&!"".equals(isFeginKey)) {
try { try {
@ -144,9 +145,12 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
ExceptionUtil.stacktraceToString(e); ExceptionUtil.stacktraceToString(e);
log.error(e.getMessage()); log.error(e.getMessage());
} }
boolean isExternal = externalCheckWhiteList(api, method);
log.info(api+"|"+isExternal);
log.info("check白名单|"+eAllows.getApis());
//校验token 时间戳 //校验token 时间戳
log.info("校验token时间戳"); if(tokenCheckB&&!isExternal&&!isWhite) {
if(tokenCheckB) {
if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS) if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)
&& (isFegin == null || !"isFegin".equals(isFegin))) { && (isFegin == null || !"isFegin".equals(isFegin))) {
BaseCacheUser buser = new BaseCacheUser(); BaseCacheUser buser = new BaseCacheUser();
@ -262,6 +266,20 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|| method.contains(ACTUATOR_PROMETHEUS) //prometheus检测 || method.contains(ACTUATOR_PROMETHEUS) //prometheus检测
|| method.contains(GET_USERINFO_API); //获取用户信息接口 || method.contains(GET_USERINFO_API); //获取用户信息接口
} }
/**
* 外部接口白名单验证
*
* @param method url地址
* @param methodType 请求方式 GET
* @return
*/
private boolean externalCheckWhiteList(String method, String methodType) {
return Optional.ofNullable(eAllows.getApis()).orElseGet(ArrayList::new)
.parallelStream().anyMatch(reg -> Pattern.compile(reg).matcher(methodType + "." + method).matches())
|| method.contains(ACTUATOR_HEALTH) //服务的就绪检测
|| method.contains(ACTUATOR_PROMETHEUS) //prometheus检测
|| method.contains(GET_USERINFO_API); //获取用户信息接口
}
/** /**