aes encode decode

xlorne · xlorne · commit 54d5915bf173 · 2022-07-27T09:16:00.000+08:00
diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
 
 	<groupId>com.codingapi.springboot</groupId>
 	<artifactId>springboot-parent</artifactId>
-	<version>1.1.2</version>
+	<version>1.1.3</version>
 
 	<url>https://github.com/codingapi/springboot-framewrok</url>
 	<name>springboot-parent</name>
@@ -37,6 +37,7 @@
 		<commons-dbutils.version>1.7</commons-dbutils.version>
 		<org.reflections.version>0.10.2</org.reflections.version>
 		<perf4j.version>0.9.16</perf4j.version>
+		<commons-crypto.version>1.1.0</commons-crypto.version>
 
 	</properties>
 
@@ -72,6 +73,12 @@
 				<version>${org.reflections.version}</version>
 			</dependency>
 
+			<dependency>
+				<groupId>org.apache.commons</groupId>
+				<artifactId>commons-crypto</artifactId>
+				<version>${commons-crypto.version}</version>
+			</dependency>
+
 			<dependency>
 				<groupId>org.perf4j</groupId>
 				<artifactId>perf4j</artifactId>
diff --git a/springboot-example/pom.xml b/springboot-example/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>com.codingapi.springboot</groupId>
 		<artifactId>springboot-parent</artifactId>
-		<version>1.1.2</version>
+		<version>1.1.3</version>
 	</parent>
 	<artifactId>springboot-example</artifactId>
 
diff --git a/springboot-starter-data-permission/pom.xml b/springboot-starter-data-permission/pom.xml
@@ -6,7 +6,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>1.1.2</version>
+        <version>1.1.3</version>
     </parent>
 
 
diff --git a/springboot-starter-security-jwt/pom.xml b/springboot-starter-security-jwt/pom.xml
@@ -6,7 +6,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>1.1.2</version>
+        <version>1.1.3</version>
     </parent>
 
     <artifactId>springboot-starter-security-jwt</artifactId>
@@ -19,6 +19,7 @@
     </properties>
 
     <dependencies>
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-security</artifactId>
@@ -35,12 +36,6 @@
             <scope>test</scope>
         </dependency>
 
-        <dependency>
-            <groupId>commons-io</groupId>
-            <artifactId>commons-io</artifactId>
-        </dependency>
-
-
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-api</artifactId>
diff --git a/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/MyAuthenticationFilter.java b/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/MyAuthenticationFilter.java
@@ -43,7 +43,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
         Token token = jwt.parser(sign);
         if(token.canRestToken()){
-            Token newSign = jwt.create(token.getUsername(), token.getAuthorities());
+            Token newSign = jwt.create(token.getUsername(),token.getPassword(),token.getAuthorities());
             log.info("reset token ");
             response.setHeader(TOKEN_KEY,newSign.getToken());
         }
diff --git a/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/MyLoginFilter.java b/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/MyLoginFilter.java
@@ -61,8 +61,9 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
     protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
         log.debug("login success authentication ~");
         User user = (User) authResult.getPrincipal();
+        LoginRequest loginRequest =  LoginRequestContext.getInstance().get();
 
-        Token token =  jwt.create(user.getUsername(),user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
+        Token token =  jwt.create(user.getUsername(),loginRequest.getPassword(),user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
 
         LoginResponse login = new LoginResponse();
         login.setUsername(user.getUsername());
diff --git a/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/jwt/Jwt.java b/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/jwt/Jwt.java
@@ -8,6 +8,7 @@
 import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
 
+import java.io.IOException;
 import java.security.Key;
 import java.util.List;
 
@@ -23,10 +24,10 @@ public Jwt(String secretKey, int jwtTime, int jwtRestTime) {
         this.jwtRestTime = jwtRestTime;
     }
 
-    public Token create(String username,List<String> authorities){
-        Token token = new Token(username,authorities,jwtTime,jwtRestTime);
-        String id = Jwts.builder().setSubject(token.toJson()).signWith(key).compact();
-        token.setToken(id);
+    public Token create(String username,String password,List<String> authorities) throws IOException {
+        Token token = new Token(username,password,authorities,jwtTime,jwtRestTime);
+        String jwt = Jwts.builder().setSubject(token.toJson()).signWith(key).compact();
+        token.setToken(jwt);
         return token;
     }
 
diff --git a/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/jwt/Token.java b/springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/jwt/Token.java
@@ -1,13 +1,15 @@
 package com.codingapi.springboot.security.jwt;
 
-import com.codingapi.springboot.security.exception.TokenExpiredException;
+import com.codingapi.springboot.framework.crypto.AESUtils;
 import com.codingapi.springboot.framework.serializable.JsonSerializable;
+import com.codingapi.springboot.security.exception.TokenExpiredException;
 import lombok.Getter;
 import lombok.Setter;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import java.beans.Transient;
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -17,17 +19,19 @@
 public class Token implements JsonSerializable {
 
     private String username;
+    private String password;
+    private String token;
     private List<String> authorities;
     private long expireTime;
-
     private long remindTime;
-    private String token;
+
 
     public Token() {
     }
 
-    public Token(String username,List<String> authorities, int expireValue, int remindValue) {
+    public Token(String username,String password,List<String> authorities, int expireValue, int remindValue) throws IOException {
         this.username = username;
+        this.password = AESUtils.getInstance().encodeToBase64(password);
         this.authorities = authorities;
         this.expireTime = System.currentTimeMillis()+expireValue;
         this.remindTime = System.currentTimeMillis()+remindValue;
@@ -44,6 +48,7 @@ public boolean isExpire(){
         return expireTime <= System.currentTimeMillis();
     }
 
+
     public boolean canRestToken() {
         return !isExpire() && remindTime <= System.currentTimeMillis();
     }
@@ -55,7 +60,7 @@ public UsernamePasswordAuthenticationToken getAuthenticationToken(){
         for(String authority:authorities){
             simpleGrantedAuthorities.add(new SimpleGrantedAuthority(authority));
         }
-        return new UsernamePasswordAuthenticationToken(username,token,simpleGrantedAuthorities);
+        return new UsernamePasswordAuthenticationToken(this,password,simpleGrantedAuthorities);
     }
 
 
diff --git a/springboot-starter-security-jwt/src/test/java/com/codingapi/springboot/security/jwt/TokenTest.java b/springboot-starter-security-jwt/src/test/java/com/codingapi/springboot/security/jwt/TokenTest.java
@@ -0,0 +1,21 @@
+package com.codingapi.springboot.security.jwt;
+
+import com.codingapi.springboot.framework.crypto.AES;
+import lombok.SneakyThrows;
+import org.junit.jupiter.api.Test;
+
+class TokenTest {
+
+    @SneakyThrows
+    @Test
+    void aesTest() {
+        AES aes = new AES("1234567890123456","1234567890123456");
+        final String input = "hello world!";
+        String encode = aes.encodeToBase64(input);
+        System.out.println(encode);
+        String decode = aes.decodeToBase64(encode);
+        System.out.println(decode);
+    }
+
+
+}
diff --git a/springboot-starter/pom.xml b/springboot-starter/pom.xml
@@ -4,7 +4,7 @@
     <parent>
 		<groupId>com.codingapi.springboot</groupId>
 		<artifactId>springboot-parent</artifactId>
-		<version>1.1.2</version>
+		<version>1.1.3</version>
 	</parent>
 	<artifactId>springboot-starter</artifactId>
 
@@ -25,6 +25,16 @@
 			<artifactId>fastjson</artifactId>
 		</dependency>
 
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-crypto</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>commons-io</groupId>
+			<artifactId>commons-io</artifactId>
+		</dependency>
+
 	</dependencies>
 
 </project>
diff --git a/springboot-starter/src/main/java/com/codingapi/springboot/framework/AutoConfiguration.java b/springboot-starter/src/main/java/com/codingapi/springboot/framework/AutoConfiguration.java
@@ -1,6 +1,8 @@
 package com.codingapi.springboot.framework;
 
+import com.codingapi.springboot.framework.crypto.AES;
 import com.codingapi.springboot.framework.properties.BootProperties;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -15,4 +17,10 @@ public BootProperties bootProperties(){
         return new BootProperties();
     }
 
+    @Bean
+    @ConditionalOnMissingBean
+    public AES aes(BootProperties properties){
+        return new AES(properties.getAseKey(), properties.getAseIv());
+    }
+
 }
diff --git a/springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AES.java b/springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AES.java
@@ -0,0 +1,59 @@
+package com.codingapi.springboot.framework.crypto;
+
+import org.apache.commons.crypto.stream.CryptoInputStream;
+import org.apache.commons.crypto.stream.CryptoOutputStream;
+import org.apache.commons.io.IOUtils;
+import org.springframework.util.Base64Utils;
+
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.util.Properties;
+
+public class AES {
+
+    private final SecretKeySpec key;
+    private final IvParameterSpec iv;
+    private final Properties properties;
+    private final String transform;
+
+    public AES(String key, String iv) {
+        this.key = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
+        this.iv = new IvParameterSpec(iv.getBytes(StandardCharsets.UTF_8));
+        this.properties = new Properties();
+        this.transform = "AES/CBC/PKCS5Padding";
+
+        AESUtils.getInstance().init(this);
+    }
+
+
+    public String encodeToBase64(String input) throws IOException {
+        return Base64Utils.encodeToString(encode(input.getBytes(StandardCharsets.UTF_8)));
+    }
+
+    public String decodeToBase64(String input) throws IOException {
+        return new String(decode(Base64Utils.decodeFromString(input)), StandardCharsets.UTF_8);
+    }
+
+
+    public byte[] encode(byte[] input) throws IOException {
+        final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+        try (CryptoOutputStream cos = new CryptoOutputStream(transform, properties, outputStream, key, iv)) {
+            cos.write(input);
+            cos.flush();
+        }
+        return outputStream.toByteArray();
+    }
+
+    public byte[] decode(byte[] input) throws IOException {
+        final InputStream inputStream = new ByteArrayInputStream(input);
+        try (CryptoInputStream cis = new CryptoInputStream(transform, properties, inputStream, key, iv)) {
+            return IOUtils.toByteArray(cis);
+        }
+    }
+
+}
diff --git a/springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AESUtils.java b/springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AESUtils.java
@@ -0,0 +1,39 @@
+package com.codingapi.springboot.framework.crypto;
+
+import java.io.IOException;
+
+public class AESUtils {
+
+    private AESUtils(){
+
+    }
+
+    private final static AESUtils instance = new AESUtils();
+
+    public static AESUtils getInstance() {
+        return instance;
+    }
+
+
+    private AES aes;
+
+    void init(AES aes){
+        this.aes = aes;
+    }
+
+    public String encodeToBase64(String input) throws IOException {
+        return aes.encodeToBase64(input);
+    }
+
+    public String decodeToBase64(String input) throws IOException {
+        return aes.decodeToBase64(input);
+    }
+
+    public byte[] encode(byte[] input) throws IOException {
+        return aes.encode(input);
+    }
+
+    public byte[] decode(byte[] input) throws IOException {
+        return aes.decode(input);
+    }
+}
diff --git a/springboot-starter/src/main/java/com/codingapi/springboot/framework/properties/BootProperties.java b/springboot-starter/src/main/java/com/codingapi/springboot/framework/properties/BootProperties.java
@@ -1,11 +1,21 @@
 package com.codingapi.springboot.framework.properties;
 
 import com.codingapi.springboot.framework.dto.request.PageRequest;
+import lombok.Getter;
+import lombok.Setter;
 
 public class BootProperties {
 
     private int pageCurrentFixValue = 1;
 
+    @Setter
+    @Getter
+    private String aseKey = "ACDX$%^&*$#XCZas";
+
+    @Setter
+    @Getter
+    private String aseIv = "ACXFGH@EDS#XCZas";
+
 
     public int getPageCurrentFixValue() {
         return pageCurrentFixValue;

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse`
`43`	`43`
`44`	`44`	`Token token = jwt.parser(sign);`
`45`	`45`	`if(token.canRestToken()){`
`46`		`- Token newSign = jwt.create(token.getUsername(), token.getAuthorities());`
	`46`	`+ Token newSign = jwt.create(token.getUsername(),token.getPassword(),token.getAuthorities());`
`47`	`47`	`log.info("reset token ");`
`48`	`48`	`response.setHeader(TOKEN_KEY,newSign.getToken());`
`49`	`49`	`}`