优化代码
This commit is contained in:
朱毅骏
parent
e075536fb1
commit
b45d22e7a5
@ -15,11 +15,10 @@ public class AntiReplayProperties {
|
||||
/**
|
||||
* 是否启用防重放验证
|
||||
*/
|
||||
private Boolean enabled = true;
|
||||
private Boolean enabled = false;
|
||||
|
||||
private Boolean signEnabled = false;
|
||||
|
||||
|
||||
/**
|
||||
* 请求ID 防止重放
|
||||
*/
|
||||
@ -31,6 +30,11 @@ public class AntiReplayProperties {
|
||||
|
||||
private String sign = "sign";
|
||||
|
||||
private String key = "x-ca-key";
|
||||
|
||||
private String signMethod = "x-ca-signature-method";
|
||||
private String signHeaders = "X-Ca-Signature-Headers";
|
||||
|
||||
private Long expireTime = 120L;
|
||||
|
||||
}
|
||||
|
||||
@ -1,8 +1,7 @@
|
||||
zyjblogs:
|
||||
config:
|
||||
nacos:
|
||||
host: ${ZYJBLOGS_CONFIG_NACOS_HOST:127.0.0.1}
|
||||
port: ${ZYJBLOGS_CONFIG_NACOS_PORT:8848}
|
||||
host: ${ZYJBLOGS_CONFIG_NACOS_HOST:zyjblogs.cn}
|
||||
port: ${ZYJBLOGS_CONFIG_NACOS_PORT:9999}
|
||||
username: ${ZYJBLOGS_CONFIG_NACOS_USERNAME:nacos}
|
||||
password: ${ZYJBLOGS_CONFIG_NACOS_PASSWORD:nacos}
|
||||
|
||||
password: ${ZYJBLOGS_CONFIG_NACOS_PASSWORD:1317453947ju}
|
||||
@ -0,0 +1,30 @@
|
||||
package cn.zyjblogs.starter.common.entity.constant;
|
||||
|
||||
public class HttpConstant {
|
||||
|
||||
//请求Header Accept
|
||||
public static final String CLOUDAPI_HTTP_HEADER_ACCEPT = "accept";
|
||||
//请求Body内容MD5 Header
|
||||
public static final String CLOUDAPI_HTTP_HEADER_CONTENT_MD5 = "content-md5";
|
||||
//请求Body内容MD5 Header
|
||||
public static final String CLOUDAPI_HTTP_HEADER_CA_CONTENT_MD5 = "x-ca-content-md5";
|
||||
//请求Header Content-Type
|
||||
public static final String CLOUDAPI_HTTP_HEADER_CONTENT_TYPE = "content-type";
|
||||
//请求Header UserAgent
|
||||
public static final String CLOUDAPI_HTTP_HEADER_USER_AGENT = "user-agent";
|
||||
//请求Header Date
|
||||
public static final String CLOUDAPI_HTTP_HEADER_DATE = "date";
|
||||
//请求Header Host
|
||||
public static final String CLOUDAPI_HTTP_HEADER_HOST = "host";
|
||||
|
||||
//表单类型Content-Type
|
||||
public static final String CLOUDAPI_CONTENT_TYPE_FORM = "application/x-www-form-urlencoded; charset=utf-8";
|
||||
// 流类型Content-Type
|
||||
public static final String CLOUDAPI_CONTENT_TYPE_STREAM = "application/octet-stream; charset=utf-8";
|
||||
//JSON类型Content-Type
|
||||
public static final String CLOUDAPI_CONTENT_TYPE_JSON = "application/json; charset=utf-8";
|
||||
//XML类型Content-Type
|
||||
public static final String CLOUDAPI_CONTENT_TYPE_XML = "application/xml; charset=utf-8";
|
||||
//文本类型Content-Type
|
||||
public static final String CLOUDAPI_CONTENT_TYPE_TEXT = "application/text; charset=utf-8";
|
||||
}
|
||||
@ -1,7 +1,9 @@
|
||||
package cn.zyjblogs.starter.oauth.token;
|
||||
|
||||
import cn.zyjblogs.crypto.sm2.SM2KeyPair;
|
||||
import cn.zyjblogs.starter.common.autoconfigure.rsa.RsaKeyProperties;
|
||||
import cn.zyjblogs.starter.common.entity.constant.CommonRedisKeyConstant;
|
||||
import cn.zyjblogs.starter.common.utils.string.StringUtils;
|
||||
import cn.zyjblogs.starter.redis.utils.RedisTemplateHandler;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.log4j.Log4j2;
|
||||
@ -14,7 +16,6 @@ import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
@ -48,25 +49,35 @@ public class TokenConfig {
|
||||
return new JwtTokenStore(accessTokenConverter());
|
||||
}
|
||||
|
||||
@Bean("sm2KeyPair")
|
||||
public SM2KeyPair sm2KeyPair() {
|
||||
String publicKey = "";
|
||||
String privateKey = "";
|
||||
try {
|
||||
publicKey = redisTemplateHandler.get(CommonRedisKeyConstant.REDIS_KEY_PUBLIC_RSA);
|
||||
privateKey = redisTemplateHandler.get(CommonRedisKeyConstant.REDIS_KEY_PRIVATE_RSA);
|
||||
} catch (Exception e) {
|
||||
log.error("redis连接失败,无法获取数据");
|
||||
}
|
||||
if (StringUtils.isEmpty(publicKey) || StringUtils.isEmpty(privateKey)) {
|
||||
try {
|
||||
publicKey = IOUtils.toString(Paths.get(rsaKeyProperties.getPubKeyPath()).toUri(), StandardCharsets.UTF_8);
|
||||
privateKey = IOUtils.toString(Paths.get(rsaKeyProperties.getPriKeyPath()).toUri(), StandardCharsets.UTF_8);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(StringUtils.format("rsa秘钥读取失败,读取路径如下 公钥:{} 私钥:{}" + rsaKeyProperties.getPubKeyPath(), rsaKeyProperties.getPriKeyPath()));
|
||||
}
|
||||
return new SM2KeyPair(publicKey, privateKey);
|
||||
}
|
||||
return new SM2KeyPair(publicKey, privateKey);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAccessTokenConverter accessTokenConverter() {
|
||||
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||
if (rsaKeyProperties.getEnable()) {
|
||||
String publicKey="";
|
||||
try{
|
||||
publicKey = redisTemplateHandler.get(CommonRedisKeyConstant.REDIS_KEY_PUBLIC_RSA);
|
||||
}catch (Exception e){
|
||||
log.error("redis连接失败,无法获取数据");
|
||||
}
|
||||
if (!StringUtils.hasLength(publicKey)) {
|
||||
try {
|
||||
publicKey = IOUtils.toString(Paths.get(rsaKeyProperties.getPubKeyPath()).toUri(), StandardCharsets.UTF_8);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException("rsa秘钥读取失败,读取路径如下"+rsaKeyProperties.getPubKeyPath());
|
||||
}
|
||||
}
|
||||
SM2KeyPair rsaKey = sm2KeyPair();
|
||||
// 公钥验签
|
||||
converter.setVerifierKey(publicKey);
|
||||
converter.setVerifierKey(rsaKey.getPublicKey());
|
||||
}
|
||||
Assert.notNull(oauthAccessTokenConverter, "oauthAccessTokenConverter is required");
|
||||
converter.setAccessTokenConverter(oauthAccessTokenConverter);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user