From fe9c6a6dcedb29c9db4fcea324b912bc65be97eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9C=B1=E6=AF=85=E9=AA=8F?= Date: Fri, 7 Apr 2023 15:47:35 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81=E5=A4=84?= =?UTF-8?q?=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/private.txt | 27 +++++++++++ server/public.txt | 9 ++++ server/zyjblogs-gateway/pom.xml | 10 ---- .../java/cn/zyjblogs/filter/AuthFilter.java | 10 +--- .../user/handler/OauthRquestHander.java | 47 +++++++++++-------- .../user/service/impl/AuthServiceImpl.java | 17 ++----- .../sms/provider/AbstractSmsGranter.java | 7 +-- 7 files changed, 68 insertions(+), 59 deletions(-) create mode 100644 server/private.txt create mode 100644 server/public.txt diff --git a/server/private.txt b/server/private.txt new file mode 100644 index 0000000..86e2f1c --- /dev/null +++ b/server/private.txt @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA4jXKxEFsDsjng2nHppqCGTR1NQLfHJlGzc5hWalP/YgbJWIq +dGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYpMoKZOA5b7gmh/k0SUfsCErKwzE93 +DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5ittZJ/UXM18TAqW7S1q0qCuv25Fb9N +AEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo98PW2/wOQhppGWkxdzgJdJUwPhZ+F +o9DZ18044hapYPNuZ31ordIGptYL6pB/0VKhkbDLk4oOnkhhWW0DmsTSFyhOiaQq +tuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJTwIDAQABAoIBAEzioadw4QxpZp74 +3h4XV+6/MLMy5ahvxGwBIH98F68BitB6/BkR2amvB6eHE70bLXhNJUrTx4aCDPjn +nCQUwx3i27b80mwmpAOuKHLq0LqQN51JyRnbmPVk4yuDLmpXIqOpoock1QBSTK1Z +1gQ8CZa0U0fY09XFXDBNTI4KxkJNhPxAOGWhQoeXQ6qgAnhiOwEGhely2XRVCvUo +tVhN04uMl+W5Vw3+X/2D41eA5eeDYi/kgi7n2cuZK/l8bV/arwpEm7ryxqwAV1RI +M4cPwBTNoVf/h1tAGgmBCPGZ9RkSlNF+Rob7SaCvyKwqnwHH16041a2sEY8NZMsh +e0REpgECgYEA8KqDEjkmlhpMPe6H5ykZgDTxFcqD9pHI+XmFROF39gNFE/auwqiK +oVTMfvAlU58PKTc8P20gIdVdwN1CFcO21dXYD+I1kg/Tt6oYmnqzb4YUi/BFao01 +hAvPDr/K99VANluynnvPX+kzz+HD+Bi+XgHi3BCOMtsQAfKl5lBCJwECgYEA8J99 +gC8XBx+406OShRUm/zDpWHQmWtLHbO+2aih4ht6k+mV9B/txacoSdi/E6MnVrPRV +nry3xGqd/wcRHDx6nKBcT4x/t28bNP76EH2OUpMom3f/4y/qMzFVKBIwJcaSEqOd +xAZo6qVeEHa+abDQGlObAYyYUiLRLzhbZ50AAE8CgYEAiczIMeYBXw79urRaopRY +4pztsdF8T/FXhuj60t7axkVHB1BG7nR8tDWOxdwRM1ku4CWdXJ/KNzUpcmX+EeI3 +TScdiLK4g8KGMnK1lbZOCbxXBW11AbaK/umYDFTrDY7QLo/ArZgsvDkWDqCxidv5 +HHCuCd183keqWcMrFL29swECgYEAhvpAsVY5CbL+wCHCwEqkTISIcSj+lvYkDnTN +k/FN4wIj855Yq9CdxyUmhAu53ofSCCormVbtkw3nwTaan4dBlHjUL3916VU3Itxh +NDzqSGHqZoPDFBM9wifLSCYjwh0ItdH4Xwzlb7MB+CRUHf+kTRBXJGBU1cZYJ6/q +fk3wwTsCgYEA5rs2T67JO1R9vfmIQilB8SUn0bGlVo3Mrx3b3MqX4bDjjnsCyi8L +VMOwzwA2aOJ4FJ50sDZVr1Yv4sygrQ0k8Qo4tKY4Z0qWDbiTxp/dFnH3WGjlR3uD +HEhVf0kJ1LI9diDu5l6dyUL7Vzaj5R9icvVa+M3lNNiRjgZi9VVgeRw= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/server/public.txt b/server/public.txt new file mode 100644 index 0000000..2ed6092 --- /dev/null +++ b/server/public.txt @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jXKxEFsDsjng2nHppqC +GTR1NQLfHJlGzc5hWalP/YgbJWIqdGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYp +MoKZOA5b7gmh/k0SUfsCErKwzE93DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5it +tZJ/UXM18TAqW7S1q0qCuv25Fb9NAEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo9 +8PW2/wOQhppGWkxdzgJdJUwPhZ+Fo9DZ18044hapYPNuZ31ordIGptYL6pB/0VKh +kbDLk4oOnkhhWW0DmsTSFyhOiaQqtuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJ +TwIDAQAB +-----END PUBLIC KEY----- \ No newline at end of file diff --git a/server/zyjblogs-gateway/pom.xml b/server/zyjblogs-gateway/pom.xml index 32705f5..a21d52a 100644 --- a/server/zyjblogs-gateway/pom.xml +++ b/server/zyjblogs-gateway/pom.xml @@ -48,11 +48,6 @@ - - - - - cn.zyjblogs.starter zyjblogs-redis-spring-boot-starter @@ -62,10 +57,6 @@ org.springframework.cloud spring-cloud-starter-loadbalancer - - - - org.springframework.cloud spring-cloud-starter-openfeign @@ -102,7 +93,6 @@ maven-jar-plugin ${maven-jar-plugin.version} - diff --git a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java index 66b4565..7f389a0 100644 --- a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java +++ b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java @@ -86,14 +86,6 @@ public class AuthFilter implements GlobalFilter { if ("/user/login".equals(path)) { return chain.filter(exchange); } -// if (!TokenUtil.checkToken(token)) { -// return getErrorMono(response, ResponseStatus.UNAUTHORIZED, "invalid_token"); -// } - /*boolean hasPermission = hasPermission(routeId, methodType, path); - if (!hasPermission) { - log.warn("无权限访问,path:{}", path); - return getErrorMono(response, ResponseCode.FORBIDDEN, "no_access"); - }*/ return chain.filter(build); } @@ -109,7 +101,7 @@ public class AuthFilter implements GlobalFilter { String jwt = token.substring(HttpHeaderConstant.BEARER_TYPE.length()).trim(); try { JwtParsers jwtParsers = new JwtParsers(true); - if (rsaKeyProperties.getEnable()) { + if (Boolean.TRUE.equals(rsaKeyProperties.getEnable())) { String publicKeyStr = null; Object o = redisTemplateHandler.get(CommonRedisKeyConstant.REDIS_KEY_PUBLIC_RSA); if (Objects.isNull(o)) { diff --git a/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/handler/OauthRquestHander.java b/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/handler/OauthRquestHander.java index 66b6212..cac8cab 100644 --- a/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/handler/OauthRquestHander.java +++ b/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/handler/OauthRquestHander.java @@ -1,5 +1,6 @@ package cn.zyjblogs.server.user.handler; +import org.jetbrains.annotations.NotNull; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.exceptions.InvalidRequestException; import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; @@ -19,6 +20,10 @@ import java.util.*; * @author zhuyijun */ public class OauthRquestHander { + + private OauthRquestHander() { + + } /** * 处理 * @@ -27,6 +32,11 @@ public class OauthRquestHander { * @return */ public static AuthorizationRequest createAuthorizationRequest(Map authorizationParameters, ClientDetails clientDetails) { + return getAuthorizationRequest(authorizationParameters, clientDetails); + } + + @NotNull + public static AuthorizationRequest getAuthorizationRequest(Map authorizationParameters, ClientDetails clientDetails) { String clientId = authorizationParameters.get(OAuth2Utils.CLIENT_ID); String state = authorizationParameters.get(OAuth2Utils.STATE); String redirectUri = authorizationParameters.get(OAuth2Utils.REDIRECT_URI); @@ -45,8 +55,8 @@ public class OauthRquestHander { public static String appendAccessToken(AuthorizationRequest authorizationRequest, OAuth2AccessToken accessToken) { - Map vars = new LinkedHashMap(); - Map keys = new HashMap(); + Map vars = new LinkedHashMap<>(); + Map keys = new HashMap<>(); if (accessToken == null) { throw new InvalidRequestException("An implicit grant could not be made"); @@ -143,7 +153,7 @@ public class OauthRquestHander { if (authorizationCode == null) { throw new IllegalStateException("No authorization code found in the current request scope."); } else { - Map query = new LinkedHashMap(); + Map query = new LinkedHashMap<>(); query.put("code", authorizationCode); String state = authorizationRequest.getState(); if (state != null) { @@ -156,21 +166,14 @@ public class OauthRquestHander { public static String getUnsuccessfulRedirect(AuthorizationRequest authorizationRequest, OAuth2Exception failure, boolean fragment) { if (authorizationRequest != null && authorizationRequest.getRedirectUri() != null) { - Map query = new LinkedHashMap(); + Map query = new LinkedHashMap<>(); query.put("error", failure.getOAuth2ErrorCode()); query.put("error_description", failure.getMessage()); if (authorizationRequest.getState() != null) { query.put("state", authorizationRequest.getState()); } - if (failure.getAdditionalInformation() != null) { - Iterator var5 = failure.getAdditionalInformation().entrySet().iterator(); - - while (var5.hasNext()) { - Map.Entry additionalInfo = (Map.Entry) var5.next(); - query.put(additionalInfo.getKey(), additionalInfo.getValue()); - } - } + getFailFedirect(failure, query); return append(authorizationRequest.getRedirectUri(), query, fragment); } else { @@ -180,19 +183,23 @@ public class OauthRquestHander { public static String getUnsuccessfulRedirect(String redirectUri, OAuth2Exception failure, boolean fragment) { if (StringUtils.hasLength(redirectUri)) { - Map query = new LinkedHashMap(); + Map query = new LinkedHashMap<>(); query.put("error", failure.getOAuth2ErrorCode()); query.put("error_description", failure.getMessage()); - if (failure.getAdditionalInformation() != null) { - Iterator var5 = failure.getAdditionalInformation().entrySet().iterator(); - while (var5.hasNext()) { - Map.Entry additionalInfo = (Map.Entry) var5.next(); - query.put(additionalInfo.getKey(), additionalInfo.getValue()); - } - } + getFailFedirect(failure, query); return append(redirectUri, query, fragment); } else { throw new UnapprovedClientAuthenticationException("Authorization failure, and no redirect URI.", failure); } } + + public static void getFailFedirect(OAuth2Exception failure, Map query) { + if (failure.getAdditionalInformation() != null) { + Iterator> var5 = failure.getAdditionalInformation().entrySet().iterator(); + while (var5.hasNext()) { + Map.Entry additionalInfo = var5.next(); + query.put(additionalInfo.getKey(), additionalInfo.getValue()); + } + } + } } diff --git a/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/service/impl/AuthServiceImpl.java b/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/service/impl/AuthServiceImpl.java index 64dae74..1827d5e 100644 --- a/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/service/impl/AuthServiceImpl.java +++ b/server/zyjblogs-oauth/src/main/java/cn/zyjblogs/server/user/service/impl/AuthServiceImpl.java @@ -32,6 +32,8 @@ import org.springframework.util.StringUtils; import java.util.*; +import static cn.zyjblogs.server.user.handler.OauthRquestHander.getAuthorizationRequest; + /** * @author zhuyijun */ @@ -180,20 +182,7 @@ public class AuthServiceImpl implements AuthService { * @return */ public AuthorizationRequest createAuthorizationRequest(Map authorizationParameters, ClientDetails clientDetails) { - String clientId = authorizationParameters.get(OAuth2Utils.CLIENT_ID); - String state = authorizationParameters.get(OAuth2Utils.STATE); - String redirectUri = authorizationParameters.get(OAuth2Utils.REDIRECT_URI); - Set responseTypes = OAuth2Utils.parseParameterList(authorizationParameters - .get(OAuth2Utils.RESPONSE_TYPE)); - Set scopes = OAuth2Utils.parseParameterList(authorizationParameters.get(OAuth2Utils.SCOPE)); - if (CollectionUtils.isEmpty(scopes)) { - scopes = clientDetails.getScope(); - } - AuthorizationRequest request = new AuthorizationRequest(authorizationParameters, - Collections.emptyMap(), clientId, scopes, null, null, false, state, redirectUri, - responseTypes); - request.setResourceIdsAndAuthoritiesFromClientDetails(clientDetails); - return request; + return getAuthorizationRequest(authorizationParameters, clientDetails); } diff --git a/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/provider/AbstractSmsGranter.java b/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/provider/AbstractSmsGranter.java index 55eedf8..f956017 100644 --- a/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/provider/AbstractSmsGranter.java +++ b/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/provider/AbstractSmsGranter.java @@ -2,15 +2,10 @@ package cn.zyjblogs.sms.provider; import cn.zyjblogs.sms.common.SmsRequest; -import cn.zyjblogs.sms.common.SmsResponse; import cn.zyjblogs.sms.task.constant.ProviderType; import cn.zyjblogs.sms.task.constant.TaskStatus; import cn.zyjblogs.sms.task.dto.TaskResultDTO; import cn.zyjblogs.starter.common.utils.collections.CollectionUtils; - -import java.util.LinkedList; -import java.util.List; - /** * * @author zhuyijun @@ -18,7 +13,7 @@ import java.util.List; public abstract class AbstractSmsGranter implements SmsGranter { private final ProviderType PROVIDER_TYPE; - public AbstractSmsGranter(ProviderType providerType) { + protected AbstractSmsGranter(ProviderType providerType) { this.PROVIDER_TYPE = providerType; }