BNSTechnologyDevelopment
/
kkfileView
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

增加token进行身份认证

This commit is contained in:
weiweiw 2024-05-17 18:27:38 +08:00
parent 9417ebd64b
commit 33ec131668
3 changed files with 195 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/src/main/config/application.properties
View File

@ -162,9 +162,9 @@ beian = ${KK_BEIAN:default}
#禁止上传类型
prohibit = ${KK_PROHIBIT:exe,dll,dat}
#启用验证码删除文件 默认关闭
delete.captcha= ${KK_DELETE_CAPTCHA:true}
delete.captcha= ${KK_DELETE_CAPTCHA:false}
#删除密码
#delete.password = ${KK_DELETE_PASSWORD:123456}
delete.password = ${KK_DELETE_PASSWORD:123456}
#删除 转换后OFFICE、CAD、TIFF、压缩包源文件 默认开启 节约磁盘空间
delete.source.file = ${KK_DELETE_SOURCE_FILE:true}
#首页初始化加载第一页
@ -188,11 +188,20 @@ cad.timeout =${KK_CAD_TIMEOUT:90}
#Cad转换线程设置
cad.thread =${KK_CAD_THREAD:5}
#??????token,weiweiw,2024.5.17
#if enable token verification?weiweiw,2024.5.17
token.enable=${KK_TOKEN_ENABLE:true}
#????
#Unit, unit is minute
token.expire.time=${KK_TOKEN_EXPIRE_TIME:10}
#????
aes.key.algorithm=${KK_AESKEY_ALGORITHM:AES}
#???????????
aes.cipher.algorithm=${KK_AESKEY_CIPHER_ALGORITHM:AES/CBC/PKCS7Padding}
#?????
aes.encryption.provider = ${KK_AESKEY_ENCRYPTION_PROVIDER:BC}
#??
aes.key=${KK_AESKEY_KEY:zhgd@bonus@zhgd@bonus@1234567890}
#???
aes.iv=${KK_AESKEY_IV:1234567812345678}

61
server/src/main/java/cn/keking/config/ConfigConstants.java
View File

@ -67,8 +67,14 @@ public class ConfigConstants {
private static String homePagination;
private static String homePageSize;
private static String homeSearch;
//added by weiweiw 2024.5.17
private static Boolean tokenEnable;
private static int tokenExpireTime;
private static String aesKeyAlgorithm;
private static String aesCipheAlgorithm;
private static String aesEncrptionProvider;
private static String aesKey;
private static String aesIv;
public static final String DEFAULT_CACHE_ENABLED = "true";
public static final String DEFAULT_TXT_TYPE = "txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd,xbrl";
@ -104,7 +110,7 @@ public class ConfigConstants {
public static final String DEFAULT_OFFICE_MAXIMAQERESOLUTION = "150";
public static final String DEFAULT_OFFICE_EXPORTBOOKMARKS = "true";
public static final String DEFAULT_OFFICE_EXPORTNOTES = "true";
public static final String DEFAULT_OFFICE_EOCUMENTOPENPASSWORDS = "true";
public static final String DEFAULT_OFFICE_EOCUMENTOPENPASSWORDS = null;
public static final String DEFAULT_HOME_PAGENUMBER = "1";
public static final String DEFAULT_HOME_PAGINATION = "true";
public static final String DEFAULT_HOME_PAGSIZE = "15";
@ -771,4 +777,57 @@ public class ConfigConstants {
public static void setTokenExpireTimeValue(int tokenExpireTime){ConfigConstants.tokenExpireTime = tokenExpireTime;}
public static String getAesKey() {
return aesKey;
}
@Value("${aes.key:}")
public void setAesKey(String aesKeyValue) {
setAesKeyValue(aesKeyValue);
}
public static void setAesKeyValue(String aesKeyValue){ConfigConstants.aesKey = aesKeyValue;}
public static String getAesIv() {
return aesIv;
}
@Value("${aes.iv:}")
public void setAesIv(String aesIvValue) {
setAesIvValue(aesIvValue);
}
public static void setAesIvValue(String aesIvValue){ConfigConstants.aesIv = aesIvValue;}
public static String getKeyAlgorithm(){return aesKeyAlgorithm;}
@Value("${aes.key.algorithm:}")
public void setKeyAlgorithm(String keyAlgorithm) {
setKeyAlgorithmValue(keyAlgorithm);
}
public static void setKeyAlgorithmValue(String keyAlgorithm){ConfigConstants.aesKeyAlgorithm = keyAlgorithm;}
public static String getCipherAlgorithm(){return aesCipheAlgorithm;}
@Value("${aes.cipher.algorithm:}")
public void setCipherAlgorithm(String cipheAlgorithm) {
setCipherAlgorithmValue(cipheAlgorithm);
}
public static void setCipherAlgorithmValue(String cipheAlgorithm){ConfigConstants.aesCipheAlgorithm = cipheAlgorithm;}
public static String getEncryptionProvider(){
return aesEncrptionProvider;}
@Value("${aes.encryption.provider:}")
public void setEncryptionProvider(String encryptionProvider) {
setEncryptionProviderValue(encryptionProvider);
}
public static void setEncryptionProviderValue(String encryptionProvider){
ConfigConstants.aesEncrptionProvider = encryptionProvider;}
}

121
server/src/main/java/cn/keking/utils/AesCbcUtils.java Normal file
View File

@ -0,0 +1,121 @@
package cn.keking.utils;
import cn.keking.config.ConfigConstants;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.Security;
/**
*
* AES加密工具类
* @author HeiZi
*/
public class AesCbcUtils {
private static final Logger logger = LoggerFactory.getLogger(AesCbcUtils.class);
//使用AES-256-CBC加密模式key需要为16位,key和iv可以相同
// /**
// * 密钥算法
// */
// private static final String KEY_ALGORITHM = "AES";
//
// /**
// * 加密/解密算法 / 工作模式 / 填充方式
// * Java 6支持PKCS5Padding填充方式
// * Bouncy Castle支持PKCS7Padding填充方式
// */
// private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS7Padding";
/**
* 编码格式导出
*/
public static final String ENCODING = "utf-8";
static {
//如果是PKCS7Padding填充方式则必须加上下面这行
Security.addProvider(new BouncyCastleProvider());
}
/**
* AES加密
*CBC模式
* @param source 源字符串
* @param
* @throws Exception
* @return 加密后的密文
*/
public static String encrypt(String source ) {
try{
String key_algorithm = ConfigConstants.getKeyAlgorithm();
String cipher_algorithm = ConfigConstants.getCipherAlgorithm();
String encryptionProvider = ConfigConstants.getEncryptionProvider();
String key= ConfigConstants.getAesKey();
byte[] sourceBytes = source.getBytes(ENCODING);
byte[] keyBytes = key.getBytes(ENCODING);
Cipher cipher = Cipher.getInstance(cipher_algorithm, encryptionProvider);
IvParameterSpec iv = new IvParameterSpec(ConfigConstants.getAesIv().getBytes(ENCODING));
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, key_algorithm), iv);
byte[] decrypted = cipher.doFinal(sourceBytes);
return Base64.encodeBase64String(decrypted);
}catch (Exception e){
logger.error(e.toString(),e);
System.out.println(e.toString());
}
return null;
}
// public static void main(String[] args) {
// // String json="";
// long timestamp = System.currentTimeMillis();
// // 2. 时间戳转字符串
// String timestampStr = Long.toString(timestamp);
// //String json="{\"username\":\"guest\",\"password\":\"admin@123\"}";
// String data=encrypt(timestampStr);
// System.err.println(data);
//
// String originalStr = decrypt(data);
// System.err.println(originalStr);
//
// }
/**
* AES解密
*CBC模式
* @param data 加密后的密文
* @param
* @throws Exception
* @return 源字符串
*/
public static String decrypt(String data) {
try{
String key_algorithm = ConfigConstants.getKeyAlgorithm();
String cipher_algorithm = ConfigConstants.getCipherAlgorithm();
String encryptionProvider = ConfigConstants.getEncryptionProvider();
String encryptStr="";
if(!data.isEmpty()){
//if(StringHelper.isNotEmpty(data)){
encryptStr=data.replace(" ","+");
}
String key=ConfigConstants.getAesKey();
byte[] sourceBytes = Base64.decodeBase64(encryptStr);
byte[] keyBytes = key.getBytes(ENCODING);
Cipher cipher = Cipher.getInstance(cipher_algorithm, encryptionProvider);
IvParameterSpec iv = new IvParameterSpec(ConfigConstants.getAesIv().getBytes(ENCODING));
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, key_algorithm), iv);
byte[] decoded = cipher.doFinal(sourceBytes);
return new String(decoded, ENCODING);
}catch (Exception e){
logger.info("------------------->请求加密参数不正确");
logger.error(e.toString(),e);
}
return null;
}
}