# Conflicts: # dq-financial-hrms/src/main/java/com/daqing/financial/hrms/config/ResourceServerConfig.javamaster
commit
9b29a26f6e
20 changed files with 375 additions and 224 deletions
@ -0,0 +1,9 @@ |
||||
package com.daqing.financial.hrauth.dao; |
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper; |
||||
import com.daqing.framework.domain.hrms.LoginLog; |
||||
import org.apache.ibatis.annotations.Mapper; |
||||
|
||||
@Mapper |
||||
public interface LoginLogMapper extends BaseMapper<LoginLog> { |
||||
} |
@ -0,0 +1,9 @@ |
||||
package com.daqing.financial.hrauth.dao; |
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper; |
||||
import com.daqing.framework.domain.hrms.Token; |
||||
import org.apache.ibatis.annotations.Mapper; |
||||
|
||||
@Mapper |
||||
public interface TokenMapper extends BaseMapper<Token> { |
||||
} |
@ -0,0 +1,7 @@ |
||||
package com.daqing.financial.hrauth.service; |
||||
|
||||
import com.baomidou.mybatisplus.extension.service.IService; |
||||
import com.daqing.framework.domain.hrms.LoginLog; |
||||
|
||||
public interface LoginLogService extends IService<LoginLog> { |
||||
} |
@ -0,0 +1,7 @@ |
||||
package com.daqing.financial.hrauth.service; |
||||
|
||||
import com.baomidou.mybatisplus.extension.service.IService; |
||||
import com.daqing.framework.domain.hrms.Token; |
||||
|
||||
public interface TokenService extends IService<Token> { |
||||
} |
@ -0,0 +1,11 @@ |
||||
package com.daqing.financial.hrauth.service.impl; |
||||
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; |
||||
import com.daqing.financial.hrauth.dao.LoginLogMapper; |
||||
import com.daqing.financial.hrauth.service.LoginLogService; |
||||
import com.daqing.framework.domain.hrms.LoginLog; |
||||
import org.springframework.stereotype.Service; |
||||
|
||||
@Service |
||||
public class LoginLogServiceImpl extends ServiceImpl<LoginLogMapper, LoginLog> implements LoginLogService { |
||||
} |
@ -0,0 +1,11 @@ |
||||
package com.daqing.financial.hrauth.service.impl; |
||||
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; |
||||
import com.daqing.financial.hrauth.dao.TokenMapper; |
||||
import com.daqing.financial.hrauth.service.TokenService; |
||||
import com.daqing.framework.domain.hrms.Token; |
||||
import org.springframework.stereotype.Service; |
||||
|
||||
@Service |
||||
public class TokenServiceImpl extends ServiceImpl<TokenMapper, Token> implements TokenService { |
||||
} |
@ -1,71 +0,0 @@ |
||||
package com.daqing.financial.hrauth.util; |
||||
|
||||
|
||||
import com.daqing.framework.util.Md5Util; |
||||
|
||||
import java.util.Set; |
||||
|
||||
/** |
||||
* @author zcw |
||||
* @version 1.0 |
||||
* @date 2019/11/23 11:06 |
||||
* @description jwt工具类 |
||||
*/ |
||||
public class JwtUtil { |
||||
|
||||
//private final static Algorithm algorithm = SpringContextHolder.getBean("algorithm", Algorithm.class);
|
||||
|
||||
//private final static OdcProperties properties = SpringContextHolder.getBean("odcProperties", OdcProperties.class);
|
||||
|
||||
/** |
||||
* 创建token |
||||
* |
||||
* @param userId; |
||||
* @param timeout; 单位是秒 |
||||
*/ |
||||
public static String createJwtToken(Long userId, long timeout) { |
||||
String token = Md5Util.md5("dq"+userId+timeout+System.currentTimeMillis()); |
||||
RedisUtil.setEx("dq:token:"+token, String.valueOf(userId), timeout); |
||||
return token; |
||||
/*return JWT.create() |
||||
.withClaim("member", userId) |
||||
.withExpiresAt(new Date(System.currentTimeMillis() + timeout * 1000)) |
||||
.sign(algorithm);*/ |
||||
} |
||||
|
||||
/** |
||||
* token正确且有效,则返回userId |
||||
*/ |
||||
/* public static Long verifyToken(String token) { |
||||
try { |
||||
String noBearerToken = token.replaceFirst("Bearer ", ""); |
||||
Long userId = JWT.require(algorithm) |
||||
.build() |
||||
.verify(noBearerToken) |
||||
.getClaim("member") |
||||
.asLong(); |
||||
if (RedisUtil.get(getRedisKey(userId, noBearerToken)) != null) { |
||||
return userId; |
||||
} |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
return null; |
||||
} |
||||
return null; |
||||
}*/ |
||||
|
||||
public static String getRedisKey(Long userId, String token) { |
||||
return String.format("dq:token:"+token, token, String.valueOf(userId)); |
||||
} |
||||
|
||||
public static void putTokenToRedis(Long userId, String token, long times) { |
||||
RedisUtil.setEx(getRedisKey(userId, token), "nothing", times); |
||||
} |
||||
|
||||
public static void removeTokenByUserId(Long userId) { |
||||
Set<String> tokenSet = RedisUtil.keys(getRedisKey(userId, "*")); |
||||
for (String key : tokenSet) { |
||||
RedisUtil.del(key); |
||||
} |
||||
} |
||||
} |
@ -1,55 +1,47 @@ |
||||
/* |
||||
package com.daqing.financial.hrms.config; |
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired; |
||||
import org.springframework.beans.factory.annotation.Value; |
||||
import org.springframework.context.annotation.Bean; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.data.redis.connection.RedisConnectionFactory; |
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; |
||||
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; |
||||
import org.springframework.security.oauth2.provider.token.RemoteTokenServices; |
||||
import org.springframework.security.oauth2.provider.token.TokenStore; |
||||
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; |
||||
|
||||
@Configuration |
||||
@EnableResourceServer |
||||
@EnableGlobalMethodSecurity(prePostEnabled = true) |
||||
public class ResourceServerConfig extends ResourceServerConfigurerAdapter { |
||||
|
||||
@Value("${security.oauth2.client.client-id}") |
||||
private String clientId; |
||||
|
||||
@Value("${security.oauth2.client.client-secret}") |
||||
private String secret; |
||||
|
||||
@Value("${security.oauth2.authorization.check-token-access}") |
||||
private String checkTokenEndpointUrl; |
||||
|
||||
@Autowired |
||||
private RedisConnectionFactory redisConnectionFactory; |
||||
|
||||
|
||||
@Bean |
||||
public TokenStore redisTokenStore (){ |
||||
return new RedisTokenStore(redisConnectionFactory); |
||||
} |
||||
|
||||
|
||||
@Bean |
||||
public RemoteTokenServices tokenService() { |
||||
RemoteTokenServices tokenService = new RemoteTokenServices(); |
||||
tokenService.setClientId(clientId); |
||||
tokenService.setClientSecret(secret); |
||||
tokenService.setCheckTokenEndpointUrl(checkTokenEndpointUrl); |
||||
return tokenService; |
||||
} |
||||
|
||||
@Override |
||||
public void configure(ResourceServerSecurityConfigurer resources) throws Exception { |
||||
resources.tokenServices(tokenService()); |
||||
} |
||||
} |
||||
*/ |
||||
//package com.daqing.financial.hrms.config;
|
||||
//
|
||||
//import org.springframework.beans.factory.annotation.Value;
|
||||
//import org.springframework.context.annotation.Bean;
|
||||
//import org.springframework.context.annotation.Configuration;
|
||||
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||
//import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
||||
//import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
||||
//import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
|
||||
//
|
||||
//@Configuration
|
||||
//@EnableResourceServer
|
||||
//@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
//public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
||||
//
|
||||
// @Value("${security.oauth2.client.client-id}")
|
||||
// private String clientId;
|
||||
//
|
||||
// @Value("${security.oauth2.client.client-secret}")
|
||||
// private String secret;
|
||||
//
|
||||
// @Value("${security.oauth2.authorization.check-token-access}")
|
||||
// private String checkTokenEndpointUrl;
|
||||
//
|
||||
// /* @Autowired
|
||||
// private RedisConnectionFactory redisConnectionFactory;*/
|
||||
//
|
||||
///* @Bean
|
||||
// public TokenStore redisTokenStore (){
|
||||
// return new RedisTokenStore(redisConnectionFactory);
|
||||
// }*/
|
||||
//
|
||||
// @Bean
|
||||
// public RemoteTokenServices tokenService() {
|
||||
// RemoteTokenServices tokenService = new RemoteTokenServices();
|
||||
// tokenService.setClientId(clientId);
|
||||
// tokenService.setClientSecret(secret);
|
||||
// tokenService.setCheckTokenEndpointUrl(checkTokenEndpointUrl);
|
||||
// return tokenService;
|
||||
// }
|
||||
//
|
||||
// @Override
|
||||
// public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
|
||||
// resources.tokenServices(tokenService());
|
||||
// }
|
||||
//}
|
@ -1,4 +1,4 @@ |
||||
package com.daqing.financial.hrauth; |
||||
package com.daqing.framework; |
||||
|
||||
import org.springframework.beans.factory.DisposableBean; |
||||
import org.springframework.context.ApplicationContext; |
@ -0,0 +1,97 @@ |
||||
package com.daqing.framework.util; |
||||
|
||||
|
||||
import io.jsonwebtoken.Claims; |
||||
import io.jsonwebtoken.ExpiredJwtException; |
||||
import io.jsonwebtoken.JwtBuilder; |
||||
import io.jsonwebtoken.Jwts; |
||||
import io.jsonwebtoken.SignatureAlgorithm; |
||||
import org.bouncycastle.util.encoders.Base64; |
||||
|
||||
import javax.crypto.SecretKey; |
||||
import javax.crypto.spec.SecretKeySpec; |
||||
import java.security.SignatureException; |
||||
import java.util.Date; |
||||
|
||||
public class JwtUtils { |
||||
/** |
||||
* 签发JWT |
||||
* |
||||
* @param id |
||||
* @param subject 可以是JSON数据 尽可能少 |
||||
* @param ttlMillis |
||||
* @return String |
||||
* |
||||
*/ |
||||
public static String createJWT(Long id, String subject, long ttlMillis) { |
||||
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; |
||||
long nowMillis = System.currentTimeMillis(); |
||||
Date now = new Date(nowMillis); |
||||
SecretKey secretKey = generalKey(); |
||||
JwtBuilder builder = Jwts.builder().setId(String.valueOf(id)).setSubject(subject) // 主题
|
||||
.setIssuer("user") // 签发者
|
||||
.setIssuedAt(now) // 签发时间
|
||||
.signWith(signatureAlgorithm, secretKey); // 签名算法以及密匙
|
||||
if (ttlMillis >= 0) { |
||||
long expMillis = nowMillis + ttlMillis; |
||||
Date expDate = new Date(expMillis); |
||||
builder.setExpiration(expDate); // 过期时间
|
||||
} |
||||
return builder.compact(); |
||||
} |
||||
|
||||
public static void main(String[] args) { |
||||
//System.out.printf(createJWT("1","111", 10000000));
|
||||
boolean isTrue = validateJWT("eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIxIiwic3ViIjoiMTExIiwiaXNzIjoidXNlciIsImlhdCI6MTYwMTM0MzYyNywiZXhwIjoxNjAxMzUzNjI3fQ.q5Ssg2LM1OzzgvVWqLhgP_Hko0-pfeNO5bvpUE5KQ-s"); |
||||
System.out.println(isTrue); |
||||
} |
||||
|
||||
/** |
||||
* 验证JWT |
||||
* |
||||
* @param jwtStr |
||||
* @return |
||||
*/ |
||||
public static Boolean validateJWT(String jwtStr) { |
||||
//boolean isValidate = false;
|
||||
Claims claims = null; |
||||
try { |
||||
claims = parseJWT(jwtStr); |
||||
return true; |
||||
} catch (ExpiredJwtException e) { |
||||
return false; |
||||
} catch (SignatureException e) { |
||||
return false; |
||||
} catch (Exception e) { |
||||
return false; |
||||
} |
||||
//return checkResult;
|
||||
} |
||||
|
||||
public static SecretKey generalKey() { |
||||
byte[] encodedKey = Base64.decode("JWTDQ123456"); |
||||
SecretKey key = new SecretKeySpec(encodedKey, 0, encodedKey.length, "AES"); |
||||
return key; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* 解析JWT字符串 |
||||
* |
||||
* @param jwt |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static Claims parseJWT(String jwt) throws Exception { |
||||
SecretKey secretKey = generalKey(); |
||||
return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(jwt).getBody(); |
||||
} |
||||
|
||||
public static void putTokenToRedis(Long userId, String token, long times) { |
||||
RedisUtil.setEx("dq:token:"+token, String.valueOf(userId), times); |
||||
} |
||||
|
||||
public static void removeTokenByToken(String token) { |
||||
RedisUtil.del("dq:token:"+token); |
||||
} |
||||
} |
@ -0,0 +1,28 @@ |
||||
package com.daqing.framework.domain.hrms; |
||||
|
||||
import com.baomidou.mybatisplus.annotation.IdType; |
||||
import com.baomidou.mybatisplus.annotation.TableId; |
||||
import com.baomidou.mybatisplus.annotation.TableName; |
||||
import lombok.Data; |
||||
|
||||
import java.util.Date; |
||||
|
||||
@Data |
||||
@TableName("hrms_login_log") |
||||
public class LoginLog { |
||||
|
||||
@TableId(type = IdType.AUTO) |
||||
private int id; |
||||
|
||||
//用户id
|
||||
private Long userId; |
||||
|
||||
//登录次数
|
||||
private int loginNum; |
||||
|
||||
//创建时间
|
||||
private Date createTime; |
||||
|
||||
//最新登录时间
|
||||
private Date newestTime; |
||||
} |
@ -0,0 +1,18 @@ |
||||
package com.daqing.framework.domain.hrms; |
||||
|
||||
import com.baomidou.mybatisplus.annotation.IdType; |
||||
import com.baomidou.mybatisplus.annotation.TableId; |
||||
import com.baomidou.mybatisplus.annotation.TableName; |
||||
import lombok.Data; |
||||
|
||||
import java.util.Date; |
||||
|
||||
@Data |
||||
@TableName("hrms_token") |
||||
public class Token { |
||||
|
||||
@TableId(type = IdType.INPUT) |
||||
private Long userId; |
||||
private String token; |
||||
private Date createTime; |
||||
} |
Loading…
Reference in new issue