forked from kidgrow-microservices-platform
kidgrow-commons/kidgrow-authclient-spring-boot-starter/src/main/java/com/kidgrow/authclient/util/AuthUtils.java
@@ -2,14 +2,13 @@ import com.kidgrow.common.constant.CommonConstant; import com.kidgrow.common.model.SysUser; import com.kidgrow.common.utils.AesUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException; import javax.servlet.http.HttpServletRequest; import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.Enumeration; /** @@ -82,9 +81,12 @@ * @param header header中的参数 */ public static String[] extractHeaderClient(String header) { byte[] base64Client = header.substring(BASIC_.length()).getBytes(StandardCharsets.UTF_8); byte[] decoded = Base64.getDecoder().decode(base64Client); String clientStr = new String(decoded, StandardCharsets.UTF_8); String clientStr = null; try{ clientStr = AesUtils.desEncrypt(header.substring(BASIC_.length())); }catch(Exception w){ log.error("Header解密失败", w); } String[] clientArr = clientStr.split(":"); if (clientArr.length != 2) { throw new RuntimeException("Invalid basic authentication token"); kidgrow-commons/kidgrow-common-spring-boot-starter/src/main/java/com/kidgrow/common/utils/AesUtils.java
@@ -23,6 +23,7 @@ /** * 加密方法 * * @param data 要加密的数据 * @param key 加密key * @param iv 加密iv @@ -55,6 +56,7 @@ /** * 解密方法 * * @param data 要解密的数据 * @param key 解密key * @param iv 解密iv @@ -69,7 +71,7 @@ IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec); byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original); String originalString = new String(original).trim(); return originalString; } catch (Exception e) { e.printStackTrace(); @@ -89,6 +91,7 @@ /** * 使用默认的key和iv解密 * * @param data * @return * @throws Exception kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/OAuth2Controller.java
@@ -6,6 +6,7 @@ import com.kidgrow.authclient.util.AuthUtils; import com.kidgrow.common.constant.SecurityConstants; import com.kidgrow.common.context.ClientContextHolder; import com.kidgrow.common.utils.AesUtils; import com.kidgrow.common.utils.ResponseUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -62,8 +63,12 @@ public void getUserTokenInfo( @ApiParam(required = true, name = "username", value = "账号") String username, @ApiParam(required = true, name = "password", value = "密码") String password, HttpServletRequest request, HttpServletResponse response) throws IOException { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password); HttpServletRequest request, HttpServletResponse response) throws Exception { //先解密 String decryptName = AesUtils.desEncrypt(username).trim(); String decryptPwd = AesUtils.desEncrypt(password).trim(); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(decryptName, decryptPwd); writerToken(request, response, token, "用户名或密码错误"); }
