XA/xa-master-prod
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
zc
2025-06-05 09:51:30 +08:00
commit b3657fb024
680 changed files with 83364 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
dcsoft-auth/pom.xml Normal file
View File

@@ -0,0 +1,100 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>com.dcsoft</groupId>
<artifactId>dcsoft</artifactId>
<version>3.6.2</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>dcsoft-auth</artifactId>
<description>
dcsoft-auth认证授权中心
</description>
<dependencies>
<!-- SpringCloud Alibaba Nacos -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<!-- SpringCloud Alibaba Nacos Config -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
<!-- SpringCloud Alibaba Sentinel -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
</dependency>
<!-- SpringBoot Web -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- SpringBoot Actuator -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<!-- RuoYi Common Security-->
<dependency>
<groupId>com.dcsoft</groupId>
<artifactId>dcsoft-common-security</artifactId>
</dependency>
<dependency>
<groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>2.1.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.idsmanager.dingdang</groupId>
<artifactId>jwt-sdk</artifactId>
<version>1.1.1</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/resources/lib/JWT-SDK-1.1.1_1.8.jar</systemPath>
</dependency>
<dependency>
<groupId>rg.jose4j.jwt</groupId>
<artifactId>jose4j-sdk</artifactId>
<version>0.4.3</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/resources/lib/jose4j-0.4.3.jar</systemPath>
</dependency>
</dependencies>
<build>
<finalName>${project.artifactId}</finalName>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
<configuration>
<includeSystemScope>true</includeSystemScope>
</configuration>
</plugin>
</plugins>
</build>
</project>

26
dcsoft-auth/src/main/java/com/dcsoft/auth/DCSAuthApplication.java Normal file
View File

@@ -0,0 +1,26 @@
package com.dcsoft.auth;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import com.dcsoft.common.security.annotation.EnableRyFeignClients;
/**
* 认证授权中心
*
* @author dcsoft
*/
@EnableRyFeignClients
@SpringBootApplication(exclude = {DataSourceAutoConfiguration.class })
public class DCSAuthApplication
{
public static void main(String[] args)
{
SpringApplication.run(com.dcsoft.auth.DCSAuthApplication.class, args);
System.out.println("(♥◠‿◠)ノ゙ 认证授权中心启动成功 ლ(´ڡ`ლ)゙ \n" +
" ___ ___ ___ \n" +
" | \\ / __| / __| \n" +
" | |) | | (__ \\__ \\ \n" +
" |___/ \\___| |___/ ");
}
}

27
dcsoft-auth/src/main/java/com/dcsoft/auth/bean/CheckParams.java Normal file
View File

@@ -0,0 +1,27 @@
package com.dcsoft.auth.bean;
import lombok.Builder;
import lombok.Data;
/**
* @author penghao
* @createDate 2022/05/10
* @createTime 10:05
*/
@Data
@Builder
public class CheckParams {
private long lastValidateTime;
private String macAddress;
private String cpuSerial;
private Long generatedTime;
private Long expiredTime;
private String version;
}

22
dcsoft-auth/src/main/java/com/dcsoft/auth/bean/ValidateCodeEnum.java Normal file
View File

@@ -0,0 +1,22 @@
package com.dcsoft.auth.bean;
import lombok.Getter;
@Getter
public enum ValidateCodeEnum {
SUCCESS(200, "验证通过"),
EXPIRED(1101, "授权已过期"),
ILLEGAL(1102, "授权码不正确"),
EXCEPTION(1103, "解析签名异常"),
FILE_NOT_EXIST(1104, "license文件不存在"),
UNAUTHORIZED(1105, "产品未授权");
private Integer code;
private String message;
ValidateCodeEnum(Integer code, String message) {
this.code = code;
this.message = message;
}
}

38
dcsoft-auth/src/main/java/com/dcsoft/auth/bean/ValidateResult.java Normal file
View File

@@ -0,0 +1,38 @@
package com.dcsoft.auth.bean;
import lombok.Data;
@Data
public class ValidateResult {
/**
* 是否验证通过
*/
private Boolean isValidate;
/**
* 验证结果状态码
*/
private Integer code;
/**
* 验证结果信息
*/
private String message;
public static ValidateResult ok() {
ValidateResult result = new ValidateResult();
result.setIsValidate(true);
result.setCode(ValidateCodeEnum.SUCCESS.getCode());
result.setMessage(ValidateCodeEnum.SUCCESS.getMessage());
return result;
}
public static ValidateResult error(ValidateCodeEnum codeEnum) {
ValidateResult result = new ValidateResult();
result.setIsValidate(false);
result.setCode(codeEnum.getCode());
result.setMessage(codeEnum.getMessage());
return result;
}
}

187
dcsoft-auth/src/main/java/com/dcsoft/auth/controller/ApiController.java Normal file
View File

@@ -0,0 +1,187 @@
package com.dcsoft.auth.controller;
import com.dcsoft.auth.service.SysAuthService;
import com.dcsoft.common.core.constant.CacheConstants;
import com.dcsoft.common.core.utils.JwtUtils;
import com.dcsoft.common.core.utils.StringUtils;
import com.dcsoft.common.core.web.domain.AjaxResult;
import com.dcsoft.common.core.web.page.TableDatasInfo;
import com.dcsoft.common.redis.service.RedisService;
import com.dcsoft.system.api.domain.FaceStudentBody;
import com.dcsoft.system.api.domain.SysAuth;
import io.jsonwebtoken.Claims;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.*;
/**
* token 控制
*
* @author dcsoft
*/
@RestController
@RequestMapping("/face-api")
public class ApiController
{
@Autowired
private RedisService redisService;
@Autowired
private SysAuthService sysAuthService;
/**
* 鉴权接口
*/
@GetMapping("/auth")
public AjaxResult auth(HttpServletRequest request)
{
String timestamp=request.getHeader("timestamp");
String appKey=request.getHeader("appKey");
String sign=request.getHeader("sign");
if(StringUtils.isEmpty(timestamp)){
return AjaxResult.error("timestamp is empty");
}
Long timeLong=new Date().getTime()/1000-Long.parseLong(timestamp);
if(timeLong>5*60){
return AjaxResult.error("timestamp is timeOut");
}
if(StringUtils.isEmpty(appKey)){
return AjaxResult.error("appKey is empty");
}
if(StringUtils.isEmpty(sign)){
return AjaxResult.error("sign is empty");
}
//appSecret通过后台获取
SysAuth auth=sysAuthService.getAuth(appKey);
if(auth == null){
return AjaxResult.error("appKey is error");
}
String appSecret=auth.getAppSecret();
String sign1= EncodeByMD5(appKey+timestamp+appSecret).toLowerCase();
//比较两次秘钥的sign的值是否一致
if(sign.equals(sign1)){
//根据appKey生成token
// Jwt存储信息
Map<String, Object> claimsMap = new HashMap<String, Object>();
String verifyKey = CacheConstants.AUTH_KEY + appKey;
claimsMap.put(CacheConstants.AUTH_KEY, appKey);
String token =JwtUtils.createToken(claimsMap);
redisService.setCacheObject(verifyKey,token);
redisService.expire(verifyKey,24*60*60);
return AjaxResult.success("token get success",token);
}else{
return AjaxResult.error("sign create error");
}
}
/**
* 人脸信息接口
*/
@PostMapping("/faceInfo")
public TableDatasInfo faceInfo(HttpServletRequest request)
{
TableDatasInfo msg=new TableDatasInfo();
String token=request.getHeader("token");
Boolean flag=validate(token);
if(flag){
String phone=request.getParameter("phone");
String idCard=request.getParameter("id_card");
String label=request.getParameter("label");
String pageNum=request.getParameter("pageNum");
String pageSize=request.getParameter("pageSize");
if(StringUtils.isEmpty(pageNum)){
pageNum="1";
}
if(StringUtils.isEmpty(pageSize)){
pageSize="10";
}
String endTime=request.getParameter("endTime");
String startTime=request.getParameter("startTime");
FaceStudentBody faceStudent=new FaceStudentBody();
faceStudent.setPhone(phone);
faceStudent.setIdCard(idCard);
faceStudent.setPageNum(pageNum);
faceStudent.setPageSize(pageSize);
faceStudent.setLabel(label);
SimpleDateFormat sdf=new SimpleDateFormat("yyyy-HH-mm");
try {
if(StringUtils.isNotEmpty(startTime)){
faceStudent.setStartTime(sdf.parse(startTime));
}
if(StringUtils.isNotEmpty(endTime)){
faceStudent.setEndTime(sdf.parse(endTime));
}
} catch (ParseException e) {
throw new RuntimeException(e);
}
msg=sysAuthService.studentList(faceStudent);
}else{
msg.setCode(500);
msg.setMsg("token is timeOut or is error");
}
return msg;
}
public Boolean validate(String token){
if (StringUtils.isEmpty(token)){
return false;
}
Claims claims = JwtUtils.parseToken(token);
if (claims == null)
{
return false;
}
String appKey=JwtUtils.getValue(claims,CacheConstants.AUTH_KEY);
//所有请求 token 及其他参数都写在 header 中
String verifyKey = CacheConstants.AUTH_KEY + appKey;
String tokens = redisService.getCacheObject(verifyKey);
if(StringUtils.isEmpty(tokens)) {//重新获取token
return false;
}
if(token.equals(tokens)){
return true;
}else{
return false;
}
}
/**
* 对字符串进行32位MD5加密
* @param str
* @return
*/
public static String EncodeByMD5(String str) {
try {
// 生成一个MD5加密计算摘要
MessageDigest md = MessageDigest.getInstance("MD5");
// 计算md5函数
md.update(str.getBytes("UTF-8"));
// digest()最后确定返回md5 hash值返回值为8为字符串。因为md5 hash值是16位的hex值实际上就是8位的字符
// BigInteger函数则将8位的字符串转换成16位hex值用字符串来表示得到字符串形式的hash值
String md5=new BigInteger(1, md.digest()).toString(16);
//BigInteger会把0省略掉需补全至32位
return fillMD5(md5);
} catch (Exception e) {
throw new RuntimeException("MD5加密错误:"+e.getMessage(),e);
}
}
private static String fillMD5(String md5) {
//如果不够32位则回调自身补零最后返回32位长度的签名
return md5.length() == 32 ? md5 : fillMD5("0" + md5);
}
}

205
dcsoft-auth/src/main/java/com/dcsoft/auth/controller/TokenController.java Normal file
View File

@@ -0,0 +1,205 @@
package com.dcsoft.auth.controller;
import javax.servlet.http.HttpServletRequest;
import com.dcsoft.auth.bean.ValidateResult;
import com.dcsoft.auth.form.IDaasBody;
import com.dcsoft.auth.utils.LicenseManager;
import com.dcsoft.auth.utils.LicenseThread;
import com.idsmanager.dingdang.jwt.DingdangUserRetriever;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.*;
import com.dcsoft.auth.form.LoginBody;
import com.dcsoft.auth.form.RegisterBody;
import com.dcsoft.auth.service.SysLoginService;
import com.dcsoft.common.core.domain.R;
import com.dcsoft.common.core.utils.JwtUtils;
import com.dcsoft.common.core.utils.StringUtils;
import com.dcsoft.common.security.auth.AuthUtil;
import com.dcsoft.common.security.service.TokenService;
import com.dcsoft.common.security.utils.SecurityUtils;
import com.dcsoft.system.api.model.LoginUser;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
/**
* token 控制
*
* @author dcsoft
*/
@RestController
public class TokenController
{
@Autowired
private TokenService tokenService;
@Autowired
private SysLoginService sysLoginService;
@Value("${license.enabled}")
private Boolean enabled;
@PostMapping("login")
public R<?> login(@RequestBody LoginBody form)
{
/* if(enabled){
ValidateResult validateResult = LicenseThread.validateResult.get("Authorize");
if (!validateResult.getIsValidate()){
return R.fail(validateResult.getMessage());
}
}*/
LoginUser userInfo=new LoginUser();
// 用户登录
if("weixin".equals(form.getFlag())){
R<LoginUser> userInfos=sysLoginService.getWxUserInfo(form);
userInfo = userInfos.getData();
if(userInfo==null){
return R.fail(userInfos.getCode(), userInfos.getMsg());
}
}else if("app".equals(form.getFlag())){
userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
//保存用户openid
if(StringUtils.isNotEmpty(form.getOpenid())){
sysLoginService.updateOpenId(userInfo,form);
}
}else{
userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
}
// 获取登录token
return R.ok(tokenService.createToken(userInfo));
}
@PostMapping("app")
public R<?> app(@RequestBody LoginBody form)
{
/* if(enabled){
ValidateResult validateResult = LicenseThread.validateResult.get("Authorize");
if (!validateResult.getIsValidate()){
return R.fail(validateResult.getMessage());
}
}*/
LoginUser userInfo=new LoginUser();
// 用户登录
if("weixin".equals(form.getFlag())){
R<LoginUser> userInfos=sysLoginService.getWxUserInfo(form);
userInfo = userInfos.getData();
if(userInfo==null){
R.fail();
}
}else if("app".equals(form.getFlag())){
userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
//保存用户openid
if(!"".equals(form.getOpenid())){
sysLoginService.updateOpenId(userInfo,form);
}
}else{
userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
}
// 获取登录token
return R.ok(tokenService.createToken(userInfo));
}
@DeleteMapping("logout")
public R<?> logout(HttpServletRequest request)
{
String token = SecurityUtils.getToken(request);
if (StringUtils.isNotEmpty(token))
{
String username = JwtUtils.getUserName(token);
// 删除用户缓存记录
AuthUtil.logoutByToken(token);
// 记录用户退出日志
sysLoginService.logout(username);
}
return R.ok();
}
@PostMapping("refresh")
public R<?> refresh(HttpServletRequest request)
{
LoginUser loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser))
{
// 刷新令牌有效期
tokenService.refreshToken(loginUser);
return R.ok();
}
return R.ok();
}
@PostMapping("register")
public R<?> register(@RequestBody RegisterBody registerBody)
{
// 用户注册
sysLoginService.register(registerBody.getUsername(), registerBody.getPassword());
return R.ok();
}
/* @PostMapping("validate")
public R<?> validate(@RequestBody IDaasBody iDaasBody)
{
String name= null;
try {
name = checkUsername(iDaasBody.getIdToken());
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
LoginUser userInfo=new LoginUser();
// 用户登录
userInfo = sysLoginService.login(name);
// 获取登录token
return R.ok(tokenService.createToken(userInfo));
}*/
/* private String checkUsername(String id_token) throws
UnsupportedEncodingException {
//1.使⽤公钥解析id_token使⽤publicKey解密上⼀步获取的id_token令牌
DingdangUserRetriever retriever = new DingdangUserRetriever(id_token,publickey);
DingdangUserRetriever.User user = null;
try {
//2.获取⽤户信息
user = retriever.retrieve();
} catch (Exception e) {
return "error";
}
//3.如果publicKey不正确或者id_token过期获取到的⽤户信息可能为null
if (null == user) {
return "error";
}
//4.获取到⽤户信息检测⽤户名是否存在⾃⼰的业务系统中isExistedUsername⽅法为示例实现
if (StringUtils.isNotEmpty(user.getUsername())) {
return user.getUsername();
} else {
//8.如果不存在,返回登录失败⻚⾯,提示⽤户不存在
return "error";
}
}*/
//获取服务器标识接口
@GetMapping("/getServerID")
public Map<String,Object> getServerID(){
Map<String,Object> retMap=new HashMap<>(2);
retMap.put("code","200");
retMap.put("serverID", LicenseManager.getSystemSign());
return retMap;
}
//授权码更新接口
@PostMapping("/updateSign")
public Map<String,Object> updateSign(String sign){
Map<String,Object> retMap=new HashMap<>(2);
LicenseManager.updateSign(sign);
LicenseThread.validateAfterUpdateSign();
retMap.put("code","200");
retMap.put("msg","激活成功!");
return retMap;
}
}

35
dcsoft-auth/src/main/java/com/dcsoft/auth/form/AuthBody.java Normal file
View File

@@ -0,0 +1,35 @@
package com.dcsoft.auth.form;
/**
* 用户登录对象
*
* @author dcsoft
*/
public class AuthBody
{
/**
* appKey
*/
private String appKey;
/**
* appSecret
*/
private String appSecret;
public String getAppKey() {
return appKey;
}
public void setAppKey(String appKey) {
this.appKey = appKey;
}
public String getAppSecret() {
return appSecret;
}
public void setAppSecret(String appSecret) {
this.appSecret = appSecret;
}
}

35
dcsoft-auth/src/main/java/com/dcsoft/auth/form/IDaasBody.java Normal file
View File

@@ -0,0 +1,35 @@
package com.dcsoft.auth.form;
/**
* 用户登录对象
*
* @author dcsoft
*/
public class IDaasBody
{
/**
* idToken
*/
private String idToken;
/**
* targetUrl
*/
private String targetUrl;
public String getIdToken() {
return idToken;
}
public void setIdToken(String idToken) {
this.idToken = idToken;
}
public String getTargetUrl() {
return targetUrl;
}
public void setTargetUrl(String targetUrl) {
this.targetUrl = targetUrl;
}
}

74
dcsoft-auth/src/main/java/com/dcsoft/auth/form/LoginBody.java Normal file
View File

@@ -0,0 +1,74 @@
package com.dcsoft.auth.form;
/**
* 用户登录对象
*
* @author dcsoft
*/
public class LoginBody
{
/**
* 用户名
*/
private String username;
/**
* 用户密码
*/
private String password;
/**
* 登录方式
* **/
private String flag;
/**
* 微信openid
* **/
private String openid;
public String getUsername()
{
return username;
}
public void setUsername(String username)
{
this.username = username;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public String getFlag() {
return flag;
}
public void setFlag(String flag) {
this.flag = flag;
}
public String getOpenid() {
return openid;
}
public void setOpenid(String openid) {
this.openid = openid;
}
@Override
public String toString() {
return "LoginBody{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
", flag='" + flag + '\'' +
", openid='" + openid + '\'' +
'}';
}
}

11
dcsoft-auth/src/main/java/com/dcsoft/auth/form/RegisterBody.java Normal file
View File

@@ -0,0 +1,11 @@
package com.dcsoft.auth.form;
/**
* 用户注册对象
*
* @author dcsoft
*/
public class RegisterBody extends LoginBody
{
}

45
dcsoft-auth/src/main/java/com/dcsoft/auth/service/SysAuthService.java Normal file
View File

@@ -0,0 +1,45 @@
package com.dcsoft.auth.service;
import com.dcsoft.common.core.constant.SecurityConstants;
import com.dcsoft.common.core.domain.R;
import com.dcsoft.common.core.web.page.TableDatasInfo;
import com.dcsoft.system.api.RemoteAuthService;
import com.dcsoft.system.api.RemoteStudentService;
import com.dcsoft.system.api.domain.FaceStudentBody;
import com.dcsoft.system.api.domain.SysAuth;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
/**
* 登录校验方法
*
* @author dcsoft
*/
@Component
public class SysAuthService
{
@Autowired
private RemoteAuthService remoteAuthService;
@Autowired
private RemoteStudentService remoteStudentService;
public SysAuth getAuth(String appKey)
{
// 查询用户信息
R<SysAuth> userResult = remoteAuthService.getAuth(appKey, SecurityConstants.INNER);
return userResult.getData();
}
public TableDatasInfo studentList(FaceStudentBody faceStudent)
{
// 查询用户信息
TableDatasInfo userResult = remoteStudentService.studentList(faceStudent, SecurityConstants.INNER);
return userResult;
}
}

212
dcsoft-auth/src/main/java/com/dcsoft/auth/service/SysLoginService.java Normal file
View File

@@ -0,0 +1,212 @@
package com.dcsoft.auth.service;
import com.dcsoft.auth.form.LoginBody;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.dcsoft.common.core.constant.CacheConstants;
import com.dcsoft.common.core.constant.Constants;
import com.dcsoft.common.core.constant.SecurityConstants;
import com.dcsoft.common.core.constant.UserConstants;
import com.dcsoft.common.core.domain.R;
import com.dcsoft.common.core.enums.UserStatus;
import com.dcsoft.common.core.exception.ServiceException;
import com.dcsoft.common.core.text.Convert;
import com.dcsoft.common.core.utils.StringUtils;
import com.dcsoft.common.core.utils.ip.IpUtils;
import com.dcsoft.common.redis.service.RedisService;
import com.dcsoft.common.security.utils.SecurityUtils;
import com.dcsoft.system.api.RemoteUserService;
import com.dcsoft.system.api.domain.SysUser;
import com.dcsoft.system.api.model.LoginUser;
/**
* 登录校验方法
*
* @author dcsoft
*/
@Component
public class SysLoginService
{
@Autowired
private RemoteUserService remoteUserService;
@Autowired
private SysPasswordService passwordService;
@Autowired
private SysRecordLogService recordLogService;
@Autowired
private RedisService redisService;
/**
* 登录
*/
public LoginUser login(String username, String password)
{
// 用户名或密码为空 错误
if (StringUtils.isAnyBlank(username, password))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
throw new ServiceException("用户/密码必须填写");
}
// 密码如果不在指定范围内 错误
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
throw new ServiceException("用户密码不在指定范围");
}
// 用户名不在指定范围内 错误
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
throw new ServiceException("用户名不在指定范围");
}
// IP黑名单校验
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾访问IP已被列入系统黑名单");
throw new ServiceException("很遗憾访问IP已被列入系统黑名单");
}
// 查询用户信息
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
throw new ServiceException("登录用户:" + username + " 不存在");
}
if (R.FAIL == userResult.getCode())
{
throw new ServiceException(userResult.getMsg());
}
LoginUser userInfo = userResult.getData();
SysUser user = userResult.getData().getSysUser();
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
}
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
}
passwordService.validate(user, password);
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
return userInfo;
}
public void logout(String loginName)
{
recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
}
/**
* 注册
*/
public void register(String username, String password)
{
// 用户名或密码为空 错误
if (StringUtils.isAnyBlank(username, password))
{
throw new ServiceException("用户/密码必须填写");
}
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
{
throw new ServiceException("账户长度必须在2到20个字符之间");
}
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
{
throw new ServiceException("密码长度必须在5到20个字符之间");
}
// 注册用户信息
SysUser sysUser = new SysUser();
sysUser.setUserName(username);
sysUser.setNickName(username);
sysUser.setPassword(SecurityUtils.encryptPassword(password));
R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);
if (R.FAIL == registerResult.getCode())
{
throw new ServiceException(registerResult.getMsg());
}
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
}
/**
* 登录
*/
public LoginUser login(String username)
{
// 用户名不在指定范围内 错误
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
throw new ServiceException("用户名不在指定范围");
}
// IP黑名单校验
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾访问IP已被列入系统黑名单");
throw new ServiceException("很遗憾访问IP已被列入系统黑名单");
}
// 查询用户信息
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
throw new ServiceException("登录用户:" + username + " 不存在");
}
if (R.FAIL == userResult.getCode())
{
throw new ServiceException(userResult.getMsg());
}
LoginUser userInfo = userResult.getData();
SysUser user = userResult.getData().getSysUser();
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
}
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
}
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
return userInfo;
}
public void updateOpenId(LoginUser userInfo, LoginBody form) {
// 注册用户信息
SysUser sysUser = new SysUser();
sysUser=userInfo.getSysUser();
sysUser.setUserName(form.getUsername());
sysUser.setOpenid(form.getOpenid());
R<?> registerResult = remoteUserService.updateOpenId(sysUser, SecurityConstants.INNER);
if (R.FAIL == registerResult.getCode())
{
throw new ServiceException(registerResult.getMsg());
}
}
public R<LoginUser> getWxUserInfo(LoginBody form) {
R<LoginUser> registerResult = remoteUserService.getWxUserInfo(form.getOpenid(), SecurityConstants.INNER);
return registerResult;
}
}

85
dcsoft-auth/src/main/java/com/dcsoft/auth/service/SysPasswordService.java Normal file
View File

@@ -0,0 +1,85 @@
package com.dcsoft.auth.service;
import java.util.concurrent.TimeUnit;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.dcsoft.common.core.constant.CacheConstants;
import com.dcsoft.common.core.constant.Constants;
import com.dcsoft.common.core.exception.ServiceException;
import com.dcsoft.common.redis.service.RedisService;
import com.dcsoft.common.security.utils.SecurityUtils;
import com.dcsoft.system.api.domain.SysUser;
/**
* 登录密码方法
*
* @author dcsoft
*/
@Component
public class SysPasswordService
{
@Autowired
private RedisService redisService;
private int maxRetryCount = CacheConstants.PASSWORD_MAX_RETRY_COUNT;
private Long lockTime = CacheConstants.PASSWORD_LOCK_TIME;
@Autowired
private SysRecordLogService recordLogService;
/**
* 登录账户密码错误次数缓存键名
*
* @param username 用户名
* @return 缓存键key
*/
private String getCacheKey(String username)
{
return CacheConstants.PWD_ERR_CNT_KEY + username;
}
public void validate(SysUser user, String password)
{
String username = user.getUserName();
Integer retryCount = redisService.getCacheObject(getCacheKey(username));
if (retryCount == null)
{
retryCount = 0;
}
if (retryCount >= Integer.valueOf(maxRetryCount).intValue())
{
String errMsg = String.format("密码输入错误%s次帐户锁定%s分钟", maxRetryCount, lockTime);
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL,errMsg);
throw new ServiceException(errMsg);
}
if (!matches(user, password))
{
retryCount = retryCount + 1;
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, String.format("密码输入错误%s次", retryCount));
redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);
throw new ServiceException("用户不存在/密码错误");
}
else
{
clearLoginRecordCache(username);
}
}
public boolean matches(SysUser user, String rawPassword)
{
return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
}
public void clearLoginRecordCache(String loginName)
{
if (redisService.hasKey(getCacheKey(loginName)))
{
redisService.deleteObject(getCacheKey(loginName));
}
}
}

48
dcsoft-auth/src/main/java/com/dcsoft/auth/service/SysRecordLogService.java Normal file
View File

@@ -0,0 +1,48 @@
package com.dcsoft.auth.service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.dcsoft.common.core.constant.Constants;
import com.dcsoft.common.core.constant.SecurityConstants;
import com.dcsoft.common.core.utils.StringUtils;
import com.dcsoft.common.core.utils.ip.IpUtils;
import com.dcsoft.system.api.RemoteLogService;
import com.dcsoft.system.api.domain.SysLogininfor;
/**
* 记录日志方法
*
* @author dcsoft
*/
@Component
public class SysRecordLogService
{
@Autowired
private RemoteLogService remoteLogService;
/**
* 记录登录信息
*
* @param username 用户名
* @param status 状态
* @param message 消息内容
* @return
*/
public void recordLogininfor(String username, String status, String message)
{
SysLogininfor logininfor = new SysLogininfor();
logininfor.setUserName(username);
logininfor.setIpaddr(IpUtils.getIpAddr());
logininfor.setMsg(message);
// 日志状态
if (StringUtils.equalsAny(status, Constants.LOGIN_SUCCESS, Constants.LOGOUT, Constants.REGISTER))
{
logininfor.setStatus(Constants.LOGIN_SUCCESS_STATUS);
}
else if (Constants.LOGIN_FAIL.equals(status))
{
logininfor.setStatus(Constants.LOGIN_FAIL_STATUS);
}
remoteLogService.saveLogininfor(logininfor, SecurityConstants.INNER);
}
}

108
dcsoft-auth/src/main/java/com/dcsoft/auth/test/CreateSign.java Normal file
View File

@@ -0,0 +1,108 @@
package com.dcsoft.auth.test;
import com.dcsoft.auth.utils.AESUtils;
import com.dcsoft.auth.utils.DateUtils;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
import java.io.File;
import java.io.FileWriter;
import java.util.Scanner;
/**
* @author penghao
* @Description 生成签名
* @createDate 2022/05/05
* @createTime 17:41
*/
public class CreateSign {
public static void main(String[] args) {
//系统标识---由mac地址+cpu序列号 使用AES加密而来
// String systemSign = "1jfNqzhz66e8egvhsONUXJMDNalNPTLWDO1lLBetwck=";
//生效起始时间
// String generatedTimeStr = "2022-05-09 00:00:00";
//生效截止时间
// String expiredTimeStr = "2022-05-11 00:00:00";
//上一次校验时间(初始值)
// String lastValidateTimeStr = "2022-05-09 00:00:01";
//项目部署序列号(版本标识)
// String version = "dmoiji3xkoa4p33";
//license生成路径
// String path = "C:\\Users\\Administrator\\Desktop\\license.xml";
System.out.println(" mac地址+cpu序列号");
Scanner sc1 = new Scanner(System.in);
String signBuilder = sc1.nextLine();
String sign = AESUtils.encrypt(signBuilder);
System.out.println("mac地址+cpu序列号 AES加密生成签名"+sign);
Scanner sc = new Scanner(System.in);
System.out.println("请输入系统标识串(部署的服务获取):");
String systemSign = sc.nextLine();
System.out.println("请输入生效起始时间格式如2022-05-05 00:00:00");
String generatedTimeStr = sc.nextLine();
System.out.println("请输入生效截止时间格式如2022-05-05 00:00:00");
String expiredTimeStr = sc.nextLine();
System.out.println("请输入上一次校验时间初始值格式如2022-05-05 00:00:00");
String lastValidateTimeStr = sc.nextLine();
System.out.println("请输入项目部署唯一版本号(不能带“-”):");
String version = sc.nextLine();
System.out.println("请输入license文件生成路径");
String path = sc.nextLine();
createLicense(systemSign, generatedTimeStr, expiredTimeStr, lastValidateTimeStr, version, path);
System.out.println("license文件生成成功文件路径" + path);
}
private static void createLicense(String systemSign, String generatedTimeStr, String expiredTimeStr, String lastValidateTimeStr, String version, String path) {
try {
//解密系统标识得到mac地址+cpu序列号
String macAndCpu = AESUtils.decrypt(systemSign);
System.out.println("客户服务器mac地址和cpu序列号" + macAndCpu);
//MAC复制-CPU序列号-生效起始时间-生效结束结束时间-软件产品序列号(项目版本唯一标识)
// String content = "A8:A1:59:41:89:36-BFEBFBFF000906EA-20220506-20220507-dmoiji3xkoa4p33";
StringBuilder signBuilder = new StringBuilder(macAndCpu);
//生效起始时间
long generatedTime = DateUtils.getTimeInMillis(generatedTimeStr);
//生效截止时间
long expiredTime = DateUtils.getTimeInMillis(expiredTimeStr);
//项目唯一标识
signBuilder.append("-").append(generatedTime).append("-").append(expiredTime).append("-").append(version);
String sign = AESUtils.encrypt(signBuilder.toString());
System.out.println("AES加密生成签名");
System.out.println("-----------------------------------------------------------------------------------------------");
System.out.println(sign);
System.out.println("-----------------------------------------------------------------------------------------------");
//生成licence文件
Document document = DocumentHelper.createDocument();
//根节点
Element rootEle = document.addElement("license");
//功能数据节点,扩展参数时可在此节点下扩展
Element dataEle = rootEle.addElement("features");
Element featureEle = dataEle.addElement("feature");
featureEle.addAttribute("name", "lastValidateTi");
featureEle.addAttribute("ti", AESUtils.encrypt(String.valueOf(DateUtils.getTimeInMillis(lastValidateTimeStr))));
//签名节点
Element signEle = rootEle.addElement("signature");
signEle.setText(sign);
System.out.println(document.asXML());
OutputFormat format = OutputFormat.createPrettyPrint();
// 设置编码格式
format.setEncoding("UTF-8");
FileWriter fileWriter = new FileWriter(new File(path));
XMLWriter xmlWriter = new XMLWriter(fileWriter, format);
// 设置是否转义,默认使用转义字符
xmlWriter.setEscapeText(false);
xmlWriter.write(document);
xmlWriter.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}

97
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/AESUtils.java Normal file
View File

@@ -0,0 +1,97 @@
package com.dcsoft.auth.utils;
import org.springframework.util.Base64Utils;
import javax.crypto.KeyGenerator;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
/**
* @version V1.0
* @desc AES 加密工具类
*/
public class AESUtils {
/**
* RSA加密后的AES秘钥
*/
private static String aesEncyptPwd="ZIkun+KvXFWLZLYUwXqFWazQeRe119AkcGcl+p8Erzi4EEaHBFYcQuGuKthIE+1IWSQxoUpUJkT0T1+xtoRi3txDnBikdrFhccGZdRpqwRv58q5nqxJX4wVrq0Ms02KBKgQRTqqlzfYLzQcYPyhv8KPE8JDVkttic+W+j5pFles=";
private static final String KEY_ALGORITHM = "AES";
private static final String DEFAULT_CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
/**
* AES 加密操作
*
* @param content 待加密内容
* @return 返回Base64转码后的加密数据
*/
public static String encrypt(String content) {
try {
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(RSAUtils.decrypt(aesEncyptPwd)));
byte[] result = cipher.doFinal(byteContent);
return Base64Utils.encodeToString(result);
} catch (Exception ex) {
ex.printStackTrace();
System.out.println("AES加密失败");
}
return null;
}
/**
* AES 解密操作
*
* @param content 已加密内容
* @return
*/
public static String decrypt(String content) {
try {
//实例化
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);
//使用密钥初始化,设置为解密模式
cipher.init(Cipher.DECRYPT_MODE, getSecretKey(RSAUtils.decrypt(aesEncyptPwd)));
//执行操作
byte[] result = cipher.doFinal(Base64Utils.decodeFromString(content));
return new String(result, "utf-8");
} catch (Exception ex) {
ex.printStackTrace();
System.out.println("AES解密失败");
}
return null;
}
/**
* 生成加密秘钥
*
* @return
*/
private static SecretKeySpec getSecretKey(String aesKey) {
//返回生成指定算法密钥生成器的 KeyGenerator 对象
KeyGenerator kg = null;
try {
kg = KeyGenerator.getInstance(KEY_ALGORITHM);
//AES 要求密钥长度为 128
SecureRandom random=SecureRandom.getInstance("SHA1PRNG","SUN");
random.setSeed(aesKey.getBytes());
kg.init(128, random);
//生成一个密钥
SecretKey secretKey = kg.generateKey();
return new SecretKeySpec(secretKey.getEncoded(), KEY_ALGORITHM);
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
System.out.println("生成加密秘钥失败");
} catch (NoSuchProviderException e) {
e.printStackTrace();
System.out.println("生成加密秘钥失败");
}
return null;
}
}

28
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/DateUtils.java Normal file
View File

@@ -0,0 +1,28 @@
package com.dcsoft.auth.utils;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
/**
* @author penghao
* @Description TODO
* @createDate 2022/05/09
* @createTime 13:27
*/
public class DateUtils {
public static Long getTimeInMillis(String formatTime){
try {
SimpleDateFormat format=new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date=format.parse(formatTime);
Calendar calendar=Calendar.getInstance();
calendar.setTime(date);
return calendar.getTimeInMillis();
}catch (Exception e){
e.printStackTrace();
System.out.println("日期转换失败");
}
return 0L;
}
}

54
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/KeyGenerator.java Normal file
View File

@@ -0,0 +1,54 @@
package com.dcsoft.auth.utils;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Base64;
/**
* @Description 生成公钥私钥对
* @createDate 2022/05/05
* @createTime 14:25
*/
public class KeyGenerator {
/**
* 私钥
*/
private static byte[] privateKey;
/**
* 公钥
*/
private static byte[] publicKey;
/**
* 加密算法
*/
private static final String KEY_ALGORITHM = "RSA";
public void generater() {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.genKeyPair();
RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey priKey = (RSAPrivateKey) keyPair.getPrivate();
privateKey = Base64.getEncoder().encode(priKey.getEncoded());
publicKey = Base64.getEncoder().encode(pubKey.getEncoded());
System.out.println("公钥:" + new String(publicKey));
System.out.println("私钥:" + new String(privateKey));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.out.println("生成密钥对失败!");
}
}
public static void main(String[] args) {
KeyGenerator keyGenerator = new KeyGenerator();
keyGenerator.generater();
}
}

167
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/LicenseManager.java Normal file
View File

@@ -0,0 +1,167 @@
package com.dcsoft.auth.utils;
import com.dcsoft.auth.bean.CheckParams;
import com.dcsoft.auth.bean.ValidateCodeEnum;
import com.dcsoft.auth.bean.ValidateResult;
import lombok.extern.slf4j.Slf4j;
import org.dom4j.Document;
import org.dom4j.Element;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.SAXReader;
import org.dom4j.io.XMLWriter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import java.io.File;
import java.io.FileWriter;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* @author PH
*/
@Slf4j
@Component
public class LicenseManager {
public static Map<String, ValidateResult> validate() {
Map<String, ValidateResult> result = new HashMap<>();
CheckParams checkParams = null;
try {
checkParams = getCheckParams(result);
if (checkParams == null) {
return result;
}
} catch (Exception e) {
e.printStackTrace();
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.EXCEPTION));
return result;
}
//校验mac地址
if (!checkParams.getMacAddress().equals(Systemutils.getMacAddress())) {
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.UNAUTHORIZED));
return result;
}
//校验cpu序列号
if (!checkParams.getCpuSerial().equals(Systemutils.getCpuNum())) {
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.UNAUTHORIZED));
return result;
}
long currentTi = System.currentTimeMillis();
//校验时间
if (notAfterLastValidateTime(checkParams.getLastValidateTime(), currentTi) || notAfter(checkParams.getGeneratedTime(), currentTi)
|| notBefore(checkParams.getExpiredTime(), currentTi)) {
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.EXPIRED));
return result;
}
result.put("Authorize", ValidateResult.ok());
return result;
}
public static String getSystemSign() {
String MacAddress = Systemutils.getMacAddress();
String cpuNum = Systemutils.getCpuNum();
return AESUtils.encrypt(MacAddress + "-" + cpuNum);
}
public static void updateSign(String sign) {
try {
Document document = readLicense();
Element rootElement = document.getRootElement();
Element signatureEle = rootElement.element("signature");
signatureEle.setText(sign);
OutputFormat format = OutputFormat.createPrettyPrint();
// 设置编码格式
format.setEncoding("UTF-8");
String path = System.getProperty("user.dir");
FileWriter fileWriter = new FileWriter(new File(path + File.separator + "license.xml"));
XMLWriter xmlWriter = new XMLWriter(fileWriter, format);
// 设置是否转义,默认使用转义字符
xmlWriter.setEscapeText(false);
xmlWriter.write(document);
xmlWriter.close();
log.info("更新授权码成功");
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException("更新授权码失败!");
}
}
private static boolean notAfterLastValidateTime(long lastValidateTime, long currentTi) {
return lastValidateTime >= currentTi;
}
private static boolean notBefore(Long expiredTime, long currentTi) {
return expiredTime <= currentTi;
}
private static boolean notAfter(long generatedTime, long currentTi) {
return generatedTime >= currentTi;
}
private static CheckParams getCheckParams(Map<String, ValidateResult> result) {
//读取license文件
Document document = readLicense();
if (document == null) {
log.error("license 读取失败!");
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.FILE_NOT_EXIST));
return null;
}
Element rootElement = document.getRootElement();
Element dataEle = rootElement.element("features");
List<Element> featuresEles = dataEle.elements();
Element lastValidateTimeEle = featuresEles.get(0);
//提取上一次验证时间
String lastValidateTimeStr = lastValidateTimeEle.attributeValue("ti");
long lastValidateTime = Long.parseLong(AESUtils.decrypt(lastValidateTimeStr));
log.debug("上一次校验时间:{}", lastValidateTime);
//提取签名内容
Element signEle = rootElement.element("signature");
String signStr = signEle.getText();
String sign = AESUtils.decrypt(signStr);
if (sign == null) {
log.error("授权码不正确");
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.ILLEGAL));
return null;
}
log.debug("签名内容:{}", sign);
String[] signArr = sign.split("-");
if (signArr.length != 5) {
log.error("授权码不正确");
result.put("Authorize", ValidateResult.error(ValidateCodeEnum.ILLEGAL));
return null;
}
CheckParams params = CheckParams.builder().lastValidateTime(lastValidateTime).macAddress(signArr[0])
.cpuSerial(signArr[1]).generatedTime(Long.parseLong(signArr[2])).expiredTime(Long.parseLong(signArr[3]))
.version(signArr[4]).build();
return params;
}
private static Document readLicense() {
Document document = null;
try {
SAXReader saxReader = new SAXReader();
String path = System.getProperty("user.dir");
document = saxReader.read(new File(path + File.separator + "license.xml"));
return document;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) {
// String sign = AESUtils.decrypt("VorZodH/B6eeNLPA09TNJ8fpjlvrsckBk3VW3Pvr2qzhQVdeL38xS8unNFFxzQrjZ70f4wIoi1Tg1wlZq9DFKuVyp2zD20A//lDswyaD8NsmwMR72R2Ua+Gb0dp+PpM3b9gx2iIFIAtKOyaJlMMV8H4az/EKc/d733lyHfY3wbhsmo4vUvsqPYiriaj+psPu7DgO0DsQqw0xjAblpcrfL1xc42E3STEi9NTNbbBTsLU=");
String s="PXVnqRD54Gd4f0cEECwqpL0KYlN40lDtUTQRhpSURSqYg+QzDF4/9mYLcu0JNMxsy1O5ZrsAhSLjNzf0TGO05w==";
System.out.println(AESUtils.decrypt(s));
}
}

59
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/LicenseThread.java Normal file
View File

@@ -0,0 +1,59 @@
package com.dcsoft.auth.utils;
import com.dcsoft.auth.bean.ValidateResult;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
* @author penghao
* @createDate 2022/05/11
* @createTime 16:42
*/
@Component
@Slf4j
public class LicenseThread implements Runnable {
public static Map<String, ValidateResult> validateResult = null;
@Value("${license.checkTime}")
private Long checkTime;
@Bean
public void startThread() {
Thread thread = new Thread(this);
thread.setDaemon(true);
thread.start();
log.debug("license校验结果");
}
@Override
public void run() {
while (true) {
validateResult = LicenseManager.validate();
if (validateResult != null) {
ValidateResult result = validateResult.get("Authorize");
log.debug("license校验结果" + result.getMessage());
}
try {
//正式改为12个小时校验一次保持与登录同步即可
// TimeUnit.HOURS.sleep(12);
//测试1分钟校验一次
TimeUnit.SECONDS.sleep(checkTime);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
}
public static boolean validateAfterUpdateSign() {
validateResult = LicenseManager.validate();
ValidateResult result = validateResult.get("Authorize");
return result != null && result.getIsValidate();
}
}

67
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/RSAUtils.java Normal file
View File

@@ -0,0 +1,67 @@
package com.dcsoft.auth.utils;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
/**
* @Description 对AES密码加密
* @createDate 2022/05/05
* @createTime 14:28
*/
public class RSAUtils {
/**
* 公钥base64
*/
private static String puk = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdfujgTmG4aOa4oK2VysmKvAI+hurN/wuKQjzgJTo3ct6TH5NHFHncb9KXijC1xk2Po+pJ8UjU4XGjU4gq5yhTdeSYPYR6hj5jqLy8fkWpFzeC6RvM4bLDe1lDNKphpcUoo5ZO7T77w9fX2lgJSyy/8LxdBThc4Megga3KW1/W4wIDAQAB";
/**
* 加密
*
* @return
* @throws Exception
*/
protected static String encrypt(String content) throws Exception {
byte[] publicKeyBytes = puk.getBytes();
X509EncodedKeySpec x = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyBytes));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory.generatePublic(x);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] result = cipher.doFinal(content.getBytes("UTF-8"));
return Base64.getEncoder().encodeToString(result);
}
/**
* 私钥base64
*/
private static String prk = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJ1+6OBOYbho5rigrZXKyYq8Aj6G6s3/C4pCPOAlOjdy3pMfk0cUedxv0peKMLXGTY+j6knxSNThcaNTiCrnKFN15Jg9hHqGPmOovLx+RakXN4LpG8zhssN7WUM0qmGlxSijlk7tPvvD19faWAlLLL/wvF0FOFzgx6CBrcpbX9bjAgMBAAECgYA8uRWohg//PdLXFHxY6JrUNrDW0sXtLoyQfgFimnfbsRpHt0DdgvOJHkQf0VP+gbqdyyEl6TWfflyGEErL39wX1rrosy+LpiN0HeISERJuwJtuiGeR+0qw+Xz2M7VE+e5oD94dRtlzERft2mcDbQAQYUCFNgUBtd1dCJgMJPZJYQJBANHxKKHqMbsH91JsGP8eCu+yeMah0X8cT79nwD71SJRc03W5P1MPKhRyGWJj0M+Wax32pAPCMTfbj19scLplJpUCQQDADD5OuSLYRVqx68/CYbFVK3ye/YD4Cgc+0kT9SoI9bLB10JumHT0seDGeXQqwUPAF3bBZGI8pW2bdtzDj8YGXAkABQXgEv+ncPIf2Lj9YB035cQ/X4E/oerrfYjd8KOtuN7/sDFecn5KY3LXaKM6u7y9k1nzUqOyycNXCtFtYQhKhAkBvgyxyvaFz/uFoyko6zksP705Pa1eFrx0B50pT4P26+O+FmXmnfPbWaXw2PkREmNqmLVGGinImS4JxXzuuP79FAkAFQejjE+5Twi8oSCcNwse7FFP86U6jgcc+S+XCUUkLXQ5SPlkyb037hwoV1lEEJpcyI2tSFRxBKT89KZN0Nfat";
protected static String decrypt(String signEncrypt) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
byte[] privateKeyBytes = prk.getBytes();
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKeyBytes));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, priKey);
byte[] result = cipher.doFinal(Base64.getDecoder().decode(signEncrypt));
return new String(result);
}
public static void main(String[] args) throws Exception {
String password = "123456";
String a = encrypt(password);
System.out.println("AES加密秘钥" + a);
}
}

102
dcsoft-auth/src/main/java/com/dcsoft/auth/utils/Systemutils.java Normal file
View File

@@ -0,0 +1,102 @@
package com.dcsoft.auth.utils;
import lombok.extern.slf4j.Slf4j;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.InetAddress;
import java.net.InterfaceAddress;
import java.net.NetworkInterface;
import java.util.ArrayList;
import java.util.List;
import java.util.Scanner;
import java.util.stream.Collectors;
/**
* @author penghao
*/
@Slf4j
public class Systemutils {
protected static String getMacAddress() {
try {
java.util.Enumeration<NetworkInterface> en = NetworkInterface.getNetworkInterfaces();
StringBuilder sb = new StringBuilder();
while (en.hasMoreElements()) {
NetworkInterface iface = en.nextElement();
List<InterfaceAddress> addrs = iface.getInterfaceAddresses();
for (InterfaceAddress addr : addrs) {
InetAddress ip = addr.getAddress();
NetworkInterface network = NetworkInterface.getByInetAddress(ip);
if (network == null) {
continue;
}
if (network.getName().toLowerCase().startsWith("ens")) {
byte[] mac = network.getHardwareAddress();
if (mac == null) {
continue;
}
for (int i = 0; i < mac.length; i++) {
sb.append(String.format("%02X%s", mac[i], (i < mac.length - 1) ? "-" : ""));
}
String xxy = sb.toString().replaceAll("-", "").toUpperCase();
log.info("xxy地址{}", xxy);
return xxy;
}
}
}
} catch (Exception e) {
e.printStackTrace();
log.error("读取本机系统信息失败!");
}
return null;
}
protected static String getCpuNum() {
BufferedReader reader = null;
InputStreamReader ir = null;
try {
String[] linux = {"/bin/bash", "-c", "dmidecode -t processor | grep 'ID' | awk -F ':' '{print $2}' | head -n 1"};
String[] windows = {"wmic", "cpu", "get", "ProcessorId"};
// 获取系统信息
String property = System.getProperty("os.name");
Process process = Runtime.getRuntime().exec(property.contains("Window") ? windows : linux);
process.getOutputStream().close();
ir = new InputStreamReader(process.getInputStream());
reader = new BufferedReader(ir);
String xxw = reader.readLine();
if (xxw != null) {
xxw = xxw.replaceAll(" ", "");
}
log.info("xxw识别码:{}", xxw);
return xxw;
} catch (Exception e) {
e.printStackTrace();
log.error("获取系统信息失败!");
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (ir != null) {
try {
ir.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return null;
}
public static void main(String[] args) throws Exception {
// List<String> macs = getMacAddress();
// System.out.println("本机的mac网卡的地址列表" + macs);
System.out.println(getCpuNum());
}
}

7
dcsoft-auth/src/main/resources/banner.txt Normal file
View File

@@ -0,0 +1,7 @@
Spring Boot Version: ${spring-boot.version}
Spring Application Name: ${spring.application.name}
___ ___ ___ ___ _ _ _____ _ _
| \ / __| / __| ___ / \ | | | | |_ _| | || |
| |) | | (__ \__ \ |___| | - | | |_| | | | | __ |
|___/ \___| |___/ _____ |_|_| \___/ _|_|_ |_||_|

25
dcsoft-auth/src/main/resources/bootstrap.yml Normal file
View File

@@ -0,0 +1,25 @@
# Tomcat
server:
port: 9200
# Spring
spring:
application:
# 应用名称
name: dcsoft-auth
profiles:
# 环境配置
active: dev
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}

BIN
dcsoft-auth/src/main/resources/lib/JWT-SDK-1.1.1_1.8.jar Normal file
View File

Binary file not shown.

BIN
dcsoft-auth/src/main/resources/lib/jose4j-0.4.3.jar Normal file
View File

Binary file not shown.

74
dcsoft-auth/src/main/resources/logback.xml Normal file
View File

@@ -0,0 +1,74 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration scan="true" scanPeriod="60 seconds" debug="false">
<!-- 日志存放路径 -->
<property name="log.path" value="logs/dcsoft-auth" />
<!-- 日志输出格式 -->
<property name="log.pattern" value="%d{HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />
<!-- 控制台输出 -->
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>${log.pattern}</pattern>
</encoder>
</appender>
<!-- 系统日志输出 -->
<appender name="file_info" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${log.path}/info.log</file>
<!-- 循环政策:基于时间创建日志文件 -->
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!-- 日志文件名格式 -->
<fileNamePattern>${log.path}/info.%d{yyyy-MM-dd}.log</fileNamePattern>
<!-- 日志最大的历史 60天 -->
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
<pattern>${log.pattern}</pattern>
</encoder>
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<!-- 过滤的级别 -->
<level>INFO</level>
<!-- 匹配时的操作:接收(记录) -->
<onMatch>ACCEPT</onMatch>
<!-- 不匹配时的操作:拒绝(不记录) -->
<onMismatch>DENY</onMismatch>
</filter>
</appender>
<appender name="file_error" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${log.path}/error.log</file>
<!-- 循环政策:基于时间创建日志文件 -->
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!-- 日志文件名格式 -->
<fileNamePattern>${log.path}/error.%d{yyyy-MM-dd}.log</fileNamePattern>
<!-- 日志最大的历史 60天 -->
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
<pattern>${log.pattern}</pattern>
</encoder>
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<!-- 过滤的级别 -->
<level>ERROR</level>
<!-- 匹配时的操作:接收(记录) -->
<onMatch>ACCEPT</onMatch>
<!-- 不匹配时的操作:拒绝(不记录) -->
<onMismatch>DENY</onMismatch>
</filter>
</appender>
<!-- 系统模块日志级别控制 -->
<logger name="com.dcsoft" level="info" />
<!-- Spring日志级别控制 -->
<logger name="org.springframework" level="warn" />
<root level="info">
<appender-ref ref="console" />
</root>
<!--系统操作日志-->
<root level="info">
<appender-ref ref="file_info" />
<appender-ref ref="file_error" />
</root>
</configuration>