refactor: JWT升级

This commit is contained in:
bunny 2025-03-25 14:34:12 +08:00
parent 560ba612d7
commit 1f5adb3abc
4 changed files with 87 additions and 128 deletions

View File

@ -32,7 +32,7 @@
<fastjson2.version>2.0.47</fastjson2.version>
<minio.version>8.5.17</minio.version>
<lombok.version>1.18.32</lombok.version>
<jwt.version>0.9.1</jwt.version>
<jwt.version>0.12.6</jwt.version>
<easyexcel.version>4.0.2</easyexcel.version>
<jodatime.version>2.10.1</jodatime.version>
<aspectj>1.9.21</aspectj>

View File

@ -28,6 +28,10 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<!-- asp 切面 -->
<dependency>
<groupId>org.aspectj</groupId>
@ -68,6 +72,12 @@
<artifactId>selenium-java</artifactId>
<version>4.30.0</version>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
<!-- thymeleaf -->
<dependency>
<groupId>org.springframework.boot</groupId>
@ -144,36 +154,10 @@
<version>2.6.5</version>
</dependency>
<!-- 直接找不到上下文 -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>6.1.6</version>
</dependency>
<!-- 解决 javax.xml.bind 错误 -->
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5.5</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>

View File

@ -2,10 +2,13 @@ package cn.bunny.services.utils;
import cn.bunny.dao.vo.result.ResultCodeEnum;
import cn.bunny.services.exception.AuthCustomerException;
import io.jsonwebtoken.*;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.micrometer.common.lang.Nullable;
import org.springframework.util.StringUtils;
import javax.crypto.SecretKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@ -20,6 +23,7 @@ public class JwtHelper {
private static final String subject = "Bunny";
// 默认时间
private static final Date time = new Date(System.currentTimeMillis() + tokenExpiration * 7);
static SecretKey key = Jwts.SIG.HS256.key().build();
/**
* 使用默认主题默认时间默认秘钥创建自定义集合token
@ -29,12 +33,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(time)
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.compressWith(CompressionCodecs.GZIP).compact();
.subject(subject)
.expiration(time)
.signWith(key)
.claims(map)
.id(UUID.randomUUID().toString())
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -46,12 +50,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, Date time) {
return Jwts.builder()
.setSubject(subject)
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.setExpiration(time)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.compressWith(CompressionCodecs.GZIP).compact();
.subject(subject)
.signWith(key)
.expiration(time)
.claims(map)
.id(UUID.randomUUID().toString())
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -63,12 +67,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, Integer day) {
return Jwts.builder()
.setSubject(subject)
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.setExpiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.setClaims(map)
.setId(UUID.randomUUID().toString())
.compressWith(CompressionCodecs.GZIP).compact();
.subject(subject)
.signWith(key)
.expiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.claims(map)
.id(UUID.randomUUID().toString())
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -80,12 +84,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String tokenSignKey) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(time)
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.compressWith(CompressionCodecs.GZIP).compact();
.subject(subject)
.expiration(time)
.signWith(key)
.claims(map)
.id(UUID.randomUUID().toString())
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -98,13 +102,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String subject, Date time) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(time)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
.subject(subject)
.expiration(time)
.claims(map)
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -117,12 +120,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String subject, String tokenSignKey) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(time)
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.compressWith(CompressionCodecs.GZIP).compact();
.subject(subject)
.expiration(time)
.claims(map)
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -135,13 +138,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String tokenSignKey, Integer time) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(new Date(System.currentTimeMillis() + tokenExpiration * time))
.setClaims(map)
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
.subject(subject)
.expiration(new Date(System.currentTimeMillis() + tokenExpiration * time))
.claims(map)
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -154,13 +156,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String subject, String tokenSignKey, Integer day) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.setClaims(map)
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
.subject(subject)
.expiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.claims(map)
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -173,13 +174,12 @@ public class JwtHelper {
*/
public static String createTokenWithMap(Map<String, Object> map, String subject, String tokenSignKey, Date time) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(time)
.setClaims(map)
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
.subject(subject)
.expiration(time)
.claims(map)
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -192,14 +192,13 @@ public class JwtHelper {
*/
public static String createToken(Long userId, String username, Integer day) {
return Jwts.builder()
.setSubject(subject)
.setExpiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.subject(subject)
.expiration(new Date(System.currentTimeMillis() + tokenExpiration * day))
.claim("userId", userId)
.claim("username", username)
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.HS256, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
.id(UUID.randomUUID().toString())
.signWith(key)
.compressWith(Jwts.ZIP.GZIP).compact();
}
/**
@ -211,8 +210,7 @@ public class JwtHelper {
public static Map<String, Object> getMapByToken(String token) {
try {
if (!StringUtils.hasText(token)) throw new AuthCustomerException(ResultCodeEnum.TOKEN_PARSING_FAILED);
Claims claims = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token).getBody();
Claims claims = Jwts.parser().verifyWith(key).build().parseSignedClaims(token).getPayload();
// body 值转为map
return new HashMap<>(claims);
@ -231,8 +229,8 @@ public class JwtHelper {
public static Map<String, Object> getMapByToken(String token, String signKey) {
try {
if (!StringUtils.hasText(token)) throw new AuthCustomerException(ResultCodeEnum.TOKEN_PARSING_FAILED);
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(signKey).parseClaimsJws(token);
Claims body = claimsJws.getBody();
Jws<Claims> claimsJws = Jwts.parser().verifyWith(key).build().parseSignedClaims(token);
Claims body = claimsJws.getPayload();
// body 值转为map
return new HashMap<>(body);
@ -255,8 +253,8 @@ public class JwtHelper {
private static String getSubjectByTokenHandler(String token, String tokenSignKey) {
try {
if (!StringUtils.hasText(token)) throw new AuthCustomerException(ResultCodeEnum.TOKEN_PARSING_FAILED);
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Claims body = claimsJws.getBody();
Jws<Claims> claimsJws = Jwts.parser().verifyWith(key).build().parseSignedClaims(token);
Claims body = claimsJws.getPayload();
return body.getSubject();
@ -285,8 +283,8 @@ public class JwtHelper {
try {
if (!StringUtils.hasText(token)) throw new AuthCustomerException(ResultCodeEnum.TOKEN_PARSING_FAILED);
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Claims claims = claimsJws.getBody();
Jws<Claims> claimsJws = Jwts.parser().verifyWith(key).build().parseSignedClaims(token);
Claims claims = claimsJws.getPayload();
return Long.valueOf(String.valueOf(claims.get("userId")));
} catch (Exception exception) {
@ -304,8 +302,8 @@ public class JwtHelper {
try {
if (!StringUtils.hasText(token)) return "";
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Claims claims = claimsJws.getBody();
Jws<Claims> claimsJws = Jwts.parser().verifyWith(key).build().parseSignedClaims(token);
Claims claims = claimsJws.getPayload();
return (String) claims.get("username");
} catch (Exception exception) {
throw new AuthCustomerException(ResultCodeEnum.TOKEN_PARSING_FAILED);
@ -341,8 +339,8 @@ public class JwtHelper {
*/
private static boolean isExpiredUtil(String token, String tokenSignKey) {
try {
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Date expiration = claimsJws.getBody().getExpiration();
Jws<Claims> claimsJws = Jwts.parser().verifyWith(key).build().parseSignedClaims(token);
Date expiration = claimsJws.getPayload().getExpiration();
return expiration != null && expiration.before(new Date());
} catch (Exception exception) {

View File

@ -10,10 +10,8 @@ import cn.bunny.services.utils.UserUtil;
import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.TypeReference;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.openqa.selenium.chrome.ChromeDriver;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@ -28,13 +26,10 @@ import org.springframework.test.web.servlet.result.MockMvcResultMatchers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import java.time.Duration;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@SpringBootTest
@WebAppConfiguration
// @AutoConfigureMockMvc
class ConfigurationControllerTest {
private static final String prefix = "/api/config";
@ -51,8 +46,6 @@ class ConfigurationControllerTest {
private MockMvc mockMvc;
private ChromeDriver chromeDriver;
@BeforeEach
void setUpMockMvc() {
AdminUser adminUser = userMapper.selectOne(Wrappers.<AdminUser>lambdaQuery().eq(AdminUser::getUsername, "Administrator"));
@ -63,18 +56,9 @@ class ConfigurationControllerTest {
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext)
.apply(SecurityMockMvcConfigurers.springSecurity())
.build();
chromeDriver = new ChromeDriver();
}
@AfterEach
void tearDown() {
chromeDriver.quit();
}
@Test
// @WithMockUser(username = "Administrator", password = "admin123", roles = "admin")
// @WithUserDetails("Administrator")
void webConfig() throws Exception {
mockMvc.perform(MockMvcRequestBuilders
.get(prefix + "/noAuth/webConfig")
@ -188,11 +172,4 @@ class ConfigurationControllerTest {
System.out.println(contentAsString);
});
}
@Test
void openChrome() throws InterruptedException {
chromeDriver.get("http://localhost:7000/");
TimeUnit.MINUTES.sleep(100);
chromeDriver.manage().timeouts().implicitlyWait(Duration.of(1000L, TimeUnit.SECONDS.toChronoUnit()));
}
}