更新JWT算法

src/main/java/cn/chjyj/szwh/service/impl/UserServiceImpl.java

@@ -1,14 +1,11 @@
 package cn.chjyj.szwh.service.impl;
 
 import cn.chjyj.szwh.bean.User;
-import cn.chjyj.szwh.constant.ChConstant;
 import cn.chjyj.szwh.mapper.UserMapper;
 import cn.chjyj.szwh.service.UserService;
-import cn.chjyj.szwh.utils.ApiTokenUtils;
 import cn.chjyj.szwh.utils.ProperUtils;
 import cn.chjyj.szwh.utils.RequestUtils;
 import com.alibaba.fastjson.JSONObject;
-import com.auth0.jwt.JWT;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

src/main/java/cn/chjyj/szwh/utils/SignUtils.java

@@ -11,8 +11,10 @@ import com.auth0.jwt.interfaces.DecodedJWT;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import sun.misc.BASE64Decoder;
 
-import java.io.IOException;
+import java.io.BufferedReader;
+import java.io.FileReader;
 import java.security.KeyFactory;
 import java.security.NoSuchAlgorithmException;
 import java.security.interfaces.RSAPrivateKey;
@@ -78,6 +80,8 @@ public class SignUtils {
      */
     private static Map getTypeMap(String type) {
         Map nmap = new HashMap();
+        // 清空
+        nmap.clear();
         switch (type) {
             case "user_real":
                 nmap = userRealMap();
@@ -157,6 +161,7 @@ public class SignUtils {
             // 公钥证书路径
             String pubkey=(String) xmap.get("public_key");
             // 公钥证书
+            // 读取证书内容
             RSAPublicKey rsaPublicKey = getPublicKey(pubkey);
             // 解析对象，算法与加密时候一致
             JWTVerifier jwtVerifier = JWT.require(Algorithm.RSA256(rsaPublicKey,null)).build();
@@ -182,28 +187,39 @@ public class SignUtils {
      * @throws InvalidKeySpecException
      */
     public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
-        String publicKeyPEM = publicKey.replace("-----BEGIN PUBLIC KEY-----\r\n", "");
+        // 读取证书文件内容
+        String keycontent = getKeyContent(publicKey);
+        // 剔除证书中的换行符
+        String publicKeyPEM = keycontent.replace("-----BEGIN PUBLIC KEY-----\r\n", "");
         publicKeyPEM = publicKeyPEM.replace("-----END PUBLIC KEY-----", "");
 
-        Base64 b64 = new Base64();
+        try {
-        byte [] decoded = b64.decode(publicKeyPEM);
+            Base64 b64 = new Base64();
+            byte [] decoded = b64.decode(publicKeyPEM);
 
-        X509EncodedKeySpec spec =
+            X509EncodedKeySpec spec =
-                new X509EncodedKeySpec(decoded);
+                    new X509EncodedKeySpec(decoded);
-        KeyFactory kf = KeyFactory.getInstance("RSA");
+            KeyFactory kf = KeyFactory.getInstance("RSA");
-        return (RSAPublicKey) kf.generatePublic(spec);
+            return (RSAPublicKey) kf.generatePublic(spec);
+        }catch (Exception ex){
+            ex.printStackTrace();
+        }
+        return null;
     }
 
 
 
     /**
      * 抽取私钥
-     * @param privateKey
+     * @param privateKey 私钥路径
      * @return
      * @throws Exception
      */
     public static RSAPrivateKey getPrivateKey(String privateKey) throws Exception {
-        String privKeyPEM = privateKey.replace("-----BEGIN PRIVATE KEY-----\r\n", "");
+        // 读取路径的证书信息
+        String keycontent = getKeyContent(privateKey);
+        //
+        String privKeyPEM = keycontent.replace("-----BEGIN PRIVATE KEY-----\r\n", "");
         privKeyPEM = privKeyPEM.replace("-----END PRIVATE KEY-----", "");
         Base64 b64 = new Base64();
         byte [] decoded = b64.decode(privKeyPEM);
@@ -212,4 +228,27 @@ public class SignUtils {
         KeyFactory kf = KeyFactory.getInstance("RSA");
         return (RSAPrivateKey)kf.generatePrivate(spec);
     }
+
+    /**
+     * 读取证书文件内容
+     * @param path
+     * @return
+     */
+    private static String getKeyContent(String path){
+        StringBuffer sb= new StringBuffer();
+        try{
+            BufferedReader br = new BufferedReader(new FileReader(path));
+            String t;
+            while ((t=br.readLine())!=null){
+                if(!t.startsWith("-")){
+                    sb.append(t.trim());
+                }
+            }
+
+        }catch (Exception ex){
+            log.error("证书文件不存在:"+path);
+            ex.printStackTrace();
+        }
+        return sb.toString();
+    }
 }

src/test/java/cn/chjyj/szwh/JwtRsaTokenTests.java

@@ -1,20 +1,15 @@
 package cn.chjyj.szwh;
 
-import cn.chjyj.szwh.constant.ChConstant;
+
-import cn.chjyj.szwh.utils.ApiTokenUtils;
-import cn.chjyj.szwh.utils.JwtUtils;
 import cn.chjyj.szwh.utils.RedisKeys;
-import cn.chjyj.szwh.utils.SzFileUtils;
+import cn.chjyj.szwh.utils.SignUtils;
 import com.auth0.jwt.JWT;
-import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.DecodedJWT;
-import io.jsonwebtoken.Claims;
+
 import org.junit.Test;
 import org.springframework.boot.test.context.SpringBootTest;
 
-import java.io.File;
+
-import java.io.FileReader;
-import java.util.Properties;
 
 /**
  * jwt token 测试
@@ -27,24 +22,30 @@ public class JwtRsaTokenTests {
      */
     @Test
     public void entrTokenTest(){
+        String token = SignUtils.createSign("user_real");
+        System.out.println(token);
+
         // 资源文件
-        String dbconf = ChConstant.WORK_DIR + ChConstant.SZWH_CONF;
+//        String dbconf = ChConstant.WORK_DIR + ChConstant.SZWH_CONF;
-        Properties prop = new Properties();
+//        Properties prop = new Properties();
-        try {
+//        try {
-            prop.load(new FileReader(dbconf));
+////            prop.load(new FileReader(dbconf));
-            // 委托系统 密钥
+////            // 委托系统 密钥
-            String entr_prikey=prop.getProperty("entrust.pem.prikey.path");//私钥路径
+////            String entr_prikey=prop.getProperty("entrust.pem.prikey.path");//私钥路径
-            // 私钥
+////            // 私钥
-            String prinote = SzFileUtils.getKeyFromFile(ChConstant.WORK_DIR + "/" + entr_prikey);
+////            String prinote = SzFileUtils.getKeyFromFile(ChConstant.WORK_DIR + "/" + entr_prikey);
-            System.out.println(prinote);
+////            System.out.println(prinote);
-            String iss ="test";
+////            String iss ="test";
-            // 5分钟后过期
+////
-            long exp =5 * 60 * 1000L;
+////            String token = SignUtils.createSign("user_real");
-            String token = ApiTokenUtils.getToken(iss,prinote,exp);
+//            // 5分钟后过期
-            System.out.println(token);
+//            //long exp =5 * 60 * 1000L;
-        }catch (Exception ex){
+//
-            ex.printStackTrace();
+//            //String token = ApiTokenUtils.getToken(iss,prinote,exp);
-        }
+//            System.out.println(token);
+//        }catch (Exception ex){
+//            ex.printStackTrace();
+//        }
 
     }