RSA密码加密

0ff5381a · maqing · d1f18992 · 0ff5381a · 0ff5381a · 0ff5381a
Commit 0ff5381a authored Feb 09, 2023 by maqing
5 changed files
--- a/auth-service/src/main/java/com/hungraim/ltc/controller/AuthController.java
+++ b/auth-service/src/main/java/com/hungraim/ltc/controller/AuthController.java
@@ -4,11 +4,15 @@ import com.hungraim.ltc.util.CsoftSecurityUtil;
 import com.hungraim.ltc.util.Result;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.web.bind.annotation.*;
-import java.security.NoSuchAlgorithmException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.security.Principal;
 import java.util.Map;
@@ -21,6 +25,7 @@ import java.util.Map;
 @RequestMapping("/oauth")
 @AllArgsConstructor
 public class AuthController {
  private final TokenEndpoint tokenEndpoint;
  @PostMapping("/token")
@@ -43,6 +48,15 @@ public class AuthController {
    return Result.success(keyMap.get(0).toString());
  }
+  @GetMapping("/authLogout")
+  public Result authLogout(HttpServletRequest request, HttpServletResponse response) {
+    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+    //清除认证
+    if (auth != null) {
+      new SecurityContextLogoutHandler().logout(request, response, auth);
+    }
+    return Result.success();
+  }
 }
--- a/auth-service/src/main/java/com/hungraim/ltc/controller/PublicKeyController.java
+++ b/auth-service/src/main/java/com/hungraim/ltc/controller/PublicKeyController.java
@@ -7,10 +7,15 @@ import com.nimbusds.jose.jwk.RSAKey;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.security.KeyPair;
 import java.security.interfaces.RSAPublicKey;
 import java.util.Map;

--- a/auth-service/src/main/java/com/hungraim/ltc/gateway/config/WebSecurityConfig.java
+++ b/auth-service/src/main/java/com/hungraim/ltc/gateway/config/WebSecurityConfig.java
@@ -11,6 +11,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.logout.LogoutHandler;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 /**
@@ -33,8 +35,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
      .authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
      .and()
      .authorizeRequests()
-      .antMatchers("/getPublicKey","/oauth/token","/genKeyPair","/oauth/genKeyPair").permitAll()
+      .antMatchers("/getPublicKey","/oauth/*").permitAll()
-      .anyRequest().authenticated();
+      .anyRequest().authenticated()
+      .and()
+      .logout()
+      .logoutUrl("/oauth/logout")
+      .invalidateHttpSession(true);
  }
  /**

--- a/gateway-service/src/main/java/com/hungraim/ltc/gateway/config/ResourceServerConfig.java
+++ b/gateway-service/src/main/java/com/hungraim/ltc/gateway/config/ResourceServerConfig.java
@@ -51,7 +51,7 @@ public class ResourceServerConfig {
        http.oauth2ResourceServer().jwt()
            .jwtAuthenticationConverter(jwtAuthenticationConverter());
        http.authorizeExchange()
-            .pathMatchers("/api/oauth/token", "/oauth/token","/oauth/genKeyPair","/api/oauth/genKeyPair").permitAll()
+            .pathMatchers("/api/oauth/token","/oauth/*","/api/oauth/genKeyPair").permitAll()
            .anyExchange().access(authorizationManager)
            .and()
            .exceptionHandling()

--- a/gateway-service/src/main/java/com/hungraim/ltc/gateway/security/AuthorizationManager.java
+++ b/gateway-service/src/main/java/com/hungraim/ltc/gateway/security/AuthorizationManager.java
@@ -77,7 +77,7 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
        }
        log.info("require authorities:{}", authorities);
-        //认证通过且角色匹配的用户可访问当前路径
+       // 认证通过且角色匹配的用户可访问当前路径
 //        return mono.map(auth -> {
 //            return new AuthorizationDecision(true);
 //        }).defaultIfEmpty(new AuthorizationDecision(false));