RSA密码加密

auth-service/src/main/java/com/hungraim/ltc/controller/AuthController.java

@@ -25,14 +25,22 @@ public class AuthController {
   @PostMapping("/token")
   @SneakyThrows
   public Result<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam Map<String, String> parameters)  {
-//    String password = parameters.get("password");
-//    String decrypt = CsoftSecurityUtil.decrypt(password);
-//    parameters.put("password", decrypt);
+    String password = parameters.get("password");
+    String decrypt = CsoftSecurityUtil.decrypt(password);
+    parameters.put("password", decrypt);
     OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
     return Result.success(oAuth2AccessToken);
   }
 
-
+  /**
+   * 获取公钥
+   * @return
+   */
+  @GetMapping("/genKeyPair")
+  public Result<String> genKeyPair() {
+    Map keyMap = CsoftSecurityUtil.genKeyPair();
+    return Result.success(keyMap.get(0).toString());
+  }
 
 
 

auth-service/src/main/java/com/hungraim/ltc/gateway/config/WebSecurityConfig.java

@@ -33,7 +33,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
       .authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
       .and()
       .authorizeRequests()
-      .antMatchers("/getPublicKey","/oauth/logout","/genKeyPair").permitAll()
+      .antMatchers("/getPublicKey","/oauth/token","/genKeyPair","/oauth/genKeyPair").permitAll()
       .anyRequest().authenticated();
   }
 

common/common-core/src/main/java/com/hungraim/ltc/util/CsoftSecurityUtil.java

@@ -32,7 +32,7 @@ public class CsoftSecurityUtil {
         //生成公钥和私钥
         genKeyPair();
         //加密字符串
-        String message = "df723820";
+        String message = "Hg123admin";
         System.out.println("随机生成的公钥为:" + keyMap.get(0));
         System.out.println("随机生成的私钥为:" + keyMap.get(1));
         String messageEn = encrypt(message, keyMap.get(0));

gateway-service/src/main/java/com/hungraim/ltc/gateway/config/ResourceServerConfig.java

@@ -51,7 +51,7 @@ public class ResourceServerConfig {
         http.oauth2ResourceServer().jwt()
             .jwtAuthenticationConverter(jwtAuthenticationConverter());
         http.authorizeExchange()
-            .pathMatchers("/api/oauth/token", "/oauth/token").permitAll()
+            .pathMatchers("/api/oauth/token", "/oauth/token","/oauth/genKeyPair","/api/oauth/genKeyPair").permitAll()
             .anyExchange().access(authorizationManager)
             .and()
             .exceptionHandling()