'commit'

dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonInternalController.java

@@ -27,7 +27,7 @@ public class LoginPersonInternalController extends Controller {
      * 完整访问路径：http://10.10.21.20:8001/dsBase/loginPerson/internal/doLogin
      */
     @Before(POST.class)
-    @EmptyInterface({"username", "password", "platform"})
+    @EmptyInterface({"username", "password"})
     public void doLogin(String username, String password) {
         JSONObject resultJson = new JSONObject();
 

dsBase/src/main/java/com/dsideal/dsBase/Util/JwtUtil.java

@@ -63,17 +63,28 @@ public class JwtUtil {
     }
 
     /**
-     * 获取当前用户信息
+     * 获取当前用户JWT
      *
      * @param req 请求
      * @return
      */
-    public static Record getPersonInfo(HttpServletRequest req) {
+    public static String getPersonJwt(HttpServletRequest req) {
         String jwtToken = req.getHeader("Authorization");
         if (jwtToken == null) {
             //尝试从Cookie中获取jwt-token
             jwtToken = CookieUtil.getValue(req, "jwt-token");
         }
+        return jwtToken;
+    }
+
+    /**
+     * 获取当前用户信息
+     *
+     * @param req 请求
+     * @return
+     */
+    public static Record getPersonInfo(HttpServletRequest req) {
+        String jwtToken = getPersonJwt(req);
         Record record = new Record();
         Claims claims = null;
         if (jwtToken != null) {

dsRes/src/main/java/com/dsideal/resource/Res/Controller/ResourceController.java

@@ -97,7 +97,7 @@ public class ResourceController extends Controller {
         //根据扩展名，获取缩略图名称
         String thumb_name = rm.getThumbByExt(extension);
         //当前登录人员
-        String person_id = JwtUtil.getPersonId(getRequest());
+        String person_id = JwtUtil.getPersonInfo(getRequest()).getStr("person_id");
         String resource_size = CommonUtil.formatFileSize(resource_size_int);
         String person_name = bm.getPersonById(person_id).getStr("person_name");
         int down_count = 0;//下载次数

dsRes/src/main/java/com/dsideal/resource/Util/HttpClient.java

@@ -150,32 +150,28 @@ public class HttpClient {
     }
 
     public static void main(String[] args) {
+        //正常在Controller中获取到此人员的jwt
+        // String jwtToken =JwtUtil.getPersonJwt(req);
+
+        // 模拟这个场景进行测试
+        String jwtToken = JwtUtil.generateToken(1, "5499644C-4FC7-4194-8BEA-96AB94466FC2", "-1");
+        System.out.println(jwtToken);
+
         // 设置请求头
         Map<String, String> headers = new HashMap<>();
-        headers.put("Authorization", "Bearer token123");
+        headers.put("Authorization", jwtToken);//我现在测试的这个登录接口，其实是不需要JWT的，但有可能有的登录接口需要JWT
         headers.put("Content-Type", "application/json");
 
-        // GET请求示例
-        String getUrl = "https://api.example.com/users";
-        String getResponse = HttpClient.get(getUrl, headers);
-        System.out.println("GET Response: " + getResponse);
-
         // POST JSON请求示例
-        String postUrl = "https://api.example.com/users";
-        String jsonBody = "{\"name\":\"John\",\"age\":30}";
-        String postResponse = HttpClient.postJson(postUrl, jsonBody, headers);
+        String postUrl = "http://ds-base:8001/dsBase/loginPerson/internal/doLogin";
+        Map<String, String> jsonBody = new HashMap<>();
+        String user_name="sys1";
+        String password = "DsideaL4r5t6y7u";
+        //本系统的密码需要进行RSA处理后进行提交，这与登录系统的密码处理方式一致
+        String rsaPwd = RsaUtils.encryptedDataOnJava(password, RsaUtils.PUBLICKEY);
+        jsonBody.put("username", user_name);
+        jsonBody.put("password", rsaPwd);
+        String postResponse = HttpClient.postForm(postUrl, jsonBody, headers);
         System.out.println("POST Response: " + postResponse);
-
-        // POST表单请求示例
-        Map<String, String> formData = new HashMap<>();
-        formData.put("username", "john");
-        formData.put("password", "123456");
-        String formResponse = HttpClient.postForm(postUrl, formData, headers);
-        System.out.println("Form Response: " + formResponse);
-
-        // 文件上传示例
-        File file = new File("test.txt");
-        String fileResponse = HttpClient.postFile(postUrl, file, "test.txt", headers);
-        System.out.println("File Upload Response: " + fileResponse);
     }
 }

dsRes/src/main/java/com/dsideal/resource/Util/JwtUtil.java

@@ -1,92 +1,100 @@
 package com.dsideal.resource.Util;
 
+import com.dsideal.resource.ResApplication;
 import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import com.jfinal.plugin.activerecord.Record;
 
+import javax.crypto.SecretKey;
 import javax.servlet.http.HttpServletRequest;
 import java.nio.charset.StandardCharsets;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.Date;
-
 
-/**
- * Created by zhzhan on 2017/6/30.
- */
 public class JwtUtil {
-
     public static final String AUTHORIZATION_STARTER = "Bearer ";
-    public static final String SECRET = "ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM";
+    public static final String SECRET = ResApplication.PropKit.get("jwt.SECRET");
+
+    // 生成安全的密钥
+    private static final SecretKey key = Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8));
 
     /**
-     * 功能：黄海开发的生成JWT函数
+     * 功能：生成JWT函数
      *
-     * @param userId
-     * @param phone
-     * @return
+     * @param identity_id 身份ID
+     * @param person_id   人员ID
+     * @param bureau_id   机构ID
+     * @return JWT签名
      */
-    public static String generateToken(String userId, String phone) {
-        // 样例
-        //{date=Thu Sep 12 09:06:19 CST 2024, phone=200004322138, type=APP, userId=99108}
+    public static String generateToken(int identity_id, String person_id, String bureau_id) {
         // 获取当前日期和时间
         Date now = new Date();
         // 格式化日期
         Map<String, Object> claims = new HashMap<>();
-        claims.put("date", now.toString());
-        claims.put("phone", phone);
-        claims.put("type", "APP");
-        claims.put("userId", userId);
-        claims.put("wxgzh", 1);
-        return JwtUtil.AUTHORIZATION_STARTER + Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS256, SECRET).compact();
+        claims.put("create_time", now.toString());
+        claims.put("identity_id", identity_id);
+        claims.put("person_id", person_id);
+        claims.put("bureau_id", bureau_id);
+
+        return AUTHORIZATION_STARTER + Jwts.builder()
+                .setClaims(claims)
+                .signWith(key, SignatureAlgorithm.HS256)
+                .compact();
     }
 
-    public static Claims getClaimsFromToken(String token, String secret) {
-        if (token.contains(JwtUtil.AUTHORIZATION_STARTER)) {
-            token = token.replace(JwtUtil.AUTHORIZATION_STARTER, "");
+    public static Claims getClaims(String token) {
+        if (token.contains(AUTHORIZATION_STARTER)) {
+            token = token.replace(AUTHORIZATION_STARTER, "");
         }
         Claims claims;
-
         try {
-            claims = Jwts.parser()
-                    .setSigningKey(secret)
+            claims = Jwts.parserBuilder()
+                    .setSigningKey(key)
+                    .build()
                     .parseClaimsJws(token)
                     .getBody();
-            claims.put("expired", false);
-        } catch (ExpiredJwtException e) {
-            claims = e.getClaims();
-            claims.put("expired", true);
         } catch (Exception e) {
-            try {
-                claims = Jwts.parser()
-                        .setSigningKey(secret.getBytes(StandardCharsets.UTF_8))
-                        .parseClaimsJws(token)
-                        .getBody();
-                claims.put("expired", false);
-            } catch (ExpiredJwtException ee) {
-                claims = ee.getClaims();
-                claims.put("expired", true);
-            } catch (Exception err) {
             claims = null;
         }
-        }
         return claims;
     }
 
     /**
-     * 获取当前登录用户的person_id
+     * 获取当前用户JWT
+     * @param req 请求
+     * @return
+     */
+    public static String getPersonJwt(HttpServletRequest req) {
+        String jwtToken = req.getHeader("Authorization");
+        if (jwtToken == null) {
+            //尝试从Cookie中获取jwt-token
+            jwtToken = CookieUtil.getValue(req, "jwt-token");
+        }
+        return jwtToken;
+    }
+
+    /**
+     * 获取当前用户信息
      *
-     * @param request HttpServletRequest
+     * @param req 请求
      * @return
      */
-    public static String getPersonId(HttpServletRequest request) {
-        //从Http请求头中获取Authorization
-        String Authorization = request.getHeader("Authorization");
-        String secret = JwtUtil.SECRET;
-        String token = Authorization.replaceFirst(JwtUtil.AUTHORIZATION_STARTER, "");
-        Claims cs = JwtUtil.getClaimsFromToken(token, secret);
-        String person_id = cs.get("person_id").toString();
-        return person_id;
+    public static Record getPersonInfo(HttpServletRequest req) {
+        String jwtToken = getPersonJwt(req);
+        Record record = new Record();
+        Claims claims = null;
+        if (jwtToken != null) {
+            claims = getClaims(jwtToken);
+        }
+        if (claims != null) {
+            record.set("identity_id", claims.get("identity_id"));
+            record.set("person_id", claims.get("person_id"));
+            record.set("bureau_id", claims.get("bureau_id"));
+            record.set("create_time", claims.get("create_time"));
+        }
+        return record;
     }
 }