处理监控调阅定时更改过期任务的问题

soc-common/soc-common-security/src/main/java/com/xunmei/common/security/utils/SaltHelper.java

@@ -2,11 +2,16 @@ package com.xunmei.common.security.utils;
 
 
 import cn.hutool.core.codec.Base64;
+import cn.hutool.core.io.resource.ClassPathResource;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.digest.DigestUtils;
 
 import javax.crypto.Cipher;
 import javax.crypto.spec.SecretKeySpec;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Reader;
 import java.nio.charset.StandardCharsets;
 import java.util.UUID;
 
@@ -16,11 +21,12 @@ import java.util.UUID;
 @Slf4j
 public class SaltHelper {
 
-    private static final String KEY = "rDWBHusbFTlOURS4";
-
+   // private static final String KEY = "rDWBHusbFTlOURS4";
+    private static ClassPathResource resource = new ClassPathResource("key/privatekey.pri");
     public static String decryptAES(final String content) {
         try {
-            final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
+            String Key =loadKeyFromFile(resource.getStream());
+            final SecretKeySpec skeySpec = new SecretKeySpec(Key.getBytes("UTF-8"), "AES");
             final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM"); // "算法/模式/补码方式"
             cipher.init(Cipher.DECRYPT_MODE, skeySpec);
             return new String(cipher.doFinal(Base64.decode(content)));
@@ -32,7 +38,8 @@ public class SaltHelper {
 
     public static String encryptAES(final String content) {
         try {
-            final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
+            String Key =loadKeyFromFile(resource.getStream());
+            final SecretKeySpec skeySpec = new SecretKeySpec(Key.getBytes("UTF-8"), "AES");
             final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM"); // "算法/模式/补码方式"
             cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
             return Base64.encode(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)));
@@ -42,6 +49,22 @@ public class SaltHelper {
         }
     }
 
+    private static String loadKeyFromFile(InputStream inputStream) {
+        //将InputStream读入Reader中
+        Reader reader = new InputStreamReader(inputStream);
+        //实例化一个StringBuilder以保存结果
+        StringBuilder result = new StringBuilder();
+        //读取每个字节并转换为char，添加到StringBuilder
+        try {
+            for (int data = reader.read(); data != -1; data = reader.read()) {
+                result.append((char) data);
+            }
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        // 将文件内容转为字符串
+        return result.toString();
+    }
     /**
      * 比较相等
      *

soc-common/soc-common-security/src/main/java/com/xunmei/common/security/utils/SecurityUtils.java

@@ -1,6 +1,7 @@
 package com.xunmei.common.security.utils;
 
 import cn.hutool.core.codec.Base64;
+import cn.hutool.core.io.resource.ClassPathResource;
 import cn.hutool.extra.spring.SpringUtil;
 import com.xunmei.common.core.constant.SecurityConstants;
 import com.xunmei.common.core.constant.TokenConstants;
@@ -14,6 +15,10 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import javax.crypto.Cipher;
 import javax.crypto.spec.SecretKeySpec;
 import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Reader;
 import java.nio.charset.StandardCharsets;
 import java.util.Optional;
 import java.util.UUID;
@@ -26,8 +31,8 @@ import java.util.UUID;
 public class SecurityUtils {
     private static final String[] deviceArray = new String[]{"iphone", "android", "ios", "harmonyos", "deviceInfo", "phone", "mobile", "wap", "netfront", "java", "opera mobi", "opera mini", "ucweb", "windows ce", "symbian", "series", "webos", "sony", "blackberry", "dopod", "nokia", "samsung", "palmsource", "xda", "pieplus", "meizu", "midp", "cldc", "motorola", "foma", "docomo", "up.browser", "up.link", "blazer", "helio", "hosin", "huawei", "novarra", "coolpad", "webos", "techfaith", "palmsource", "alcatel", "amoi", "ktouch", "nexian", "ericsson", "philips", "sagem", "wellcom", "bunjalloo", "maui", "smartphone", "iemobile", "spice", "bird", "zte-", "longcos", "pantech", "gionee", "portalmmm", "jig browser", "hiptop", "benq", "haier", "^lct", "320x320", "240x320", "176x220", "w3c ", "acs-", "alav", "alca", "amoi", "audi", "avan", "benq", "bird", "blac", "blaz", "brew", "cell", "cldc", "cmd-", "dang", "doco", "eric", "hipt", "inno", "ipaq", "java", "jigs", "kddi", "keji", "leno", "lg-c", "lg-d", "lg-g", "lge-", "maui", "maxo", "midp", "mits", "mmef", "mobi", "mot-", "moto", "mwbp", "nec-", "newt", "noki", "oper", "palm", "pana", "pant", "phil", "play", "port", "prox", "qwap", "sage", "sams", "sany", "sch-", "sec-", "send", "seri", "sgh-", "shar", "sie-", "siem", "smal", "smar", "sony", "sph-", "symb", "t-mo", "teli", "tim-"/*, "tosh"*/, "tsm-", "upg1", "upsi", "vk-v", "voda", "wap-", "wapa", "wapi", "wapp", "wapr", "webc", "winw", "winw", "xda", "xda-", "Googlebot-Mobile", "dart", "flutter", "xunmeiapp"};
 
-    private static final String KEY = "rDWBHusbFTlOURS4";
-
+    //private static final String KEY = "rDWBHusbFTlOURS4";
+    private static ClassPathResource resource = new ClassPathResource("key/privatekey.pri");
     /**
      * 获取用户ID
      */
@@ -118,9 +123,10 @@ public class SecurityUtils {
 
     public static String decryptAES(final String content) {
         try {
-            final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
+            String Key =loadKeyFromFile(resource.getStream());
+            final SecretKeySpec skeySpec = new SecretKeySpec(Key.getBytes("UTF-8"), "AES");
             // "算法/模式/补码方式"
-            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding","CCM");
+            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM");
             cipher.init(Cipher.DECRYPT_MODE, skeySpec);
             return new String(cipher.doFinal(Base64.decode(content)));
         } catch (final Exception e) {
@@ -128,11 +134,29 @@ public class SecurityUtils {
         }
     }
 
+    private static String loadKeyFromFile(InputStream inputStream) {
+        //将InputStream读入Reader中
+        Reader reader = new InputStreamReader(inputStream);
+        //实例化一个StringBuilder以保存结果
+        StringBuilder result = new StringBuilder();
+        //读取每个字节并转换为char，添加到StringBuilder
+        try {
+            for (int data = reader.read(); data != -1; data = reader.read()) {
+                result.append((char) data);
+            }
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        // 将文件内容转为字符串
+        return result.toString();
+    }
+
     public static String encryptAES(final String content) {
         try {
-            final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
+            String Key =loadKeyFromFile(resource.getStream());
+            final SecretKeySpec skeySpec = new SecretKeySpec(Key.getBytes("UTF-8"), "AES");
             // "算法/模式/补码方式"
-            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding","CCM");
+            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM");
             cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
             return Base64.encode(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)));
         } catch (final Exception e) {

soc-common/soc-common-security/src/main/resources/key/privatekey.pri

@@ -0,0 +1 @@
+rDWBHusbFTlOURS4