联考版-迭代-aop token转义

stmms-ms-accesscontrol/src/main/java/cn/com/qmth/stmms/ms/accesscontrol/LoginInterceptor.java

@@ -2,6 +2,7 @@ package cn.com.qmth.stmms.ms.accesscontrol;
 
 import cn.com.qmth.stmms.ms.accesscontrol.config.LoginConfig;
 import cn.com.qmth.stmms.ms.commons.utils.AesUtil;
+import cn.com.qmth.stmms.ms.commons.utils.EncrypAES;
 import cn.com.qmth.stmms.ms.core.cache.CacheService;
 import cn.com.qmth.stmms.ms.core.domain.user.AbstractUser;
 import cn.com.qmth.stmms.ms.core.domain.user.MarkUser;
@@ -48,7 +49,7 @@ public class LoginInterceptor extends HandlerInterceptorAdapter {
         authorization = URLDecoder.decode(authorization, "UTF-8");
         token = URLDecoder.decode(token, "UTF-8");
 
-        String tokenDec = AesUtil.decoder(token, "token", null);
+        String tokenDec = EncrypAES.decrypt(token);
         String[] strs = tokenDec.split("#");
         String loginName = strs[1];
         if (loginConfig.adminLoginConfig().getLoginName().equals(loginName)) {

stmms-ms-accesscontrol/src/main/java/cn/com/qmth/stmms/ms/accesscontrol/api/AuthApi.java

@@ -2,6 +2,7 @@ package cn.com.qmth.stmms.ms.accesscontrol.api;
 
 import cn.com.qmth.stmms.ms.accesscontrol.config.LoginConfig;
 import cn.com.qmth.stmms.ms.commons.utils.AesUtil;
+import cn.com.qmth.stmms.ms.commons.utils.EncrypAES;
 import cn.com.qmth.stmms.ms.core.cache.CacheService;
 import cn.com.qmth.stmms.ms.core.domain.MarkSubject;
 import cn.com.qmth.stmms.ms.core.domain.task.MarkTask;
@@ -104,7 +105,7 @@ public class AuthApi {
         }
 
         String token = System.currentTimeMillis() + "#" + domain.getLoginName() + "#" + domain.getId();
-        String tokenAes = AesUtil.encoder(token, "token", null);
+        String tokenAes = EncrypAES.encrypt(token);
         token = URLEncoder.encode(tokenAes, "UTF-8");
         cacheService.saveTokenCache(domain.getId().toString(), token);
         domain.setToken(token);

stmms-ms-commons/src/main/java/cn/com/qmth/stmms/ms/commons/utils/EncrypAES.java

@@ -0,0 +1,87 @@
+package cn.com.qmth.stmms.ms.commons.utils;
+
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * @author by xf
+ * @date 2019/11/25.
+ * DigestUtils.md5Hex进行md5加密
+ */
+public class EncrypAES {
+
+    private static final Logger logger = LoggerFactory.getLogger(EncrypAES.class);
+
+    private static final String KEY_ALGORITHM = "AES";
+    /**
+     * 加解密算法/工作模式/填充方式
+     */
+    private static final String DEFAULT_CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
+
+
+    private static byte[] KEYBYTES = {0x31, 0x32, 0x33, 0x34, 0x35, 0x50, 0x37, 0x38, 0x39, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46};
+
+
+    /**
+     * 加密
+     * @param value
+     * @return
+     */
+    public static String encrypt(String value) {
+        String s = null;
+        int mode = Cipher.ENCRYPT_MODE;
+        try {
+            Cipher cipher = initCipher(mode);
+            byte[] outBytes = cipher.doFinal(value.getBytes());
+            s = String.valueOf(Hex.encodeHex(outBytes));
+        } catch (Exception e) {
+            logger.error(e.getMessage());
+        }
+        return s;
+    }
+
+
+    /**
+     * 解密
+     * @param value
+     * @return
+     */
+    public static String decrypt(String value) {
+        String s = null;
+        int mode = Cipher.DECRYPT_MODE;
+        try {
+            Cipher cipher = initCipher(mode);
+            byte[] outBytes = cipher.doFinal(Hex.decodeHex(value.toCharArray()));
+            s = new String(outBytes);
+        } catch (Exception e) {
+            logger.error(e.getMessage());
+        }
+        return s;
+    }
+
+    private static Cipher initCipher(int mode) throws NoSuchAlgorithmException,
+            NoSuchPaddingException, InvalidKeyException {
+        Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);
+        Key key = new SecretKeySpec(KEYBYTES, KEY_ALGORITHM);
+        cipher.init(mode, key);
+        return cipher;
+    }
+
+    public static void main(String[] args) {
+        String content = "1622615449555#admin#0";
+        String en = encrypt(content);
+        System.out.println("en:" + en);
+
+        String de = decrypt(en);
+        System.out.println("de:" + de);
+    }
+
+}

stmms-ms-log/src/main/java/cn/com/qmth/stmms/ms/log/aop/MarkLogAop.java

@@ -4,6 +4,7 @@ import cn.com.qmth.stmms.ms.commons.config.LevelConfig;
 import cn.com.qmth.stmms.ms.commons.constant.ArbitrateCallback;
 import cn.com.qmth.stmms.ms.commons.constant.ArbitrateResult;
 import cn.com.qmth.stmms.ms.commons.utils.AesUtil;
+import cn.com.qmth.stmms.ms.commons.utils.EncrypAES;
 import cn.com.qmth.stmms.ms.commons.utils.SqlUtil;
 import cn.com.qmth.stmms.ms.core.cache.ParamCache;
 import cn.com.qmth.stmms.ms.core.domain.*;
@@ -404,7 +405,7 @@ public class MarkLogAop {
             throw new Exception("请先登录");
         }
         token = URLDecoder.decode(token, "UTF-8");
-        token = AesUtil.decoder(token, "token", null);
+        token = EncrypAES.decrypt(token);
         Object[] args = joinPoint.getArgs(); // 参数值
         MarkTask markTask = null;
         MarkUser markUser = null;