add #40

Author: xlorne

springboot-starter-security/pom.xml

@@ -30,6 +30,12 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis</artifactId>
+            <scope>provided</scope>
+        </dependency>
+
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-api</artifactId>

springboot-starter-security/src/main/java/com/codingapi/springboot/security/jwt/MyAES.java renamed to springboot-starter-security/src/main/java/com/codingapi/springboot/security/crypto/AESTools.java

@@ -1,25 +1,25 @@
-package com.codingapi.springboot.security.jwt;
+package com.codingapi.springboot.security.crypto;
 
 import com.codingapi.springboot.framework.crypto.AES;
 import lombok.SneakyThrows;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
 
-public class MyAES {
+public class AESTools {
 
-    private final static MyAES instance = new MyAES();
+    private final static AESTools instance = new AESTools();
 
     private AES aes;
 
-    private MyAES() {
+    private AESTools() {
     }
 
     void init(AES aes) {
         this.aes = aes;
     }
 
-    public static MyAES getInstance() {
+    public static AESTools getInstance() {
         return instance;
     }
 

springboot-starter-security/src/main/java/com/codingapi/springboot/security/crypto/SecurityCryptoConfiguration.java

@@ -0,0 +1,22 @@
+package com.codingapi.springboot.security.crypto;
+
+import com.codingapi.springboot.framework.crypto.AES;
+import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.Base64;
+
+@Configuration
+public class SecurityCryptoConfiguration {
+
+    @Bean
+    @ConditionalOnMissingBean
+    public AES aes(CodingApiSecurityProperties properties) throws Exception {
+        AES aes = new AES(Base64.getDecoder().decode(properties.getAseKey().getBytes()),
+                Base64.getDecoder().decode(properties.getAseIv()));
+        AESTools.getInstance().init(aes);
+        return aes;
+    }
+}

springboot-starter-security/src/main/java/com/codingapi/springboot/security/filter/MyAuthenticationFilter.java

@@ -3,8 +3,8 @@
 import com.alibaba.fastjson.JSONObject;
 import com.codingapi.springboot.framework.dto.response.Response;
 import com.codingapi.springboot.security.exception.TokenExpiredException;
-import com.codingapi.springboot.security.gateway.TokenGateway;
 import com.codingapi.springboot.security.gateway.Token;
+import com.codingapi.springboot.security.gateway.TokenGateway;
 import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -45,7 +45,7 @@ public MyAuthenticationFilter(AuthenticationManager manager, CodingApiSecurityPr
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
         log.debug("token authentication ~");
         for (String antUrl : securityJwtProperties.getAuthenticatedUrls()) {
-            if(antPathMatcher.match(antUrl,request.getRequestURI())) {
+            if (antPathMatcher.match(antUrl, request.getRequestURI())) {
 
                 String sign = request.getHeader(TOKEN_KEY);
                 if (!StringUtils.hasLength(sign)) {
@@ -54,6 +54,10 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                 }
 
                 Token token = tokenGateway.parser(sign);
+                if (token == null) {
+                    writeResponse(response, Response.buildFailure("token.expire", "token expire."));
+                    return;
+                }
                 if (token.canRestToken()) {
                     Token newSign = tokenGateway.create(token.getUsername(), token.decodeIv(), token.getAuthorities(), token.getExtra());
                     log.info("reset token ");

springboot-starter-security/src/main/java/com/codingapi/springboot/security/gateway/Token.java

@@ -2,7 +2,7 @@
 
 import com.alibaba.fastjson.JSONObject;
 import com.codingapi.springboot.framework.serializable.JsonSerializable;
-import com.codingapi.springboot.security.jwt.MyAES;
+import com.codingapi.springboot.security.crypto.AESTools;
 import com.codingapi.springboot.security.exception.TokenExpiredException;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
@@ -34,7 +34,7 @@ public Token(String username, String iv,String extra, List<String> authorities,
         this.username = username;
         this.extra = extra;
         if(iv!=null) {
-            this.iv = MyAES.getInstance().encode(iv);
+            this.iv = AESTools.getInstance().encode(iv);
         }
         this.authorities = authorities;
         this.expireTime = System.currentTimeMillis() + expireValue;
@@ -56,7 +56,7 @@ public String decodeIv(){
         if(iv==null){
             return null;
         }
-        return MyAES.getInstance().decode(iv);
+        return AESTools.getInstance().decode(iv);
     }
 
 

springboot-starter-security/src/main/java/com/codingapi/springboot/security/gateway/TokenGateway.java

@@ -4,10 +4,10 @@
 
 public interface TokenGateway {
 
-    Token create(String username, String password, List<String> authorities, String extra);
+    Token create(String username, String iv, List<String> authorities, String extra);
 
-    default Token create(String username, String password, List<String> authorities) {
-        return create(username, password, authorities, null);
+    default Token create(String username, String iv, List<String> authorities) {
+        return create(username, iv, authorities, null);
     }
 
     default Token create(String username, List<String> authorities) {

springboot-starter-security/src/main/java/com/codingapi/springboot/security/jwt/JWTSecurityConfiguration.java

@@ -1,27 +1,16 @@
 package com.codingapi.springboot.security.jwt;
 
-import com.codingapi.springboot.framework.crypto.AES;
 import com.codingapi.springboot.security.gateway.TokenGateway;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
-import java.util.Base64;
-
 @Configuration
 @ConditionalOnProperty(prefix = "codingapi.security.jwt", name = "enable", havingValue = "true", matchIfMissing = true)
 public class JWTSecurityConfiguration {
 
-    @Bean
-    @ConditionalOnMissingBean
-    public AES aes(SecurityJWTProperties properties) throws Exception {
-        AES aes = new AES(Base64.getDecoder().decode(properties.getAseKey().getBytes()),
-                Base64.getDecoder().decode(properties.getAseIv()));
-        MyAES.getInstance().init(aes);
-        return aes;
-    }
 
     @Bean
     @ConfigurationProperties(prefix = "codingapi.security.jwt")

springboot-starter-security/src/main/java/com/codingapi/springboot/security/jwt/JWTTokenGatewayImpl.java

@@ -10,7 +10,7 @@ public class JWTTokenGatewayImpl implements TokenGateway {
     private final Jwt jwt;
 
     public JWTTokenGatewayImpl(SecurityJWTProperties properties) {
-        this.jwt = new Jwt(properties.getSecretKey(), properties.getJwtTime(), properties.getJwtRestTime());
+        this.jwt = new Jwt(properties.getSecretKey(), properties.getValidTime(), properties.getRestTime());
     }
 
     @Override

springboot-starter-security/src/main/java/com/codingapi/springboot/security/jwt/Jwt.java

@@ -15,13 +15,13 @@
 public class Jwt {
 
     private final SecretKey key;
-    private final int jwtTime;
-    private final int jwtRestTime;
+    private final int validTime;
+    private final int restTime;
 
-    public Jwt(String secretKey, int jwtTime, int jwtRestTime) {
+    public Jwt(String secretKey, int validTime, int restTime) {
         this.key = Keys.hmacShaKeyFor(secretKey.getBytes(StandardCharsets.UTF_8));
-        this.jwtTime = jwtTime;
-        this.jwtRestTime = jwtRestTime;
+        this.validTime = validTime;
+        this.restTime = restTime;
     }
 
     public Token create(String username, List<String> authorities, String extra){
@@ -37,7 +37,7 @@ public Token create(String username, String iv, List<String> authorities){
     }
 
     public Token create(String username, String iv,List<String> authorities,String extra){
-        Token token = new Token(username, iv,extra, authorities, jwtTime, jwtRestTime);
+        Token token = new Token(username, iv,extra, authorities, validTime, restTime);
         String jwt = Jwts.builder().subject(token.toJson()).signWith(key).compact();
         token.setToken(jwt);
         return token;

springboot-starter-security/src/main/java/com/codingapi/springboot/security/jwt/SecurityJWTProperties.java

@@ -20,27 +20,16 @@ public class SecurityJWTProperties {
     private String secretKey = "codingapi.security.jwt.secretkey";
 
 
-    /**
-     * aes key
-     */
-    private String aseKey = "QUNEWCQlXiYqJCNYQ1phc0FDRFgkJV4mKiQjWENaYXM=";
-
-    /**
-     * aes iv
-     */
-    private String aseIv = "QUNYRkdIQEVEUyNYQ1phcw==";
-
-
     /**
      * JWT 有效时间(毫秒)
      * 15分钟有效期 1000*60*15=900000
      */
-    private int jwtTime = 900000;
+    private int validTime = 900000;
 
     /**
      * JWT 更换令牌时间(毫秒)
      * 10分钟后更换令牌 1000*60*10=600000
      */
-    private int jwtRestTime = 600000;
+    private int restTime = 600000;
 
 }

springboot-starter-security/src/main/java/com/codingapi/springboot/security/properties/CodingApiSecurityProperties.java

@@ -28,6 +28,17 @@ public class CodingApiSecurityProperties {
      */
     private String ignoreUrls = "/open/**";
 
+    /**
+     * aes key
+     */
+    private String aseKey = "QUNEWCQlXiYqJCNYQ1phc0FDRFgkJV4mKiQjWENaYXM=";
+
+    /**
+     * aes iv
+     */
+    private String aseIv = "QUNYRkdIQEVEUyNYQ1phcw==";
+
+
     /**
      * 启用禁用CSRF
      */

springboot-starter-security/src/main/java/com/codingapi/springboot/security/redis/RedisSecurityConfiguration.java

@@ -0,0 +1,30 @@
+package com.codingapi.springboot.security.redis;
+
+import com.codingapi.springboot.security.gateway.Token;
+import com.codingapi.springboot.security.gateway.TokenGateway;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.core.RedisTemplate;
+
+@Configuration
+@ConditionalOnProperty(prefix = "codingapi.security.redis", name = "enable", havingValue = "true")
+public class RedisSecurityConfiguration {
+
+
+    @Bean
+    @ConfigurationProperties(prefix = "codingapi.security.redis")
+    public SecurityRedisProperties securityRedisProperties() {
+        return new SecurityRedisProperties();
+    }
+
+
+    @Bean
+    @ConditionalOnMissingBean
+    public TokenGateway redisTokenGateway(RedisTemplate<String, Token> redisTemplate, SecurityRedisProperties properties) {
+        return new RedisTokenGatewayImpl(redisTemplate, properties);
+    }
+
+}

springboot-starter-security/src/main/java/com/codingapi/springboot/security/redis/RedisTokenGatewayImpl.java

@@ -0,0 +1,36 @@
+package com.codingapi.springboot.security.redis;
+
+import com.codingapi.springboot.security.gateway.Token;
+import com.codingapi.springboot.security.gateway.TokenGateway;
+import org.springframework.data.redis.core.RedisTemplate;
+
+import java.util.List;
+import java.util.UUID;
+
+public class RedisTokenGatewayImpl implements TokenGateway {
+
+    private final RedisTemplate<String, Token> redisTemplate;
+    private final int validTime;
+    private final int restTime;
+
+    public RedisTokenGatewayImpl(RedisTemplate<String, Token> redisTemplate, SecurityRedisProperties properties) {
+        this.redisTemplate = redisTemplate;
+        this.validTime = properties.getValidTime();
+        this.restTime = properties.getRestTime();
+    }
+
+    @Override
+    public Token create(String username, String iv, List<String> authorities, String extra) {
+        Token token = new Token(username, iv, extra, authorities, validTime, restTime);
+        String key = String.format("%s:%s", username, UUID.randomUUID().toString().replaceAll("-", ""));
+        token.setToken(key);
+        redisTemplate.opsForValue().set(key, token);
+        return token;
+    }
+
+    @Override
+    public Token parser(String sign) {
+        return redisTemplate.opsForValue().get(sign);
+    }
+
+}

springboot-starter-security/src/main/java/com/codingapi/springboot/security/redis/SecurityRedisProperties.java

@@ -0,0 +1,27 @@
+package com.codingapi.springboot.security.redis;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Setter
+@Getter
+public class SecurityRedisProperties {
+
+
+    /**
+     * 是否启用redis
+     */
+    private boolean enable = true;
+
+    /**
+     * 15分钟有效期 1000*60*15=900000
+     */
+    private int validTime = 900000;
+
+    /**
+     * 10分钟后更换令牌 1000*60*10=600000
+     */
+    private int restTime = 600000;
+
+
+}

springboot-starter-security/src/main/resources/META-INF/spring.factories

@@ -1,4 +1,6 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
 com.codingapi.springboot.security.configurer.WebSecurityConfigurer,\
 com.codingapi.springboot.security.jwt.JWTSecurityConfiguration,\
+com.codingapi.springboot.security.redis.RedisSecurityConfiguration,\
+com.codingapi.springboot.security.crypto.SecurityCryptoConfiguration,\
 com.codingapi.springboot.security.AutoConfiguration

springboot-starter-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -1,3 +1,5 @@
 com.codingapi.springboot.security.configurer.WebSecurityConfigurer
+com.codingapi.springboot.security.crypto.SecurityCryptoConfiguration
 com.codingapi.springboot.security.jwt.JWTSecurityConfiguration
+com.codingapi.springboot.security.redis.RedisSecurityConfiguration
 com.codingapi.springboot.security.AutoConfiguration

springboot-starter-security/src/test/resources/application.properties

@@ -1,15 +1,15 @@
 server.port=8088
 
-codingapi.security.jwt.jwt-time=10000
-codingapi.security.jwt.jwt-rest-time=5000
+codingapi.security.jwt.valid-time=10000
+codingapi.security.jwt.rest-time=5000
 
 codingapi.security.jwt.enable=true
 # JWT密钥 需大于32位的字符串
 codingapi.security.jwt.secret-key=codingapi.security.jwt.secretkey
 # JWT AES密钥
-codingapi.security.jwt.ase-key=QUNEWCQlXiYqJCNYQ1phc0FDRFgkJV4mKiQjWENaYXM=
+codingapi.security.ase-key=QUNEWCQlXiYqJCNYQ1phc0FDRFgkJV4mKiQjWENaYXM=
 # JWT AES IV
-codingapi.security.jwt.ase-iv=QUNYRkdIQEVEUyNYQ1phcw==
+codingapi.security.ase-iv=QUNYRkdIQEVEUyNYQ1phcw==
 
 # JWT 有效时间(毫秒) 15分钟有效期 1000*60*15=900000
 #codingapi.security.jwt-time=900000