fix: 修复jwk.json无法读取的问题,同时增加jwkFile配置项

pull/1762/head
liyexin 2025-01-23 16:05:12 +08:00
parent 464c989986
commit 2f53a4d01e
3 changed files with 15 additions and 4 deletions

View File

@ -175,4 +175,9 @@ public class UserSetting {
*/ */
private long loginTimeout = 30; private long loginTimeout = 30;
/**
* jwk使resourcesjwk.json
*/
private String jwkFile = "classpath:jwk.json";
} }

View File

@ -7,6 +7,7 @@ import com.genersoft.iot.vmp.service.IUserService;
import com.genersoft.iot.vmp.storager.dao.dto.User; import com.genersoft.iot.vmp.storager.dao.dto.User;
import com.genersoft.iot.vmp.storager.dao.dto.UserApiKey; import com.genersoft.iot.vmp.storager.dao.dto.UserApiKey;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.FileUtils;
import org.jose4j.jwk.JsonWebKey; import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet; import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.RsaJsonWebKey; import org.jose4j.jwk.RsaJsonWebKey;
@ -22,10 +23,10 @@ import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.lang.JoseException; import org.jose4j.lang.JoseException;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.ResourceUtils;
import javax.annotation.Resource; import javax.annotation.Resource;
import java.io.BufferedReader; import java.io.File;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.time.ZoneOffset; import java.time.ZoneOffset;
@ -92,8 +93,10 @@ public class JwtUtils implements InitializingBean {
*/ */
private RsaJsonWebKey generateRsaJsonWebKey() throws JoseException { private RsaJsonWebKey generateRsaJsonWebKey() throws JoseException {
RsaJsonWebKey rsaJsonWebKey = null; RsaJsonWebKey rsaJsonWebKey = null;
try (BufferedReader reader = new BufferedReader(new InputStreamReader(getClass().getClassLoader().getResourceAsStream("/jwk.json"), StandardCharsets.UTF_8))) { try {
String jwkJson = reader.readLine(); String jwkFile = userSetting.getJwkFile();
File file = ResourceUtils.getFile(jwkFile);
String jwkJson = FileUtils.readFileToString(file, StandardCharsets.UTF_8);
JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(jwkJson); JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(jwkJson);
List<JsonWebKey> jsonWebKeys = jsonWebKeySet.getJsonWebKeys(); List<JsonWebKey> jsonWebKeys = jsonWebKeySet.getJsonWebKeys();
if (!jsonWebKeys.isEmpty()) { if (!jsonWebKeys.isEmpty()) {
@ -106,6 +109,7 @@ public class JwtUtils implements InitializingBean {
// ignored // ignored
} }
if (rsaJsonWebKey == null) { if (rsaJsonWebKey == null) {
log.warn("[API AUTH] 读取jwk.json失败将使用新生成的随机RSA密钥对");
// 生成一个RSA密钥对该密钥对将用于JWT的签名和验证包装在JWK中 // 生成一个RSA密钥对该密钥对将用于JWT的签名和验证包装在JWK中
rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048); rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
// 给JWK一个密钥ID // 给JWK一个密钥ID

View File

@ -253,6 +253,8 @@ user-settings:
gb-device-online: 0 gb-device-online: 0
# 登录超时时间(分钟) # 登录超时时间(分钟)
login-timeout: 30 login-timeout: 30
# jwk文件路径若不指定则使用resources目录下的jwk.json
jwk-file: classpath:jwk.json
# 关闭在线文档(生产环境建议关闭) # 关闭在线文档(生产环境建议关闭)
springdoc: springdoc: