diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java index d9da7767..37a3307e 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java @@ -7,7 +7,6 @@ import com.genersoft.iot.vmp.service.IUserService; import com.genersoft.iot.vmp.storager.dao.dto.User; import com.genersoft.iot.vmp.storager.dao.dto.UserApiKey; import lombok.extern.slf4j.Slf4j; -import org.apache.commons.io.FileUtils; import org.jose4j.jwk.JsonWebKey; import org.jose4j.jwk.JsonWebKeySet; import org.jose4j.jwk.RsaJsonWebKey; @@ -22,12 +21,16 @@ import org.jose4j.jwt.consumer.JwtConsumer; import org.jose4j.jwt.consumer.JwtConsumerBuilder; import org.jose4j.lang.JoseException; import org.springframework.beans.factory.InitializingBean; +import org.springframework.core.io.ClassPathResource; import org.springframework.stereotype.Component; -import org.springframework.util.ResourceUtils; import javax.annotation.Resource; +import java.io.BufferedReader; import java.io.File; +import java.io.InputStream; +import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; +import java.nio.file.Files; import java.time.LocalDateTime; import java.time.ZoneOffset; import java.util.List; @@ -95,8 +98,44 @@ public class JwtUtils implements InitializingBean { RsaJsonWebKey rsaJsonWebKey = null; try { String jwkFile = userSetting.getJwkFile(); - File file = ResourceUtils.getFile(jwkFile); - String jwkJson = FileUtils.readFileToString(file, StandardCharsets.UTF_8); + InputStream inputStream = null; + if (jwkFile.startsWith("classpath:")){ + String filePath = jwkFile.substring("classpath:".length()); + ClassPathResource civilCodeFile = new ClassPathResource(filePath); + if (civilCodeFile.exists()) { + inputStream = civilCodeFile.getInputStream(); + } + }else { + File civilCodeFile = new File(userSetting.getCivilCodeFile()); + if (civilCodeFile.exists()) { + inputStream = Files.newInputStream(civilCodeFile.toPath()); + } + + } + if (inputStream == null ) { + log.warn("[API AUTH] 读取jwk.json失败,文件不存在,将使用新生成的随机RSA密钥对"); + // 生成一个RSA密钥对,该密钥对将用于JWT的签名和验证,包装在JWK中 + rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048); + // 给JWK一个密钥ID + rsaJsonWebKey.setKeyId(keyId); + return rsaJsonWebKey; + } + BufferedReader inputStreamReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8)); + int index = -1; + String line; + StringBuilder content = new StringBuilder(); + while ((line = inputStreamReader.readLine()) != null) { + content.append(line); + index ++; + if (index == 0) { + continue; + } + } + inputStreamReader.close(); + inputStream.close(); + + + String jwkJson = content.toString(); JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(jwkJson); List jsonWebKeys = jsonWebKeySet.getJsonWebKeys(); if (!jsonWebKeys.isEmpty()) { @@ -105,15 +144,15 @@ public class JwtUtils implements InitializingBean { rsaJsonWebKey = (RsaJsonWebKey) jsonWebKey; } } - } catch (Exception e) { - // ignored - } + } catch (Exception ignore) {} if (rsaJsonWebKey == null) { - log.warn("[API AUTH] 读取jwk.json失败,将使用新生成的随机RSA密钥对"); + log.warn("[API AUTH] 读取jwk.json失败,获取内容失败,将使用新生成的随机RSA密钥对"); // 生成一个RSA密钥对,该密钥对将用于JWT的签名和验证,包装在JWK中 rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048); // 给JWK一个密钥ID rsaJsonWebKey.setKeyId(keyId); + }else { + log.info("[API AUTH] 读取jwk.json成功"); } return rsaJsonWebKey; }