diff --git a/backend/src/main/java/io/dataease/auth/api/AuthApi.java b/backend/src/main/java/io/dataease/auth/api/AuthApi.java index db8cf15460..2af165a370 100644 --- a/backend/src/main/java/io/dataease/auth/api/AuthApi.java +++ b/backend/src/main/java/io/dataease/auth/api/AuthApi.java @@ -5,6 +5,7 @@ import io.dataease.auth.api.dto.CurrentUserDto; import io.dataease.auth.api.dto.LoginDto; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; +import org.springframework.web.bind.annotation.GetMapping; import springfox.documentation.annotations.ApiIgnore; import org.springframework.web.bind.annotation.PostMapping; @@ -55,4 +56,8 @@ public interface AuthApi { @PostMapping("/isPluginLoaded") boolean isPluginLoaded(); + @ApiIgnore + @GetMapping("/getPublicKey") + String getPublicKey(); + } diff --git a/backend/src/main/java/io/dataease/auth/server/AuthServer.java b/backend/src/main/java/io/dataease/auth/server/AuthServer.java index 7efab38dd6..73fea40a4f 100644 --- a/backend/src/main/java/io/dataease/auth/server/AuthServer.java +++ b/backend/src/main/java/io/dataease/auth/server/AuthServer.java @@ -10,10 +10,7 @@ import io.dataease.auth.entity.TokenInfo; import io.dataease.auth.service.AuthUserService; import io.dataease.auth.util.JWTUtils; import io.dataease.auth.util.RsaUtil; -import io.dataease.commons.utils.BeanUtils; -import io.dataease.commons.utils.CodingUtil; -import io.dataease.commons.utils.LogUtil; -import io.dataease.commons.utils.ServletUtils; +import io.dataease.commons.utils.*; import io.dataease.controller.sys.request.LdapAddRequest; import io.dataease.exception.DataEaseException; import io.dataease.i18n.Translator; @@ -55,10 +52,9 @@ public class AuthServer implements AuthApi { @Override public Object login(@RequestBody LoginDto loginDto) throws Exception { - String username = loginDto.getUsername(); - String password = loginDto.getPassword(); + String username = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getUsername());; + String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getPassword()); - String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, password); // 增加ldap登录方式 Integer loginType = loginDto.getLoginType(); boolean isSupportLdap = authUserService.supportLdap(); @@ -191,8 +187,11 @@ public class AuthServer implements AuthApi { return authUserService.pluginLoaded(); } - - + + @Override + public String getPublicKey() { + return RsaProperties.publicKey; + } /*@Override diff --git a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java index 05b437a764..f5b5d44a14 100644 --- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java +++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java @@ -60,6 +60,7 @@ public class ShiroServiceImpl implements ShiroService { filterChainDefinitionMap.put("/api/auth/validateName", ANON); filterChainDefinitionMap.put("/api/auth/isOpenLdap", ANON); filterChainDefinitionMap.put("/api/auth/isOpenOidc", ANON); + filterChainDefinitionMap.put("/api/auth/getPublicKey", ANON); filterChainDefinitionMap.put("/api/pluginCommon/component/*", ANON); filterChainDefinitionMap.put("/plugin/oidc/authInfo", ANON); filterChainDefinitionMap.put("/sso/callBack*", ANON); diff --git a/backend/src/main/java/io/dataease/commons/utils/RsaKey.java b/backend/src/main/java/io/dataease/commons/utils/RsaKey.java deleted file mode 100644 index bfb4e6646f..0000000000 --- a/backend/src/main/java/io/dataease/commons/utils/RsaKey.java +++ /dev/null @@ -1,16 +0,0 @@ -package io.dataease.commons.utils; - -import lombok.Getter; -import lombok.Setter; - -@Setter -@Getter -public class RsaKey { - - //公钥 - private String publicKey; - - //私钥 - private String privateKey; - -} \ No newline at end of file diff --git a/backend/src/main/java/io/dataease/commons/utils/RsaUtil.java b/backend/src/main/java/io/dataease/commons/utils/RsaUtil.java deleted file mode 100644 index dae9a8d27a..0000000000 --- a/backend/src/main/java/io/dataease/commons/utils/RsaUtil.java +++ /dev/null @@ -1,224 +0,0 @@ -package io.dataease.commons.utils; - -import org.apache.commons.codec.binary.Base64; - -import javax.crypto.Cipher; -import java.io.ByteArrayOutputStream; -import java.security.*; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.X509EncodedKeySpec; - -public class RsaUtil { - - public static final String CHARSET = "UTF-8"; - public static final String RSA_ALGORITHM = "RSA"; - - - /** - * 创建RSA 公钥-私钥 - */ - public static RsaKey createKeys() throws NoSuchAlgorithmException { - return createKeys(1024); - } - - /** - * 创建RSA 公钥-私钥 - */ - public static RsaKey createKeys(int keySize) throws NoSuchAlgorithmException { - //为RSA算法创建一个KeyPairGenerator对象 - KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM); - - //初始化KeyPairGenerator对象,密钥长度 - kpg.initialize(keySize); - //生成密匙对 - KeyPair keyPair = kpg.generateKeyPair(); - - //得到公钥 - Key publicKey = keyPair.getPublic(); - - String publicKeyStr = new String(Base64.encodeBase64(publicKey.getEncoded())); - - //得到私钥 - Key privateKey = keyPair.getPrivate(); - String privateKeyStr = new String(Base64.encodeBase64(privateKey.getEncoded())); - - RsaKey rsaKey = new RsaKey(); - rsaKey.setPublicKey(publicKeyStr); - rsaKey.setPrivateKey(privateKeyStr); - - return rsaKey; - } - - - /** - * 公钥加密 - * - * @param originalText 原文 - * @param publicKey 公钥 - */ - public static String publicEncrypt(String originalText, String publicKey) throws NoSuchAlgorithmException { - RSAPublicKey rsaPublicKey = getPublicKey(publicKey); - return publicEncrypt(originalText, rsaPublicKey); - } - - /** - * 公钥解密 - * - * @param cipherText 密文 - * @param publicKey 公钥 - */ - public static String publicDecrypt(String cipherText, String publicKey) throws NoSuchAlgorithmException { - RSAPublicKey rsaPublicKey = getPublicKey(publicKey); - return publicDecrypt(cipherText, rsaPublicKey); - } - - /** - * 私钥加密 - * - * @param originalText 原文 - * @param privateKey 私钥 - */ - public static String privateEncrypt(String originalText, String privateKey) throws NoSuchAlgorithmException { - RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey); - return privateEncrypt(originalText, rsaPrivateKey); - } - - - /** - * 私钥解密 - * - * @param cipherText 密文 - * @param privateKey 私钥 - */ - public static String privateDecrypt(String cipherText, String privateKey) throws NoSuchAlgorithmException { - RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey); - return privateDecrypt(cipherText, rsaPrivateKey); - } - - - /** - * 得到公钥 - * - * @param publicKey 密钥字符串(经过base64编码) - */ - private static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException { - //通过X509编码的Key指令获得公钥对象 - KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM); - - X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey)); - RSAPublicKey key = null; - try { - key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec); - } catch (InvalidKeySpecException e) { - e.printStackTrace(); - } - return key; - } - - /** - * 公钥加密 - * - * @param originalText 原文 - * @param publicKey 公钥 - */ - private static String publicEncrypt(String originalText, RSAPublicKey publicKey) { - try { - Cipher cipher = Cipher.getInstance(RSA_ALGORITHM); - cipher.init(Cipher.ENCRYPT_MODE, publicKey); - return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), publicKey.getModulus().bitLength())); - } catch (Exception e) { - throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e); - } - } - - /** - * 得到私钥 - * - * @param privateKey 密钥字符串(经过base64编码) - */ - private static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException { - //通过PKCS#8编码的Key指令获得私钥对象 - KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM); - - PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)); - RSAPrivateKey key = null; - try { - key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec); - } catch (InvalidKeySpecException e) { - e.printStackTrace(); - } - return key; - } - - - /** - * 私钥解密 - * - * @param cipherText 密文 - * @param privateKey 私钥 - */ - - private static String privateDecrypt(String cipherText, RSAPrivateKey privateKey) { - try { - Cipher cipher = Cipher.getInstance(RSA_ALGORITHM); - cipher.init(Cipher.DECRYPT_MODE, privateKey); - return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), privateKey.getModulus().bitLength()), CHARSET); - } catch (Exception e) { - throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e); - } - } - - private static String privateEncrypt(String originalText, RSAPrivateKey privateKey) { - try { - Cipher cipher = Cipher.getInstance(RSA_ALGORITHM); - cipher.init(Cipher.ENCRYPT_MODE, privateKey); - return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), privateKey.getModulus().bitLength())); - } catch (Exception e) { - throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e); - } - } - - - private static String publicDecrypt(String cipherText, RSAPublicKey publicKey) { - try { - Cipher cipher = Cipher.getInstance(RSA_ALGORITHM); - cipher.init(Cipher.DECRYPT_MODE, publicKey); - return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), publicKey.getModulus().bitLength()), CHARSET); - } catch (Exception e) { - throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e); - } - } - - private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) { - int maxBlock; - if (opmode == Cipher.DECRYPT_MODE) { - maxBlock = keySize / 8; - } else { - maxBlock = keySize / 8 - 11; - } - int offSet = 0; - byte[] buff; - int i = 0; - try ( - ByteArrayOutputStream out = new ByteArrayOutputStream() - ) { - while (datas.length > offSet) { - if (datas.length - offSet > maxBlock) { - buff = cipher.doFinal(datas, offSet, maxBlock); - } else { - buff = cipher.doFinal(datas, offSet, datas.length - offSet); - } - out.write(buff, 0, buff.length); - i++; - offSet = i * maxBlock; - } - return out.toByteArray(); - } catch (Exception e) { - throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e); - } - } - -} \ No newline at end of file diff --git a/frontend/src/api/user.js b/frontend/src/api/user.js index cd321a0918..01850eecc5 100644 --- a/frontend/src/api/user.js +++ b/frontend/src/api/user.js @@ -71,3 +71,10 @@ export function pluginLoaded() { method: 'post' }) } + +export function getPublicKey() { + return request({ + url: '/api/auth/getPublicKey', + method: 'get' + }) +} diff --git a/frontend/src/utils/rsaEncrypt.js b/frontend/src/utils/rsaEncrypt.js index 83db4809c9..1f29db2f4c 100644 --- a/frontend/src/utils/rsaEncrypt.js +++ b/frontend/src/utils/rsaEncrypt.js @@ -16,6 +16,7 @@ const privateKey = 'MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdb // 加密 export function encrypt(txt) { + let publicKey = localStorage.getItem("publicKey"); const encryptor = new JSEncrypt() encryptor.setPublicKey(publicKey) // 设置公钥 return encryptor.encrypt(txt) // 对需要加密的数据进行加密 @@ -28,3 +29,4 @@ export function decrypt(txt) { return encryptor.decrypt(txt) } + diff --git a/frontend/src/views/login/index.vue b/frontend/src/views/login/index.vue index 688cd763c7..f1369611b1 100644 --- a/frontend/src/views/login/index.vue +++ b/frontend/src/views/login/index.vue @@ -63,10 +63,11 @@