feat(security/crypto): 新增支持密码编码器加密

continew-starter-security/continew-starter-security-crypto/pom.xml

@@ -16,6 +16,13 @@
     <description>ContiNew Starter 安全模块 - 加密</description>
 
     <dependencies>
+        <!-- 安全模块 - 密码编码器 -->
+        <dependency>
+            <groupId>top.continew.starter</groupId>
+            <artifactId>continew-starter-security-password</artifactId>
+            <optional>true</optional>
+        </dependency>
+
         <!-- Hutool 加密解密模块（封装 JDK 中加密解密算法） -->
         <dependency>
             <groupId>cn.hutool</groupId>

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java

@@ -24,9 +24,11 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.PropertySource;
 import top.continew.starter.core.constant.PropertiesConstants;
-import top.continew.starter.security.crypto.core.MyBatisDecryptInterceptor;
-import top.continew.starter.security.crypto.core.MyBatisEncryptInterceptor;
+import top.continew.starter.core.util.GeneralPropertySourceFactory;
+import top.continew.starter.security.crypto.mybatis.MyBatisDecryptInterceptor;
+import top.continew.starter.security.crypto.mybatis.MyBatisEncryptInterceptor;
 import top.continew.starter.security.crypto.util.EncryptHelper;
 
 /**
@@ -39,6 +41,7 @@ import top.continew.starter.security.crypto.util.EncryptHelper;
 @AutoConfiguration
 @EnableConfigurationProperties(CryptoProperties.class)
 @ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_CRYPTO, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true)
+@PropertySource(value = "classpath:default-crypto.yml", factory = GeneralPropertySourceFactory.class)
 public class CryptoAutoConfiguration {
 
     private static final Logger log = LoggerFactory.getLogger(CryptoAutoConfiguration.class);

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java

@@ -14,8 +14,9 @@
  * limitations under the License.
  */
 
-package top.continew.starter.security.crypto.encryptor;
+package top.continew.starter.security.crypto.autoconfigure;
 
+import top.continew.starter.security.crypto.encryptor.IEncryptor;
 import top.continew.starter.security.crypto.enums.Algorithm;
 
 import java.util.Objects;

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java

@@ -16,6 +16,8 @@
 
 package top.continew.starter.security.crypto.encryptor;
 
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
+
 /**
  * 加密器基类
  *

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java

@@ -20,6 +20,7 @@ import cn.hutool.core.text.CharSequenceUtil;
 import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
 import cn.hutool.crypto.symmetric.SymmetricCrypto;
 import top.continew.starter.core.constant.StringConstants;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Map;

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java

@@ -17,6 +17,7 @@
 package top.continew.starter.security.crypto.encryptor;
 
 import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 
 /**
  * AES（Advanced Encryption Standard） 加/解密处理器

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java

@@ -17,6 +17,7 @@
 package top.continew.starter.security.crypto.encryptor;
 
 import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 
 /**
  * DES（Data Encryption Standard） 加/解密处理器

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ * <p>
+ * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0;
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.gnu.org/licenses/lgpl.html
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.starter.security.crypto.encryptor;
+
+import cn.hutool.extra.spring.SpringUtil;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
+import top.continew.starter.security.password.autoconfigure.PasswordEncoderProperties;
+
+/**
+ * 密码编码器加/解密处理器
+ *
+ * <p>
+ * 使用前必须注入 {@link PasswordEncoder}，此加密方式不可逆，适合于密码场景
+ * </p>
+ *
+ * @see PasswordEncoder
+ * @see PasswordEncoderProperties
+ *
+ * @author Charles7c
+ * @since 2.13.3
+ */
+public class PasswordEncoderEncryptor extends AbstractEncryptor {
+
+    private final PasswordEncoder passwordEncoder = SpringUtil.getBean(PasswordEncoder.class);
+    private final PasswordEncoderProperties properties = SpringUtil.getBean(PasswordEncoderProperties.class);
+
+    public PasswordEncoderEncryptor(CryptoContext context) {
+        super(context);
+    }
+
+    @Override
+    public String encrypt(String plaintext) {
+        // 如果已经是加密格式，直接返回
+        if (properties.getAlgorithm().getPattern().matcher(plaintext).matches()) {
+            return plaintext;
+        }
+        return passwordEncoder.encode(plaintext);
+    }
+
+    @Override
+    public String decrypt(String ciphertext) {
+        return ciphertext;
+    }
+}

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java

@@ -17,6 +17,7 @@
 package top.continew.starter.security.crypto.encryptor;
 
 import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 
 /**
  * PBEWithMD5AndDES（Password Based Encryption With MD5 And DES） 加/解密处理器

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java

@@ -19,6 +19,7 @@ package top.continew.starter.security.crypto.encryptor;
 import cn.hutool.core.codec.Base64;
 import cn.hutool.crypto.SecureUtil;
 import cn.hutool.crypto.asymmetric.KeyType;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 
 /**
  * RSA 加/解密处理器

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java

@@ -55,7 +55,12 @@ public enum Algorithm {
     /**
      * Base64
      */
-    BASE64(Base64Encryptor.class),;
+    BASE64(Base64Encryptor.class),
+
+    /**
+     * 密码编码器，支持算法：BCrypt、SCRYPT、PBKDF2、ARGON2
+     */
+    PASSWORD_ENCODER(PasswordEncoderEncryptor.class);
 
     /**
      * 加密/解密处理器

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package top.continew.starter.security.crypto.core;
+package top.continew.starter.security.crypto.mybatis;
 
 import cn.hutool.core.text.CharSequenceUtil;
 import cn.hutool.core.util.ReflectUtil;

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package top.continew.starter.security.crypto.core;
+package top.continew.starter.security.crypto.mybatis;
 
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.text.CharSequenceUtil;

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package top.continew.starter.security.crypto.core;
+package top.continew.starter.security.crypto.mybatis;
 
 import cn.hutool.core.text.CharSequenceUtil;
 import cn.hutool.core.util.ClassUtil;

continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java

@@ -22,7 +22,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import top.continew.starter.security.crypto.annotation.FieldEncrypt;
 import top.continew.starter.security.crypto.autoconfigure.CryptoProperties;
-import top.continew.starter.security.crypto.encryptor.CryptoContext;
+import top.continew.starter.security.crypto.autoconfigure.CryptoContext;
 import top.continew.starter.security.crypto.encryptor.IEncryptor;
 import top.continew.starter.security.crypto.enums.Algorithm;
 

continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml

@@ -0,0 +1,6 @@
+--- ### 安全配置：字段加/解密配置
+continew-starter.security:
+  crypto:
+    enabled: true
+    # 默认算法，即 @FieldEncrypt 默认采用的算法（默认：AES 对称加密算法）
+    algorithm: AES