+ * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0; + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + *
+ * http://www.gnu.org/licenses/lgpl.html + *
+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package top.continew.starter.security.crypto.encryptor; + +import cn.hutool.extra.spring.SpringUtil; +import org.springframework.security.crypto.password.PasswordEncoder; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.security.password.autoconfigure.PasswordEncoderProperties; + +/** + * 密码编码器加/解密处理器 + * + *
+ * 使用前必须注入 {@link PasswordEncoder},此加密方式不可逆,适合于密码场景 + *
+ * + * @see PasswordEncoder + * @see PasswordEncoderProperties + * + * @author Charles7c + * @since 2.13.3 + */ +public class PasswordEncoderEncryptor extends AbstractEncryptor { + + private final PasswordEncoder passwordEncoder = SpringUtil.getBean(PasswordEncoder.class); + private final PasswordEncoderProperties properties = SpringUtil.getBean(PasswordEncoderProperties.class); + + public PasswordEncoderEncryptor(CryptoContext context) { + super(context); + } + + @Override + public String encrypt(String plaintext) { + // 如果已经是加密格式,直接返回 + if (properties.getAlgorithm().getPattern().matcher(plaintext).matches()) { + return plaintext; + } + return passwordEncoder.encode(plaintext); + } + + @Override + public String decrypt(String ciphertext) { + return ciphertext; + } +} diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java index 476ea56e..c101577b 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java @@ -17,6 +17,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * PBEWithMD5AndDES(Password Based Encryption With MD5 And DES) 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java index 160085a7..efa9f73b 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java @@ -19,6 +19,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.core.codec.Base64; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * RSA 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java index a0840d03..e19c4c37 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java @@ -55,7 +55,12 @@ public enum Algorithm { /** * Base64 */ - BASE64(Base64Encryptor.class),; + BASE64(Base64Encryptor.class), + + /** + * 密码编码器,支持算法:BCrypt、SCRYPT、PBKDF2、ARGON2 + */ + PASSWORD_ENCODER(PasswordEncoderEncryptor.class); /** * 加密/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java similarity index 98% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java index 63a7d548..b434adc3 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ReflectUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java similarity index 98% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java index 25202f8c..0f6f7621 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.text.CharSequenceUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java similarity index 99% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java index 6126f477..371bdba9 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ClassUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java index ec532c7e..de162c3f 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java @@ -22,7 +22,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import top.continew.starter.security.crypto.annotation.FieldEncrypt; import top.continew.starter.security.crypto.autoconfigure.CryptoProperties; -import top.continew.starter.security.crypto.encryptor.CryptoContext; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; import top.continew.starter.security.crypto.encryptor.IEncryptor; import top.continew.starter.security.crypto.enums.Algorithm; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml b/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml new file mode 100644 index 00000000..200adcca --- /dev/null +++ b/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml @@ -0,0 +1,6 @@ +--- ### 安全配置:字段加/解密配置 +continew-starter.security: + crypto: + enabled: true + # 默认算法,即 @FieldEncrypt 默认采用的算法(默认:AES 对称加密算法) + algorithm: AES \ No newline at end of file