From 38b6428662b909875df4ae8f36f180b0394accc1 Mon Sep 17 00:00:00 2001 From: Charles7c Date: Tue, 22 Jul 2025 22:46:42 +0800 Subject: [PATCH] =?UTF-8?q?feat(security/crypto):=20=E6=96=B0=E5=A2=9E?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=AF=86=E7=A0=81=E7=BC=96=E7=A0=81=E5=99=A8?= =?UTF-8?q?=E5=8A=A0=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../continew-starter-security-crypto/pom.xml | 7 +++ .../CryptoAutoConfiguration.java | 7 ++- .../CryptoContext.java | 3 +- .../crypto/encryptor/AbstractEncryptor.java | 2 + .../AbstractSymmetricCryptoEncryptor.java | 1 + .../crypto/encryptor/AesEncryptor.java | 1 + .../crypto/encryptor/DesEncryptor.java | 1 + .../encryptor/PasswordEncoderEncryptor.java | 59 +++++++++++++++++++ .../encryptor/PbeWithMd5AndDesEncryptor.java | 1 + .../crypto/encryptor/RsaEncryptor.java | 1 + .../security/crypto/enums/Algorithm.java | 7 ++- .../AbstractMyBatisInterceptor.java | 2 +- .../MyBatisDecryptInterceptor.java | 2 +- .../MyBatisEncryptInterceptor.java | 2 +- .../security/crypto/util/EncryptHelper.java | 2 +- .../src/main/resources/default-crypto.yml | 6 ++ 16 files changed, 96 insertions(+), 8 deletions(-) rename continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/{encryptor => autoconfigure}/CryptoContext.java (95%) create mode 100644 continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java rename continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/{core => mybatis}/AbstractMyBatisInterceptor.java (98%) rename continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/{core => mybatis}/MyBatisDecryptInterceptor.java (98%) rename continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/{core => mybatis}/MyBatisEncryptInterceptor.java (99%) create mode 100644 continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml diff --git a/continew-starter-security/continew-starter-security-crypto/pom.xml b/continew-starter-security/continew-starter-security-crypto/pom.xml index 5ae62671..6a942f1b 100644 --- a/continew-starter-security/continew-starter-security-crypto/pom.xml +++ b/continew-starter-security/continew-starter-security-crypto/pom.xml @@ -16,6 +16,13 @@ ContiNew Starter 安全模块 - 加密 + + + top.continew.starter + continew-starter-security-password + true + + cn.hutool diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java index e2e87579..50e8a255 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java @@ -24,9 +24,11 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.PropertySource; import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.security.crypto.core.MyBatisDecryptInterceptor; -import top.continew.starter.security.crypto.core.MyBatisEncryptInterceptor; +import top.continew.starter.core.util.GeneralPropertySourceFactory; +import top.continew.starter.security.crypto.mybatis.MyBatisDecryptInterceptor; +import top.continew.starter.security.crypto.mybatis.MyBatisEncryptInterceptor; import top.continew.starter.security.crypto.util.EncryptHelper; /** @@ -39,6 +41,7 @@ import top.continew.starter.security.crypto.util.EncryptHelper; @AutoConfiguration @EnableConfigurationProperties(CryptoProperties.class) @ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_CRYPTO, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) +@PropertySource(value = "classpath:default-crypto.yml", factory = GeneralPropertySourceFactory.class) public class CryptoAutoConfiguration { private static final Logger log = LoggerFactory.getLogger(CryptoAutoConfiguration.class); diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/CryptoContext.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java similarity index 95% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/CryptoContext.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java index 7abf2f26..1db221aa 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/CryptoContext.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java @@ -14,8 +14,9 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.security.crypto.autoconfigure; +import top.continew.starter.security.crypto.encryptor.IEncryptor; import top.continew.starter.security.crypto.enums.Algorithm; import java.util.Objects; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java index 49fe9530..46f50e76 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java @@ -16,6 +16,8 @@ package top.continew.starter.security.crypto.encryptor; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; + /** * 加密器基类 * diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java index 6fbb265d..05315e47 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java @@ -20,6 +20,7 @@ import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; import cn.hutool.crypto.symmetric.SymmetricCrypto; import top.continew.starter.core.constant.StringConstants; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; import java.nio.charset.StandardCharsets; import java.util.Map; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java index cc686a4c..a31f1b91 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java @@ -17,6 +17,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * AES(Advanced Encryption Standard) 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java index b4ec1733..49d1b132 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java @@ -17,6 +17,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * DES(Data Encryption Standard) 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java new file mode 100644 index 00000000..3030a4af --- /dev/null +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved. + *

+ * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0; + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + *

+ * http://www.gnu.org/licenses/lgpl.html + *

+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package top.continew.starter.security.crypto.encryptor; + +import cn.hutool.extra.spring.SpringUtil; +import org.springframework.security.crypto.password.PasswordEncoder; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.security.password.autoconfigure.PasswordEncoderProperties; + +/** + * 密码编码器加/解密处理器 + * + *

+ * 使用前必须注入 {@link PasswordEncoder},此加密方式不可逆,适合于密码场景 + *

+ * + * @see PasswordEncoder + * @see PasswordEncoderProperties + * + * @author Charles7c + * @since 2.13.3 + */ +public class PasswordEncoderEncryptor extends AbstractEncryptor { + + private final PasswordEncoder passwordEncoder = SpringUtil.getBean(PasswordEncoder.class); + private final PasswordEncoderProperties properties = SpringUtil.getBean(PasswordEncoderProperties.class); + + public PasswordEncoderEncryptor(CryptoContext context) { + super(context); + } + + @Override + public String encrypt(String plaintext) { + // 如果已经是加密格式,直接返回 + if (properties.getAlgorithm().getPattern().matcher(plaintext).matches()) { + return plaintext; + } + return passwordEncoder.encode(plaintext); + } + + @Override + public String decrypt(String ciphertext) { + return ciphertext; + } +} diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java index 476ea56e..c101577b 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java @@ -17,6 +17,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * PBEWithMD5AndDES(Password Based Encryption With MD5 And DES) 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java index 160085a7..efa9f73b 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java @@ -19,6 +19,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.core.codec.Base64; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; /** * RSA 加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java index a0840d03..e19c4c37 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java @@ -55,7 +55,12 @@ public enum Algorithm { /** * Base64 */ - BASE64(Base64Encryptor.class),; + BASE64(Base64Encryptor.class), + + /** + * 密码编码器,支持算法:BCrypt、SCRYPT、PBKDF2、ARGON2 + */ + PASSWORD_ENCODER(PasswordEncoderEncryptor.class); /** * 加密/解密处理器 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java similarity index 98% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java index 63a7d548..b434adc3 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/AbstractMyBatisInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ReflectUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java similarity index 98% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java index 25202f8c..0f6f7621 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisDecryptInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.text.CharSequenceUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java similarity index 99% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java index 6126f477..371bdba9 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/core/MyBatisEncryptInterceptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.core; +package top.continew.starter.security.crypto.mybatis; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ClassUtil; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java index ec532c7e..de162c3f 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java @@ -22,7 +22,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import top.continew.starter.security.crypto.annotation.FieldEncrypt; import top.continew.starter.security.crypto.autoconfigure.CryptoProperties; -import top.continew.starter.security.crypto.encryptor.CryptoContext; +import top.continew.starter.security.crypto.autoconfigure.CryptoContext; import top.continew.starter.security.crypto.encryptor.IEncryptor; import top.continew.starter.security.crypto.enums.Algorithm; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml b/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml new file mode 100644 index 00000000..200adcca --- /dev/null +++ b/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml @@ -0,0 +1,6 @@ +--- ### 安全配置:字段加/解密配置 +continew-starter.security: + crypto: + enabled: true + # 默认算法,即 @FieldEncrypt 默认采用的算法(默认:AES 对称加密算法) + algorithm: AES \ No newline at end of file