单点登录SSO解决方案之SpringSecurity+JWT实现

• @param publicKeyFilename 公钥文件路径

• @param privateKeyFilename 私钥文件路径

• @param secret 生成密钥的密文

*/

public static void generateKey(String publicKeyFilename, String privateKeyFilename, String secret, int keySize) throws Exception {

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(“RSA”);

SecureRandom secureRandom = new SecureRandom(secret.getBytes());

keyPairGenerator.initialize(Math.max(keySize, DEFAULT_KEY_SIZE), secureRandom);

KeyPair keyPair = keyPairGenerator.genKeyPair();

// 获取公钥并写出

byte[] publicKeyBytes = keyPair.getPublic().getEncoded();

publicKeyBytes = Base64.getEncoder().encode(publicKeyBytes);

writeFile(publicKeyFilename, publicKeyBytes);

// 获取私钥并写出

byte[] privateKeyBytes = keyPair.getPrivate().getEncoded();

privateKeyBytes = Base64.getEncoder().encode(privateKeyBytes);

writeFile(privateKeyFilename, privateKeyBytes);

}

private static byte[] readFile(String fileName) throws Exception {

return Files.readAllBytes(new File(fileName).toPath());

}

private static void writeFile(String destPath, byte[] bytes) throws IOException {

File dest = new File(destPath);

if (!dest.exists()) {

dest.createNewFile();

}

Files.write(dest.toPath(), bytes);

}

}

在通用子模块中编写测试类生成rsa公钥和私钥

/**

• @program: springboot-54-security-jwt-demo

• @description:

• @author: 波波烤鸭

• @create: 2019-12-03 11:08

*/

public class JwtTest {

private String privateKey = “c:/tools/auth_key/id_key_rsa”;

private String publicKey = “c:/tools/auth_key/id_key_rsa.pub”;

@Test

public void test1() throws Exception{

RsaUtils.generateKey(publicKey,privateKey,“dpb”,1024);

}

}

2.3认证系统创建

---

接下来我们创建我们的认证服务。

导入相关的依赖

org.springframework.boot

spring-boot-starter-web

org.springframework.boot

spring-boot-starter-security

security-jwt-common

com.dpb

1.0-SNAPSHOT

mysql

mysql-connector-java

5.1.47

org.mybatis.spring.boot

mybatis-spring-boot-starter

2.1.0

com.alibaba

druid

1.1.10

org.springframework.boot

spring-boot-configuration-processor

true

创建配置文件

spring:

datasource:

driver-class-name: com.mysql.jdbc.Driver

url: jdbc:mysql://localhost:3306/srm

username: root

password: 123456

type: com.alibaba.druid.pool.DruidDataSource

mybatis:

type-aliases-package: com.dpb.domain

mapper-locations: classpath:mapper/*.xml

logging:

level:

com.dpb: debug

rsa:

key:

pubKeyFile: c:\tools\auth_key\id_key_rsa.pub

priKeyFile: c:\tools\auth_key\id_key_rsa

提供公钥私钥的配置类

package com.dpb.config;

import com.dpb.utils.RsaUtils;

import lombok.Data;

import org.springframework.boot.context.properties.ConfigurationProperties;

import org.springframework.context.annotation.Configuration;

import javax.annotation.PostConstruct;

import java.security.PrivateKey;

import java.security.PublicKey;

/**

• @program: springboot-54-security-jwt-demo

• @description:

• @author: 波波烤鸭

• @create: 2019-12-03 11:25

*/

@Data

@ConfigurationProperties(prefix = “rsa.key”)

public class RsaKeyProperties {

private String pubKeyFile;

private String priKeyFile;

private PublicKey publicKey;

private PrivateKey privateKey;

/**

• 系统启动的时候触发

• @throws Exception

*/

@PostConstruct

public void createRsaKey() throws Exception {

publicKey = RsaUtils.getPublicKey(pubKeyFile);

privateKey = RsaUtils.getPrivateKey(priKeyFile);

}

}

创建启动类

/**

• @program: springboot-54-security-jwt-demo

• @description: 启动类

• @author: 波波烤鸭

• @create: 2019-12-03 11:23

*/

@SpringBootApplication

@MapperScan(“com.dpb.mapper”)

@EnableConfigurationProperties(RsaKeyProperties.class)

public class App {

public static void main(String[] args) {

SpringApplication.run(App.class,args);

}

}

完成数据认证的逻辑

pojo

package com.dpb.domain;

import com.fasterxml.jackson.annotation.JsonIgnore;

import lombok.Data;

import org.springframework.security.c