From 3714621173c606c4c58439ed8941100ce9ddea14 Mon Sep 17 00:00:00 2001
From: Codex Assistant <codex@example.com>
Date: 星期三, 05 十一月 2025 15:10:49 +0800
Subject: [PATCH] bug
---
backend/src/main/java/com/rongyichuang/auth/util/JwtUtil.java | 66 +++++++++++++++++++++++++++++----
1 files changed, 58 insertions(+), 8 deletions(-)
diff --git a/backend/src/main/java/com/rongyichuang/auth/util/JwtUtil.java b/backend/src/main/java/com/rongyichuang/auth/util/JwtUtil.java
index 91b828e..6207646 100644
--- a/backend/src/main/java/com/rongyichuang/auth/util/JwtUtil.java
+++ b/backend/src/main/java/com/rongyichuang/auth/util/JwtUtil.java
@@ -8,6 +8,9 @@
import org.springframework.stereotype.Component;
import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
import java.util.Date;
/**
@@ -25,21 +28,60 @@
private long jwtExpiration;
/**
- * 鐢熸垚JWT token
+ * 鐢熸垚JWT token锛堟棫鐗堟湰锛屼繚鎸佸吋瀹规�э級
*/
public String generateToken(Long userId, String phone) {
+ return generateToken(userId, phone, null);
+ }
+
+ /**
+ * 鐢熸垚JWT token锛堟柊鐗堟湰锛屾敮鎸亀xopenid锛�
+ */
+ public String generateToken(Long userId, String phone, String wxopenid) {
Date now = new Date();
Date expiryDate = new Date(now.getTime() + jwtExpiration);
- SecretKey key = Keys.hmacShaKeyFor(jwtSecret.getBytes());
+ SecretKey key = getSigningKey();
- return Jwts.builder()
+ JwtBuilder builder = Jwts.builder()
.setSubject(userId.toString())
- .claim("phone", phone)
.setIssuedAt(now)
- .setExpiration(expiryDate)
- .signWith(key, SignatureAlgorithm.HS256)
- .compact();
+ .setExpiration(expiryDate);
+
+ // 鍙湁褰損hone涓嶄负null鏃舵墠娣诲姞phone claim
+ if (phone != null) {
+ builder.claim("phone", phone);
+ }
+
+ // 鍙湁褰搘xopenid涓嶄负null鏃舵墠娣诲姞wxopenid claim
+ if (wxopenid != null) {
+ builder.claim("wxopenid", wxopenid);
+ }
+
+ return builder.signWith(key, SignatureAlgorithm.HS256).compact();
+ }
+
+ /**
+ * 鏍规嵁閰嶇疆鐨勫瘑閽ョ敓鎴愭弧瓒� HMAC-SHA 瑕佹眰鐨勭鍚嶅瘑閽ワ細
+ * - 鑻ユ槑鏂囧瘑閽ラ暱搴︿笉瓒� 256 bit锛屼娇鐢� SHA-256 琛嶇敓涓� 256-bit
+ * - 淇濇寔瀵圭幇鏈� app.jwt.secret 鐨勫吋瀹癸紝涓嶄慨鏀归厤缃敭鍚嶆垨鍏跺畠閫昏緫
+ */
+ private SecretKey getSigningKey() {
+ try {
+ byte[] keyBytes = jwtSecret.getBytes(StandardCharsets.UTF_8);
+ if (keyBytes.length < 32) {
+ MessageDigest digest = MessageDigest.getInstance("SHA-256");
+ keyBytes = digest.digest(keyBytes);
+ }
+ if (keyBytes.length < 32) {
+ byte[] padded = new byte[32];
+ System.arraycopy(keyBytes, 0, padded, 0, Math.min(keyBytes.length, 32));
+ keyBytes = padded;
+ }
+ return new SecretKeySpec(keyBytes, "HmacSHA256");
+ } catch (Exception e) {
+ throw new RuntimeException("鍒濆鍖朖WT绛惧悕瀵嗛挜澶辫触", e);
+ }
}
/**
@@ -56,6 +98,14 @@
public String getPhoneFromToken(String token) {
Claims claims = getClaimsFromToken(token);
return claims.get("phone", String.class);
+ }
+
+ /**
+ * 浠巘oken涓幏鍙栧井淇penid
+ */
+ public String getWxOpenidFromToken(String token) {
+ Claims claims = getClaimsFromToken(token);
+ return claims.get("wxopenid", String.class);
}
/**
@@ -87,7 +137,7 @@
* 浠巘oken涓В鏋怌laims
*/
private Claims getClaimsFromToken(String token) {
- SecretKey key = Keys.hmacShaKeyFor(jwtSecret.getBytes());
+ SecretKey key = getSigningKey();
return Jwts.parserBuilder()
.setSigningKey(key)
.build()
--
Gitblit v1.8.0