From d03437431afe7b44d925e183a1559a1d6e078c91 Mon Sep 17 00:00:00 2001
From: dongzeliang <2746733890@qq.com>
Date: Thu, 6 Jun 2024 18:04:29 +0800
Subject: [PATCH] =?UTF-8?q?fix():=20=E4=BF=AE=E6=94=B9sysjob=E4=BB=A3?=
 =?UTF-8?q?=E7=A0=81=E8=A7=84=E8=8C=83.=E4=BF=AE=E6=94=B9JWT=E4=BB=A4?=
 =?UTF-8?q?=E7=89=8C=E7=A7=98=E9=92=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/core/constant/TokenConstants.java  |  2 +-
 .../com/muyu/common/core/utils/JwtUtils.java  | 52 +++++++++++++++++--
 .../main/java/com/muyu/job/domain/SysJob.java |  2 +-
 pom.xml                                       |  2 +-
 4 files changed, 50 insertions(+), 8 deletions(-)

diff --git a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/TokenConstants.java b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/TokenConstants.java
index 0884e32..38abd57 100644
--- a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/TokenConstants.java
+++ b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/TokenConstants.java
@@ -19,6 +19,6 @@ public class TokenConstants {
     /**
      * 令牌秘钥
      */
-    public final static String SECRET = "abcdefghijklmnopqrstuvwxyz";
+    public final static String SECRET = "abcdefghijklmnsalieopadfaqawefwerstuvwxyz";
 
 }
diff --git a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java
index a12b839..62816cb 100644
--- a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java
+++ b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java
@@ -5,8 +5,11 @@ import com.muyu.common.core.constant.TokenConstants;
 import com.muyu.common.core.text.Convert;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import io.jsonwebtoken.security.SecureDigestAlgorithm;
 
+import javax.crypto.SecretKey;
+import java.util.Date;
 import java.util.Map;
 
 /**
@@ -15,7 +18,30 @@ import java.util.Map;
  * @author muyu
  */
 public class JwtUtils {
-    public static String secret = TokenConstants.SECRET;
+
+    /**
+     * 加密算法
+     */
+    private final static SecureDigestAlgorithm<SecretKey, SecretKey> ALGORITHM = Jwts.SIG.HS256;
+    /**
+     * 私钥 / 生成签名的时候使用的秘钥secret，一般可以从本地配置文件中读取，切记这个秘钥不能外露，只在服务端使用，在任何场景都不应该流露出去。
+     * 一旦客户端得知这个secret, 那就意味着客户端是可以自我签发jwt了。
+     * 应该大于等于 256位(长度32及以上的字符串)，并且是随机的字符串
+     */
+    private final static String secret = TokenConstants.SECRET;
+    /**
+     * 秘钥实例
+     */
+    public static final SecretKey KEY = Keys.hmacShaKeyFor(secret.getBytes());
+    /**
+     * jwt签发者
+     */
+    private final static String JWT_ISS = "MUYU";
+    /**
+     * jwt主题
+     */
+    private final static String SUBJECT = "Peripherals";
+
 
     /**
      * 从数据声明生成令牌
@@ -25,8 +51,20 @@ public class JwtUtils {
      * @return 令牌
      */
     public static String createToken (Map<String, Object> claims) {
-        String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact();
-        return token;
+        return Jwts.builder()
+                // 设置头部信息header
+                .header().add("typ", "JWT").add("alg", "HS256").and()
+                // 设置自定义负载信息payload
+                .claims(claims)
+                // 签发时间
+                .issuedAt(new Date())
+                // 主题
+                .subject(SUBJECT)
+                // 签发者
+                .issuer(JWT_ISS)
+                // 签名
+                .signWith(KEY, ALGORITHM)
+                .compact();
     }
 
     /**
@@ -37,7 +75,11 @@ public class JwtUtils {
      * @return 数据声明
      */
     public static Claims parseToken (String token) {
-        return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+        return Jwts.parser()
+                .verifyWith(KEY)
+                .build()
+                .parseSignedClaims(token)
+                .getPayload();
     }
 
     /**
diff --git a/cloud-modules/cloud-modules-job/src/main/java/com/muyu/job/domain/SysJob.java b/cloud-modules/cloud-modules-job/src/main/java/com/muyu/job/domain/SysJob.java
index e826e26..006a112 100644
--- a/cloud-modules/cloud-modules-job/src/main/java/com/muyu/job/domain/SysJob.java
+++ b/cloud-modules/cloud-modules-job/src/main/java/com/muyu/job/domain/SysJob.java
@@ -19,7 +19,7 @@ import java.util.Date;
  *
  * @author muyu
  */
-@Setter
+@Data
 @SuperBuilder
 @NoArgsConstructor
 @AllArgsConstructor
diff --git a/pom.xml b/pom.xml
index d891e25..2adcc87 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,7 +31,7 @@
         <commons.io.version>2.13.0</commons.io.version>
         <velocity.version>2.3</velocity.version>
         <fastjson.version>2.0.41</fastjson.version>
-        <jjwt.version>0.9.1</jjwt.version>
+        <jjwt.version>0.12.5</jjwt.version>
         <minio.version>8.5.10</minio.version>
         <poi.version>4.1.2</poi.version>
         <transmittable-thread-local.version>2.14.3</transmittable-thread-local.version>