wangyizhe/his
1
3
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

feat(security): 更新JWT依赖版本并重构令牌服务实现

Browse Source 
- 将JWT版本从0.9.1升级到0.12.6
- 拆分jjwt依赖为api、impl和jackson三个独立模块
- 使用Keys.hmacShaKeyFor替换SignatureAlgorithm.HS512进行签名
- 使用UTF-8编码处理密钥字符串
- 重构令牌创建和解析方法以适配新版本API
- 添加运行时作用域配置以优化依赖加载
This commit is contained in:
chenqi
2026-06-05 09:17:13 +08:00
parent 1d21661a78
commit efb9b49d5c
3 changed files with 34 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
openhis-server-new/core-common/pom.xml
View File

@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://maven.apache.org/POM/4.0.0" xmlns="http://maven.apache.org/POM/4.0.0"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
@@ -142,7 +142,17 @@
<!-- Token生成与解析--> <!-- Token生成与解析-->
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId> <artifactId>jjwt-api</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<scope>runtime</scope>
</dependency> </dependency>
<!-- Jaxb --> <!-- Jaxb -->
@@ -189,4 +199,4 @@
</dependencies> </dependencies>
</project> </project>

7
openhis-server-new/core-framework/src/main/java/com/core/framework/web/service/TokenService.java
View File

@@ -12,7 +12,8 @@ import com.core.common.utils.uuid.IdUtils;
import eu.bitwalker.useragentutils.UserAgent; import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.security.Keys;
import java.nio.charset.StandardCharsets;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@@ -154,7 +155,7 @@ public class TokenService {
* @return 令牌 * @return 令牌
*/ */
private String createToken(Map<String, Object> claims) { private String createToken(Map<String, Object> claims) {
String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact(); String token = Jwts.builder().claims(claims).signWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)), Jwts.SIG.HS512).compact();
return token; return token;
} }
@@ -165,7 +166,7 @@ public class TokenService {
* @return 数据声明 * @return 数据声明
*/ */
private Claims parseToken(String token) { private Claims parseToken(String token) {
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); return Jwts.parser().verifyWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8))).build().parseSignedClaims(token).getPayload();
} }
/** /**

22
openhis-server-new/pom.xml
View File

@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://maven.apache.org/POM/4.0.0" xmlns="http://maven.apache.org/POM/4.0.0"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
@@ -35,7 +35,7 @@
<commons.io.version>2.21.0</commons.io.version> <commons.io.version>2.21.0</commons.io.version>
<poi.version>4.1.2</poi.version> <poi.version>4.1.2</poi.version>
<velocity.version>2.3</velocity.version> <velocity.version>2.3</velocity.version>
<jwt.version>0.9.1</jwt.version> <jwt.version>0.12.6</jwt.version>
<!-- override dependency version --> <!-- override dependency version -->
<lombok.version>1.18.34</lombok.version> <!-- 替换为 --> <lombok.version>1.18.34</lombok.version> <!-- 替换为 -->
<mybatis-plus.version>3.5.16</mybatis-plus.version> <mybatis-plus.version>3.5.16</mybatis-plus.version>
@@ -293,13 +293,25 @@
<version>${velocity.version}</version> <version>${velocity.version}</version>
</dependency> </dependency>
<!-- Token生成与解析-->
<!-- Token生成与解析--> <!-- Token生成与解析-->
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId> <artifactId>jjwt-api</artifactId>
<version>${jwt.version}</version> <version>${jwt.version}</version>
</dependency> </dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>${jwt.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>${jwt.version}</version>
<scope>runtime</scope>
</dependency>
<!-- 验证码 --> <!-- 验证码 -->
<dependency> <dependency>
<groupId>pro.fessional</groupId> <groupId>pro.fessional</groupId>
@@ -414,4 +426,4 @@
</pluginRepository> </pluginRepository>
</pluginRepositories> </pluginRepositories>
</project> </project>