wangyizhe/his
1
3
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

feat(security): 更新JWT依赖版本并重构令牌服务实现

Browse Source 
- 将JWT版本从0.9.1升级到0.12.6
- 拆分jjwt依赖为api、impl和jackson三个独立模块
- 使用Keys.hmacShaKeyFor替换SignatureAlgorithm.HS512进行签名
- 使用UTF-8编码处理密钥字符串
- 重构令牌创建和解析方法以适配新版本API
- 添加运行时作用域配置以优化依赖加载
This commit is contained in:
chenqi
2026-06-05 09:17:13 +08:00
parent 1d21661a78
commit efb9b49d5c
3 changed files with 34 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
openhis-server-new/core-common/pom.xml
View File

@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://maven.apache.org/POM/4.0.0"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
@@ -142,7 +142,17 @@
<!-- Token生成与解析-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<artifactId>jjwt-api</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<scope>runtime</scope>
</dependency>
<!-- Jaxb -->

7
openhis-server-new/core-framework/src/main/java/com/core/framework/web/service/TokenService.java
View File

@@ -12,7 +12,8 @@ import com.core.common.utils.uuid.IdUtils;
import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.nio.charset.StandardCharsets;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -154,7 +155,7 @@ public class TokenService {
* @return 令牌
*/
private String createToken(Map<String, Object> claims) {
String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact();
String token = Jwts.builder().claims(claims).signWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)), Jwts.SIG.HS512).compact();
return token;
}
@@ -165,7 +166,7 @@ public class TokenService {
* @return 数据声明
*/
private Claims parseToken(String token) {
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
return Jwts.parser().verifyWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8))).build().parseSignedClaims(token).getPayload();
}
/**

20
openhis-server-new/pom.xml
View File

@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://maven.apache.org/POM/4.0.0"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
@@ -35,7 +35,7 @@
<commons.io.version>2.21.0</commons.io.version>
<poi.version>4.1.2</poi.version>
<velocity.version>2.3</velocity.version>
<jwt.version>0.9.1</jwt.version>
<jwt.version>0.12.6</jwt.version>
<!-- override dependency version -->
<lombok.version>1.18.34</lombok.version> <!-- 替换为 -->
<mybatis-plus.version>3.5.16</mybatis-plus.version>
@@ -293,13 +293,25 @@
<version>${velocity.version}</version>
</dependency>
<!-- Token生成与解析-->
<!-- Token生成与解析-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<artifactId>jjwt-api</artifactId>
<version>${jwt.version}</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>${jwt.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>${jwt.version}</version>
<scope>runtime</scope>
</dependency>
<!-- 验证码 -->
<dependency>
<groupId>pro.fessional</groupId>