fusen/fusenapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复 jwt payload解析的错误

Browse Source
This commit is contained in:
eson
2023-08-25 15:37:35 +08:00
parent ede181d6dd
commit f91f9d3230
21 changed files with 263 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
utils/auth/jwt_token.go
View File

@@ -5,14 +5,17 @@ import (
"encoding/json"
"errors"
"fmt"
"log"
"net/http"
"strings"
)
var DefaultJwtSecret uint64 = 21321321321
func ParseJwtTokenHeader[T any](r *http.Request) (string, *T, error) {
//TODO:
var u T
return "", &u, nil
// var u T
// return "", &u, nil
AuthKey := r.Header.Get("Authorization")
if AuthKey == "" {
@@ -28,7 +31,51 @@ func ParseJwtTokenHeader[T any](r *http.Request) (string, *T, error) {
return "", nil, fmt.Errorf("Invalid JWT token")
}
payload, err := base64.URLEncoding.DecodeString(parts[1])
payload, err := base64.RawURLEncoding.DecodeString(parts[1])
if err != nil {
return "", nil, fmt.Errorf("Error unmarshalling JWT DecodeString: %s", err.Error())
}
var p T
err = json.Unmarshal(payload, &p)
if err != nil {
return "", nil, fmt.Errorf("Error unmarshalling JWT payload: %s", err)
}
return AuthKey, &p, nil
// token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) {
// // 检查签名方法是否为 HS256
// if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
// return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
// }
// // 返回用于验证签名的密钥
// return []byte(svcCtx.Config.Auth.AccessSecret), nil
// })
// if err != nil {
// return nil, errors.New(fmt.Sprint("Error parsing token:", err))
// }
// // 验证成功返回
// if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
// return claims, nil
// }
// return nil, errors.New(fmt.Sprint("Invalid token", err))
}
func TParseJwtTokenHeader[T any](AuthKey string) (string, *T, error) {
//TODO:
// var u T
// return "", &u, nil
parts := strings.Split(AuthKey, ".")
if len(parts) != 3 {
return "", nil, fmt.Errorf("Invalid JWT token")
}
payload, err := base64.RawURLEncoding.DecodeString(parts[1])
log.Println(string(payload))
if err != nil {
return "", nil, fmt.Errorf("Error unmarshalling JWT DecodeString: %s", err.Error())
}

2
utils/auth/register.go
View File

@@ -20,6 +20,7 @@ type RegisterToken struct {
Email string // email
Password string // 密码
Platform string // 平台
TraceId string //链路Id
CreateAt time.Time // 创建时间
}
@@ -29,6 +30,7 @@ type ResetToken struct {
Wid string // websocket 通道id
Email string // email
OldPassword string // 旧密码
TraceId string //链路Id
CreateAt time.Time // 创建时间
}

2
utils/auth/user.go
View File

@@ -216,7 +216,7 @@ func getJwtClaims(AuthKey string, AccessSecret *string) (jwt.MapClaims, error) {
func PasswordHash(pwd string) string {
h := sha256.New()
h.Write([]byte(pwd))
return base64.URLEncoding.EncodeToString(h.Sum(nil))
return base64.RawURLEncoding.EncodeToString(h.Sum(nil))
}
func CheckValueRange[T comparable](v T, rangevalues ...T) bool {

4
utils/auth/user_test.go
View File

@@ -60,10 +60,10 @@ func TestCase1(t *testing.T) {
a := sha256.New()
a.Write([]byte("fusen_backend_3021"))
base64.URLEncoding.EncodeToString(a.Sum(nil))
base64.RawURLEncoding.EncodeToString(a.Sum(nil))
as := fmt.Sprintf("%x", a.Sum(nil))
log.Println(as, len(as), base64.URLEncoding.EncodeToString(a.Sum(nil)))
log.Println(as, len(as), base64.RawURLEncoding.EncodeToString(a.Sum(nil)))
// b := sha256.New().Sum([]byte("fusen_backend_2022"))
// bs := fmt.Sprintf("%x", b)

125
utils/basic/request_parse.go
View File

@@ -3,6 +3,7 @@ package basic
import (
"errors"
"fusenapi/shared"
"fusenapi/utils/auth"
"net/http"
"reflect"
@@ -10,10 +11,9 @@ import (
"github.com/golang-jwt/jwt"
"github.com/zeromicro/go-zero/core/logx"
"github.com/zeromicro/go-zero/rest/httpx"
"gorm.io/gorm"
)
var DefaultJwtSecret uint64 = 21321321321
type IJWTParse interface {
ParseJwtToken(r *http.Request) (jwt.MapClaims, error)
}
@@ -52,67 +52,68 @@ func NormalAfterLogic(w http.ResponseWriter, r *http.Request, resp *Response) {
}
func RequestParse(w http.ResponseWriter, r *http.Request, svcCtx any, LogicRequest any) (*auth.UserInfo, error) {
// log.Println(io.ReadAll(r.Body))
// token, info, err := auth.ParseJwtTokenHeader[auth.UserInfo](r) //解析Token头, 和payload信息
// if err != nil {
// logx.Error(err)
// return nil, err
// }
// var secret uint64 = 0
// if info != nil {
// if info.IsUser() {
// // us, err := state.GetUserState(info.UserId) //获取缓存的用户状态
// reflect.ValueOf(svcCtx)
// ctxValue := reflect.ValueOf(svcCtx).FieldByName("MysqlConn")
// gdb := ctxValue.Interface().(*gorm.DB)
// us, err := shared.GetUserState(info.UserId, gdb)
// if err != nil {
// logx.Error(err)
// return nil, err
// }
// secret = us.PwdHash // 获取密码的hash做jwt, 便于重置密码的使用
// } else if info.IsGuest() {
// secret = DefaultJwtSecret //获取默认的hash
// }
// }
// var userinfo *auth.UserInfo
// if secret != 0 {
// claims, err := auth.ParseJwtTokenUint64Secret(token, secret)
// // 如果解析JWT token出错,则返回未授权的JSON响应并记录错误消息
// if err != nil {
// httpx.OkJsonCtx(r.Context(), w, &Response{
// Code: 401, // 返回401状态码,表示未授权
// Message: "unauthorized", // 返回未授权信息
// })
// logx.Info("unauthorized:", err.Error()) // 记录错误日志
// return nil, err
// }
// if claims != nil {
// // 从token中获取对应的用户信息
// userinfo, err = auth.GetUserInfoFormMapClaims(claims)
// // 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息
// if err != nil {
// httpx.OkJsonCtx(r.Context(), w, &Response{
// Code: 401,
// Message: "unauthorized",
// })
// logx.Info("unauthorized:", err.Error())
// return nil, err
// }
// }
// } else {
// // 白板用户
// userinfo = &auth.UserInfo{UserId: 0, GuestId: 0}
// }
var err error
// log.Println(io.ReadAll(r.Body))
token, info, err := auth.ParseJwtTokenHeader[auth.UserInfo](r) //解析Token头, 和payload信息
if err != nil {
logx.Error(err)
return nil, err
}
var secret uint64 = 0
if info != nil {
if info.IsUser() {
// us, err := state.GetUserState(info.UserId) //获取缓存的用户状态
reflect.ValueOf(svcCtx)
ctxValue := reflect.ValueOf(svcCtx).FieldByName("MysqlConn")
gdb := ctxValue.Interface().(*gorm.DB)
us, err := shared.GetUserState(info.UserId, gdb)
if err != nil {
logx.Error(err)
return nil, err
}
secret = us.PwdHash // 获取密码的hash做jwt, 便于重置密码的使用
} else if info.IsGuest() {
secret = auth.DefaultJwtSecret //获取默认的hash
}
}
var userinfo *auth.UserInfo
if secret != 0 {
claims, err := auth.ParseJwtTokenUint64Secret(token, secret)
// 如果解析JWT token出错,则返回未授权的JSON响应并记录错误消息
if err != nil {
httpx.OkJsonCtx(r.Context(), w, &Response{
Code: 401, // 返回401状态码,表示未授权
Message: "unauthorized", // 返回未授权信息
})
logx.Info("unauthorized:", err.Error()) // 记录错误日志
return nil, err
}
if claims != nil {
// 从token中获取对应的用户信息
userinfo, err = auth.GetUserInfoFormMapClaims(claims)
// 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息
if err != nil {
httpx.OkJsonCtx(r.Context(), w, &Response{
Code: 401,
Message: "unauthorized",
})
logx.Info("unauthorized:", err.Error())
return nil, err
}
}
} else {
// 白板用户
userinfo = &auth.UserInfo{UserId: 0, GuestId: 0}
}
// 如果端点有请求结构体则使用httpx.Parse方法从HTTP请求体中解析请求数据
if err = httpx.Parse(r, LogicRequest); err != nil {
httpx.OkJsonCtx(r.Context(), w, &Response{
@@ -122,7 +123,7 @@ func RequestParse(w http.ResponseWriter, r *http.Request, svcCtx any, LogicReque
logx.Error(err)
return nil, err
}
userinfo := &auth.UserInfo{UserId: 39}
// userinfo := &auth.UserInfo{UserId: 39}
return userinfo, err
}

12
utils/basic/request_parse_test.go Normal file
View File

@@ -0,0 +1,12 @@
package basic
import (
"fusenapi/utils/auth"
"log"
"testing"
)
func TestRequestParse(t *testing.T) {
a, us, err := auth.TParseJwtTokenHeader[auth.UserInfo]("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MjQ0NzE1MzUsImd1ZXN0X2lkIjo0OCwiaWF0IjozMTUzNjAwMCwidXNlcl9pZCI6MH0.jsIpl9CeQdGHRERPByVtMlPLxaxzBaorJsmtfQqbgVc")
log.Println(a, us, err)
}

2
utils/encryption_decryption/aes_crt.go
View File

@@ -27,7 +27,7 @@ func NewSecretCRT[T any](key string, iv string) *SecretCRT[T] {
s := &SecretCRT[T]{
derivationKey: DerivationKeyV1,
iv: []byte(iv),
EncDec: base64.URLEncoding,
EncDec: base64.RawURLEncoding,
}
s.secretKey = s.derivationKey(key)
return s

2
utils/encryption_decryption/aes_gcm.go
View File

@@ -49,7 +49,7 @@ func NewSecretGCM[T any](key string) *SecretGCM[T] {
s := &SecretGCM[T]{
srcKey: key,
derivationKey: DerivationKeyV1,
EncDec: base64.URLEncoding,
EncDec: base64.RawURLEncoding,
}
s.secretKey = s.derivationKey(s.srcKey)
return s

13
utils/websocket_data/event_test.go
View File

@@ -1,13 +0,0 @@
package websocket_data
import (
"encoding/json"
"log"
"testing"
)
func TestEvent(t *testing.T) {
data, _ := json.Marshal(NewWebsocketEvent(UserEmailRegister).WithCode(200))
log.Println(string(data))
}

20
utils/websocket_data/base_event.go → utils/wevent/base_event.go
View File

@@ -1,9 +1,7 @@
package websocket_data
package wevent
import (
"time"
"github.com/google/uuid"
)
// 和前端交流的事件机制
@@ -24,12 +22,22 @@ type WebsocketEvent struct {
}
// NewWebsocketEvent 创建一个Websocket事件
func NewWebsocketEvent(etype EventType) *WebsocketEvent {
uid := uuid.NewString()
func NewWebsocketEvent(etype EventType, TraceId string) *WebsocketEvent {
return &WebsocketEvent{
Type: etype,
SenderTime: time.Now().UTC(),
TraceId: uid,
TraceId: TraceId,
}
}
// NewWebsocketEventSuccess 创建一个Websocket事件伴随Code(200)
func NewWebsocketEventSuccess(etype EventType, TraceId string) *WebsocketEvent {
return &WebsocketEvent{
Type: etype,
SenderTime: time.Now().UTC(),
TraceId: TraceId,
Code: 200,
Message: "success",
}
}

2
utils/websocket_data/event.go → utils/wevent/event.go
View File

@@ -1,4 +1,4 @@
package websocket_data
package wevent
// 用户注册成功的事件关注的数据
type DataEmailRegister struct {

14
utils/wevent/event_test.go Normal file
View File

@@ -0,0 +1,14 @@
package wevent
import (
"encoding/json"
"log"
"testing"
"github.com/google/uuid"
)
func TestEvent(t *testing.T) {
data, _ := json.Marshal(NewWebsocketEvent(UserEmailRegister, uuid.NewString()).WithCode(200))
log.Println(string(data))
}