From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。

---
 Source/BladeX-Tool/blade-starter-jwt/src/main/java/org/springblade/core/jwt/JwtUtil.java |  229 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 229 insertions(+), 0 deletions(-)

diff --git a/Source/BladeX-Tool/blade-starter-jwt/src/main/java/org/springblade/core/jwt/JwtUtil.java b/Source/BladeX-Tool/blade-starter-jwt/src/main/java/org/springblade/core/jwt/JwtUtil.java
new file mode 100644
index 0000000..96bcc8b
--- /dev/null
+++ b/Source/BladeX-Tool/blade-starter-jwt/src/main/java/org/springblade/core/jwt/JwtUtil.java
@@ -0,0 +1,229 @@
+/*
+ *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions are met:
+ *
+ *  Redistributions of source code must retain the above copyright notice,
+ *  this list of conditions and the following disclaimer.
+ *  Redistributions in binary form must reproduce the above copyright
+ *  notice, this list of conditions and the following disclaimer in the
+ *  documentation and/or other materials provided with the distribution.
+ *  Neither the name of the dreamlu.net developer nor the names of its
+ *  contributors may be used to endorse or promote products derived from
+ *  this software without specific prior written permission.
+ *  Author: Chill 搴勯獮 (smallchill@163.com)
+ */
+package org.springblade.core.jwt;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import org.springblade.core.jwt.props.JwtProperties;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.util.StringUtils;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Jwt宸ュ叿绫�
+ *
+ * @author Chill
+ */
+public class JwtUtil {
+
+	/**
+	 * token鍩虹閰嶇疆
+	 */
+	public static String BEARER = "bearer";
+	public static Integer AUTH_LENGTH = 7;
+
+	/**
+	 * token淇濆瓨鑷硆edis鐨刱ey
+	 */
+	private static final String REFRESH_TOKEN_CACHE = "blade:refreshToken";
+	private static final String TOKEN_CACHE = "blade:token";
+	private static final String TOKEN_KEY = "token:state:";
+
+	/**
+	 * jwt閰嶇疆
+	 */
+	private static JwtProperties jwtProperties;
+
+	/**
+	 * redis宸ュ叿
+	 */
+	private static RedisTemplate<String, Object> redisTemplate;
+
+	public static JwtProperties getJwtProperties() {
+		return jwtProperties;
+	}
+
+	public static void setJwtProperties(JwtProperties properties) {
+		if (JwtUtil.jwtProperties == null) {
+			JwtUtil.jwtProperties = properties;
+		}
+	}
+
+	public static RedisTemplate<String, Object> getRedisTemplate() {
+		return redisTemplate;
+	}
+
+	public static void setRedisTemplate(RedisTemplate<String, Object> redisTemplate) {
+		if (JwtUtil.redisTemplate == null) {
+			JwtUtil.redisTemplate = redisTemplate;
+		}
+	}
+
+	/**
+	 * 绛惧悕鍔犲瘑
+	 */
+	public static String getBase64Security() {
+		return Base64.getEncoder().encodeToString(getJwtProperties().getSignKey().getBytes(StandardCharsets.UTF_8));
+	}
+
+	/**
+	 * 鑾峰彇璇锋眰浼犻�掔殑token涓�
+	 *
+	 * @param auth token
+	 * @return String
+	 */
+	public static String getToken(String auth) {
+		if ((auth != null) && (auth.length() > AUTH_LENGTH)) {
+			String headStr = auth.substring(0, 6).toLowerCase();
+			if (headStr.compareTo(BEARER) == 0) {
+				auth = auth.substring(7);
+			}
+			return auth;
+		}
+		return null;
+	}
+
+	/**
+	 * 瑙ｆ瀽jsonWebToken
+	 *
+	 * @param jsonWebToken token涓�
+	 * @return Claims
+	 */
+	public static Claims parseJWT(String jsonWebToken) {
+		try {
+			return Jwts.parserBuilder()
+				.setSigningKey(Base64.getDecoder().decode(getBase64Security())).build()
+				.parseClaimsJws(jsonWebToken).getBody();
+		} catch (Exception ex) {
+			return null;
+		}
+	}
+
+	/**
+	 * 鑾峰彇淇濆瓨鍦╮edis鐨刟ccessToken
+	 *
+	 * @param tenantId    绉熸埛id
+	 * @param userId      鐢ㄦ埛id
+	 * @param accessToken accessToken
+	 * @return accessToken
+	 */
+	public static String getAccessToken(String tenantId, String userId, String accessToken) {
+		return String.valueOf(getRedisTemplate().opsForValue().get(getAccessTokenKey(tenantId, userId, accessToken)));
+	}
+
+
+	/**
+	 * 娣诲姞accessToken鑷硆edis
+	 *
+	 * @param tenantId    绉熸埛id
+	 * @param userId      鐢ㄦ埛id
+	 * @param accessToken accessToken
+	 * @param expire      杩囨湡鏃堕棿
+	 */
+	public static void addAccessToken(String tenantId, String userId, String accessToken, int expire) {
+		getRedisTemplate().delete(getAccessTokenKey(tenantId, userId, accessToken));
+		getRedisTemplate().opsForValue().set(getAccessTokenKey(tenantId, userId, accessToken), accessToken, expire, TimeUnit.SECONDS);
+	}
+
+	/**
+	 * 鍒犻櫎淇濆瓨鍦╮edis鐨刟ccessToken
+	 *
+	 * @param tenantId 绉熸埛id
+	 * @param userId   鐢ㄦ埛id
+	 */
+	public static void removeAccessToken(String tenantId, String userId) {
+		removeAccessToken(tenantId, userId, null);
+	}
+
+	/**
+	 * 鍒犻櫎淇濆瓨鍦╮edis鐨刟ccessToken
+	 *
+	 * @param tenantId    绉熸埛id
+	 * @param userId      鐢ㄦ埛id
+	 * @param accessToken accessToken
+	 */
+	public static void removeAccessToken(String tenantId, String userId, String accessToken) {
+		getRedisTemplate().delete(getAccessTokenKey(tenantId, userId, accessToken));
+	}
+
+	/**
+	 * 鑾峰彇accessToken绱㈠紩
+	 *
+	 * @param tenantId    绉熸埛id
+	 * @param userId      鐢ㄦ埛id
+	 * @param accessToken accessToken
+	 * @return token绱㈠紩
+	 */
+	public static String getAccessTokenKey(String tenantId, String userId, String accessToken) {
+		String key = tenantId.concat(":").concat(TOKEN_CACHE).concat("::").concat(TOKEN_KEY);
+		if (getJwtProperties().getSingle() || StringUtils.isEmpty(accessToken)) {
+			return key.concat(userId);
+		} else {
+			return key.concat(accessToken);
+		}
+	}
+
+	/**
+	 * 鑾峰彇淇濆瓨鍦╮edis鐨剅efreshToken
+	 *
+	 * @param tenantId     绉熸埛id
+	 * @param userId       鐢ㄦ埛id
+	 * @param refreshToken refreshToken
+	 * @return accessToken
+	 */
+	public static String getRefreshToken(String tenantId, String userId, String refreshToken) {
+		return String.valueOf(getRedisTemplate().opsForValue().get(getRefreshTokenKey(tenantId, userId)));
+	}
+
+	/**
+	 * 娣诲姞refreshToken鑷硆edis
+	 *
+	 * @param tenantId     绉熸埛id
+	 * @param userId       鐢ㄦ埛id
+	 * @param refreshToken refreshToken
+	 * @param expire       杩囨湡鏃堕棿
+	 */
+	public static void addRefreshToken(String tenantId, String userId, String refreshToken, int expire) {
+		getRedisTemplate().delete(getRefreshTokenKey(tenantId, userId));
+		getRedisTemplate().opsForValue().set(getRefreshTokenKey(tenantId, userId), refreshToken, expire, TimeUnit.SECONDS);
+	}
+
+	/**
+	 * 鍒犻櫎淇濆瓨鍦╮efreshToken鐨則oken
+	 *
+	 * @param tenantId 绉熸埛id
+	 * @param userId   鐢ㄦ埛id
+	 */
+	public static void removeRefreshToken(String tenantId, String userId) {
+		getRedisTemplate().delete(getRefreshTokenKey(tenantId, userId));
+	}
+
+	/**
+	 * 鑾峰彇refreshToken绱㈠紩
+	 *
+	 * @param tenantId 绉熸埛id
+	 * @param userId   鐢ㄦ埛id
+	 * @return token绱㈠紩
+	 */
+	public static String getRefreshTokenKey(String tenantId, String userId) {
+		return tenantId.concat(":").concat(REFRESH_TOKEN_CACHE).concat("::").concat(TOKEN_KEY).concat(userId);
+	}
+
+}

--
Gitblit v1.10.0