Merge branch 'fix/RSApasswordChange' into 'develop'

Fix/rs apassword change  修改了服务器起动时config.json增加了publicKey,修改密码增加RSA功能

See merge request o2oa/o2oa!730

o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java

@@ -193,7 +193,14 @@ public class WebServerTools extends JettySeverTools {
 			/* 密码规则 */
 		    map.put("passwordRegex",Config.person().getPasswordRegex() );
 			map.put("passwordRegexHint", Config.person().getPasswordRegexHint());
-		
+			
+		    /*RSA*/
+			File publicKeyFile = new File(Config.base(), "config/public.key");
+			if (publicKeyFile.exists() && publicKeyFile.isFile()) {
+					String publicKey = FileUtils.readFileToString(publicKeyFile, "utf-8");
+					map.put("publicKey", publicKey);
+			}
+			
 			FileUtils.writeStringToFile(file, gson.toJson(map), DefaultCharset.charset);
 		}
 	}

o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java

@@ -42,7 +42,7 @@ class ActionCaptchaLogin extends BaseAction {
 			//RSA解秘
 			if (!StringUtils.isEmpty(isEncrypted)) {
 				if(isEncrypted.trim().equalsIgnoreCase("y")) {
-			    	password = decryptRSA(password);
+			    	password = this.decryptRSA(password);
 				}
 			}
 			
@@ -115,8 +115,21 @@ class ActionCaptchaLogin extends BaseAction {
 		}
 	}
 
-	 //加密
-		public String encryptRSA(String strEncrypt) {
+
+	//用户登入解密 
+		public  String decryptRSA(String strDecrypt) {
+			String privateKey;
+			String decrypt = null;
+			try {
+				privateKey = getPrivateKey();
+			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+			return decrypt;
+		}
+		//转成Base64	
+		public  String encryptRSA(String strEncrypt) {
 			String encrypt = null;
 			try {
 				 String publicKey = Config.publicKey();
@@ -126,26 +139,11 @@ class ActionCaptchaLogin extends BaseAction {
 			} catch (Exception e) {
 				e.printStackTrace();
 			}
-		
 			return encrypt;
 		}
 		
-		//解密
-		public String decryptRSA(String strDecrypt) {
-			String privateKey;
-			String decrypt = null;
-			try {
-				privateKey = getPrivateKey();
-			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
-			} catch (Exception e) {
-				e.printStackTrace();
-			}
-		
-			return decrypt;
-		}
-		
-		//获取PublicKey
-		public String  getPublicKey() {
+		//转成Base64			
+		public  String  getPublicKey() {
 			String publicKey = "";
 			 try {
 				 publicKey = Config.publicKey();
@@ -158,9 +156,8 @@ class ActionCaptchaLogin extends BaseAction {
 			return publicKey;
 		}
 		
-		
-		//获取privateKey
-		public String  getPrivateKey() {
+		//转成Base64		
+		public  String  getPrivateKey() {
 			 String privateKey = "";
 			 try {
 				 privateKey = Config.privateKey();

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java

@@ -2,12 +2,14 @@ package com.x.organization.assemble.personal.jaxrs.person;
 
 import java.util.Date;
 
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
 import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
+import com.x.base.core.project.annotation.FieldDescribe;
 import com.x.base.core.project.cache.ApplicationCache;
 import com.x.base.core.project.config.Config;
 import com.x.base.core.project.gson.GsonPropertyObject;
@@ -59,20 +61,38 @@ class ActionSetPassword extends BaseAction {
 				if (StringUtils.equals(wi.getNewPassword(), wi.getOldPassword())) {
 					throw new ExceptionNewPasswordSameAsOldPassword();
 				}
+				
+				String oldPassword = wi.getOldPassword();
+				String newPassword = wi.getNewPassword();
+				String confirmPassword = wi.getConfirmPassword();
+				String isEncrypted = wi.getIsEncrypted();
+				
+				//RSA解秘
+				if (!StringUtils.isEmpty(isEncrypted)) {
+					if(isEncrypted.trim().equalsIgnoreCase("y")) {
+						oldPassword = this.decryptRSA(oldPassword);
+						newPassword = this.decryptRSA(newPassword);
+						confirmPassword = this.decryptRSA(confirmPassword);
+					}
+				}
+				
+				
 				if (BooleanUtils.isTrue(Config.person().getSuperPermission())
-						&& StringUtils.equals(Config.token().getPassword(), wi.getOldPassword())) {
+						&& StringUtils.equals(Config.token().getPassword(), oldPassword)) {
 					logger.info("user{name:" + person.getName() + "} use superPermission.");
 				} else {
-					if (!StringUtils.equals(Crypto.encrypt(wi.getOldPassword(), Config.token().getKey()),
+					if (!StringUtils.equals(Crypto.encrypt(oldPassword, Config.token().getKey()),
 							person.getPassword())) {
 						throw new ExceptionOldPasswordNotMatch();
 					}
-					if (!wi.getNewPassword().matches(Config.person().getPasswordRegex())) {
+					if (!newPassword.matches(Config.person().getPasswordRegex())) {
 						throw new ExceptionInvalidPassword(Config.person().getPasswordRegexHint());
 					}
 				}
+				
+				
 				emc.beginTransaction(Person.class);
-				person.setPassword(Crypto.encrypt(wi.getNewPassword(), Config.token().getKey()));
+				person.setPassword(Crypto.encrypt(newPassword, Config.token().getKey()));
 				person.setChangePasswordTime(new Date());
 				emc.commit();
 				ApplicationCache.notify(Person.class);
@@ -84,13 +104,46 @@ class ActionSetPassword extends BaseAction {
 			return result;
 		}
 	}
+	
+	
+		public  String decryptRSA(String strDecrypt) {
+			String privateKey;
+			String decrypt = null;
+			try {
+				privateKey = getPrivateKey();
+			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+			return decrypt;
+		}
+	
+		public  String  getPrivateKey() {
+			 String privateKey = "";
+			 try {
+				 privateKey = Config.privateKey();
+				 byte[] privateKeyB = Base64.decodeBase64(privateKey);
+				 privateKey = new String(Base64.encodeBase64(privateKeyB));
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+			return privateKey;
+		}
 
 	public static class Wi extends GsonPropertyObject {
-
+		
+		@FieldDescribe("原密码")
 		private String oldPassword;
+		
+		@FieldDescribe("新密码")
 		private String newPassword;
-		private String confirmPassword;
-
+		
+		@FieldDescribe("确认新密码")
+		private String confirmPassword;	
+		
+		@FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key")
+		private String isEncrypted;
+		
 		public String getOldPassword() {
 			return oldPassword;
 		}
@@ -115,6 +168,13 @@ class ActionSetPassword extends BaseAction {
 			this.newPassword = newPassword;
 		}
 
+		public String getIsEncrypted() {
+			return isEncrypted;
+		}
+
+		public void setIsEncrypted(String isEncrypted) {
+			this.isEncrypted = isEncrypted;
+		}
 	}
 
 	public static class Wo extends WrapBoolean {