feat: cuz PasswordEncoder support SM4

hnqz-auth/src/main/java/com/qunzhixinxi/hnqz/auth/config/WebSecurityConfigurer.java

@@ -1,6 +1,7 @@
 
 package com.qunzhixinxi.hnqz.auth.config;
 
+import com.qunzhixinxi.hnqz.common.security.encoder.SM4PasswordEncoder;
 import com.qunzhixinxi.hnqz.common.security.handler.FormAuthenticationFailureHandler;
 import com.qunzhixinxi.hnqz.common.security.handler.MobileLoginSuccessHandler;
 import com.qunzhixinxi.hnqz.common.security.mobile.MobileSecurityConfigurer;
@@ -14,11 +15,17 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.argon2.Argon2PasswordEncoder;
+import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
+import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * @author hnqz
  * @date 2018/6/22 认证相关配置
@@ -79,7 +86,23 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
 	 */
 	@Bean
 	public PasswordEncoder passwordEncoder() {
-		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+
+		String encodingId = "bcrypt";
+		Map<String, PasswordEncoder> encoders = new HashMap<>();
+		// encoders.put(encodingId, new BCryptPasswordEncoder());
+		encoders.put(encodingId, new SM4PasswordEncoder());
+		encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
+		encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
+		encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
+		encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
+		encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
+		encoders.put("scrypt", new SCryptPasswordEncoder());
+		encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
+		encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
+		encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
+		encoders.put("argon2", new Argon2PasswordEncoder());
+
+		return new DelegatingPasswordEncoder(encodingId, encoders);
 	}
 
 }

hnqz-common/hnqz-common-core/pom.xml

@@ -22,6 +22,11 @@
             <artifactId>ip2region</artifactId>
             <version>2.6.6</version>
         </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15to18</artifactId>
+            <version>1.69</version>
+        </dependency>
         <!--hutool-->
         <dependency>
             <groupId>cn.hutool</groupId>

hnqz-common/hnqz-common-security/src/main/java/com/qunzhixinxi/hnqz/common/security/encoder/SM4PasswordEncoder.java

@@ -0,0 +1,43 @@
+package com.qunzhixinxi.hnqz.common.security.encoder;
+
+import cn.hutool.core.text.CharSequenceUtil;
+import cn.hutool.crypto.SmUtil;
+import cn.hutool.crypto.symmetric.SymmetricCrypto;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+public class SM4PasswordEncoder implements PasswordEncoder {
+
+    private final SymmetricCrypto sm4;
+
+
+    public SM4PasswordEncoder() {
+        this.sm4 = SmUtil.sm4("xViWF8DmiWET1ipf".getBytes());
+    }
+
+    /**
+     * Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or
+     * greater hash combined with an 8-byte or greater randomly generated salt.
+     *
+     * @param rawPassword 密码明文
+     */
+    @Override
+    public String encode(CharSequence rawPassword) {
+        String s = sm4.encryptHex(rawPassword.toString());
+        return sm4.encryptHex(rawPassword.toString());
+    }
+
+    /**
+     * Verify the encoded password obtained from storage matches the submitted raw
+     * password after it too is encoded. Returns true if the passwords match, false if
+     * they do not. The stored password itself is never decoded.
+     *
+     * @param rawPassword     the raw password to encode and match
+     * @param encodedPassword the encoded password from storage to compare with
+     * @return true if the raw password, after encoding, matches the encoded password from
+     * storage
+     */
+    @Override
+    public boolean matches(CharSequence rawPassword, String encodedPassword) {
+        return CharSequenceUtil.equals(this.encode(rawPassword), encodedPassword);
+    }
+}

hnqz-upms/hnqz-upms-biz/src/main/java/com/qunzhixinxi/hnqz/admin/service/impl/SysUserServiceImpl.java

@@ -47,6 +47,7 @@ import com.qunzhixinxi.hnqz.common.core.constant.CacheConstants;
 import com.qunzhixinxi.hnqz.common.core.constant.CommonConstants;
 import com.qunzhixinxi.hnqz.common.core.util.R;
 import com.qunzhixinxi.hnqz.common.data.datascope.DataScope;
+import com.qunzhixinxi.hnqz.common.security.encoder.SM4PasswordEncoder;
 import com.qunzhixinxi.hnqz.common.security.service.HnqzUser;
 import com.qunzhixinxi.hnqz.common.security.util.SecurityUtils;
 import lombok.AllArgsConstructor;
@@ -57,7 +58,6 @@ import org.springframework.beans.BeanUtils;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Caching;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -85,7 +85,7 @@ import java.util.stream.Stream;
 @AllArgsConstructor
 public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> implements SysUserService {
 
-    private static final PasswordEncoder ENCODER = new BCryptPasswordEncoder();
+    private static final PasswordEncoder ENCODER = new SM4PasswordEncoder();
 
     private final SysMenuService sysMenuService;
     private final SysRoleService sysRoleService;
@@ -766,14 +766,14 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         }
 
 
-        //每页数据条数
+        // 每页数据条数
         Page<UserVO> page1 = new Page<>();
         int current = Long.valueOf(page.getCurrent()).intValue();
         int size = Long.valueOf(page.getSize()).intValue();
 
         int count = userList.size();
         List<UserVO> pageList = new ArrayList<>();
-        //计算当前页第一条数据的下标
+        // 计算当前页第一条数据的下标
         int currId = current > 1 ? (current - 1) * size : 0;
         for (int i = 0; i < size && i < count - currId; i++) {
             pageList.add(userList.get(currId + i));
@@ -781,7 +781,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         page1.setSize(size);
         page1.setCurrent(current);
         page1.setTotal(count);
-        //计算分页总页数
+        // 计算分页总页数
         page1.setPages(count % 10 == 0 ? count / 10 : count / 10 + 1);
         page1.setRecords(pageList);
         return page1;
@@ -928,16 +928,16 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
     public List<UserVO> getUserVoByPlatId(UserDTO userDTO) {
 
         // 放开角色校验
-        //List<Integer> roleList = new ArrayList<>();
-        //roleList.add(5);
-        //roleList.add(6);
-        //roleList.add(10);
+        // List<Integer> roleList = new ArrayList<>();
+        // roleList.add(5);
+        // roleList.add(6);
+        // roleList.add(10);
         //// 患者教育-HCP角色
-        //roleList.add(13);
+        // roleList.add(13);
         //// 招商经理
-        //roleList.add(31);
+        // roleList.add(31);
         //
-        //userDTO.setRole(roleList);
+        // userDTO.setRole(roleList);
         return baseMapper.getUserVoByPlatId(userDTO);
     }