feat: add zzbusiness-common/secure sub-module

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/AesUtil.java

@@ -0,0 +1,154 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import java.nio.charset.Charset;
+import java.util.Arrays;
+import java.util.Objects;
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import org.springframework.lang.Nullable;
+import org.springframework.util.Assert;
+import org.zhongzheng.common.utils.*;
+
+public class AesUtil {
+    public static final Charset DEFAULT_CHARSET;
+
+    public AesUtil() {
+    }
+
+    public static String genAesKey() {
+        return StringUtil.random(32);
+    }
+
+    public static byte[] encrypt(String content, String aesTextKey) {
+        return encrypt(content.getBytes(DEFAULT_CHARSET), aesTextKey);
+    }
+
+    public static byte[] encrypt(String content, Charset charset, String aesTextKey) {
+        return encrypt(content.getBytes(charset), aesTextKey);
+    }
+
+    public static byte[] encrypt(byte[] content, String aesTextKey) {
+        return encrypt(content, ((String)Objects.requireNonNull(aesTextKey)).getBytes(DEFAULT_CHARSET));
+    }
+
+    public static String encryptToHex(String content, String aesTextKey) {
+        return HexUtil.encodeToString(encrypt(content, aesTextKey));
+    }
+
+    public static String encryptToHex(byte[] content, String aesTextKey) {
+        return HexUtil.encodeToString(encrypt(content, aesTextKey));
+    }
+
+    public static String encryptToBase64(String content, String aesTextKey) {
+        return Base64Util.encodeToString(encrypt(content, aesTextKey));
+    }
+
+    public static String encryptToBase64(byte[] content, String aesTextKey) {
+        return Base64Util.encodeToString(encrypt(content, aesTextKey));
+    }
+
+    @Nullable
+    public static String decryptFormHexToString(@Nullable String content, String aesTextKey) {
+        byte[] hexBytes = decryptFormHex(content, aesTextKey);
+        return hexBytes == null ? null : new String(hexBytes, DEFAULT_CHARSET);
+    }
+
+    @Nullable
+    public static byte[] decryptFormHex(@Nullable String content, String aesTextKey) {
+        return StringUtil.isBlank(content) ? null : decryptFormHex(content.getBytes(DEFAULT_CHARSET), aesTextKey);
+    }
+
+    public static byte[] decryptFormHex(byte[] content, String aesTextKey) {
+        return decrypt(HexUtil.decode(content), aesTextKey);
+    }
+
+    @Nullable
+    public static String decryptFormBase64ToString(@Nullable String content, String aesTextKey) {
+        byte[] hexBytes = decryptFormBase64(content, aesTextKey);
+        return hexBytes == null ? null : new String(hexBytes, DEFAULT_CHARSET);
+    }
+
+    @Nullable
+    public static byte[] decryptFormBase64(@Nullable String content, String aesTextKey) {
+        return StringUtil.isBlank(content) ? null : decryptFormBase64(content.getBytes(DEFAULT_CHARSET), aesTextKey);
+    }
+
+    public static byte[] decryptFormBase64(byte[] content, String aesTextKey) {
+        return decrypt(Base64Util.decode(content), aesTextKey);
+    }
+
+    public static String decryptToString(byte[] content, String aesTextKey) {
+        return new String(decrypt(content, aesTextKey), DEFAULT_CHARSET);
+    }
+
+    public static byte[] decrypt(byte[] content, String aesTextKey) {
+        return decrypt(content, ((String)Objects.requireNonNull(aesTextKey)).getBytes(DEFAULT_CHARSET));
+    }
+
+    public static byte[] encrypt(byte[] content, byte[] aesKey) {
+        return aes(AesUtil.Pkcs7Encoder.encode(content), aesKey, 1);
+    }
+
+    public static byte[] decrypt(byte[] encrypted, byte[] aesKey) {
+        return AesUtil.Pkcs7Encoder.decode(aes(encrypted, aesKey, 2));
+    }
+
+    private static byte[] aes(byte[] encrypted, byte[] aesKey, int mode) {
+        Assert.isTrue(aesKey.length == 32, "IllegalAesKey, aesKey's length must be 32");
+
+        try {
+            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+            SecretKeySpec keySpec = new SecretKeySpec(aesKey, "AES");
+            IvParameterSpec iv = new IvParameterSpec(Arrays.copyOfRange(aesKey, 0, 16));
+            cipher.init(mode, keySpec, iv);
+            return cipher.doFinal(encrypted);
+        } catch (Exception var6) {
+            throw Exceptions.unchecked(var6);
+        }
+    }
+
+    static {
+        DEFAULT_CHARSET = Charsets.UTF_8;
+    }
+
+    private static class Pkcs7Encoder {
+        private static final int BLOCK_SIZE = 32;
+
+        private Pkcs7Encoder() {
+        }
+
+        private static byte[] encode(byte[] src) {
+            int count = src.length;
+            int amountToPad = 32 - count % 32;
+            byte pad = (byte)(amountToPad & 255);
+            byte[] pads = new byte[amountToPad];
+
+            int length;
+            for(length = 0; length < amountToPad; ++length) {
+                pads[length] = pad;
+            }
+
+            length = count + amountToPad;
+            byte[] dest = new byte[length];
+            System.arraycopy(src, 0, dest, 0, count);
+            System.arraycopy(pads, 0, dest, count, amountToPad);
+            return dest;
+        }
+
+        private static byte[] decode(byte[] decrypted) {
+            int pad = decrypted[decrypted.length - 1];
+            if (pad < 1 || pad > 32) {
+                pad = 0;
+            }
+
+            return pad > 0 ? Arrays.copyOfRange(decrypted, 0, decrypted.length - pad) : decrypted;
+        }
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/AuthInfo.java

@@ -0,0 +1,323 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+@ApiModel(
+        description = "认证信息"
+)
+public class AuthInfo {
+    @ApiModelProperty("令牌")
+    private String accessToken;
+    @ApiModelProperty("令牌类型")
+    private String tokenType;
+    @ApiModelProperty("刷新令牌")
+    private String refreshToken;
+    @ApiModelProperty("用户ID")
+    @JsonSerialize(
+            using = ToStringSerializer.class
+    )
+    private Long userId;
+    @ApiModelProperty("租户ID")
+    private String tenantId;
+    @ApiModelProperty("第三方系统ID")
+    private String oauthId;
+    @ApiModelProperty("头像")
+    private String avatar = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png";
+    @ApiModelProperty("角色名")
+    private String authority;
+    @ApiModelProperty("用户名")
+    private String userName;
+    @ApiModelProperty("账号名")
+    private String account;
+    @ApiModelProperty("过期时间")
+    private long expiresIn;
+    @ApiModelProperty("许可证")
+    private String license = "powered by zhongzheng";
+
+    public AuthInfo() {
+    }
+
+    public String getAccessToken() {
+        return this.accessToken;
+    }
+
+    public String getTokenType() {
+        return this.tokenType;
+    }
+
+    public String getRefreshToken() {
+        return this.refreshToken;
+    }
+
+    public Long getUserId() {
+        return this.userId;
+    }
+
+    public String getTenantId() {
+        return this.tenantId;
+    }
+
+    public String getOauthId() {
+        return this.oauthId;
+    }
+
+    public String getAvatar() {
+        return this.avatar;
+    }
+
+    public String getAuthority() {
+        return this.authority;
+    }
+
+    public String getUserName() {
+        return this.userName;
+    }
+
+    public String getAccount() {
+        return this.account;
+    }
+
+    public long getExpiresIn() {
+        return this.expiresIn;
+    }
+
+    public String getLicense() {
+        return this.license;
+    }
+
+    public void setAccessToken(final String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    public void setTokenType(final String tokenType) {
+        this.tokenType = tokenType;
+    }
+
+    public void setRefreshToken(final String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
+
+    public void setUserId(final Long userId) {
+        this.userId = userId;
+    }
+
+    public void setTenantId(final String tenantId) {
+        this.tenantId = tenantId;
+    }
+
+    public void setOauthId(final String oauthId) {
+        this.oauthId = oauthId;
+    }
+
+    public void setAvatar(final String avatar) {
+        this.avatar = avatar;
+    }
+
+    public void setAuthority(final String authority) {
+        this.authority = authority;
+    }
+
+    public void setUserName(final String userName) {
+        this.userName = userName;
+    }
+
+    public void setAccount(final String account) {
+        this.account = account;
+    }
+
+    public void setExpiresIn(final long expiresIn) {
+        this.expiresIn = expiresIn;
+    }
+
+    public void setLicense(final String license) {
+        this.license = license;
+    }
+
+    public boolean equals(final Object o) {
+        if (o == this) {
+            return true;
+        } else if (!(o instanceof AuthInfo)) {
+            return false;
+        } else {
+            AuthInfo other = (AuthInfo)o;
+            if (!other.canEqual(this)) {
+                return false;
+            } else if (this.getExpiresIn() != other.getExpiresIn()) {
+                return false;
+            } else {
+                label145: {
+                    Object this$userId = this.getUserId();
+                    Object other$userId = other.getUserId();
+                    if (this$userId == null) {
+                        if (other$userId == null) {
+                            break label145;
+                        }
+                    } else if (this$userId.equals(other$userId)) {
+                        break label145;
+                    }
+
+                    return false;
+                }
+
+                Object this$accessToken = this.getAccessToken();
+                Object other$accessToken = other.getAccessToken();
+                if (this$accessToken == null) {
+                    if (other$accessToken != null) {
+                        return false;
+                    }
+                } else if (!this$accessToken.equals(other$accessToken)) {
+                    return false;
+                }
+
+                Object this$tokenType = this.getTokenType();
+                Object other$tokenType = other.getTokenType();
+                if (this$tokenType == null) {
+                    if (other$tokenType != null) {
+                        return false;
+                    }
+                } else if (!this$tokenType.equals(other$tokenType)) {
+                    return false;
+                }
+
+                label124: {
+                    Object this$refreshToken = this.getRefreshToken();
+                    Object other$refreshToken = other.getRefreshToken();
+                    if (this$refreshToken == null) {
+                        if (other$refreshToken == null) {
+                            break label124;
+                        }
+                    } else if (this$refreshToken.equals(other$refreshToken)) {
+                        break label124;
+                    }
+
+                    return false;
+                }
+
+                Object this$tenantId = this.getTenantId();
+                Object other$tenantId = other.getTenantId();
+                if (this$tenantId == null) {
+                    if (other$tenantId != null) {
+                        return false;
+                    }
+                } else if (!this$tenantId.equals(other$tenantId)) {
+                    return false;
+                }
+
+                Object this$oauthId = this.getOauthId();
+                Object other$oauthId = other.getOauthId();
+                if (this$oauthId == null) {
+                    if (other$oauthId != null) {
+                        return false;
+                    }
+                } else if (!this$oauthId.equals(other$oauthId)) {
+                    return false;
+                }
+
+                label103: {
+                    Object this$avatar = this.getAvatar();
+                    Object other$avatar = other.getAvatar();
+                    if (this$avatar == null) {
+                        if (other$avatar == null) {
+                            break label103;
+                        }
+                    } else if (this$avatar.equals(other$avatar)) {
+                        break label103;
+                    }
+
+                    return false;
+                }
+
+                Object this$authority = this.getAuthority();
+                Object other$authority = other.getAuthority();
+                if (this$authority == null) {
+                    if (other$authority != null) {
+                        return false;
+                    }
+                } else if (!this$authority.equals(other$authority)) {
+                    return false;
+                }
+
+                label89: {
+                    Object this$userName = this.getUserName();
+                    Object other$userName = other.getUserName();
+                    if (this$userName == null) {
+                        if (other$userName == null) {
+                            break label89;
+                        }
+                    } else if (this$userName.equals(other$userName)) {
+                        break label89;
+                    }
+
+                    return false;
+                }
+
+                Object this$account = this.getAccount();
+                Object other$account = other.getAccount();
+                if (this$account == null) {
+                    if (other$account != null) {
+                        return false;
+                    }
+                } else if (!this$account.equals(other$account)) {
+                    return false;
+                }
+
+                Object this$license = this.getLicense();
+                Object other$license = other.getLicense();
+                if (this$license == null) {
+                    if (other$license == null) {
+                        return true;
+                    }
+                } else if (this$license.equals(other$license)) {
+                    return true;
+                }
+
+                return false;
+            }
+        }
+    }
+
+    protected boolean canEqual(final Object other) {
+        return other instanceof AuthInfo;
+    }
+
+    public int hashCode() {
+        int result = 1;
+        long $expiresIn = this.getExpiresIn();
+        result = result * 59 + (int)($expiresIn >>> 32 ^ $expiresIn);
+        Object $userId = this.getUserId();
+        result = result * 59 + ($userId == null ? 43 : $userId.hashCode());
+        Object $accessToken = this.getAccessToken();
+        result = result * 59 + ($accessToken == null ? 43 : $accessToken.hashCode());
+        Object $tokenType = this.getTokenType();
+        result = result * 59 + ($tokenType == null ? 43 : $tokenType.hashCode());
+        Object $refreshToken = this.getRefreshToken();
+        result = result * 59 + ($refreshToken == null ? 43 : $refreshToken.hashCode());
+        Object $tenantId = this.getTenantId();
+        result = result * 59 + ($tenantId == null ? 43 : $tenantId.hashCode());
+        Object $oauthId = this.getOauthId();
+        result = result * 59 + ($oauthId == null ? 43 : $oauthId.hashCode());
+        Object $avatar = this.getAvatar();
+        result = result * 59 + ($avatar == null ? 43 : $avatar.hashCode());
+        Object $authority = this.getAuthority();
+        result = result * 59 + ($authority == null ? 43 : $authority.hashCode());
+        Object $userName = this.getUserName();
+        result = result * 59 + ($userName == null ? 43 : $userName.hashCode());
+        Object $account = this.getAccount();
+        result = result * 59 + ($account == null ? 43 : $account.hashCode());
+        Object $license = this.getLicense();
+        result = result * 59 + ($license == null ? 43 : $license.hashCode());
+        return result;
+    }
+
+    public String toString() {
+        return "AuthInfo(accessToken=" + this.getAccessToken() + ", tokenType=" + this.getTokenType() + ", refreshToken=" + this.getRefreshToken() + ", userId=" + this.getUserId() + ", tenantId=" + this.getTenantId() + ", oauthId=" + this.getOauthId() + ", avatar=" + this.getAvatar() + ", authority=" + this.getAuthority() + ", userName=" + this.getUserName() + ", account=" + this.getAccount() + ", expiresIn=" + this.getExpiresIn() + ", license=" + this.getLicense() + ")";
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/IClientDetails.java

@@ -0,0 +1,20 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import java.io.Serializable;
+
+public interface IClientDetails extends Serializable {
+    String getClientId();
+
+    String getClientSecret();
+
+    Integer getAccessTokenValidity();
+
+    Integer getRefreshTokenValidity();
+}
+

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/IClientDetailsService.java

@@ -0,0 +1,11 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+public interface IClientDetailsService {
+    IClientDetails loadClientByClientId(String clientId);
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/SecureException.java

@@ -0,0 +1,38 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import org.zhongzheng.common.utils.IResultCode;
+import org.zhongzheng.common.utils.impl.ResultCode;
+
+public class SecureException extends RuntimeException {
+    private static final long serialVersionUID = 2359767895161832954L;
+    private final IResultCode resultCode;
+
+    public SecureException(String message) {
+        super(message);
+        this.resultCode = ResultCode.UN_AUTHORIZED;
+    }
+
+    public SecureException(IResultCode resultCode) {
+        super(resultCode.getMessage());
+        this.resultCode = resultCode;
+    }
+
+    public SecureException(IResultCode resultCode, Throwable cause) {
+        super(cause);
+        this.resultCode = resultCode;
+    }
+
+    public Throwable fillInStackTrace() {
+        return this;
+    }
+
+    public IResultCode getResultCode() {
+        return this.resultCode;
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/SecureUtil.java

@@ -0,0 +1,337 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+import java.io.UnsupportedEncodingException;
+import java.security.Key;
+import java.util.Base64;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Map;
+import java.util.Objects;
+import javax.crypto.spec.SecretKeySpec;
+import javax.servlet.http.HttpServletRequest;
+import org.xupeng.common.env.TokenConstants;
+import org.xupeng.common.secure.ZhongZhengUser;
+import org.xupeng.common.secure.TokenInfo;
+import org.xupeng.common.secure.SecureException;
+import org.xupeng.common.secure.ZhongZhengTokenProperties;
+import org.xupeng.common.secure.IClientDetails;
+import org.xupeng.common.secure.IClientDetailsService;
+import org.xupeng.common.secure.AesUtil;
+import org.xupeng.common.utils.Charsets;
+import org.xupeng.common.utils.Func;
+import org.xupeng.common.utils.SpringUtil;
+import org.xupeng.common.utils.StringUtil;
+import org.xupeng.common.utils.WebUtil;
+
+public class SecureUtil {
+    private static final String ZHONGZHENG_USER_REQUEST_ATTR = "_ZHONGZHENG_USER_REQUEST_ATTR_";
+    private static final String HEADER = "blade-auth";
+    private static final String BEARER = "bearer";
+    private static final String CRYPTO = "crypto";
+    private static final String ACCOUNT = "account";
+    private static final String USER_ID = "user_id";
+    private static final String ROLE_ID = "role_id";
+    private static final String DEPT_ID = "dept_id";
+    private static final String USER_NAME = "user_name";
+    private static final String ROLE_NAME = "role_name";
+    private static final String TENANT_ID = "tenant_id";
+    private static final String CLIENT_ID = "client_id";
+    private static final Integer AUTH_LENGTH;
+    private static IClientDetailsService CLIENT_DETAILS_SERVICE;
+    private static ZhongZhengTokenProperties TOKEN_PROPERTIES;
+    private static String BASE64_SECURITY;
+
+    public SecureUtil() {
+    }
+
+    private static IClientDetailsService getClientDetailsService() {
+        if (CLIENT_DETAILS_SERVICE == null) {
+            CLIENT_DETAILS_SERVICE = (IClientDetailsService)SpringUtil.getBean(IClientDetailsService.class);
+        }
+
+        return CLIENT_DETAILS_SERVICE;
+    }
+
+    private static ZhongZhengTokenProperties getTokenProperties() {
+        if (TOKEN_PROPERTIES == null) {
+            TOKEN_PROPERTIES = (ZhongZhengTokenProperties)SpringUtil.getBean(ZhongZhengTokenProperties.class);
+        }
+
+        return TOKEN_PROPERTIES;
+    }
+
+    private static String getBase64Security() {
+        if (BASE64_SECURITY == null) {
+            BASE64_SECURITY = Base64.getEncoder().encodeToString(getTokenProperties().getSignKey().getBytes(Charsets.UTF_8));
+        }
+
+        return BASE64_SECURITY;
+    }
+
+    public static ZhongZhengUser getUser() {
+        HttpServletRequest request = WebUtil.getRequest();
+        if (request == null) {
+            return null;
+        } else {
+            Object zzUser = request.getAttribute("_ZHONGZHENG_USER_REQUEST_ATTR_");
+            if (zzUser == null) {
+                zzUser = getUser(request);
+                if (zzUser != null) {
+                    request.setAttribute("_ZHONGZHENG_USER_REQUEST_ATTR_", zzUser);
+                }
+            }
+
+            return (ZhongZhengUser)zzUser;
+        }
+    }
+
+    public static ZhongZhengUser getUser(HttpServletRequest request) {
+        Claims claims = getClaims(request);
+        if (claims == null) {
+            return null;
+        } else {
+            String clientId = Func.toStr(claims.get("client_id"));
+            Long userId = Func.toLong(claims.get("user_id"));
+            String tenantId = Func.toStr(claims.get("tenant_id"));
+            String roleId = Func.toStr(claims.get("role_id"));
+            String deptId = Func.toStr(claims.get("dept_id"));
+            String account = Func.toStr(claims.get("account"));
+            String roleName = Func.toStr(claims.get("role_name"));
+            String userName = Func.toStr(claims.get("user_name"));
+            ZhongZhengUser zzUser = new ZhongZhengUser();
+            zzUser.setClientId(clientId);
+            zzUser.setUserId(userId);
+            zzUser.setTenantId(tenantId);
+            zzUser.setAccount(account);
+            zzUser.setRoleId(roleId);
+            zzUser.setDeptId(deptId);
+            zzUser.setRoleName(roleName);
+            zzUser.setUserName(userName);
+            return zzUser;
+        }
+    }
+
+    public static boolean isAdministrator() {
+        return StringUtil.containsAny(getUserRole(), new CharSequence[]{"administrator"});
+    }
+
+    public static Long getUserId() {
+        ZhongZhengUser user = getUser();
+        return null == user ? -1L : user.getUserId();
+    }
+
+    public static Long getUserId(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? -1L : user.getUserId();
+    }
+
+    public static String getUserAccount() {
+        ZhongZhengUser user = getUser();
+        return null == user ? "" : user.getAccount();
+    }
+
+    public static String getUserAccount(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? "" : user.getAccount();
+    }
+
+    public static String getUserName() {
+        ZhongZhengUser user = getUser();
+        return null == user ? "" : user.getUserName();
+    }
+
+    public static String getUserName(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? "" : user.getUserName();
+    }
+
+    public static String getUserRole() {
+        ZhongZhengUser user = getUser();
+        return null == user ? "" : user.getRoleName();
+    }
+
+    public static String getUserRole(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? "" : user.getRoleName();
+    }
+
+    public static String getTenantId() {
+        ZhongZhengUser user = getUser();
+        return null == user ? "" : user.getTenantId();
+    }
+
+    public static String getTenantId(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? "" : user.getTenantId();
+    }
+
+    public static String getClientId() {
+        ZhongZhengUser user = getUser();
+        return null == user ? "" : user.getClientId();
+    }
+
+    public static String getClientId(HttpServletRequest request) {
+        ZhongZhengUser user = getUser(request);
+        return null == user ? "" : user.getClientId();
+    }
+
+    public static Claims getClaims(HttpServletRequest request) {
+        String auth = request.getHeader("blade-auth");
+        String token = getToken(StringUtil.isNotBlank(auth) ? auth : request.getParameter("blade-auth"));
+        return parseJWT(token);
+    }
+
+    public static String getToken(String auth) {
+        if (isBearer(auth)) {
+            return auth.substring(AUTH_LENGTH);
+        } else {
+            return isCrypto(auth) ? AesUtil.decryptFormBase64ToString(auth.substring(AUTH_LENGTH), getTokenProperties().getAesKey()) : null;
+        }
+    }
+
+    public static Boolean isBearer(String auth) {
+        if (auth != null && auth.length() > AUTH_LENGTH) {
+            String headStr = auth.substring(0, 6).toLowerCase();
+            return headStr.compareTo("bearer") == 0;
+        } else {
+            return false;
+        }
+    }
+
+    public static Boolean isCrypto(String auth) {
+        if (auth != null && auth.length() > AUTH_LENGTH) {
+            String headStr = auth.substring(0, 6).toLowerCase();
+            return headStr.compareTo("crypto") == 0;
+        } else {
+            return false;
+        }
+    }
+
+    public static String getHeader() {
+        return getHeader((HttpServletRequest)Objects.requireNonNull(WebUtil.getRequest()));
+    }
+
+    public static String getHeader(HttpServletRequest request) {
+        return request.getHeader("blade-auth");
+    }
+
+    public static Claims parseJWT(String jsonWebToken) {
+        try {
+            return (Claims)Jwts.parserBuilder().setSigningKey(Base64.getDecoder().decode(getBase64Security())).build().parseClaimsJws(jsonWebToken).getBody();
+        } catch (Exception var2) {
+            return null;
+        }
+    }
+
+    public static TokenInfo createJWT(Map<String, String> user, String audience, String issuer, String tokenType) throws UnsupportedEncodingException {
+        String[] tokens = extractAndDecodeHeader();
+
+        assert tokens.length == 2;
+
+        String clientId = tokens[0];
+        String clientSecret = tokens[1];
+        IClientDetails clientDetails = clientDetails(clientId);
+        if (!validateClient(clientDetails, clientId, clientSecret)) {
+            throw new SecureException("客户端认证失败!");
+        } else {
+            SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
+            long nowMillis = System.currentTimeMillis();
+            Date now = new Date(nowMillis);
+            byte[] apiKeySecretBytes = Base64.getDecoder().decode(getBase64Security());
+            Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
+            JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT").setIssuer(issuer).setAudience(audience).signWith(signingKey);
+            user.forEach(builder::claim);
+            builder.claim("client_id", clientId);
+            long expireMillis;
+            if (tokenType.equals("access_token")) {
+                expireMillis = (long)(clientDetails.getAccessTokenValidity() * 1000);
+            } else if (tokenType.equals("refresh_token")) {
+                expireMillis = (long)(clientDetails.getRefreshTokenValidity() * 1000);
+            } else {
+                expireMillis = getExpire();
+            }
+
+            long expMillis = nowMillis + expireMillis;
+            Date exp = new Date(expMillis);
+            builder.setExpiration(exp).setNotBefore(now);
+            TokenInfo tokenInfo = new TokenInfo();
+            tokenInfo.setToken(builder.compact());
+            tokenInfo.setExpire((int)expireMillis / 1000);
+            return tokenInfo;
+        }
+    }
+
+    public static long getExpire() {
+        Calendar cal = Calendar.getInstance();
+        cal.add(6, 1);
+        cal.set(11, 3);
+        cal.set(13, 0);
+        cal.set(12, 0);
+        cal.set(14, 0);
+        return cal.getTimeInMillis() - System.currentTimeMillis();
+    }
+
+    public static String[] extractAndDecodeHeader() throws UnsupportedEncodingException {
+        try {
+            String header = ((HttpServletRequest)Objects.requireNonNull(WebUtil.getRequest())).getHeader("Authorization");
+            header = Func.toStr(header).replace("Basic%20", "Basic ");
+            if (!header.startsWith("Basic ")) {
+                throw new SecureException("No client information in request header");
+            } else {
+                byte[] base64Token = header.substring(6).getBytes(Charsets.UTF_8_NAME);
+
+                byte[] decoded;
+                try {
+                    decoded = Base64.getDecoder().decode(base64Token);
+                } catch (IllegalArgumentException var5) {
+                    throw new RuntimeException("Failed to decode basic authentication token");
+                }
+
+                String token = new String(decoded, Charsets.UTF_8_NAME);
+                int index = token.indexOf(":");
+                if (index == -1) {
+                    throw new RuntimeException("Invalid basic authentication token");
+                } else {
+                    return new String[]{token.substring(0, index), token.substring(index + 1)};
+                }
+            }
+        } catch (Throwable var6) {
+            throw var6;
+        }
+    }
+
+    public static String getClientIdFromHeader() throws UnsupportedEncodingException {
+        String[] tokens = extractAndDecodeHeader();
+
+        assert tokens.length == 2;
+
+        return tokens[0];
+    }
+
+    private static IClientDetails clientDetails(String clientId) {
+        return getClientDetailsService().loadClientByClientId(clientId);
+    }
+
+    private static boolean validateClient(IClientDetails clientDetails, String clientId, String clientSecret) {
+        if (clientDetails == null) {
+            return false;
+        } else {
+            return StringUtil.equals(clientId, clientDetails.getClientId()) && StringUtil.equals(clientSecret, clientDetails.getClientSecret());
+        }
+    }
+
+    static {
+        AUTH_LENGTH = TokenConstants.AUTH_LENGTH;
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/TokenInfo.java

@@ -0,0 +1,73 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+public class TokenInfo {
+    private String token;
+    private int expire;
+
+    public TokenInfo() {
+    }
+
+    public String getToken() {
+        return this.token;
+    }
+
+    public int getExpire() {
+        return this.expire;
+    }
+
+    public void setToken(final String token) {
+        this.token = token;
+    }
+
+    public void setExpire(final int expire) {
+        this.expire = expire;
+    }
+
+    public boolean equals(final Object o) {
+        if (o == this) {
+            return true;
+        } else if (!(o instanceof TokenInfo)) {
+            return false;
+        } else {
+            TokenInfo other = (TokenInfo)o;
+            if (!other.canEqual(this)) {
+                return false;
+            } else if (this.getExpire() != other.getExpire()) {
+                return false;
+            } else {
+                Object this$token = this.getToken();
+                Object other$token = other.getToken();
+                if (this$token == null) {
+                    if (other$token != null) {
+                        return false;
+                    }
+                } else if (!this$token.equals(other$token)) {
+                    return false;
+                }
+
+                return true;
+            }
+        }
+    }
+
+    protected boolean canEqual(final Object other) {
+        return other instanceof TokenInfo;
+    }
+
+    public int hashCode() {
+        int result = 1;
+        result = result * 59 + this.getExpire();
+        Object $token = this.getToken();
+        result = result * 59 + ($token == null ? 43 : $token.hashCode());
+        return result;
+    }
+
+    public String toString() {
+        return "TokenInfo(token=" + this.getToken() + ", expire=" + this.getExpire() + ")";
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/ZhongZhengTokenProperties.java

@@ -0,0 +1,94 @@
+package org.zhongzheng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import io.jsonwebtoken.JwtException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties("blade.token")
+public class ZhongZhengTokenProperties {
+    private static final Logger log = LoggerFactory.getLogger(ZhongZhengTokenProperties.class);
+    private String signKey = "";
+    private String aesKey = "";
+
+    public String getSignKey() {
+        if (this.signKey.length() < 32) {
+            throw new JwtException("请配置 zhongzheng.token.sign-key 的值, 长度32位以上");
+        } else {
+            return this.signKey;
+        }
+    }
+
+    public ZhongZhengTokenProperties() {
+    }
+
+    public String getAesKey() {
+        return this.aesKey;
+    }
+
+    public void setSignKey(final String signKey) {
+        this.signKey = signKey;
+    }
+
+    public void setAesKey(final String aesKey) {
+        this.aesKey = aesKey;
+    }
+
+    public boolean equals(final Object o) {
+        if (o == this) {
+            return true;
+        } else if (!(o instanceof ZhongZhengTokenProperties)) {
+            return false;
+        } else {
+            ZhongZhengTokenProperties other = (ZhongZhengTokenProperties)o;
+            if (!other.canEqual(this)) {
+                return false;
+            } else {
+                Object this$signKey = this.getSignKey();
+                Object other$signKey = other.getSignKey();
+                if (this$signKey == null) {
+                    if (other$signKey != null) {
+                        return false;
+                    }
+                } else if (!this$signKey.equals(other$signKey)) {
+                    return false;
+                }
+
+                Object this$aesKey = this.getAesKey();
+                Object other$aesKey = other.getAesKey();
+                if (this$aesKey == null) {
+                    if (other$aesKey != null) {
+                        return false;
+                    }
+                } else if (!this$aesKey.equals(other$aesKey)) {
+                    return false;
+                }
+
+                return true;
+            }
+        }
+    }
+
+    protected boolean canEqual(final Object other) {
+        return other instanceof ZhongZhengTokenProperties;
+    }
+
+    public int hashCode() {
+        int result = 1;
+        Object $signKey = this.getSignKey();
+        result = result * 59 + ($signKey == null ? 43 : $signKey.hashCode());
+        Object $aesKey = this.getAesKey();
+        result = result * 59 + ($aesKey == null ? 43 : $aesKey.hashCode());
+        return result;
+    }
+
+    public String toString() {
+        return "ZhongZhengTokenProperties(signKey=" + this.getSignKey() + ", aesKey=" + this.getAesKey() + ")";
+    }
+}

zzbusiness-common/src/main/java/org/zhongzheng/common/secure/ZhongZhengUser.java

@@ -0,0 +1,253 @@
+package org.xupeng.common.secure;
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+
+import io.swagger.annotations.ApiModelProperty;
+import java.io.Serializable;
+
+public class ZhongZhengUser implements Serializable {
+    private static final long serialVersionUID = 1L;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String clientId;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private Long userId;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String tenantId;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String deptId;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String userName;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String account;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String roleId;
+    @ApiModelProperty(
+            hidden = true
+    )
+    private String roleName;
+
+    public ZhongZhengUser() {
+    }
+
+    public String getClientId() {
+        return this.clientId;
+    }
+
+    public Long getUserId() {
+        return this.userId;
+    }
+
+    public String getTenantId() {
+        return this.tenantId;
+    }
+
+    public String getDeptId() {
+        return this.deptId;
+    }
+
+    public String getUserName() {
+        return this.userName;
+    }
+
+    public String getAccount() {
+        return this.account;
+    }
+
+    public String getRoleId() {
+        return this.roleId;
+    }
+
+    public String getRoleName() {
+        return this.roleName;
+    }
+
+    public void setClientId(final String clientId) {
+        this.clientId = clientId;
+    }
+
+    public void setUserId(final Long userId) {
+        this.userId = userId;
+    }
+
+    public void setTenantId(final String tenantId) {
+        this.tenantId = tenantId;
+    }
+
+    public void setDeptId(final String deptId) {
+        this.deptId = deptId;
+    }
+
+    public void setUserName(final String userName) {
+        this.userName = userName;
+    }
+
+    public void setAccount(final String account) {
+        this.account = account;
+    }
+
+    public void setRoleId(final String roleId) {
+        this.roleId = roleId;
+    }
+
+    public void setRoleName(final String roleName) {
+        this.roleName = roleName;
+    }
+
+    public boolean equals(final Object o) {
+        if (o == this) {
+            return true;
+        } else if (!(o instanceof ZhongZhengUser)) {
+            return false;
+        } else {
+            ZhongZhengUser other = (ZhongZhengUser)o;
+            if (!other.canEqual(this)) {
+                return false;
+            } else {
+                label107: {
+                    Object this$userId = this.getUserId();
+                    Object other$userId = other.getUserId();
+                    if (this$userId == null) {
+                        if (other$userId == null) {
+                            break label107;
+                        }
+                    } else if (this$userId.equals(other$userId)) {
+                        break label107;
+                    }
+
+                    return false;
+                }
+
+                Object this$clientId = this.getClientId();
+                Object other$clientId = other.getClientId();
+                if (this$clientId == null) {
+                    if (other$clientId != null) {
+                        return false;
+                    }
+                } else if (!this$clientId.equals(other$clientId)) {
+                    return false;
+                }
+
+                Object this$tenantId = this.getTenantId();
+                Object other$tenantId = other.getTenantId();
+                if (this$tenantId == null) {
+                    if (other$tenantId != null) {
+                        return false;
+                    }
+                } else if (!this$tenantId.equals(other$tenantId)) {
+                    return false;
+                }
+
+                label86: {
+                    Object this$deptId = this.getDeptId();
+                    Object other$deptId = other.getDeptId();
+                    if (this$deptId == null) {
+                        if (other$deptId == null) {
+                            break label86;
+                        }
+                    } else if (this$deptId.equals(other$deptId)) {
+                        break label86;
+                    }
+
+                    return false;
+                }
+
+                label79: {
+                    Object this$userName = this.getUserName();
+                    Object other$userName = other.getUserName();
+                    if (this$userName == null) {
+                        if (other$userName == null) {
+                            break label79;
+                        }
+                    } else if (this$userName.equals(other$userName)) {
+                        break label79;
+                    }
+
+                    return false;
+                }
+
+                label72: {
+                    Object this$account = this.getAccount();
+                    Object other$account = other.getAccount();
+                    if (this$account == null) {
+                        if (other$account == null) {
+                            break label72;
+                        }
+                    } else if (this$account.equals(other$account)) {
+                        break label72;
+                    }
+
+                    return false;
+                }
+
+                Object this$roleId = this.getRoleId();
+                Object other$roleId = other.getRoleId();
+                if (this$roleId == null) {
+                    if (other$roleId != null) {
+                        return false;
+                    }
+                } else if (!this$roleId.equals(other$roleId)) {
+                    return false;
+                }
+
+                Object this$roleName = this.getRoleName();
+                Object other$roleName = other.getRoleName();
+                if (this$roleName == null) {
+                    if (other$roleName != null) {
+                        return false;
+                    }
+                } else if (!this$roleName.equals(other$roleName)) {
+                    return false;
+                }
+
+                return true;
+            }
+        }
+    }
+
+    protected boolean canEqual(final Object other) {
+        return other instanceof ZhongZhengUser;
+    }
+
+    public int hashCode() {
+        int result = 1;
+        Object $userId = this.getUserId();
+        result = result * 59 + ($userId == null ? 43 : $userId.hashCode());
+        Object $clientId = this.getClientId();
+        result = result * 59 + ($clientId == null ? 43 : $clientId.hashCode());
+        Object $tenantId = this.getTenantId();
+        result = result * 59 + ($tenantId == null ? 43 : $tenantId.hashCode());
+        Object $deptId = this.getDeptId();
+        result = result * 59 + ($deptId == null ? 43 : $deptId.hashCode());
+        Object $userName = this.getUserName();
+        result = result * 59 + ($userName == null ? 43 : $userName.hashCode());
+        Object $account = this.getAccount();
+        result = result * 59 + ($account == null ? 43 : $account.hashCode());
+        Object $roleId = this.getRoleId();
+        result = result * 59 + ($roleId == null ? 43 : $roleId.hashCode());
+        Object $roleName = this.getRoleName();
+        result = result * 59 + ($roleName == null ? 43 : $roleName.hashCode());
+        return result;
+    }
+
+    public String toString() {
+        return "ZhongZhengUser(clientId=" + this.getClientId() + ", userId=" + this.getUserId() + ", tenantId=" + this.getTenantId() + ", deptId=" + this.getDeptId() + ", userName=" + this.getUserName() + ", account=" + this.getAccount() + ", roleId=" + this.getRoleId() + ", roleName=" + this.getRoleName() + ")";
+    }
+}