继续推进 userId 混淆

account/account-service/src/main/java/cn/reghao/tnb/account/app/service/impl/AccountTokenServiceImpl.java

@@ -153,8 +153,8 @@ public class AccountTokenServiceImpl implements AccountTokenService {
 
     @Override
     public AccountToken grantUserToken(AccountAuthToken authToken) {
-        long userId1 = authToken.getUserId();
-        String userId = userIdObfuscation.obfuscate(userId1);
+        long userId = authToken.getUserId();
+        String userIdStr = userIdObfuscation.obfuscate(userId);
         int plat = authToken.getPlat();
         long accessExpireIn = 1000L*3600*24*7;
         long accessExpireAt = System.currentTimeMillis() + accessExpireIn;
@@ -162,12 +162,12 @@ public class AccountTokenServiceImpl implements AccountTokenService {
         String accessToken = "";
         try {
             RSAPrivateKey privateKey = pubkeyService.getPrivateKey();
-            accessToken = JwtUtil.createAccessToken(authToken, accessExpireAt, privateKey);
+            accessToken = JwtUtil.createAccessToken(authToken, userIdStr, accessExpireAt, privateKey);
         } catch (Exception ignore) {
         }
 
         if (accessToken.isBlank()) {
-            accessToken = JwtUtil.createAccessToken(authToken, accessExpireAt, accessSignKey);
+            accessToken = JwtUtil.createAccessToken(authToken, userIdStr, accessExpireAt, accessSignKey);
         }
 
         long refreshExpireIn = accessExpireIn*4;
@@ -179,9 +179,9 @@ public class AccountTokenServiceImpl implements AccountTokenService {
         redisString.setWithTimeout(RedisKeys.getRefreshSignKeyKey(refreshToken), refreshSignKey, refreshExpireIn);
 
         String loginId = authToken.getLoginId();
-        redisStringObject.setWithTimeout(RedisKeys.getAuthTokenKey(userId, plat, loginId), authToken, refreshExpireIn);
-        redisString.setWithTimeout(RedisKeys.getAccessTokenKey(userId, loginId), accessToken, accessExpireIn);
-        redisString.setWithTimeout(RedisKeys.getRefreshTokenKey(userId, loginId), refreshToken, refreshExpireIn);
+        redisStringObject.setWithTimeout(RedisKeys.getAuthTokenKey(userIdStr, plat, loginId), authToken, refreshExpireIn);
+        redisString.setWithTimeout(RedisKeys.getAccessTokenKey(userIdStr, loginId), accessToken, accessExpireIn);
+        redisString.setWithTimeout(RedisKeys.getRefreshTokenKey(userIdStr, loginId), refreshToken, refreshExpireIn);
         return new AccountToken(accessToken, accessExpireAt, refreshToken, refreshExpireAt);
     }
 

account/account-service/src/main/java/cn/reghao/tnb/account/app/util/JwtUtil.java

@@ -32,7 +32,7 @@ public class JwtUtil {
      * @return
      * @date 2019-11-21 下午4:39
      */
-    public static String createAccessToken(AccountAuthToken authToken, long expireAt, String signKey) {
+    public static String createAccessToken(AccountAuthToken authToken, String userIdStr, long expireAt, String signKey) {
         String jti = UUID.randomUUID().toString().replace("-", "");
         return Jwts.builder()
                 .claim("plat", authToken.getPlat())
@@ -42,14 +42,14 @@ public class JwtUtil {
                         .map(GrantedAuthority::getAuthority)
                         .collect(Collectors.toList())
                         .toString())
-                .setSubject(String.valueOf(authToken.getUserId()))
+                .setSubject(userIdStr)
                 .setExpiration(new Date(expireAt))
                 .signWith(SignatureAlgorithm.HS256, signKey)
                 .setId(jti)
                 .compact();
     }
 
-    public static String createAccessToken(AccountAuthToken authToken, long expireAt, RSAPrivateKey privateKey) {
+    public static String createAccessToken(AccountAuthToken authToken, String userIdStr, long expireAt, RSAPrivateKey privateKey) {
         // 根据 org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter 中的 WELL_KNOWN_AUTHORITIES_CLAIM_NAMES 字段
         // 将用户的 authorities 设置到 scope claim
         // TODO authorities claim 待删除
@@ -65,7 +65,7 @@ public class JwtUtil {
                         .map(GrantedAuthority::getAuthority)
                         .collect(Collectors.toList())
                         .toString())
-                .setSubject(String.valueOf(authToken.getUserId()))
+                .setSubject(userIdStr)
                 .setExpiration(new Date(expireAt))
                 .signWith(SignatureAlgorithm.RS256, privateKey)
                 .setId(jti)

content/content-service/src/main/java/cn/reghao/tnb/content/app/config/web/TokenFilter.java

@@ -15,12 +15,6 @@ import java.io.IOException;
  */
 @Component
 public class TokenFilter implements Filter {
-    private final IDObfuscation userIdObfuscation;
-
-    public TokenFilter(IDObfuscation userIdObfuscation) {
-        this.userIdObfuscation = userIdObfuscation;
-    }
-
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
     }
@@ -31,7 +25,7 @@ public class TokenFilter implements Filter {
         long userId = -1L;
         String userIdStr = ServletUtil.getHeader("x-user-id");
         if (userIdStr != null) {
-            userId = userIdObfuscation.restore(userIdStr);
+            userId = Long.parseLong(userIdStr);
         }
 
         String loginId = ServletUtil.getHeader("x-login-id");

file/file-service/src/main/java/cn/reghao/tnb/file/app/config/web/TokenFilter.java

@@ -1,6 +1,5 @@
 package cn.reghao.tnb.file.app.config.web;
 
-import cn.reghao.jutil.jdk.string.IDObfuscation;
 import cn.reghao.jutil.web.ServletUtil;
 import cn.reghao.tnb.common.auth.LoginUser;
 import cn.reghao.tnb.common.auth.UserContext;
@@ -15,12 +14,6 @@ import java.io.IOException;
  */
 @Component
 public class TokenFilter implements Filter {
-    private final IDObfuscation userIdObfuscation;
-
-    public TokenFilter(IDObfuscation userIdObfuscation) {
-        this.userIdObfuscation = userIdObfuscation;
-    }
-
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
     }
@@ -31,7 +24,7 @@ public class TokenFilter implements Filter {
         long userId = -1L;
         String userIdStr = ServletUtil.getHeader("x-user-id");
         if (userIdStr != null) {
-            userId = userIdObfuscation.restore(userIdStr);
+            userId = Long.parseLong(userIdStr);
         }
 
         String loginId = ServletUtil.getHeader("x-login-id");

gateway/src/main/java/cn/reghao/tnb/gateway/config/BeansConfig.java

@@ -0,0 +1,17 @@
+package cn.reghao.tnb.gateway.config;
+
+import cn.reghao.jutil.jdk.string.IDObfuscation;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author reghao
+ * @date 2025-04-02 21:42:38
+ */
+@Configuration
+public class BeansConfig {
+    @Bean
+    public IDObfuscation userIdObfuscation() {
+        return new IDObfuscation(0x12345);
+    }
+}

gateway/src/main/java/cn/reghao/tnb/gateway/log/GlobalTokenFilter.java

@@ -1,6 +1,7 @@
 package cn.reghao.tnb.gateway.log;
 
 import cn.reghao.jutil.jdk.security.RsaCryptor;
+import cn.reghao.jutil.jdk.string.IDObfuscation;
 import cn.reghao.jutil.tool.jwt.Jwt;
 import cn.reghao.tnb.gateway.log.model.UserData;
 import cn.reghao.tnb.gateway.log.model.UserLogin;
@@ -40,9 +41,11 @@ import java.util.function.Consumer;
 public class GlobalTokenFilter implements GlobalFilter, Ordered {
     private final String cookieName = "USERDATA";
     private final RedisTemplate<String, String> redisTemplate;
+    private final IDObfuscation userIdObfuscation;
 
-    public GlobalTokenFilter(RedisTemplate<String, String> redisTemplate) {
+    public GlobalTokenFilter(RedisTemplate<String, String> redisTemplate, IDObfuscation userIdObfuscation) {
         this.redisTemplate = redisTemplate;
+        this.userIdObfuscation = userIdObfuscation;
     }
 
     @Override
@@ -127,12 +130,13 @@ public class GlobalTokenFilter implements GlobalFilter, Ordered {
         Integer plat = (Integer) claims.get("plat");
         String loginId = (String) claims.get("loginId");
         int loginType = (int) claims.get("loginType");
-        String userId = claims.getSubject();
-        if (plat == null || loginId == null || userId == null) {
+        String userIdStr = claims.getSubject();
+        if (plat == null || loginId == null || userIdStr == null) {
             return new UserLogin();
         }
 
-        return new UserLogin(userId, loginId);
+        long userId = userIdObfuscation.restore(userIdStr);
+        return new UserLogin(""+userId, loginId);
     }
 
     private RSAPublicKey getPublicKey() {

user/user-service/src/main/java/cn/reghao/tnb/user/app/config/web/TokenFilter.java

@@ -1,6 +1,5 @@
 package cn.reghao.tnb.user.app.config.web;
 
-import cn.reghao.jutil.jdk.string.IDObfuscation;
 import cn.reghao.jutil.web.ServletUtil;
 import cn.reghao.tnb.common.auth.LoginUser;
 import cn.reghao.tnb.common.auth.UserContext;
@@ -15,12 +14,6 @@ import java.io.IOException;
  */
 @Component
 public class TokenFilter implements Filter {
-    private final IDObfuscation userIdObfuscation;
-
-    public TokenFilter(IDObfuscation userIdObfuscation) {
-        this.userIdObfuscation = userIdObfuscation;
-    }
-
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
     }
@@ -31,7 +24,7 @@ public class TokenFilter implements Filter {
         long userId = -1L;
         String userIdStr = ServletUtil.getHeader("x-user-id");
         if (userIdStr != null) {
-            userId = userIdObfuscation.restore(userIdStr);
+            userId = Long.parseLong(userIdStr);
         }
 
         String loginId = ServletUtil.getHeader("x-login-id");