Microservice/pqs
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

增加认证日志

Browse Source
This commit is contained in:
hongawen
2023-08-30 10:14:30 +08:00
parent 8d30230281
commit 2910bf5000
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pqs-auth/src/main/java/com/njcn/auth/security/provider/Sm4AuthenticationProvider.java
View File

@@ -12,7 +12,6 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
/** /**
@@ -48,7 +47,6 @@ public class Sm4AuthenticationProvider extends AbstractUserDetailsAuthentication
} }
String presentedPassword = authentication.getCredentials().toString(); String presentedPassword = authentication.getCredentials().toString();
log.error("用户当前密码:"+presentedPassword);
BusinessUser businessUser = (BusinessUser)userDetails; BusinessUser businessUser = (BusinessUser)userDetails;
String secretKey = businessUser.getSecretKey(); String secretKey = businessUser.getSecretKey();
Sm4Utils sm4 = new Sm4Utils(secretKey); Sm4Utils sm4 = new Sm4Utils(secretKey);
@@ -56,10 +54,10 @@ public class Sm4AuthenticationProvider extends AbstractUserDetailsAuthentication
String sm4PwdOnce = sm4.encryptData_ECB(presentedPassword); String sm4PwdOnce = sm4.encryptData_ECB(presentedPassword);
//SM4加密(密码+工作秘钥) //SM4加密(密码+工作秘钥)
String sm4PwdTwice = sm4.encryptData_ECB(sm4PwdOnce + secretKey); String sm4PwdTwice = sm4.encryptData_ECB(sm4PwdOnce + secretKey);
log.error("加密后的:"+sm4PwdTwice);
log.error("数据库的:"+businessUser.getPassword());
if(!businessUser.getPassword().equalsIgnoreCase(sm4PwdTwice)){ if(!businessUser.getPassword().equalsIgnoreCase(sm4PwdTwice)){
throw new InvalidGrantException(businessUser.getUsername()); throw new BadCredentialsException(messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.badCredentials",
businessUser.getUsername()));
} }
} }