大家好,又见面了,我是你们的朋友全栈君。
由于上面的结构里面引入了其他包,故在最后,我就不放这个结构的代码在我的github上了
模块结构
模块功能说明
license.lic文件注意要放到web应用的resources目录下
证书生成creator模块中,注意把私有密钥放到resources下面
证书验证verify模块中,注意把公有密钥放到resources下面
API接口文档
证书(参数)验证拦截器
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
VLicense annotation = method.getAnnotation(VLicense.class);
if (CommonUtils.isNotEmpty(annotation)) {
LicenseVerifyManager licenseVerifyManager = new LicenseVerifyManager();
/** 1、校验证书是否有效 */
LicenseResult verifyResult = licenseVerifyManager.verify(properties.getVerifyParam());
if(!verifyResult.getResult()){
throw new CommonException(verifyResult.getMessage());
}
LicenseContent content = verifyResult.getContent();
LicenseExtraParam licenseCheck = (LicenseExtraParam) content.getExtra();
if (verifyResult.getResult()) {
/** 增加业务系统监听,是否自定义验证 */
List<ACustomVerifyListener> customListenerList = ACustomVerifyListener.getCustomListenerList();
boolean compare = true;
for (ACustomVerifyListener listener : customListenerList) {
boolean verify = listener.verify(licenseCheck);
compare = compare && verify;
}
return compare;
}
throw new CommonException(ResultCode.FAIL,verifyResult.getException().getMessage());
}
}
return true;
}
判断接口方法上是否加了@VLicense注解,如果不空,则走验证逻辑
这个很关键,可以加一些我们自定义的监听器类,来对lic文件做进一步的有效性验证
public abstract class ACustomVerifyListener {
/**软件证书参数全局验证监听容器*/
private static final List<ACustomVerifyListener> CUSTOM_VERIFY_LISTENER_LIST = new ArrayList<>(16);
public static List<ACustomVerifyListener> getCustomListenerList(){
return CUSTOM_VERIFY_LISTENER_LIST;
}
/***
* 默认构造函数,干了一件事情,就是会把所有实现了这个抽象类的子类实例全部添加到全局自定义验证监听器列表中
* 因为在调用子类的构造函数时,会首先调用父类的构造器
*/
public ACustomVerifyListener() {
addCustomListener(this);
}
public synchronized static void addCustomListener(ACustomVerifyListener verifyListener){
CUSTOM_VERIFY_LISTENER_LIST.add(verifyListener);
}
/**
* 业务系统自定义证书认证方法
* @param licenseExtra 自定义验证参数
* @return boolean 是否成功
*/
public abstract boolean verify(LicenseExtraParam licenseExtra) throws CommonException;
}
证书自定义验证监听器A(有具体的业务场景)
证书自定义验证监听器B(具体业务场景请自行补充)
http://localhost:8080/license/hello
模拟查询,假设从库中的用户表中count的值等于1001
网上有,这个不再细说了,直接上文本:
1、首先要用KeyTool工具来生成密钥库:(-alias别名 –validity 3650表示10年有效)
keytool -genkey -alias privatekeys -keysize 1024 -keystore privateKeys.store -validity 3650
2、然后将密钥库中名称为‘privatekeys’的证书条目导出到证书文件certfile.cer中:
keytool -export -alias privatekeys -file certfile.cer -keystore privateKeys.store
3、然后再把这个证书文件的信息导入到公钥库中别名为publiccert的证书条目中:
keytool -import -alias publiccert -file certfile.cer -keystore publicCerts.store
最后生成的文件privateKeys.store和publicCerts.store拷贝出来备用。
{
"ipAddress": [
"10.16.248.102"
],
"macAddress": [
"58-00-E3-D4-83-2B"
],
"cpuSerial": "BFEBFBFF000506E3",
"mainBoardSerial": "",
"macCheck": false,
"ipCheck": false,
"cpuCheck": false,
"boardCheck": false
}
{
"subject": "landi",
"privateAlias": "privateKeys",
"keyPass": "123456a",
"storePass": "123456a",
"privateKeysStorePath": "/privateKeys.store",
"issuedTime": "2020-05-01 08:30:00",
"expiryTime": "2021-05-01 08:30:00",
"description": "系统软件许可证书",
"licenseCheck": {
"ipAddress": [
"192.168.1.2",
"2408:8221:1d:bbd0:ad77:446e:4904:a776",
"2408:8221:1d:bbd0:71b6:d1b0:39c6:3c4e",
"192.168.145.1",
"192.168.239.1"
],
"macAddress": [
"64-FB-81-6F-0E-C2",
"00-50-56-C0-00-08",
"00-50-56-C0-00-01"
],
"cpuSerial": "BFEBFBFF000206D7",
"mainBoardSerial": "MB-201706282017",
"registerAmount": 1000,
"macCheck": false,
"boardCheck": false,
"cpuCheck": false,
"ipCheck": false,
"registerCheck": true
}
}
{
"status": 200,
"message": "成功",
"data": {
"subject": "landi",
"privateAlias": "privateKeys",
"keyPass": "123456a",
"privateKeysStorePath": "/privateKeys.store",
"storePass": "123456a",
"licensePath": "/Users/apple/Appleyk/github/license/license/20200822014856/license.lic",
"issuedTime": "2020-05-01 08:30:00",
"expiryTime": "2021-05-01 08:30:00",
"consumerType": "user",
"consumerAmount": 1,
"description": "系统软件许可证书",
"licenseCheck": {
"ipAddress": [
"192.168.1.2",
"2408:8221:1d:bbd0:ad77:446e:4904:a776",
"2408:8221:1d:bbd0:71b6:d1b0:39c6:3c4e",
"192.168.145.1",
"192.168.239.1"
],
"macAddress": [
"64-FB-81-6F-0E-C2",
"00-50-56-C0-00-08",
"00-50-56-C0-00-01"
],
"cpuSerial": "BFEBFBFF000206D7",
"mainBoardSerial": "MB-201706282017",
"registerAmount": 1000,
"macCheck": false,
"ipCheck": false,
"cpuCheck": false,
"boardCheck": false,
"registerCheck": true
},
"licUrl": "http://127.0.0.1:8080/license/download?path=/Users/apple/Appleyk/github/license/license/20200822014856/license.lic"
},
"timeStamp": "2020-08-22 01:49:09"
}
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.1.4.RELEASE)
2019-09-27 14:10:04.196 INFO 16220 --- [ main] cn.bluethink.license.App : Starting App on 9VSNYQQSFL96GK6 with PID 16220 (F:\gitlab\license\target\classes started by Administrator in F:\gitlab\license)
2019-09-27 14:10:04.199 INFO 16220 --- [ main] cn.bluethink.license.App : No active profile set, falling back to default profiles: default
2019-09-27 14:10:05.689 INFO 16220 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8066 (http)
2019-09-27 14:10:05.712 INFO 16220 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2019-09-27 14:10:05.712 INFO 16220 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.17]
2019-09-27 14:10:05.817 INFO 16220 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2019-09-27 14:10:05.818 INFO 16220 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 1571 ms
2019-09-27 14:10:06.042 INFO 16220 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
[INFO ] 2019-09-27 14:10:06,274 method:cn.bluethink.license.listener.LicenseCheckListener.onApplicationEvent(LicenseCheckListener.java:60)
++++++++ 开始安装证书 ++++++++
[INFO ] 2019-09-27 14:10:06,430 method:cn.bluethink.license.core.LicenseVerify.install(LicenseVerify.java:41)
证书安装成功,证书有效期:2019-09-26 14:50:00 - 2019-09-27 17:45:55
[INFO ] 2019-09-27 14:10:06,430 method:cn.bluethink.license.listener.LicenseCheckListener.onApplicationEvent(LicenseCheckListener.java:73)
++++++++ 证书安装结束 ++++++++
2019-09-27 14:10:06.463 INFO 16220 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8066 (http) with context path ''
2019-09-27 14:10:06.466 INFO 16220 --- [ main] cn.bluethink.license.App : Started App in 2.523 seconds (JVM running for 2.854)
后台控制台信息输出:
发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/164378.html原文链接:https://javaforall.cn