软件许可证功能

当软件是试用状态是，需要检查过期时间。如果设置了快到期提醒，需要在页面上提供显著提醒信息。
如果过期，需要在线更新新的许可证，否则系统不可用。
如果是正式版，不需要检查过期时间。
admin管理页面需要提供更新许可证的页面。

ibps-api-root/modules/api-base/src/main/java/com/lc/ibps/api/base/constants/StateEnum.java

@@ -88,10 +88,11 @@ public enum StateEnum /*implements BaseEnum*/ {
 	, ACCOUNT_IS_EXIST(602117, "账号已存在！！！")
 	
 	, ILLEGAL_WECHAT_ERROT(6020116, "微信接口请求错误")
-	
+
 	, ILLEGAL_TOKEN(6020201, "非法token")
 	, ILLEGAL_GRANT_TYPE(6020202, "授权类型不支持")
-	
+	, ILLEGAL_LICENSE(6020203, "许可证异常")
+
 	, EXPIRED_TOKEN(6020301, "token过期")
 	
 	,ERROR_NEWS(6030201,"公告异常")

ibps-oauth-root/modules/oauth-core/src/main/java/com/lc/ibps/cloud/oauth/exception/LicenseException.java

@@ -0,0 +1,16 @@
+package com.lc.ibps.cloud.oauth.exception;
+
+public class LicenseException extends RuntimeException {
+
+    protected LicenseException() {
+        super();
+    }
+
+    public LicenseException(String message) {
+        super(message);
+    }
+
+    public LicenseException(String message, Throwable throwb) {
+        super(message, throwb);
+    }
+}

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/provider/BaseProvider.java

@@ -6,12 +6,15 @@ import java.util.concurrent.TimeUnit;
 
 import javax.annotation.Resource;
 
+import com.lc.ibps.cloud.oauth.exception.*;
+import com.lc.ibps.cloud.oauth.server.util.LicUtil;
 import com.lc.ibps.org.auth.persistence.entity.LoginLogPo;
 import com.lc.ibps.org.auth.persistence.entity.LoginLogTbl;
 import com.lc.ibps.org.auth.repository.LoginLogRepository;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.util.Assert;
 
@@ -36,17 +39,6 @@ import com.lc.ibps.cloud.identifier.IdGenerator;
 import com.lc.ibps.cloud.identifier.config.IdConfig;
 import com.lc.ibps.cloud.oauth.constants.RedisKey;
 import com.lc.ibps.cloud.oauth.entity.LoginVo;
-import com.lc.ibps.cloud.oauth.exception.ExcessiveAttemptsException;
-import com.lc.ibps.cloud.oauth.exception.ExpiredAccountException;
-import com.lc.ibps.cloud.oauth.exception.ExpiredCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.ExpiredSecretException;
-import com.lc.ibps.cloud.oauth.exception.InactiveException;
-import com.lc.ibps.cloud.oauth.exception.IncorrectCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.LockedAccountException;
-import com.lc.ibps.cloud.oauth.exception.ManyIncorrectCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.NopassException;
-import com.lc.ibps.cloud.oauth.exception.PenddingException;
-import com.lc.ibps.cloud.oauth.exception.UnknownAccountException;
 import com.lc.ibps.cloud.oauth.helper.RegDataToUser;
 import com.lc.ibps.cloud.oauth.server.config.TokenConfig;
 import com.lc.ibps.cloud.oauth.server.config.UserConfig;
@@ -82,7 +74,9 @@ import cn.hutool.core.lang.UUID;
 public class BaseProvider extends GenericProvider {
 
 	protected Logger logger = LoggerFactory.getLogger(this.getClass());
-	
+
+	@Value("${license.public.key}")
+	protected String pubKey;
 	@Autowired
 	private IdGenerator idGenerator;
 	@Autowired
@@ -545,5 +539,16 @@ public class BaseProvider extends GenericProvider {
 		RedisUtil.redisTemplateString.delete(keys);
 		RedisUtil.redisTemplateString.delete(key);
 	}
+
+	protected String checkLicense() {
+		String licText = "XnRn48Yl78WS0OWZ0100t2IjyMx0E5Yx0tDz3M1FuubuD25X5aOEKkpWYpYI7p7Md364I7yM2kFIO4c2PYRefWoV06Bypu41QAdKHjEYnS7ml9KPit73JlQ0Zm1OrbADaJF8ezDURnIrFjyr9bMyxaTcfm0THWBHhhnRBZxCmfF0WdMrSmDj76rSqLkZHl3tlSKjwKmjlxcIuSZGZIWiET7+kzLB8FiGMoxw00YWhXBjIpuNkv63CFbU6iOCPN7e7jfUl2medTSj7oyX3vABRFmbCtgBVT7CjWq+Mzb+3B+lJ9R5s0ax+o1rWWL13wbY0+/lylhtKPhIQMMPukx38d80eU8q8bkGoAuOfXjCkLU2QqU28orGQQtxJlJRmStodmqotPD8ETqU4MFq8qIikK3foed+1tOcMw5epFjMuE4v/0Cps8wWARO543quzy8=";
+		String licJson = null;
+		try {
+			licJson = LicUtil.checkLic(licText, pubKey);
+		} catch (Exception e) {
+			throw new LicenseException(e.getMessage());
+		}
+		return licJson;
+	}
 	
 }

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/provider/TokenProvider.java

@@ -6,6 +6,7 @@ import java.util.List;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
+import com.lc.ibps.cloud.oauth.exception.*;
 import org.springframework.data.redis.connection.DataType;
 import org.springframework.stereotype.Service;
 import org.springframework.util.Assert;
@@ -39,15 +40,6 @@ import com.lc.ibps.cloud.oauth.entity.SwitchVo;
 import com.lc.ibps.cloud.oauth.entity.TokenEntity;
 import com.lc.ibps.cloud.oauth.entity.TokenParamVo;
 import com.lc.ibps.cloud.oauth.entity.TokenVo;
-import com.lc.ibps.cloud.oauth.exception.DisabledAccountException;
-import com.lc.ibps.cloud.oauth.exception.ExcessiveAttemptsException;
-import com.lc.ibps.cloud.oauth.exception.ExpiredAccountException;
-import com.lc.ibps.cloud.oauth.exception.ExpiredCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.InactiveException;
-import com.lc.ibps.cloud.oauth.exception.IncorrectCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.LockedAccountException;
-import com.lc.ibps.cloud.oauth.exception.ManyIncorrectCredentialsException;
-import com.lc.ibps.cloud.oauth.exception.UnknownAccountException;
 import com.lc.ibps.cloud.oauth.server.service.ITokenService;
 import com.lc.ibps.cloud.redis.utils.RedisUtil;
 import com.lc.ibps.org.party.persistence.entity.DefaultPartyUserPo;
@@ -160,7 +152,7 @@ public class TokenProvider extends BaseProvider implements ITokenService {
 			String refreshToken = accessTokenVo.getRefresh_token();
 			String authorizeCode = accessTokenVo.getAuthorize_code();
 			String redirectUri = accessTokenVo.getRedirect_uri();
-			
+			String licJson = checkLicense();
 			TokenEntity token = new TokenEntity();
 			logger.debug("grant type is {}", grantType);
 			if(GrantType.AUTHORIZATION_CODE.equalsIgnoreCase(grantType)){
@@ -175,9 +167,17 @@ public class TokenProvider extends BaseProvider implements ITokenService {
 				result.setState(StateEnum.ILLEGAL_GRANT_TYPE.getCode());
 				throw new BaseException(StateEnum.ILLEGAL_GRANT_TYPE.getText());
 			}
-			
+
+			result.getVariables().put("licJson",licJson);
 			result.setData(token);
 			result.addVariable("redirect_uri", redirectUri);
+		} catch(LicenseException e){
+			if(StateEnum.SUCCESS.getCode() == result.getState()){
+				result.setState(StateEnum.ILLEGAL_LICENSE.getCode());
+			}
+//			result.setMessage(e.getMessage());
+			result.setCause(ExceptionUtil.analysisCause(e));
+			logger.error("license failed:", e);
 		} catch(UnknownAccountException e){
 			if(StateEnum.SUCCESS.getCode() == result.getState()){
 				result.setState(StateEnum.ILLEGAL_ACCOUNT_PASSWORD.getCode());

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/util/AesUtil.java

@@ -0,0 +1,45 @@
+package com.lc.ibps.cloud.oauth.server.util;
+
+
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+public class AesUtil {
+
+    /**
+     * 加密
+     *
+     * @param key     加密密码
+     * @param content 需要加密的内容
+     * @return 加密内容
+     */
+    public static String encrypt(String key, String content) throws Exception {
+        SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES");
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, keySpec);
+        byte[] result = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+        return Base64.encodeBase64String(result);
+    }
+
+    /**
+     * 解密
+     *
+     * @param key     解密密钥
+     * @param content 需要解密的内容
+     * @return 解密内容
+     */
+    public static String decrypt(String key, String content) throws Exception {
+        if (content == null) {
+            return null;
+        }
+        SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES");
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(Cipher.DECRYPT_MODE, keySpec);
+        byte[] result = cipher.doFinal(Base64.decodeBase64(content));
+        return new String(result, StandardCharsets.UTF_8);
+    }
+
+}

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/util/JsonUtil.java

@@ -0,0 +1,225 @@
+package com.lc.ibps.cloud.oauth.server.util;
+
+import org.json.JSONArray;
+import org.json.JSONException;
+import org.json.JSONObject;
+
+public class JsonUtil {
+
+
+    private static final byte TYPE_BOOLEAN = 0x00;
+    private static final byte TYPE_INT = 0x01;
+    private static final byte TYPE_LONG = 0x02;
+    private static final byte TYPE_DOUBLE = 0x03;
+    private static final byte TYPE_STRING = 0x04;
+    private static final byte TYPE_JSON_OBJECT = 0x05;
+    private static final byte TYPE_JSON_ARRAY = 0x06;
+
+    private JsonUtil() {
+        throw new UnsupportedOperationException();
+    }
+
+    public static boolean getBoolean(final JSONObject jsonObject,
+                                     final String key) {
+        return getBoolean(jsonObject, key, false);
+    }
+
+    public static boolean getBoolean(final JSONObject jsonObject,
+                                     final String key,
+                                     final boolean defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_BOOLEAN);
+    }
+
+    public static boolean getBoolean(final String json,
+                                     final String key) {
+        return getBoolean(json, key, false);
+    }
+
+    public static boolean getBoolean(final String json,
+                                     final String key,
+                                     final boolean defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_BOOLEAN);
+    }
+
+    public static int getInt(final JSONObject jsonObject,
+                             final String key) {
+        return getInt(jsonObject, key, -1);
+    }
+
+    public static int getInt(final JSONObject jsonObject,
+                             final String key,
+                             final int defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_INT);
+    }
+
+    public static int getInt(final String json,
+                             final String key) {
+        return getInt(json, key, -1);
+    }
+
+    public static int getInt(final String json,
+                             final String key,
+                             final int defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_INT);
+    }
+
+    public static long getLong(final JSONObject jsonObject,
+                               final String key) {
+        return getLong(jsonObject, key, -1);
+    }
+
+    public static long getLong(final JSONObject jsonObject,
+                               final String key,
+                               final long defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_LONG);
+    }
+
+    public static long getLong(final String json,
+                               final String key) {
+        return getLong(json, key, -1);
+    }
+
+    public static long getLong(final String json,
+                               final String key,
+                               final long defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_LONG);
+    }
+
+    public static double getDouble(final JSONObject jsonObject,
+                                   final String key) {
+        return getDouble(jsonObject, key, -1);
+    }
+
+    public static double getDouble(final JSONObject jsonObject,
+                                   final String key,
+                                   final double defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_DOUBLE);
+    }
+
+    public static double getDouble(final String json,
+                                   final String key) {
+        return getDouble(json, key, -1);
+    }
+
+    public static double getDouble(final String json,
+                                   final String key,
+                                   final double defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_DOUBLE);
+    }
+
+    public static String getString(final JSONObject jsonObject,
+                                   final String key) {
+        return getString(jsonObject, key, "");
+    }
+
+    public static String getString(final JSONObject jsonObject,
+                                   final String key,
+                                   final String defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_STRING);
+    }
+
+    public static String getString(final String json,
+                                   final String key) {
+        return getString(json, key, "");
+    }
+
+    public static String getString(final String json,
+                                   final String key,
+                                   final String defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_STRING);
+    }
+
+    public static JSONObject getJSONObject(final JSONObject jsonObject,
+                                           final String key,
+                                           final JSONObject defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_JSON_OBJECT);
+    }
+
+    public static JSONObject getJSONObject(final String json,
+                                           final String key,
+                                           final JSONObject defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_JSON_OBJECT);
+    }
+
+    public static JSONArray getJSONArray(final JSONObject jsonObject,
+                                         final String key,
+                                         final JSONArray defaultValue) {
+        return getValueByType(jsonObject, key, defaultValue, TYPE_JSON_ARRAY);
+    }
+
+    public static JSONArray getJSONArray(final String json,
+                                         final String key,
+                                         final JSONArray defaultValue) {
+        return getValueByType(json, key, defaultValue, TYPE_JSON_ARRAY);
+    }
+
+    private static <T> T getValueByType(final JSONObject jsonObject,
+                                        final String key,
+                                        final T defaultValue,
+                                        final byte type) {
+        if (jsonObject == null || key == null || key.length() == 0) {
+            return defaultValue;
+        }
+        try {
+            Object ret;
+            if (type == TYPE_BOOLEAN) {
+                ret = jsonObject.getBoolean(key);
+            } else if (type == TYPE_INT) {
+                ret = jsonObject.getInt(key);
+            } else if (type == TYPE_LONG) {
+                ret = jsonObject.getLong(key);
+            } else if (type == TYPE_DOUBLE) {
+                ret = jsonObject.getDouble(key);
+            } else if (type == TYPE_STRING) {
+                ret = jsonObject.getString(key);
+            } else if (type == TYPE_JSON_OBJECT) {
+                ret = jsonObject.getJSONObject(key);
+            } else if (type == TYPE_JSON_ARRAY) {
+                ret = jsonObject.getJSONArray(key);
+            } else {
+                return defaultValue;
+            }
+            //noinspection unchecked
+            return (T) ret;
+        } catch (JSONException e) {
+            return defaultValue;
+        }
+    }
+
+    private static <T> T getValueByType(final String json,
+                                        final String key,
+                                        final T defaultValue,
+                                        final byte type) {
+        if (json == null || json.length() == 0
+                || key == null || key.length() == 0) {
+            return defaultValue;
+        }
+        try {
+            return getValueByType(new JSONObject(json), key, defaultValue, type);
+        } catch (JSONException e) {
+            return defaultValue;
+        }
+    }
+
+    public static String formatJson(final String json) {
+        return formatJson(json, 4);
+    }
+
+    public static String formatJson(final String json, final int indentSpaces) {
+        try {
+            for (int i = 0, len = json.length(); i < len; i++) {
+                char c = json.charAt(i);
+                if (c == '{') {
+                    return new JSONObject(json).toString(indentSpaces);
+                } else if (c == '[') {
+                    return new JSONArray(json).toString(indentSpaces);
+                } else if (!Character.isWhitespace(c)) {
+                    return json;
+                }
+            }
+        } catch (JSONException e) {
+            e.printStackTrace();
+        }
+        return json;
+    }
+}

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/util/LicUtil.java

@@ -0,0 +1,163 @@
+package com.lc.ibps.cloud.oauth.server.util;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.http.util.TextUtils;
+import org.json.JSONObject;
+import org.json.JSONException;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.Random;
+
+public class LicUtil {
+    public static String checkLic(String lic,String pubKey) throws Exception {
+        if (StringUtils.isEmpty(lic)) {
+            throw new Exception("许可证为空");
+        }
+        try {
+
+            String aesKey = lic.substring(0, 16);
+            int encDataLength = Integer.parseInt(lic.substring(16, 20), 16);
+            String encData = lic.substring(20, 20 + encDataLength);
+            String sign = lic.substring(20 + encDataLength);
+            if (!RSAUtil.verifySign(pubKey, encData, sign)) {
+                throw new Exception("许可证无效！");
+            }
+            String data = AesUtil.decrypt(aesKey, encData);
+            String appId = JsonUtil.getString(data, "appId");
+            long notBefore = JsonUtil.getLong(data, "notBefore");
+            long notAfter = JsonUtil.getLong(data, "notAfter");
+            boolean isTrialVersion = JsonUtil.getBoolean(data, "isTrialVersion",true);
+            String customerInfo = JsonUtil.getString(data, "customerInfo");
+            //正式版跳过过期时间检查
+            if(!isTrialVersion){
+                return data;
+            }
+            //注意下时间戳精度的问题，
+            long time = System.currentTimeMillis();
+            if ( time > notAfter) {
+                throw new Exception("许可证过期！");
+            }
+            if(time < notBefore){
+                throw new Exception("许可证还未开始生效！");
+            }
+            return data;
+        } catch (Exception e) {
+            throw e;
+        }
+    }
+
+    /**
+     * 获取N位随机密钥
+     */
+    public static String getRandomString(int length) {
+        Random random = new Random();
+        StringBuilder sb = new StringBuilder();
+        for (int i = 0; i < length; i++) {
+            int number = random.nextInt(3);
+            long result;
+            switch (number) {
+                case 0:
+                    result = Math.round(Math.random() * 25 + 65);
+                    sb.append((char) result);
+                    break;
+                case 1:
+                    result = Math.round(Math.random() * 25 + 97);
+                    sb.append((char) result);
+                    break;
+                case 2:
+                    sb.append(new Random().nextInt(10));
+                    break;
+                default:
+                    break;
+            }
+        }
+        return sb.toString();
+    }
+
+    public static class licenseBean {
+
+        private String appId;
+        private long issuedTime;
+        private long notBefore;
+        private long notAfter;
+        private String customerInfo;
+
+        private boolean isTrialVersion;
+        private int reminderDays;
+
+        public String getAppId() {
+            return appId;
+        }
+
+        public void setAppId(String appId) {
+            this.appId = appId;
+        }
+
+        public long getIssuedTime() {
+            return issuedTime;
+        }
+
+        public void setIssuedTime(long issuedTime) {
+            this.issuedTime = issuedTime;
+        }
+
+        public long getNotBefore() {
+            return notBefore;
+        }
+
+        public void setNotBefore(long notBefore) {
+            this.notBefore = notBefore;
+        }
+
+        public long getNotAfter() {
+            return notAfter;
+        }
+
+        public void setNotAfter(long notAfter) {
+            this.notAfter = notAfter;
+        }
+
+        public String getCustomerInfo() {
+            return customerInfo;
+        }
+
+        public void setCustomerInfo(String customerInfo) {
+            this.customerInfo = customerInfo;
+        }
+
+        public boolean isTrialVersion() {
+            return isTrialVersion;
+        }
+
+        public void setTrialVersion(boolean trialVersion) {
+            isTrialVersion = trialVersion;
+        }
+
+        public int getReminderDays() {
+            return reminderDays;
+        }
+
+        public void setReminderDays(int reminderDays) {
+            this.reminderDays = reminderDays;
+        }
+
+        private String toJson() {
+
+            JSONObject jo = new JSONObject();
+            try {
+                jo.put("appId", appId);
+                jo.put("issuedTime", issuedTime);
+                jo.put("notBefore", notBefore);
+                jo.put("notAfter", notAfter);
+                jo.put("customerInfo", customerInfo);
+                jo.put("isTrialVersion",isTrialVersion);
+                jo.put("reminderDays",reminderDays);
+            } catch (JSONException e) {
+                e.printStackTrace();
+            }
+
+            return jo.toString();
+        }
+    }
+
+}

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/util/RSAUtil.java

@@ -0,0 +1,112 @@
+package com.lc.ibps.cloud.oauth.server.util;
+
+import javax.crypto.Cipher;
+import java.nio.charset.StandardCharsets;
+import java.security.*;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import org.apache.commons.codec.binary.Base64;
+public class RSAUtil {
+
+    /**
+     * 随机生成密钥对
+     *
+     * @throws NoSuchAlgorithmException 生成密钥对过程中的异常信息
+     */
+    public static void genKeyPair() throws NoSuchAlgorithmException {
+        // KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
+        // 初始化密钥对生成器，密钥大小为96-1024位
+        keyPairGen.initialize(1024, new SecureRandom());
+        // 生成一个密钥对，保存在keyPair中
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+
+        // 得到私钥
+        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
+        // 得到公钥
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
+
+        //得到公钥字符串
+        System.out.println("公钥：" + Base64.encodeBase64String(publicKey.getEncoded()));
+        // 得到私钥字符串
+        System.out.println("私钥：" + Base64.encodeBase64String(privateKey.getEncoded()));
+    }
+
+    /**
+     * RSA签名
+     *
+     * @param priKeyStr RSA私钥
+     * @param srcStr    待签名数据
+     * @return 签名值
+     * @throws Exception 签名过程中的异常信息
+     */
+    public static String sign(String priKeyStr, String srcStr) throws Exception {
+        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(priKeyStr));
+        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+        PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
+        Signature signature = Signature.getInstance("SHA1WithRSA");
+        signature.initSign(priKey);
+        signature.update(srcStr.getBytes(StandardCharsets.UTF_8));
+        byte[] signed = signature.sign();
+        return Base64.encodeBase64String(signed);
+    }
+
+    /**
+     * RSA-SHA1公钥验签
+     *
+     * @param publicKeyStr RSA公钥字符串
+     * @param srcStr       原文字符串
+     * @param signStr      签名字符串
+     * @return true.有效的签名，false.无效的签名
+     * @throws Exception 验签过程中的异常信息
+     */
+    public static boolean verifySign(String publicKeyStr, String srcStr, String signStr) throws Exception {
+        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+        byte[] encodedKey = Base64.decodeBase64(publicKeyStr);
+        PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
+        Signature signature = Signature.getInstance("SHA1WithRSA");
+        signature.initVerify(pubKey);
+        signature.update(srcStr.getBytes(StandardCharsets.UTF_8));
+        return signature.verify(Base64.decodeBase64(signStr));
+    }
+
+    /**
+     * RSA公钥加密
+     *
+     * @param clientPubKey RSA公钥
+     * @param str          加密字符串
+     * @return 密文
+     * @throws Exception 加密过程中的异常信息
+     */
+    public static String encrypt(String clientPubKey, String str) throws Exception {
+        byte[] decoded = Base64.decodeBase64(clientPubKey);
+        RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
+        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, pubKey);
+        return Base64.encodeBase64String(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
+    }
+
+    /**
+     * RSA私钥解密
+     *
+     * @param str              加密字符串
+     * @param clientPrivateKey RSA私钥
+     * @return 明文
+     * @throws Exception 解密过程中的异常信息
+     */
+    public static String decrypt(String str, String clientPrivateKey) throws Exception {
+        byte[] inputByte = Base64.decodeBase64(str);
+        byte[] decoded = Base64.decodeBase64(clientPrivateKey);
+        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
+        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+        cipher.init(Cipher.DECRYPT_MODE, priKey);
+        return new String(cipher.doFinal(inputByte), StandardCharsets.UTF_8);
+    }
+
+    public static void main(String[] args) throws NoSuchAlgorithmException {
+        genKeyPair();
+    }
+
+}

ibps-oauth-root/modules/oauth-server2/src/main/resources/config/application.yml

@@ -16,4 +16,8 @@ com:
   lc:
     mq:
       command:
-        enabled: false
+        enabled: false
+
+license:
+  public:
+    key: ${RSA_PUB_KEY:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcdUhgn2mRFPR2w6WTkUYp4rWsbzonZ1XiDwehrtJx4h11nmZ+PIItylqX1lrGr3Ug4tL18YrqOrF2g5ymApncQStZeZZr6pa99IttwwP3nQnppZ6y6QtAQOv5ChsAZCagdKNxI6880XHDLksmgYLOW4AOrWo6iQtqNCKOmwgb9QIDAQAB}