登入，重置密码加密解密处理历史遗留bug

ibps-basic-root/modules/basic-response/src/main/java/com/lc/ibps/cloud/util/AESUtil.java

@@ -13,6 +13,8 @@ import java.security.NoSuchAlgorithmException;
 import java.util.Base64;
 
 public class AESUtil {
+    private static final String USERKEY = "49PBou+TREIOzSHj";
+    private static final String USERIV = "5lDsNRe&UduJ97uS";
     private static final String KEY = "dmngJmmO+9GMw+tu";
     private static final String IV = "sanXyqhk8+U7LPP4";
     public static String decrypt(String encryptedText)
@@ -29,4 +31,19 @@ public class AESUtil {
         byte[] decryptedBytes = cipher.doFinal(encryptedData);
         return new String(decryptedBytes, StandardCharsets.UTF_8).trim(); // 去除末尾空格
     }
+
+    public static String decryptUser(String encryptedText)
+            throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException,
+            IllegalBlockSizeException, BadPaddingException {
+        byte[] encryptedData = Base64.getDecoder().decode(encryptedText);
+
+        SecretKeySpec secretKeySpec = new SecretKeySpec(USERKEY.getBytes(StandardCharsets.UTF_8), "AES");
+        IvParameterSpec ivParameterSpec = new IvParameterSpec(USERIV.getBytes(StandardCharsets.UTF_8));
+
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); // 使用CBC模式和PKCS5Padding填充
+        cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
+
+        byte[] decryptedBytes = cipher.doFinal(encryptedData);
+        return new String(decryptedBytes, StandardCharsets.UTF_8).trim(); // 去除末尾空格
+    }
 }

ibps-oauth-root/modules/oauth-server2-default/src/main/java/com/lc/ibps/cloud/oauth/server/provider/UserProvider.java

@@ -7,6 +7,7 @@ import java.util.stream.Collectors;
 
 import com.lc.ibps.api.org.constant.PartyRelType;
 import com.lc.ibps.cloud.oauth.server.util.IpUtil;
+import com.lc.ibps.cloud.util.AESUtil;
 import com.lc.ibps.org.auth.persistence.entity.LoginLogPo;
 import com.lc.ibps.org.auth.persistence.entity.LoginLogTbl;
 import org.apache.http.Consts;
@@ -128,7 +129,10 @@ public class UserProvider extends BaseProvider implements IUserService {
 			
 			// 验证码校验
 			captcha(requestId, username, captcha);
-			
+			try {
+				String password = AESUtil.decryptUser(loginVo.getPassword());
+				loginVo.setPassword(password);
+			} catch (Exception exception) {}
 			// 用户登录
 			PartyUserPo user = login0(loginVo);
 			String statistic = getStatistic(user);

ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/org/provider/PartyUserProvider.java

@@ -11,6 +11,7 @@ import java.util.Map.Entry;
 import javax.annotation.Resource;
 import javax.validation.Valid;
 
+import com.lc.ibps.cloud.util.AESUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -707,8 +708,11 @@ public class PartyUserProvider extends GenericProvider implements IPartyUserServ
 		try {
 			String[] userIds = changePasswdVo.getUserIds();
 			String primitivePassword = changePasswdVo.getPrimitivePassword();
-			String newPassword = changePasswdVo.getNewPassword();
-			String repeatPassword = changePasswdVo.getRepeatPassword();
+			String newPassword = AESUtil.decryptUser(changePasswdVo.getNewPassword());
+			String repeatPassword = AESUtil.decryptUser(changePasswdVo.getRepeatPassword());
+			if(BeanUtils.isNotEmpty(primitivePassword)){
+				primitivePassword = AESUtil.decryptUser(primitivePassword);
+			}
 			String enPassword = EncryptUtil.encryptSha256(primitivePassword);
 
 			for (String userId : userIds) {