How to use com.lcw.one.util.utils.cipher

/**
 * 对文件进行sha1散列.
 */
public static byte[] sha1(InputStream input) throws IOException {
  return digest(input, SHA1);
}

/**
 * 进行MD5散列算法
 * @param input 需要散列的值
 * @return
 */
public static byte[] md5(byte[] input) {
  return md5(input, null);
}

/**
 * 进行SHA1散列算法
 * @param input 需要散列的值
 * @param salt 盐值
 * @return
 */
public static byte[] sha1(byte[] input, byte[] salt) {
  return sha1(input, salt, 1);
}

  @Override
  public boolean validatePassword(String plainPassword, String password) {
    byte[] salt = Encodes.decodeHex(password.substring(0, 16));
    byte[] hashPassword = DigestUtils.sha1(plainPassword.getBytes(), salt, PasswordUtils.HASH_INTERATIONS);
    return password.equals(Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword));
  }
}

  @Override
  public boolean validatePassword(String plainPassword, String password) {
    byte[] salt = Encodes.decodeHex(password.substring(0, 16));
    byte[] hashPassword = DigestUtils.md5(plainPassword.getBytes(), salt, PasswordUtils.HASH_INTERATIONS);
    return password.equals(Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword));
  }
}

/**
 * 对字符串进行SHA1，并返回Hash值的16进制字符串
 * @param input
 * @return
 */
public static String sha1(String input) {
  return Encodes.encodeHex(sha1(input.getBytes()));
}

/**
 * 对字符串进行MD5，并返回Hash值的16进制字符串
 * @param input
 * @return
 */
public static String md5(String input) {
  return Encodes.encodeHex(md5(input.getBytes()));
}

/**
 * 写数据到 response 中
 *
 * @param response
 * @param bytes       需要写入的字节数字
 * @param fileName    文件名称
 * @param contentType
 * @throws IOException
 */
public static void writeBytesToResponse(HttpServletResponse response, byte[] bytes, String fileName, String contentType) throws IOException {
  response.reset();
  response.setContentType(contentType);
  response.setHeader("Content-Disposition", "attachment; filename=" + Encodes.urlEncode(fileName));
  response.getOutputStream().write(bytes);
  response.getOutputStream().flush();
}

/**
 * 认证回调函数, 登录时调用
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
  OneUsernamePasswordToken token = (OneUsernamePasswordToken) authcToken;
  // 如果登录失败超过3次需要验证码
  if (UserUtils.isNeedValidCode(token.getUsername())) {
    HttpServletRequest request = WebUtils.getHttpRequest(SecurityUtils.getSubject());
    String cookieValue = CookieUtils.getCookieValue(request);
    String validCode = getRedisUtil().get(cookieValue + "_" + VerifyCodeTypeEnum.LOGIN.getCode());
    if (token.getCaptcha() == null || !token.getCaptcha().toUpperCase().equals(validCode)) {
      throw new CaptchaException("验证码错误.");
    }
    getRedisUtil().remove(cookieValue + "_" + VerifyCodeTypeEnum.LOGIN.getCode());
  }
  UserInfoEO user = getUserService().getUserByLoginName(token.getUserType(), token.getUsername());
  if (user == null) {
    logger.info("用户不存在：UserName[{}], UserType[{}]", token.getUsername(), token.getUserType());
    return null;
  }
  if (StringUtils.isEmpty(user.getPassword())) {
    throw new OneBaseException("用户密码为空");
  }
  logger.info("用户登录：UserId[{}], Account[{}]", user.getUserId(), user.getAccount());
  byte[] salt = Encodes.decodeHex(user.getPassword().substring(0, 16));
  return new SimpleAuthenticationInfo(new Principal(user), user.getPassword().substring(16), ByteSource.Util.bytes(salt), getName());
}

@Override
public String encryptPassword(String plainPassword) {
  byte[] salt = RandomUtils.randomBytes(PasswordUtils.SALT_SIZE);
  byte[] hashPassword = DigestUtils.sha1(plainPassword.getBytes(), salt, PasswordUtils.HASH_INTERATIONS);
  return Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword);
}

@Override
public String encryptPassword(String plainPassword) {
  byte[] salt = RandomUtils.randomBytes(PasswordUtils.SALT_SIZE);
  byte[] hashPassword = DigestUtils.md5(plainPassword.getBytes(), salt, PasswordUtils.HASH_INTERATIONS);
  return Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword);
}

@ApiOperation("下载文件(内部)")
@GetMapping("/{fileId}/download")
public void downFile(HttpServletResponse response, @PathVariable String fileId, String fileName) {
  if (StringUtils.isEmpty(fileId)) {
    throw new OneBaseException("FileId不能为空");
  }
  SysFileEO sysFileEO = sysFileEOService.get(fileId);
  if (sysFileEO == null) {
    throw new OneBaseException("FileId[" + fileId + "]不存在");
  }
  try {
    if (StringUtils.isEmpty(fileName)) {
      fileName = sysFileEO.getFileName();
    }
    response.setHeader("Content-Disposition", "attachment; filename=" + Encodes.urlEncode(fileName + "." + sysFileEO.getFileType()));
    response.setContentType(sysFileEO.getContentType());
    fileStoreFactory.instance(sysFileEO.getStoreType()).loadFile(sysFileEO.getSavePath(), response.getOutputStream());
    response.getOutputStream().flush();
  } catch (IOException e) {
    logger.error(e.getMessage(), e);
    throw new OneBaseException("下载文件失败，请重试");
  }
}

/**
 * 对文件进行md5散列.
 */
public static byte[] md5(InputStream input) throws IOException {
  return digest(input, MD5);
}

/**
 * 进行MD5散列算法
 * @param input 需要散列的值
 * @param salt 盐值
 * @return
 */
public static byte[] md5(byte[] input, byte[] salt) {
  return md5(input, salt, 1);
}

/**
 * 进行SHA1散列算法
 * @param input 需要散列的值
 * @return
 */
public static byte[] sha1(byte[] input) {
  return sha1(input, null);
}

/**
 *
 * 进行SHA1散列算法
 * @param input 需要散列的值
 * @param salt 盐值
 * @param iterations 散列次数
 * @return
 */
public static byte[] sha1(byte[] input, byte[] salt, int iterations) {
  return digest(input, SHA1, salt, iterations);
}

/**
 *
 * 进行MD5散列算法
 * @param input 需要散列的值
 * @param salt 盐值
 * @param iterations 散列次数
 * @return
 */
public static byte[] md5(byte[] input, byte[] salt, int iterations) {
  return digest(input, MD5, salt, iterations);
}