From 77c257278f34f9777c662d409ec5b970dbd7c8c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=8D=E4=BC=9A=E6=89=93=E7=8E=8B=E8=80=85=E7=9A=84?= =?UTF-8?q?=E8=8F=9C=E9=B8=A1?= Date: Sun, 31 May 2026 04:48:25 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E9=A1=B9=E7=9B=AE=E7=BB=93?= =?UTF-8?q?=E6=9E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/test/java/com/caiji/uls/KeyGenTest.java | 33 ---- .../uls/UniLoginSystemApplicationTests.java | 31 --- .../uls/utils/jwt/EnterpriseJwtTest.java | 181 ------------------ 3 files changed, 245 deletions(-) delete mode 100644 src/test/java/com/caiji/uls/KeyGenTest.java delete mode 100644 src/test/java/com/caiji/uls/UniLoginSystemApplicationTests.java delete mode 100644 src/test/java/com/caiji/uls/utils/jwt/EnterpriseJwtTest.java diff --git a/src/test/java/com/caiji/uls/KeyGenTest.java b/src/test/java/com/caiji/uls/KeyGenTest.java deleted file mode 100644 index 589219f..0000000 --- a/src/test/java/com/caiji/uls/KeyGenTest.java +++ /dev/null @@ -1,33 +0,0 @@ -package com.caiji.uls; - -import com.caiji.uls.utils.jwt.RsaKeyGenerator; - -/** - * 密钥生成测试类 - */ -public class KeyGenTest { - public static void main(String[] args) { - try { - System.out.println("=== 生成RSA密钥对 ===\n"); - - var keyPair = RsaKeyGenerator.generateKeyPair(); - var publicKey = (java.security.interfaces.RSAPublicKey) keyPair.getPublic(); - var privateKey = (java.security.interfaces.RSAPrivateKey) keyPair.getPrivate(); - - String encodedPublicKey = RsaKeyGenerator.encodePublicKey(publicKey); - String encodedPrivateKey = RsaKeyGenerator.encodePrivateKey(privateKey); - - System.out.println("公钥 (Public Key):"); - System.out.println(encodedPublicKey); - System.out.println("\n私钥 (Private Key):"); - System.out.println(encodedPrivateKey); - System.out.println("\n=== 请将以上密钥配置到 application.properties ==="); - System.out.println("jwt.public-key=" + encodedPublicKey); - System.out.println("jwt.private-key=" + encodedPrivateKey); - - } catch (Exception e) { - System.err.println("生成密钥对失败: " + e.getMessage()); - e.printStackTrace(); - } - } -} diff --git a/src/test/java/com/caiji/uls/UniLoginSystemApplicationTests.java b/src/test/java/com/caiji/uls/UniLoginSystemApplicationTests.java deleted file mode 100644 index a0043e4..0000000 --- a/src/test/java/com/caiji/uls/UniLoginSystemApplicationTests.java +++ /dev/null @@ -1,31 +0,0 @@ -package com.caiji.uls; - -import com.caiji.uls.entity.User; -import com.caiji.uls.service.UserService; -import org.junit.jupiter.api.Test; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; - -@SpringBootTest -class UniLoginSystemApplicationTests { - - @Autowired - private UserService userService; - - @Test - void contextLoads() { - } - - @Test - void testRegisterAndInitUser() { - // 测试注册和初始化用户信息 - User user = userService.register("testuser", "password123"); - System.out.println("注册用户ID: " + user.getId()); - System.out.println("用户信息ID: " + user.getUserInfoTid()); - - // 验证 userInfoTid 不为空 - assert user.getUserInfoTid() != null; - assert user.getUserInfoTid() > 0; - } - -} diff --git a/src/test/java/com/caiji/uls/utils/jwt/EnterpriseJwtTest.java b/src/test/java/com/caiji/uls/utils/jwt/EnterpriseJwtTest.java deleted file mode 100644 index d666b4b..0000000 --- a/src/test/java/com/caiji/uls/utils/jwt/EnterpriseJwtTest.java +++ /dev/null @@ -1,181 +0,0 @@ -package com.caiji.uls.utils.jwt; - -import org.junit.jupiter.api.BeforeAll; -import org.junit.jupiter.api.Test; - -import java.security.KeyPair; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.util.HashMap; -import java.util.Map; - -import static org.junit.jupiter.api.Assertions.*; - -/** - * 企业级JWT功能测试 - */ -public class EnterpriseJwtTest { - - private static String testPublicKey; - private static String testPrivateKey; - - @BeforeAll - public static void setUp() throws Exception { - // 生成测试密钥对 - KeyPair keyPair = RsaKeyGenerator.generateKeyPair(); - RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); - RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); - - testPublicKey = RsaKeyGenerator.encodePublicKey(publicKey); - testPrivateKey = RsaKeyGenerator.encodePrivateKey(privateKey); - - // 初始化密钥管理器 - JwtKeyManager.initKeys(testPublicKey, testPrivateKey); - - System.out.println("✅ 测试环境初始化完成"); - } - - @Test - public void testGenerateAndValidateToken() { - System.out.println("\n=== 测试1: 生成和验证Token ==="); - - // 生成Token - String token = JwtUtil.generateToken("user123", "testuser"); - assertNotNull(token, "Token不应为null"); - assertTrue(token.split("\\.").length == 3, "Token应为三段式结构"); - - System.out.println("生成的Token: " + token.substring(0, 50) + "..."); - - // 验证Token - assertTrue(JwtUtil.validateToken(token), "Token应有效"); - assertEquals("user123", JwtUtil.getUserIdFromToken(token), "用户ID应匹配"); - assertEquals("testuser", JwtUtil.getUsernameFromToken(token), "用户名应匹配"); - - System.out.println("✅ Token生成和验证成功"); - } - - @Test - public void testEnhancedClaims() { - System.out.println("\n=== 测试2: 增强Claims字段 ==="); - - String token = JwtUtil.generateToken("user456", "admin"); - var claims = JwtUtil.getClaimsFromToken(token); - - // 验证标准字段 - assertNotNull(claims.getId(), "JTI不应为null"); - assertEquals("uni-login-system", claims.getIssuer(), "签发者应匹配"); - assertNotNull(claims.getIssuedAt(), "签发时间不应为null"); - assertNotNull(claims.getExpiration(), "过期时间不应为null"); - assertNotNull(claims.getNotBefore(), "生效时间不应为null"); - - // 验证自定义字段 - assertEquals("user456", claims.get("userId", String.class), "用户ID应匹配"); - - System.out.println("JTI: " + claims.getId()); - System.out.println("ISS: " + claims.getIssuer()); - System.out.println("✅ 增强Claims验证成功"); - } - - @Test - public void testTokenWithExtraClaims() { - System.out.println("\n=== 测试3: 带额外声明的Token ==="); - - Map extraClaims = new HashMap<>(); - extraClaims.put("role", "admin"); - extraClaims.put("department", "IT"); - - String token = JwtUtil.generateToken("user789", "manager", extraClaims); - var claims = JwtUtil.getClaimsFromToken(token); - - assertEquals("admin", claims.get("role", String.class), "角色应匹配"); - assertEquals("IT", claims.get("department", String.class), "部门应匹配"); - - System.out.println("Role: " + claims.get("role", String.class)); - System.out.println("Department: " + claims.get("department", String.class)); - System.out.println("✅ 额外声明添加成功"); - } - - @Test - public void testTokenExpiration() { - System.out.println("\n=== 测试4: Token过期检查 ==="); - - String token = JwtUtil.generateToken("user999", "tempuser"); - - // 检查剩余时间 - long remainingTime = JwtUtil.getTokenRemainingTime(token); - assertTrue(remainingTime > 0, "剩余时间应大于0"); - - System.out.println("剩余有效期: " + (remainingTime / 3600) + " 小时"); - assertFalse(JwtUtil.isTokenExpired(token), "Token不应过期"); - - System.out.println("✅ 过期检查成功"); - } - - @Test - public void testTokenRefresh() { - System.out.println("\n=== 测试5: Token刷新 ==="); - - String originalToken = JwtUtil.generateToken("user111", "refreshuser"); - String userId1 = JwtUtil.getUserIdFromToken(originalToken); - - // 刷新Token - String newToken = JwtUtil.refreshToken(originalToken); - assertNotNull(newToken, "新Token不应为null"); - assertNotEquals(originalToken, newToken, "新旧Token应不同"); - - // 验证新Token - String userId2 = JwtUtil.getUserIdFromToken(newToken); - assertEquals(userId1, userId2, "用户ID应保持一致"); - - System.out.println("原Token JTI: " + JwtUtil.getJtiFromToken(originalToken)); - System.out.println("新Token JTI: " + JwtUtil.getJtiFromToken(newToken)); - System.out.println("✅ Token刷新成功"); - } - - @Test - public void testInvalidToken() { - System.out.println("\n=== 测试6: 无效Token处理 ==="); - - // 测试格式错误的Token - assertFalse(JwtUtil.validateToken("invalid.token.here"), "无效Token应验证失败"); - - // 测试空Token - assertFalse(JwtUtil.validateToken(""), "空Token应验证失败"); - - // 测试篡改的Token - String validToken = JwtUtil.generateToken("user222", "test"); - String tamperedToken = validToken.substring(0, 20) + "X" + validToken.substring(21); - assertFalse(JwtUtil.validateToken(tamperedToken), "篡改Token应验证失败"); - - System.out.println("✅ 无效Token处理正确"); - } - - @Test - public void testKeyRotation() throws Exception { - System.out.println("\n=== 测试7: 密钥轮换 ==="); - - // 生成旧Token - String oldToken = JwtUtil.generateToken("user333", "rotationtest"); - assertTrue(JwtUtil.validateToken(oldToken), "旧Token应有效"); - - // 生成新密钥对并轮换 - KeyPair newKeyPair = RsaKeyGenerator.generateKeyPair(); - String newPublicKey = RsaKeyGenerator.encodePublicKey((RSAPublicKey) newKeyPair.getPublic()); - String newPrivateKey = RsaKeyGenerator.encodePrivateKey((RSAPrivateKey) newKeyPair.getPrivate()); - - JwtKeyManager.rotateKeys(newPublicKey, newPrivateKey); - - // 旧Token仍应有效(使用旧公钥验证) - assertTrue(JwtUtil.validateToken(oldToken), "旧Token在轮换后仍应有效"); - - // 生成新Token - String newToken = JwtUtil.generateToken("user333", "rotationtest"); - assertTrue(JwtUtil.validateToken(newToken), "新Token应有效"); - - System.out.println("✅ 密钥轮换成功,新旧Token均有效"); - - // 清除旧密钥 - JwtKeyManager.clearPreviousKey(); - System.out.println("✅ 旧密钥已清除"); - } -}