feat: 支持open api接口，根据域名获取证书

packages/libs/lib-server/src/basic/constants.ts

@@ -12,6 +12,8 @@ export const Constants = {
     authOnly: '_authOnly_',
     //仅需要登录
     loginOnly: '_authOnly_',
+
+    open: '_open_',
   },
   res: {
     serverError(message: string) {
@@ -68,5 +70,29 @@ export const Constants = {
       code: 10001,
       message: '对不起，预览环境不允许修改此数据',
     },
+    openKeyError: {
+      code: 20000,
+      message: 'openKey错误',
+    },
+    openKeySignError: {
+      code: 20001,
+      message: 'openKey签名错误',
+    },
+    openKeyExpiresError: {
+      code: 20002,
+      message: 'openKey时间戳错误',
+    },
+    openKeySignTypeError: {
+      code: 20003,
+      message: 'openKey签名类型不支持',
+    },
+    openParamError: {
+      code: 20010,
+      message: '请求参数错误',
+    },
+    openCertNotFound: {
+      code: 20011,
+      message: '证书不存在',
+    },
   },
 };

packages/libs/lib-server/src/basic/exception/auth-exception.ts

@@ -5,10 +5,6 @@ import { BaseException } from './base-exception.js';
  */
 export class AuthException extends BaseException {
   constructor(message) {
-    super(
-      'AuthException',
-      Constants.res.auth.code,
-      message ? message : Constants.res.auth.message
-    );
+    super('AuthException', Constants.res.auth.code, message ? message : Constants.res.auth.message);
   }
 }

packages/libs/lib-server/src/basic/exception/common-exception.ts

@@ -8,3 +8,9 @@ export class CommonException extends BaseException {
     super('CommonException', Constants.res.error.code, message ? message : Constants.res.error.message);
   }
 }
+
+export class CodeException extends BaseException {
+  constructor(res: { code: number; message: string }) {
+    super('CodeException', res.code, res.message);
+  }
+}

packages/libs/lib-server/src/system/basic/index.ts

@@ -1,2 +1,3 @@
 export * from './service/plus-service.js';
 export * from './service/file-service.js';
+export * from './service/encryptor.js';

packages/libs/lib-server/src/system/basic/service/encryptor.ts

@@ -0,0 +1,29 @@
+import crypto from 'crypto';
+
+export class Encryptor {
+  secretKey: Buffer;
+  constructor(encryptSecret: string) {
+    this.secretKey = Buffer.from(encryptSecret, 'base64');
+  }
+  // 加密函数
+  encrypt(text: string) {
+    const iv = crypto.randomBytes(16); // 初始化向量
+    // const secretKey = crypto.randomBytes(32);
+    // const key = Buffer.from(secretKey);
+    const cipher = crypto.createCipheriv('aes-256-cbc', this.secretKey, iv);
+    let encrypted = cipher.update(text);
+    encrypted = Buffer.concat([encrypted, cipher.final()]);
+    return iv.toString('hex') + ':' + encrypted.toString('hex');
+  }
+
+  // 解密函数
+  decrypt(encryptedText: string) {
+    const textParts = encryptedText.split(':');
+    const iv = Buffer.from(textParts.shift(), 'hex');
+    const encrypted = Buffer.from(textParts.join(':'), 'hex');
+    const decipher = crypto.createDecipheriv('aes-256-cbc', Buffer.from(this.secretKey), iv);
+    let decrypted = decipher.update(encrypted);
+    decrypted = Buffer.concat([decrypted, decipher.final()]);
+    return decrypted.toString();
+  }
+}

packages/libs/lib-server/src/user/access/service/encrypt-service.ts

@@ -1,6 +1,5 @@
 import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import crypto from 'crypto';
-import { SysSecret, SysSettingsService } from '../../../system/index.js';
+import { Encryptor, SysSecret, SysSettingsService } from '../../../system/index.js';
 
 /**
  * 授权
@@ -8,7 +7,7 @@ import { SysSecret, SysSettingsService } from '../../../system/index.js';
 @Provide()
 @Scope(ScopeEnum.Singleton)
 export class EncryptService {
-  secretKey: Buffer;
+  encryptor: Encryptor;
 
   @Inject()
   sysSettingService: SysSettingsService;
@@ -16,28 +15,16 @@ export class EncryptService {
   @Init()
   async init() {
     const secret: SysSecret = await this.sysSettingService.getSecret();
-    this.secretKey = Buffer.from(secret.encryptSecret, 'base64');
+    this.encryptor = new Encryptor(secret.encryptSecret);
   }
 
   // 加密函数
   encrypt(text: string) {
-    const iv = crypto.randomBytes(16); // 初始化向量
-    // const secretKey = crypto.randomBytes(32);
-    // const key = Buffer.from(secretKey);
-    const cipher = crypto.createCipheriv('aes-256-cbc', this.secretKey, iv);
-    let encrypted = cipher.update(text);
-    encrypted = Buffer.concat([encrypted, cipher.final()]);
-    return iv.toString('hex') + ':' + encrypted.toString('hex');
+    return this.encryptor.encrypt(text);
   }
 
   // 解密函数
   decrypt(encryptedText: string) {
-    const textParts = encryptedText.split(':');
-    const iv = Buffer.from(textParts.shift(), 'hex');
-    const encrypted = Buffer.from(textParts.join(':'), 'hex');
-    const decipher = crypto.createDecipheriv('aes-256-cbc', Buffer.from(this.secretKey), iv);
-    let decrypted = decipher.update(encrypted);
-    decrypted = Buffer.concat([decrypted, decipher.final()]);
-    return decrypted.toString();
+    return this.encryptor.decrypt(encryptedText);
   }
 }