From ff7fc594d02b5e9c54251bc18cf61235f72b17c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=8E=AB=E5=B0=8F=E6=B3=A2?=
 <moxiaobo@cmii.chinamobile.com>
Date: Tue, 2 Sep 2025 09:29:07 +0800
Subject: [PATCH 1/2] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=20=E6=97=A2?=
 =?UTF-8?q?=E7=84=B6sse=E8=BF=9E=E6=8E=A5=E9=9C=80=E8=A6=81=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=EF=BC=8C=E5=B0=B1=E4=B8=8D=E5=86=8D=E5=8D=95=E7=8B=AC?=
 =?UTF-8?q?=E6=8E=92=E9=99=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/dromara/common/security/config/SecurityConfig.java  | 6 +-----
 .../org/dromara/common/sse/controller/SseController.java    | 3 ---
 2 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
index 21f2c113c..be5bcffe4 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
@@ -17,7 +17,6 @@ import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.security.config.properties.SecurityProperties;
 import org.dromara.common.security.handler.AllUrlHandler;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
@@ -37,8 +36,6 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 public class SecurityConfig implements WebMvcConfigurer {
 
     private final SecurityProperties securityProperties;
-    @Value("${sse.path}")
-    private String ssePath;
 
     /**
      * 注册sa-token的拦截器
@@ -78,8 +75,7 @@ public class SecurityConfig implements WebMvcConfigurer {
                     });
             })).addPathPatterns("/**")
             // 排除不需要拦截的路径
-            .excludePathPatterns(securityProperties.getExcludes())
-            .excludePathPatterns(ssePath);
+            .excludePathPatterns(securityProperties.getExcludes());
     }
 
     /**
diff --git a/ruoyi-common/ruoyi-common-sse/src/main/java/org/dromara/common/sse/controller/SseController.java b/ruoyi-common/ruoyi-common-sse/src/main/java/org/dromara/common/sse/controller/SseController.java
index f77b5b585..c216cc0b9 100644
--- a/ruoyi-common/ruoyi-common-sse/src/main/java/org/dromara/common/sse/controller/SseController.java
+++ b/ruoyi-common/ruoyi-common-sse/src/main/java/org/dromara/common/sse/controller/SseController.java
@@ -30,9 +30,6 @@ public class SseController implements DisposableBean {
      */
     @GetMapping(value = "${sse.path}", produces = MediaType.TEXT_EVENT_STREAM_VALUE)
     public SseEmitter connect() {
-        if (!StpUtil.isLogin()) {
-            return null;
-        }
         String tokenValue = StpUtil.getTokenValue();
         Long userId = LoginHelper.getUserId();
         return sseEmitterManager.connect(userId, tokenValue);
-- 
Gitee


From ea39be41bcbc04cd772b782e65f36ef47cc03bf8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=8E=AB=E5=B0=8F=E6=B3=A2?=
 <moxiaobo@cmii.chinamobile.com>
Date: Wed, 3 Sep 2025 13:38:14 +0800
Subject: [PATCH 2/2] =?UTF-8?q?add=20=E6=B7=BB=E5=8A=A0=E8=A7=A3=E5=AF=86?=
 =?UTF-8?q?=E7=BB=8F=20@ApiEncrypt=20=E5=8A=A0=E5=AF=86=E5=90=8E=E7=9A=84?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=AF=B7=E6=B1=82/=E5=93=8D=E5=BA=94?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/main/resources/application.yml        |  2 +
 .../properties/ApiDecryptProperties.java      | 10 ++++
 .../decrypt/SysDecryptController.java         | 56 +++++++++++++++++++
 .../system/domain/bo/SysDecryptBo.java        | 21 +++++++
 .../system/domain/vo/SysDecryptVo.java        | 18 ++++++
 5 files changed, 107 insertions(+)
 create mode 100644 ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/decrypt/SysDecryptController.java
 create mode 100644 ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysDecryptBo.java
 create mode 100644 ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysDecryptVo.java

diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 866b8f1a2..501df3395 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -176,10 +176,12 @@ api-decrypt:
   headerFlag: encrypt-key
   # 响应加密公钥 非对称算法的公私钥 如：SM2，RSA 使用者请自行更换
   # 对应前端解密私钥 MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAmc3CuPiGL/LcIIm7zryCEIbl1SPzBkr75E2VMtxegyZ1lYRD+7TZGAPkvIsBcaMs6Nsy0L78n2qh+lIZMpLH8wIDAQABAkEAk82Mhz0tlv6IVCyIcw/s3f0E+WLmtPFyR9/WtV3Y5aaejUkU60JpX4m5xNR2VaqOLTZAYjW8Wy0aXr3zYIhhQQIhAMfqR9oFdYw1J9SsNc+CrhugAvKTi0+BF6VoL6psWhvbAiEAxPPNTmrkmrXwdm/pQQu3UOQmc2vCZ5tiKpW10CgJi8kCIFGkL6utxw93Ncj4exE/gPLvKcT+1Emnoox+O9kRXss5AiAMtYLJDaLEzPrAWcZeeSgSIzbL+ecokmFKSDDcRske6QIgSMkHedwND1olF8vlKsJUGK3BcdtM8w4Xq7BpSBwsloE=
+  privateKeyResponse: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAmc3CuPiGL/LcIIm7zryCEIbl1SPzBkr75E2VMtxegyZ1lYRD+7TZGAPkvIsBcaMs6Nsy0L78n2qh+lIZMpLH8wIDAQABAkEAk82Mhz0tlv6IVCyIcw/s3f0E+WLmtPFyR9/WtV3Y5aaejUkU60JpX4m5xNR2VaqOLTZAYjW8Wy0aXr3zYIhhQQIhAMfqR9oFdYw1J9SsNc+CrhugAvKTi0+BF6VoL6psWhvbAiEAxPPNTmrkmrXwdm/pQQu3UOQmc2vCZ5tiKpW10CgJi8kCIFGkL6utxw93Ncj4exE/gPLvKcT+1Emnoox+O9kRXss5AiAMtYLJDaLEzPrAWcZeeSgSIzbL+ecokmFKSDDcRske6QIgSMkHedwND1olF8vlKsJUGK3BcdtM8w4Xq7BpSBwsloE=
   publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJnNwrj4hi/y3CCJu868ghCG5dUj8wZK++RNlTLcXoMmdZWEQ/u02RgD5LyLAXGjLOjbMtC+/J9qofpSGTKSx/MCAwEAAQ==
   # 请求解密私钥 非对称算法的公私钥 如：SM2，RSA 使用者请自行更换
   # 对应前端加密公钥 MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ==
   privateKey: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y=
+  publicKeyRequest: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ==
 
 springdoc:
   api-docs:
diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
index 6aadb3e03..35367734f 100644
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
@@ -21,6 +21,11 @@ public class ApiDecryptProperties {
      */
     private String headerFlag;
 
+    /**
+     * 响应加密私钥
+     */
+    private String privateKeyResponse;
+
     /**
      * 响应加密公钥
      */
@@ -31,4 +36,9 @@ public class ApiDecryptProperties {
      */
     private String privateKey;
 
+    /**
+     * 请求解密公钥
+     */
+    private String publicKeyRequest;
+
 }
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/decrypt/SysDecryptController.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/decrypt/SysDecryptController.java
new file mode 100644
index 000000000..8653b6567
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/decrypt/SysDecryptController.java
@@ -0,0 +1,56 @@
+package org.dromara.system.controller.decrypt;
+
+import org.dromara.common.core.domain.R;
+import org.dromara.system.domain.bo.SysDecryptBo;
+import org.dromara.system.domain.vo.SysDecryptVo;
+import org.dromara.common.encrypt.properties.ApiDecryptProperties;
+import org.dromara.common.encrypt.utils.EncryptUtils;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import lombok.RequiredArgsConstructor;
+
+/**
+ * 请求/响应解密
+ */
+@Validated
+@RequiredArgsConstructor
+@RestController
+@RequestMapping("/tool/decrypt")
+public class SysDecryptController {
+
+    private final ApiDecryptProperties properties;
+
+    /**
+     * 请求解密
+     */
+    @PostMapping("/request")
+    @SaCheckPermission("tool:decrypt:query")
+    public R<SysDecryptVo> decryptRequest(@Validated @RequestBody SysDecryptBo bo) {
+        String aesKey = EncryptUtils.decryptByRsa(bo.getEncryptKey(), properties.getPrivateKey());
+        String data = EncryptUtils.decryptByAes(bo.getData(), EncryptUtils.decryptByBase64(aesKey));
+        SysDecryptVo vo = new SysDecryptVo();
+        vo.setAesKey(aesKey);
+        vo.setData(data);
+        return R.ok(vo);
+    }
+
+    /**
+     * 响应解密
+     */
+    @PostMapping("/response")
+    @SaCheckPermission("tool:decrypt:query")
+    public R<SysDecryptVo> decryptResponse(@Validated @RequestBody SysDecryptBo bo) {
+        String aesKey = EncryptUtils.decryptByRsa(bo.getEncryptKey(), properties.getPrivateKeyResponse());
+        String data = EncryptUtils.decryptByAes(bo.getData(), EncryptUtils.decryptByBase64(aesKey));
+        SysDecryptVo vo = new SysDecryptVo();
+        vo.setAesKey(aesKey);
+        vo.setData(data);
+        return R.ok(vo);
+    }
+
+}
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysDecryptBo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysDecryptBo.java
new file mode 100644
index 000000000..0bfa9d518
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysDecryptBo.java
@@ -0,0 +1,21 @@
+package org.dromara.system.domain.bo;
+
+import jakarta.validation.constraints.NotEmpty;
+import lombok.Data;
+
+@Data
+public class SysDecryptBo {
+
+    /**
+     * AES 秘钥经 RSA 加密后的内容，对应 header 的 encrypt-key 值
+     */
+    @NotEmpty(message = "encryptKey 不能为空")
+    private String encryptKey;
+
+    /**
+     * 待解密数据
+     */
+    @NotEmpty(message = "待解密数据不能为空")
+    private String data;
+
+}
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysDecryptVo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysDecryptVo.java
new file mode 100644
index 000000000..c35b1917e
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysDecryptVo.java
@@ -0,0 +1,18 @@
+package org.dromara.system.domain.vo;
+
+import lombok.Data;
+
+@Data
+public class SysDecryptVo {
+
+    /**
+     * 经 RSA 解密后的 AES 秘钥
+     */
+    private String aesKey;
+
+    /**
+     * 解密后的数据
+     */
+    private String data;
+
+}
-- 
Gitee