package com.ks.daylucky.aspect;
|
|
import org.aspectj.lang.ProceedingJoinPoint;
|
import org.aspectj.lang.annotation.Around;
|
import org.aspectj.lang.annotation.Aspect;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
import org.yeshi.utils.JsonUtil;
|
import org.yeshi.utils.StringUtil;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.validation.Validator;
|
import java.io.PrintWriter;
|
import java.util.*;
|
|
/**
|
* 参数检查AOP
|
*/
|
@Aspect
|
@Order(1)
|
@Component
|
public class ApiClientSignAspect {
|
|
public static final String EDP = "execution(* com.ks.daylucky.controller.api.client.**.*(..))";
|
private final static String SECRET = "123123123";
|
|
@Around(EDP)
|
public Object validSign(ProceedingJoinPoint joinPoint) throws Throwable {
|
ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
|
.getRequestAttributes();
|
PrintWriter out = servletContainer.getResponse().getWriter();
|
HttpServletRequest request = servletContainer.getRequest();
|
Map<String, String[]> paramsMap = request.getParameterMap();
|
List<String> dataSource = new ArrayList<>();
|
for (Iterator<String> its = paramsMap.keySet().iterator(); its.hasNext(); ) {
|
String key = its.next();
|
if (!key.equalsIgnoreCase("sign")) {
|
dataSource.add(key + "=" + paramsMap.get(key).toString());
|
}
|
}
|
Collections.sort(dataSource);
|
|
String sign = StringUtil.Md5(StringUtil.concat(dataSource, "") + SECRET);
|
|
if (!sign.equalsIgnoreCase(paramsMap.get("sign") + "")) {
|
//签名出错
|
out.print(JsonUtil.loadFalseResult(-1, "签名出错"));
|
out.close();
|
}
|
return joinPoint.proceed(joinPoint.getArgs());
|
}
|
|
|
}
|
