bug修复

admin

2022-04-16 04f09e52ffd4681bdfd85e51acd3da0d1280c3d3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package com.yeshi.buwan.aspect;
 
import com.yeshi.buwan.util.JsonUtil;
import com.yeshi.buwan.util.StringUtil;
import com.yeshi.buwan.util.api.ClientApiUtil;
import com.yeshi.buwan.vo.AcceptData;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
 
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.util.*;
 
@Component
@Aspect
public class MuGuaSignAspect {
 
    @Resource
    private ClientApiUtil clientApiUtil;
 
 
    //签名验证
    @Around("execution(public * com.yeshi.buwan.controller.api.mugua.*.*(..))")
    public Object verifySign(ProceedingJoinPoint joinPoint) throws Throwable {
        ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = servletContainer.getRequest();
        HttpServletResponse response = servletContainer.getResponse();
        PrintWriter out = null;
 
        Object[] args = joinPoint.getArgs();
        for (Object obj : args) {
            if (obj instanceof AcceptData) {
                AcceptData acceptData = (AcceptData) obj;
                clientApiUtil.initBaseParams(acceptData);
            } else if (obj instanceof PrintWriter) {
                out = (PrintWriter) obj;
            }
        }
 
        if (!signIsRight(request)) {
            if (out == null)
                out = response.getWriter();
            out.print(JsonUtil.loadFalseJson("签名错误3"));
            return null;
        }
 
        Object obj = joinPoint.proceed(args);
        return obj;
    }
 
    private boolean signIsRight(HttpServletRequest request) {
        String appSecret = "123123123";
        Map<String, String[]> params = request.getParameterMap();
        List<String> list = new ArrayList<>();
        for (Iterator<String> its = params.keySet().iterator(); its.hasNext(); ) {
            String key = its.next();
            if (key.equalsIgnoreCase("sign")) {
                continue;
            }
            list.add(key + "=" + params.get(key)[0]);
        }
        Collections.sort(list);
        String sign = StringUtil.Md5(StringUtil.join(list, "&") + appSecret);
        if (sign.equalsIgnoreCase(params.get("sign")[0])) {
            return true;
        }
        return false;
    }
 
 
}