package com.yeshi.buwan.aspect;
|
|
import com.yeshi.buwan.domain.system.DetailSystem;
|
import com.yeshi.buwan.service.imp.SystemService;
|
import com.yeshi.buwan.util.JsonUtil;
|
import com.yeshi.buwan.util.Utils;
|
import com.yeshi.buwan.vo.AcceptData;
|
import org.aspectj.lang.ProceedingJoinPoint;
|
import org.aspectj.lang.annotation.Around;
|
import org.aspectj.lang.annotation.Aspect;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.context.request.RequestAttributes;
|
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
import org.yeshi.utils.StringUtil;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.PrintWriter;
|
import java.util.*;
|
|
@Component
|
@Aspect
|
public class SignAspect {
|
|
@Resource
|
private SystemService systemService;
|
|
|
//签名验证
|
@Around("execution(public * com.yeshi.buwan.controller.api.*.*(..))")
|
public Object verifySign(ProceedingJoinPoint joinPoint) throws Throwable {
|
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
|
HttpServletRequest request = (HttpServletRequest) requestAttributes.resolveReference(RequestAttributes.REFERENCE_REQUEST);
|
HttpServletResponse response = ((ServletRequestAttributes) requestAttributes).getResponse();
|
PrintWriter out = null;
|
AcceptData acceptData = null;
|
Object[] args = joinPoint.getArgs();
|
for (Object obj : args) {
|
if (obj instanceof AcceptData) {
|
acceptData = (AcceptData) obj;
|
} else if (obj instanceof PrintWriter) {
|
out = (PrintWriter) obj;
|
}
|
}
|
|
|
//如果是Android新版本则调用新的签名方法
|
//布丸3.8.7之后调用新的签名方法
|
|
if (acceptData != null && "android".equalsIgnoreCase(acceptData.getPlatform()) && acceptData.getVersion() >= 105) {
|
String sign = getNewSign(request, "8888B&*@-uWan88/',@@^");
|
|
if (!sign.equalsIgnoreCase(acceptData.getSign())) {
|
if (out == null)
|
out = response.getWriter();
|
out.print(JsonUtil.loadFalseJson("签名错误"));
|
return null;
|
}
|
} else if ("com.xinlian.hjtv.ios".equalsIgnoreCase(acceptData.getPackage())) {
|
//IOS韩剧签名方式
|
String sign = getNewSign(request, "8888B&*@-hanJu88/',@@^");
|
if (!sign.equalsIgnoreCase(acceptData.getSign())) {
|
if (out == null)
|
out = response.getWriter();
|
out.print(JsonUtil.loadFalseJson("签名错误"));
|
return null;
|
}
|
} else {
|
if (!Utils.signIsRight(request)) {
|
if (out == null)
|
out = response.getWriter();
|
out.print(JsonUtil.loadFalseJson("签名错误"));
|
return null;
|
}
|
}
|
|
|
if (acceptData != null) {
|
if ("ios".equalsIgnoreCase(acceptData.getPlatform())) {
|
acceptData.setChannel("appstore");
|
}
|
if (acceptData.getPackageName().equalsIgnoreCase("com.doudou.ysvideo.lite")) {
|
//小米上架使用
|
if (!"xiaomi".equalsIgnoreCase(acceptData.getChannel())) {
|
acceptData.setPackageName("com.doudou.ysvideo");
|
acceptData.setChildPackage("com.doudou.ysvideo.lite");
|
} else {
|
acceptData.setChildPackage("com.doudou.ysvideo.lite");
|
}
|
} else {
|
acceptData.setChildPackage(acceptData.getPackage());
|
}
|
//注入detailSystem
|
DetailSystem detailSystem = systemService.getDetailSystemByPackage(acceptData.getPackageName());
|
acceptData.setDetailSystem(detailSystem);
|
|
detailSystem = systemService.getDetailSystemByPackage(acceptData.getChildPackage());
|
acceptData.setChildDetailSystem(detailSystem);
|
}
|
return joinPoint.proceed(args);
|
}
|
|
|
public static String getNewSign(HttpServletRequest request, String signKey) {
|
Map<String, String[]> params = request.getParameterMap();
|
List<String> list = new ArrayList<>();
|
|
//签名
|
for (Iterator<String> its = params.keySet().iterator(); its.hasNext(); ) {
|
String key = its.next();
|
if ("sign".equalsIgnoreCase(key))
|
continue;
|
list.add(key + "=" + params.get(key)[0]);
|
}
|
|
Collections.sort(list);
|
String str = StringUtil.concat(list, "&");
|
str+=signKey;
|
System.out.println("加密前字符串:"+str);
|
String sign = StringUtil.Md5(str );
|
return sign;
|
}
|
|
|
}
|
