package com.ks.app.aop;
|
|
import com.ks.app.entity.config.SystemConfigKey;
|
import com.ks.app.service.inter.config.SystemConfigService;
|
import com.ks.app.utils.ApiCodeConstant;
|
import com.ks.app.utils.SystemInfoUtil;
|
import com.ks.app.vo.AcceptData;
|
import net.sf.json.JSONObject;
|
import org.aspectj.lang.ProceedingJoinPoint;
|
import org.aspectj.lang.annotation.Around;
|
import org.aspectj.lang.annotation.Aspect;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
import org.yeshi.utils.JsonUtil;
|
import org.yeshi.utils.StringUtil;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import java.io.PrintWriter;
|
import java.util.*;
|
|
//客户端接口签名验证
|
@Component
|
@Aspect
|
@Order(2)
|
public class SignValidate {
|
|
public static final String EDP = "execution(* com.ks.app.controller.client..*.*(..))";
|
|
@Resource
|
private SystemConfigService systemConfigService;
|
|
|
@Around(EDP)
|
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
|
Object[] args = joinPoint.getArgs();
|
PrintWriter out = null;
|
ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
|
.getRequestAttributes();
|
servletContainer.getResponse().setCharacterEncoding("UTF-8");
|
|
HttpServletRequest request = servletContainer.getRequest();
|
|
AcceptData acceptData = null;
|
for (Object obj : args) {
|
if (obj instanceof AcceptData) {
|
acceptData = (AcceptData) obj;
|
} else if (obj instanceof HttpServletRequest) {
|
request = (HttpServletRequest) obj;
|
}
|
}
|
|
if (acceptData == null) {
|
out = servletContainer.getResponse().getWriter();
|
out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_SIGN_ERROR, "签名错误"));
|
return null;
|
}
|
|
boolean isRight = signIsRight(request, acceptData);
|
// 签名是否正确
|
if (isRight) {
|
// 判断签名超时
|
if (Math.abs((acceptData.getTimestamp() - System.currentTimeMillis())) > 1000 * 60 * 10) {
|
out = servletContainer.getResponse().getWriter();
|
out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_OUT_TIME, "时间错误"));
|
return null;
|
}
|
|
if (acceptData != null) {
|
acceptData.setSystem(SystemInfoUtil.getSystem(acceptData.getPlatform(), acceptData.getPackages()));
|
}
|
// final String url = request.getRequestURI();
|
// final Map<String, String[]> params = request.getParameterMap();
|
// ThreadUtil.run(new Runnable() {
|
// @Override
|
// public void run() {
|
// // 记录请求日志
|
// LogHelper.requestInfo(url, params);
|
// }
|
// });
|
|
Object obj = null;
|
try {
|
long startTime = System.currentTimeMillis();
|
obj = joinPoint.proceed(args);
|
|
|
} catch (Throwable e) {
|
e.printStackTrace();
|
out = servletContainer.getResponse().getWriter();
|
out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_ERROR_IN_SERVER, "服务器内部错误"));
|
return null;
|
}
|
return obj;
|
} else {
|
out = servletContainer.getResponse().getWriter();
|
out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_SIGN_ERROR, "签名错误"));
|
return null;
|
}
|
}
|
|
private String getHttpServletParams(HttpServletRequest request) {
|
if (request == null) {
|
return "";
|
}
|
Map map = request.getParameterMap();
|
if (map != null) {
|
Iterator<String> its = map.keySet().iterator();
|
JSONObject json = new JSONObject();
|
while (its.hasNext()) {
|
String next = its.next();
|
if (map.get(next) != null) {
|
Object[] objects = (Object[]) map.get(next);
|
if (objects != null && objects.length > 0) {
|
json.put(next, objects[0].toString());
|
}
|
}
|
}
|
return json.toString();
|
}
|
return "";
|
}
|
|
|
/**
|
* 判断签名的正确性 Android version>50
|
*
|
* @param request
|
* @return
|
*/
|
private boolean signIsRight(HttpServletRequest request, AcceptData acceptData) {
|
Map<String, String[]> map = request.getParameterMap();
|
Iterator<String> its = map.keySet().iterator();
|
List<String> list = new ArrayList<>();
|
|
while (its.hasNext()) {
|
String key = its.next();
|
if (key.equalsIgnoreCase("sign") || key.equalsIgnoreCase("callback") || key.equalsIgnoreCase("_")) {
|
continue;
|
}
|
String[] values = map.get(key);
|
list.add(key + "=" + values[0]);
|
}
|
Collections.sort(list);
|
String str = "";
|
for (String st : list) {
|
str += st + "&";
|
}
|
String key = systemConfigService.getValueCache(acceptData.getSystem(), SystemConfigKey.signKey);
|
String sign = StringUtil.Md5(str + key);
|
if (sign.equalsIgnoreCase(request.getParameter("sign") + "")) {
|
return true;
|
} else {
|
return false;
|
}
|
}
|
|
|
}
|
