From 81da61b828e29b7745e1382dfbbaeb685dc083ef Mon Sep 17 00:00:00 2001
From: admin <weikou2014>
Date: 星期二, 23 一月 2024 17:17:55 +0800
Subject: [PATCH] 抖音转链修改
---
fanli/src/main/java/com/yeshi/fanli/aspect/SignValidateAspect.java | 454 +++++++++++++++++++++++++++++++-------------------------
1 files changed, 250 insertions(+), 204 deletions(-)
diff --git a/fanli/src/main/java/com/yeshi/fanli/aspect/SignValidateAspect.java b/fanli/src/main/java/com/yeshi/fanli/aspect/SignValidateAspect.java
index de97d29..c963981 100644
--- a/fanli/src/main/java/com/yeshi/fanli/aspect/SignValidateAspect.java
+++ b/fanli/src/main/java/com/yeshi/fanli/aspect/SignValidateAspect.java
@@ -1,204 +1,250 @@
-package com.yeshi.fanli.aspect;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-import org.yeshi.utils.JsonUtil;
-
-import com.yeshi.fanli.entity.accept.AcceptData;
-import com.yeshi.fanli.log.LogHelper;
-import com.yeshi.fanli.util.Constant;
-import com.yeshi.fanli.util.StringUtil;
-
-import net.sf.json.JSONObject;
-
-//瀹㈡埛绔帴鍙g鍚嶉獙璇�
-@Component
-@Aspect
-@Order(2)
-public class SignValidateAspect {
- public static final String EDP = "execution(* com.yeshi.fanli.controller.client.*.*(..))";
-
- public static String KEY = "";
-
- static {
- KEY = Constant.systemCommonConfig.getSignKey();
- }
-
- @Around(EDP)
- public Object testAround(ProceedingJoinPoint joinPoint) throws IOException {
- Object[] args = joinPoint.getArgs();
- PrintWriter out = null;
- ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
- .getRequestAttributes();
-
- out = servletContainer.getResponse().getWriter();
- HttpServletRequest request = servletContainer.getRequest();
-
- AcceptData acceptData = null;
- for (Object obj : args) {
- if (obj instanceof AcceptData) {
- acceptData = (AcceptData) obj;
- } else if (obj instanceof HttpServletRequest) {
- request = (HttpServletRequest) obj;
- }
- }
- boolean isRight = true;
- if (acceptData == null) {
- out.print(JsonUtil.loadFalseResult(-1, "绛惧悕閿欒"));
- return null;
- }
-
- isRight = false;
-
- if ((acceptData.getPlatform() != null && acceptData.getPlatform().equalsIgnoreCase("android")
- && acceptData.getVersion() != null && Integer.parseInt(acceptData.getVersion()) > 21)
- || (acceptData.getPlatform() != null && acceptData.getPlatform().equalsIgnoreCase("ios")
- && acceptData.getVersion() != null && Integer.parseInt(acceptData.getVersion()) > 24)) {
- isRight = signIsRight(request);
- } else if (acceptData.getPackages().startsWith("com.haicaojie")) {
- isRight = signIsRight(request);
- } else {
- isRight = signIsRight(acceptData);
- }
- // if (Integer.parseInt(acceptData.getVersion()) > 21) {
- // isRight = signIsRight(request);
- // } else {
- // isRight = signIsRight(acceptData);
- // }
-
- // 绛惧悕鏄惁姝g‘
- if (isRight) {
- // 鍒ゆ柇绛惧悕瓒呮椂
- // if (Math.abs((Long.parseLong(acceptData.getTime()) -
- // System.currentTimeMillis())) > 1000 * 60 * 10) {
- // JSONObject data = new JSONObject();
- // data.put("code", -2);
- // data.put("msg", "鏃堕棿閿欒");
- // out.print(data);
- // out.close();
- // return null;
- // }
- // uid
-
- Object obj = null;
- try {
- obj = joinPoint.proceed(args);
- } catch (Throwable e) {
- e.printStackTrace();
- try {
- LogHelper.errorDetailInfo(e, getHttpServletParams(request), request.getRequestURI().toString());
- } catch (Exception e1) {
- e1.printStackTrace();
- }
- }
- return obj;
- } else {
- JSONObject data = new JSONObject();
- data.put("code", -1);
- data.put("msg", "绛惧悕閿欒");
- out.print(data);
- out.close();
- LogHelper.error("绛惧悕閿欒:" + getHttpServletParams(request));
- return null;
- }
- }
-
- private String getHttpServletParams(HttpServletRequest request) {
- if (request == null) {
- return "";
- }
- Map map = request.getParameterMap();
- if (map != null) {
- Iterator<String> its = map.keySet().iterator();
- JSONObject json = new JSONObject();
- while (its.hasNext()) {
- String next = its.next();
- if (map.get(next) != null) {
- Object[] objects = (Object[]) map.get(next);
- if (objects != null && objects.length > 0) {
- json.put(next, objects[0].toString());
- }
- }
- }
- return json.toString();
- }
- return "";
- }
-
- private boolean signIsRight(AcceptData acceptData) {
- String[] arr = new String[] { acceptData.getApiversion(), acceptData.getAppkey(), acceptData.getDevice(),
- acceptData.getPackages(), acceptData.getPlatform(), acceptData.getTime(), acceptData.getVersion() };
- Arrays.sort(arr);
- StringBuffer sb = new StringBuffer();
- for (String val : arr) {
- sb.append(val);
- }
- String md5 = StringUtil.Md5(sb.toString() + KEY);
- if (!md5.equals(acceptData.getSign())) {
- return false;
- } else {
- return true;
- }
- }
-
- /**
- * 鍒ゆ柇绛惧悕鐨勬纭�� Android version>50
- *
- * @param request
- * @return
- */
- @SuppressWarnings("unchecked")
- private boolean signIsRight(HttpServletRequest request) {
- Map<String, Object> map = request.getParameterMap();
- Iterator<String> its = map.keySet().iterator();
- List<String> list = new ArrayList<>();
- boolean fromWEB = false;
-
- while (its.hasNext()) {
- String key = its.next();
-
- if (key.equalsIgnoreCase("callback")) {
- fromWEB = true;
- }
-
- if (key.equalsIgnoreCase("sign") || key.equalsIgnoreCase("callback") || key.equalsIgnoreCase("_")) {
- continue;
- }
- Object value = map.get(key);
- Object[] values = (Object[]) value;
- list.add(key + "=" + values[0].toString());
- }
- Collections.sort(list);
- String str = "";
- for (String st : list) {
- str += st + "&";
- }
- String sign = null;
- if (!fromWEB)
- sign = StringUtil.Md5(str + KEY);
- else
- sign = StringUtil.Md5(str + Constant.WEBPAGE_SIGN_KEY);
- if (sign.equalsIgnoreCase(request.getParameter("sign") + "")) {
- return true;
- } else {
- return false;
- }
- }
-
-}
+package com.yeshi.fanli.aspect;
+
+import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import com.yeshi.fanli.util.SystemInfoUtil;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.yeshi.utils.JsonUtil;
+
+import com.yeshi.fanli.entity.accept.AcceptData;
+import com.yeshi.fanli.log.LogHelper;
+import com.yeshi.fanli.util.Constant;
+import com.yeshi.fanli.util.StringUtil;
+import com.yeshi.fanli.util.ThreadUtil;
+
+import net.sf.json.JSONObject;
+import org.yeshi.utils.SystemUtil;
+
+//瀹㈡埛绔帴鍙g鍚嶉獙璇�
+@Component
+@Aspect
+@Order(2)
+public class SignValidateAspect {
+ public static final String EDP = "execution(* com.yeshi.fanli.controller.client.*.*.*(..))";
+
+ public static String KEY = "";
+
+ static {
+ KEY = Constant.systemCommonConfig.getSignKey();
+ }
+
+ @Around(EDP)
+ public Object testAround(ProceedingJoinPoint joinPoint) throws Throwable {
+ Object[] args = joinPoint.getArgs();
+ PrintWriter out = null;
+ ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
+ .getRequestAttributes();
+
+ out = servletContainer.getResponse().getWriter();
+ HttpServletRequest request = servletContainer.getRequest();
+
+ AcceptData acceptData = null;
+ for (Object obj : args) {
+ if (obj instanceof AcceptData) {
+ acceptData = (AcceptData) obj;
+ } else if (obj instanceof HttpServletRequest) {
+ request = (HttpServletRequest) obj;
+ }
+ }
+ boolean isRight = true;
+ if (acceptData == null) {
+ out.print(JsonUtil.loadFalseResult(-1, "绛惧悕閿欒"));
+ return null;
+ }
+
+ isRight = false;
+
+ if ((acceptData.getPlatform() != null && acceptData.getPlatform().equalsIgnoreCase("android")
+ && acceptData.getVersion() != null && Integer.parseInt(acceptData.getVersion()) > 21)
+ || (acceptData.getPlatform() != null && acceptData.getPlatform().equalsIgnoreCase("ios")
+ && acceptData.getVersion() != null && Integer.parseInt(acceptData.getVersion()) > 24)) {
+ isRight = signIsRight(request);
+ } else if (acceptData.getPackages().startsWith("com.haicaojie")) {
+ isRight = signIsRight(request);
+ } else {
+ isRight = signIsRight(acceptData);
+ }
+ // if (Integer.parseInt(acceptData.getVersion()) > 21) {
+ // isRight = signIsRight(request);
+ // } else {
+ // isRight = signIsRight(acceptData);
+ // }
+
+ // 绛惧悕鏄惁姝g‘
+ if (isRight) {
+ // 鍒ゆ柇绛惧悕瓒呮椂
+ if (Math.abs((Long.parseLong(acceptData.getTime()) - System.currentTimeMillis())) > 1000 * 60 * 10) {
+ JSONObject data = new JSONObject();
+ data.put("code", -2);
+ data.put("msg", "鏃堕棿閿欒");
+ out.print(data);
+ out.close();
+ return null;
+ }
+
+ if (acceptData != null)
+ acceptData.setSystem(SystemInfoUtil.getSystem(acceptData));
+
+ final String url = request.getRequestURI();
+ @SuppressWarnings("unchecked") final Map<String, String[]> params = request.getParameterMap();
+ ThreadUtil.run(new Runnable() {
+ @Override
+ public void run() {
+ // 璁板綍璇锋眰鏃ュ織
+ LogHelper.requestInfo(url, params);
+ }
+ });
+
+ Object obj = null;
+ try {
+ long startTime = System.currentTimeMillis();
+ obj = joinPoint.proceed(args);
+ final long responseTime = System.currentTimeMillis() - startTime;
+ // 璁板綍澶т簬2s鐨勮姹�
+ if (responseTime >= 2000) {
+ ThreadUtil.run(new Runnable() {
+
+ @Override
+ public void run() {
+ LogHelper.requestTime(url, params, responseTime);
+ }
+ });
+
+ }
+
+ } catch (Throwable e) {
+ LogHelper.errorDetailInfo(e, getHttpServletParams(request), request.getRequestURI().toString());
+ if (!Constant.IS_TEST)
+ out.print(JsonUtil.loadFalseResult(90009, "鏈嶅姟鍣ㄥ唴閮ㄩ敊璇�"));
+ else
+ throw e;
+ }
+ return obj;
+ } else {
+ JSONObject data = new JSONObject();
+ data.put("code", -1);
+ data.put("msg", "绛惧悕閿欒");
+ out.print(data);
+ out.close();
+ LogHelper.error("绛惧悕閿欒:" + request.getRequestURI() + "-" + getHttpServletParams(request));
+ return null;
+ }
+ }
+
+ private String getHttpServletParams(HttpServletRequest request) {
+ if (request == null) {
+ return "";
+ }
+ Map map = request.getParameterMap();
+ if (map != null) {
+ Iterator<String> its = map.keySet().iterator();
+ JSONObject json = new JSONObject();
+ while (its.hasNext()) {
+ String next = its.next();
+ if (map.get(next) != null) {
+ Object[] objects = (Object[]) map.get(next);
+ if (objects != null && objects.length > 0) {
+ json.put(next, objects[0].toString());
+ }
+ }
+ }
+ return json.toString();
+ }
+ return "";
+ }
+
+ private boolean signIsRight(AcceptData acceptData) {
+ String[] arr = new String[]{acceptData.getApiversion(), acceptData.getAppkey(), acceptData.getDevice(),
+ acceptData.getPackages(), acceptData.getPlatform(), acceptData.getTime(), acceptData.getVersion()};
+ Arrays.sort(arr);
+ StringBuffer sb = new StringBuffer();
+ for (String val : arr) {
+ sb.append(val);
+ }
+ String md5 = StringUtil.Md5(sb.toString() + KEY);
+ if (!md5.equals(acceptData.getSign())) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * 鍒ゆ柇绛惧悕鐨勬纭�� Android version>50
+ *
+ * @param request
+ * @return
+ */
+ @SuppressWarnings("unchecked")
+ private boolean signIsRight(HttpServletRequest request) {
+ Map<String, String[]> map = request.getParameterMap();
+ Iterator<String> its = map.keySet().iterator();
+ List<String> list = new ArrayList<>();
+ boolean fromWEB = false;
+
+ while (its.hasNext()) {
+ String key = its.next();
+
+ // if (key.equalsIgnoreCase("callback")) {
+ // fromWEB = true;
+ // }
+
+ if (key.equalsIgnoreCase("sign") || key.equalsIgnoreCase("callback") || key.equalsIgnoreCase("_")) {
+ continue;
+ }
+ String[] values = map.get(key);
+ list.add(key + "=" + values[0]);
+ }
+ Collections.sort(list);
+ String str = "";
+ for (String st : list) {
+ str += st + "&";
+ }
+ String sign = null;
+ if (!fromWEB)
+ sign = StringUtil.Md5(str + KEY);
+ else
+ sign = StringUtil.Md5(str + Constant.WEBPAGE_SIGN_KEY);
+ if (sign.equalsIgnoreCase(request.getParameter("sign") + "")) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean signIsRight(JSONObject json) {
+ List<String> list = new ArrayList<>();
+ for (Iterator<String> its = json.keySet().iterator(); its.hasNext(); ) {
+ String key = its.next();
+ if (!key.equalsIgnoreCase("sign"))
+ list.add(key + "=" + json.optString(key));
+ }
+ Collections.sort(list);
+ String str = "";
+ for (String st : list) {
+ str += st + "&";
+ }
+ String sign = StringUtil.Md5(str + KEY);
+ if (sign.equalsIgnoreCase(json.optString("sign"))) {
+ return true;
+ } else {
+ return false;
+ }
+
+ }
+
+}
--
Gitblit v1.8.0