Keng..
This commit is contained in:
zz
parent
b332702b8b
commit
31a9e30808
@ -70,6 +70,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
|||||||
Scanner scanner = new Scanner(requestWrapper.getInputStream(), "UTF-8").useDelimiter("\\A");
|
Scanner scanner = new Scanner(requestWrapper.getInputStream(), "UTF-8").useDelimiter("\\A");
|
||||||
String bodyString = scanner.hasNext() ? scanner.next() : null;
|
String bodyString = scanner.hasNext() ? scanner.next() : null;
|
||||||
log.debug("in.enc: {}", bodyString);
|
log.debug("in.enc: {}", bodyString);
|
||||||
|
CommonResponse resp = new CommonResponse();
|
||||||
if (!ObjectUtils.isEmpty(bodyString)) {
|
if (!ObjectUtils.isEmpty(bodyString)) {
|
||||||
String servletPath = request.getServletPath();
|
String servletPath = request.getServletPath();
|
||||||
log.debug("servletPath: " + servletPath);
|
log.debug("servletPath: " + servletPath);
|
||||||
@ -77,68 +78,75 @@ public class EvcsFilter extends OncePerRequestFilter {
|
|||||||
String operatorId = commonRequest.getOperatorId();
|
String operatorId = commonRequest.getOperatorId();
|
||||||
String authorization = request.getHeader("Authorization");
|
String authorization = request.getHeader("Authorization");
|
||||||
log.debug("Authorization: {}", authorization);
|
log.debug("Authorization: {}", authorization);
|
||||||
AuthSecretToken authSecretTokenIn;
|
AuthSecretToken authSecretTokenIn = null;
|
||||||
Date now = Calendar.getInstance().getTime();
|
Date now = Calendar.getInstance().getTime();
|
||||||
ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(response);
|
ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(response);
|
||||||
if (servletPath.endsWith("query_token")) {
|
if (servletPath.endsWith("query_token")) {
|
||||||
if (!handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId,
|
authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId,
|
||||||
responseWrapper)) return;
|
AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null);
|
||||||
}
|
handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId,
|
||||||
if (authorization != null && authorization.startsWith("Bearer ")) {
|
responseWrapper, authSecretTokenIn);
|
||||||
String token = authorization.replace("Bearer ", "");
|
} else {
|
||||||
authSecretTokenIn =
|
if (authorization != null && authorization.startsWith("Bearer ")) {
|
||||||
authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenTypeAndTokenExpiryGreaterThan(
|
String token = authorization.replace("Bearer ", "");
|
||||||
operatorId, AuthSecretToken.SECRET_TOKEN_TYPE_IN, now).orElse(null);
|
authSecretTokenIn =
|
||||||
if (authSecretTokenIn == null) {
|
authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenTypeAndTokenExpiryGreaterThan(
|
||||||
CommonResponse resp = new CommonResponse();
|
operatorId, AuthSecretToken.SECRET_TOKEN_TYPE_IN, now).orElse(null);
|
||||||
resp.setRet("4003");
|
if (authSecretTokenIn == null) {
|
||||||
resp.setMsg("Invalid token");
|
resp.setRet("4002");
|
||||||
|
resp.setMsg("Invalid token(db)");
|
||||||
|
String data = JSONUtil.toJSONString(resp);
|
||||||
|
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||||
|
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||||
|
chain.doFilter(requestWrapper, responseWrapper);
|
||||||
|
return;
|
||||||
|
} else if (!token.equals(authSecretTokenIn.getToken())) {
|
||||||
|
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
|
||||||
|
resp.setRet("4002"); // todo YBD...
|
||||||
|
resp.setMsg("Invalid token(inequal)");
|
||||||
|
String data = JSONUtil.toJSONString(resp);
|
||||||
|
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||||
|
// responseWrapper = new ContentCachingResponseWrapper(response);
|
||||||
|
// chain.doFilter(requestWrapper, responseWrapper);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
|
||||||
|
resp.setRet("4002");
|
||||||
|
resp.setMsg("Authorization header is not present or invalid");
|
||||||
String data = JSONUtil.toJSONString(resp);
|
String data = JSONUtil.toJSONString(resp);
|
||||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||||
chain.doFilter(requestWrapper, responseWrapper);
|
chain.doFilter(requestWrapper, responseWrapper);
|
||||||
return;
|
return;
|
||||||
} else if (!token.equals(authSecretTokenIn.getToken())) {
|
|
||||||
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
|
|
||||||
}
|
}
|
||||||
} else {
|
//decrypt request
|
||||||
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
|
byte[] decryptedReq = null;
|
||||||
CommonResponse resp = new CommonResponse();
|
String erroMsg = "Decryption error";
|
||||||
resp.setRet("4003");
|
try {
|
||||||
resp.setMsg("Authorization header is not present or invalid");
|
|
||||||
String data = JSONUtil.toJSONString(resp);
|
|
||||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
|
||||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
|
||||||
chain.doFilter(requestWrapper, responseWrapper);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
//decrypt request
|
|
||||||
byte[] decryptedReq = null;
|
|
||||||
String erroMsg = "Decryption error";
|
|
||||||
CommonResponse resp = new CommonResponse();
|
|
||||||
try {
|
|
||||||
// if (authSecretTokenIn.isEncrypt() && !"false".equals(encin)) { // test code
|
// if (authSecretTokenIn.isEncrypt() && !"false".equals(encin)) { // test code
|
||||||
decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
|
decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
|
||||||
// } else {
|
// } else {
|
||||||
// String data = commonRequest.getData();
|
// String data = commonRequest.getData();
|
||||||
// if (data == null) data = bodyString;
|
// if (data == null) data = bodyString;
|
||||||
// decryptedReq = data.getBytes(StandardCharsets.UTF_8);
|
// decryptedReq = data.getBytes(StandardCharsets.UTF_8);
|
||||||
// }
|
// }
|
||||||
commonRequest.setData(new String(decryptedReq));
|
commonRequest.setData(new String(decryptedReq));
|
||||||
log.debug("in.dec: {}", commonRequest);
|
log.debug("in.dec: {}", commonRequest);
|
||||||
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
|
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
|
||||||
erroMsg = e.getMessage();
|
erroMsg = e.getMessage();
|
||||||
}
|
}
|
||||||
if (decryptedReq != null && decryptedReq.length > 0) {
|
if (decryptedReq != null && decryptedReq.length > 0) {
|
||||||
requestWrapper = new HttpServletRequestWritableWrapper(request,
|
requestWrapper = new HttpServletRequestWritableWrapper(request,
|
||||||
JSONUtil.toJSONString(commonRequest).getBytes(StandardCharsets.UTF_8));
|
JSONUtil.toJSONString(commonRequest).getBytes(StandardCharsets.UTF_8));
|
||||||
} else {
|
} else {
|
||||||
resp.setRet("4004");
|
resp.setRet("4004");
|
||||||
resp.setMsg(erroMsg);
|
resp.setMsg(erroMsg);
|
||||||
String data = JSONUtil.toJSONString(resp);
|
String data = JSONUtil.toJSONString(resp);
|
||||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||||
chain.doFilter(requestWrapper, responseWrapper);
|
chain.doFilter(requestWrapper, responseWrapper);
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//encrypt response
|
//encrypt response
|
||||||
@ -156,7 +164,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
|||||||
// AuthSecretToken authSecretTokenOut = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType
|
// AuthSecretToken authSecretTokenOut = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType
|
||||||
// (operatorId,
|
// (operatorId,
|
||||||
// AuthSecretToken.SECRET_TOKEN_TYPE_OUT).orElse(null);
|
// AuthSecretToken.SECRET_TOKEN_TYPE_OUT).orElse(null);
|
||||||
if (encout == null && authSecretTokenIn != null) {
|
if (encout == null) {
|
||||||
encryptedData = encryptRespOut(authSecretTokenIn.getDataSecret(), authSecretTokenIn.getDataSecretIV(),
|
encryptedData = encryptRespOut(authSecretTokenIn.getDataSecret(), authSecretTokenIn.getDataSecretIV(),
|
||||||
authSecretTokenIn.getSigSecret(), buf).toString();
|
authSecretTokenIn.getSigSecret(), buf).toString();
|
||||||
log.debug("out.enc: {}", encryptedData);
|
log.debug("out.enc: {}", encryptedData);
|
||||||
@ -164,24 +172,23 @@ public class EvcsFilter extends OncePerRequestFilter {
|
|||||||
encryptedData.getBytes(StandardCharsets.UTF_8));
|
encryptedData.getBytes(StandardCharsets.UTF_8));
|
||||||
} else if ("false".equals(encout)) {
|
} else if ("false".equals(encout)) {
|
||||||
response.getOutputStream().write(buf);
|
response.getOutputStream().write(buf);
|
||||||
} else {
|
// } else {
|
||||||
resp.setRet("4004");
|
// resp.setRet("4004");
|
||||||
resp.setMsg("Encryption error");
|
// resp.setMsg("Encryption error");
|
||||||
String data = JSONUtil.toJSONString(resp);
|
// String data = JSONUtil.toJSONString(resp);
|
||||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
// response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||||
// chain.doFilter(requestWrapper, responseWrapper);
|
//// chain.doFilter(requestWrapper, responseWrapper);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean handleQueryToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
|
private boolean handleQueryToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
|
||||||
ServletRequest requestWrapper, String bodyString, CommonRequest commonRequest,
|
ServletRequest requestWrapper, String bodyString, CommonRequest commonRequest,
|
||||||
String operatorId, ContentCachingResponseWrapper responseWrapper) throws IOException,
|
String operatorId, ContentCachingResponseWrapper responseWrapper,
|
||||||
|
AuthSecretToken authSecretToken) throws IOException,
|
||||||
ServletException {
|
ServletException {
|
||||||
|
|
||||||
AuthSecretToken authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId,
|
if (authSecretToken == null) {
|
||||||
AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null);
|
|
||||||
if (authSecretTokenIn == null) {
|
|
||||||
CommonResponse resp = new CommonResponse();
|
CommonResponse resp = new CommonResponse();
|
||||||
resp.setRet("4003");
|
resp.setRet("4003");
|
||||||
resp.setMsg("Invalid OperatorID");
|
resp.setMsg("Invalid OperatorID");
|
||||||
@ -194,7 +201,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
|||||||
} else {
|
} else {
|
||||||
final byte[] decrypt;
|
final byte[] decrypt;
|
||||||
try {
|
try {
|
||||||
decrypt = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
|
decrypt = decrypt(request, authSecretToken, commonRequest, bodyString);
|
||||||
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
|
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
CommonResponse resp = new CommonResponse();
|
CommonResponse resp = new CommonResponse();
|
||||||
|
|||||||
@ -7,7 +7,6 @@ import org.springframework.data.jpa.repository.Query;
|
|||||||
import org.springframework.data.repository.query.QueryByExampleExecutor;
|
import org.springframework.data.repository.query.QueryByExampleExecutor;
|
||||||
import org.springframework.stereotype.Repository;
|
import org.springframework.stereotype.Repository;
|
||||||
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -27,7 +26,7 @@ public interface XhpcTerminalRepository extends JpaRepository<XhpcTerminal, Inte
|
|||||||
Optional<XhpcTerminal> findOneBySerialNumber(String serialNumber);
|
Optional<XhpcTerminal> findOneBySerialNumber(String serialNumber);
|
||||||
|
|
||||||
|
|
||||||
@Query("select t.pileSerialNumber from XhpcTerminal as t where t.serialNumber = ?1")
|
@Query("select t.pileSerialNumber from XhpcTerminal as t where t.delFlag = 0 and t.serialNumber = ?1")
|
||||||
String selectBySql(String serialNumber);
|
String selectBySql(String serialNumber);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -57,7 +57,7 @@ public class XhpcTerminal extends BaseEntity {
|
|||||||
private Integer status;
|
private Integer status;
|
||||||
|
|
||||||
/** 删除标志(0代表存在 2代表删除) */
|
/** 删除标志(0代表存在 2代表删除) */
|
||||||
@Column(name = "del_falg", nullable = true)
|
@Column(name = "del_flag", nullable = true)
|
||||||
private Integer delFlag;
|
private Integer delFlag;
|
||||||
|
|
||||||
/** 费率模型id */
|
/** 费率模型id */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user