yuyang/XH-Power-Cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Keng..

Browse Source
This commit is contained in:
zz 2021-12-02 16:28:31 +08:00
parent b332702b8b
commit 31a9e30808
3 changed files with 68 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/config/EvcsFilter.java
View File

@ -70,6 +70,7 @@ public class EvcsFilter extends OncePerRequestFilter {
Scanner scanner = new Scanner(requestWrapper.getInputStream(), "UTF-8").useDelimiter("\\A");
String bodyString = scanner.hasNext() ? scanner.next() : null;
log.debug("in.enc: {}", bodyString);
CommonResponse resp = new CommonResponse();
if (!ObjectUtils.isEmpty(bodyString)) {
String servletPath = request.getServletPath();
log.debug("servletPath: " + servletPath);
@ -77,68 +78,75 @@ public class EvcsFilter extends OncePerRequestFilter {
String operatorId = commonRequest.getOperatorId();
String authorization = request.getHeader("Authorization");
log.debug("Authorization: {}", authorization);
AuthSecretToken authSecretTokenIn;
AuthSecretToken authSecretTokenIn = null;
Date now = Calendar.getInstance().getTime();
ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(response);
if (servletPath.endsWith("query_token")) {
if (!handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId,
responseWrapper)) return;
}
if (authorization != null && authorization.startsWith("Bearer ")) {
String token = authorization.replace("Bearer ", "");
authSecretTokenIn =
authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenTypeAndTokenExpiryGreaterThan(
operatorId, AuthSecretToken.SECRET_TOKEN_TYPE_IN, now).orElse(null);
if (authSecretTokenIn == null) {
CommonResponse resp = new CommonResponse();
resp.setRet("4003");
resp.setMsg("Invalid token");
authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId,
AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null);
handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId,
responseWrapper, authSecretTokenIn);
} else {
if (authorization != null && authorization.startsWith("Bearer ")) {
String token = authorization.replace("Bearer ", "");
authSecretTokenIn =
authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenTypeAndTokenExpiryGreaterThan(
operatorId, AuthSecretToken.SECRET_TOKEN_TYPE_IN, now).orElse(null);
if (authSecretTokenIn == null) {
resp.setRet("4002");
resp.setMsg("Invalid token(db)");
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
responseWrapper = new ContentCachingResponseWrapper(response);
chain.doFilter(requestWrapper, responseWrapper);
return;
} else if (!token.equals(authSecretTokenIn.getToken())) {
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
resp.setRet("4002"); // todo YBD...
resp.setMsg("Invalid token(inequal)");
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
// responseWrapper = new ContentCachingResponseWrapper(response);
// chain.doFilter(requestWrapper, responseWrapper);
return;
}
} else {
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
resp.setRet("4002");
resp.setMsg("Authorization header is not present or invalid");
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
responseWrapper = new ContentCachingResponseWrapper(response);
chain.doFilter(requestWrapper, responseWrapper);
return;
} else if (!token.equals(authSecretTokenIn.getToken())) {
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
}
} else {
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
CommonResponse resp = new CommonResponse();
resp.setRet("4003");
resp.setMsg("Authorization header is not present or invalid");
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
responseWrapper = new ContentCachingResponseWrapper(response);
chain.doFilter(requestWrapper, responseWrapper);
return;
}
//decrypt request
byte[] decryptedReq = null;
String erroMsg = "Decryption error";
CommonResponse resp = new CommonResponse();
try {
//decrypt request
byte[] decryptedReq = null;
String erroMsg = "Decryption error";
try {
// if (authSecretTokenIn.isEncrypt() && !"false".equals(encin)) { // test code
decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
// } else {
// String data = commonRequest.getData();
// if (data == null) data = bodyString;
// decryptedReq = data.getBytes(StandardCharsets.UTF_8);
// }
commonRequest.setData(new String(decryptedReq));
log.debug("in.dec: {}", commonRequest);
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
erroMsg = e.getMessage();
}
if (decryptedReq != null && decryptedReq.length > 0) {
requestWrapper = new HttpServletRequestWritableWrapper(request,
JSONUtil.toJSONString(commonRequest).getBytes(StandardCharsets.UTF_8));
} else {
resp.setRet("4004");
resp.setMsg(erroMsg);
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
chain.doFilter(requestWrapper, responseWrapper);
return;
commonRequest.setData(new String(decryptedReq));
log.debug("in.dec: {}", commonRequest);
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
erroMsg = e.getMessage();
}
if (decryptedReq != null && decryptedReq.length > 0) {
requestWrapper = new HttpServletRequestWritableWrapper(request,
JSONUtil.toJSONString(commonRequest).getBytes(StandardCharsets.UTF_8));
} else {
resp.setRet("4004");
resp.setMsg(erroMsg);
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
chain.doFilter(requestWrapper, responseWrapper);
return;
}
}
//encrypt response
@ -156,7 +164,7 @@ public class EvcsFilter extends OncePerRequestFilter {
// AuthSecretToken authSecretTokenOut = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType
// (operatorId,
// AuthSecretToken.SECRET_TOKEN_TYPE_OUT).orElse(null);
if (encout == null && authSecretTokenIn != null) {
if (encout == null) {
encryptedData = encryptRespOut(authSecretTokenIn.getDataSecret(), authSecretTokenIn.getDataSecretIV(),
authSecretTokenIn.getSigSecret(), buf).toString();
log.debug("out.enc: {}", encryptedData);
@ -164,24 +172,23 @@ public class EvcsFilter extends OncePerRequestFilter {
encryptedData.getBytes(StandardCharsets.UTF_8));
} else if ("false".equals(encout)) {
response.getOutputStream().write(buf);
} else {
resp.setRet("4004");
resp.setMsg("Encryption error");
String data = JSONUtil.toJSONString(resp);
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
// chain.doFilter(requestWrapper, responseWrapper);
// } else {
// resp.setRet("4004");
// resp.setMsg("Encryption error");
// String data = JSONUtil.toJSONString(resp);
// response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
//// chain.doFilter(requestWrapper, responseWrapper);
}
}
}
private boolean handleQueryToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
ServletRequest requestWrapper, String bodyString, CommonRequest commonRequest,
String operatorId, ContentCachingResponseWrapper responseWrapper) throws IOException,
String operatorId, ContentCachingResponseWrapper responseWrapper,
AuthSecretToken authSecretToken) throws IOException,
ServletException {
AuthSecretToken authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId,
AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null);
if (authSecretTokenIn == null) {
if (authSecretToken == null) {
CommonResponse resp = new CommonResponse();
resp.setRet("4003");
resp.setMsg("Invalid OperatorID");
@ -194,7 +201,7 @@ public class EvcsFilter extends OncePerRequestFilter {
} else {
final byte[] decrypt;
try {
decrypt = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
decrypt = decrypt(request, authSecretToken, commonRequest, bodyString);
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
e.printStackTrace();
CommonResponse resp = new CommonResponse();

3
evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/jpa/XhpcTerminalRepository.java
View File

@ -7,7 +7,6 @@ import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.QueryByExampleExecutor;
import org.springframework.stereotype.Repository;
import java.util.List;
import java.util.Optional;
/**
@ -27,7 +26,7 @@ public interface XhpcTerminalRepository extends JpaRepository<XhpcTerminal, Inte
Optional<XhpcTerminal> findOneBySerialNumber(String serialNumber);
@Query("select t.pileSerialNumber from XhpcTerminal as t where t.serialNumber = ?1")
@Query("select t.pileSerialNumber from XhpcTerminal as t where t.delFlag = 0 and t.serialNumber = ?1")
String selectBySql(String serialNumber);
}

2
xhpc-modules/xhpc-common/src/main/java/com/xhpc/common/domain/XhpcTerminal.java
View File

@ -57,7 +57,7 @@ public class XhpcTerminal extends BaseEntity {
private Integer status;
/** 删除标志0代表存在 2代表删除 */
@Column(name = "del_falg", nullable = true)
@Column(name = "del_flag", nullable = true)
private Integer delFlag;
/** 费率模型id */