code clean
This commit is contained in:
ZZ
parent
614f59569f
commit
a20f92f234
@ -94,7 +94,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
if (servletPath.endsWith("query_token")) {
|
||||
authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId,
|
||||
AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null);
|
||||
handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId,
|
||||
handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest,
|
||||
responseWrapper, authSecretTokenIn);
|
||||
} else {
|
||||
if (authorization != null && authorization.startsWith("Bearer ")) {
|
||||
@ -107,17 +107,15 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
resp.setMsg("Invalid token(db)");
|
||||
String data = JSONUtil.toJSONString(resp);
|
||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
return;
|
||||
} else if (!token.equals(authSecretTokenIn.getToken())) {
|
||||
log.error("op[{}] Invalid auth: {}", operatorId, authorization);
|
||||
resp.setRet("4002"); // todo YBD...
|
||||
resp.setRet("4002");
|
||||
resp.setMsg("Invalid token(inequal)");
|
||||
String data = JSONUtil.toJSONString(resp);
|
||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
// responseWrapper = new ContentCachingResponseWrapper(response);
|
||||
// chain.doFilter(requestWrapper, responseWrapper);
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
@ -126,7 +124,6 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
resp.setMsg("Authorization header is not present or invalid");
|
||||
String data = JSONUtil.toJSONString(resp);
|
||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
return;
|
||||
}
|
||||
@ -134,13 +131,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
byte[] decryptedReq = null;
|
||||
String erroMsg = "Decryption error";
|
||||
try {
|
||||
// if (authSecretTokenIn.isEncrypt() && !"false".equals(encin)) { // test code
|
||||
decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString);
|
||||
// } else {
|
||||
// String data = commonRequest.getData();
|
||||
// if (data == null) data = bodyString;
|
||||
// decryptedReq = data.getBytes(StandardCharsets.UTF_8);
|
||||
// }
|
||||
commonRequest.setData(new String(decryptedReq));
|
||||
log.debug("in.dec: {}", commonRequest);
|
||||
} catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) {
|
||||
@ -161,33 +152,18 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
|
||||
//encrypt response
|
||||
final String encout = request.getHeader("enc.out");
|
||||
// if (requestWrapper == null) {
|
||||
// chain.doFilter(request, responseWrapper);
|
||||
// } else {
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
// }
|
||||
// responseWrapper.copyBodyToResponse();
|
||||
// responseWrapper = new ContentCachingResponseWrapper(responseWrapper);
|
||||
byte[] buf = responseWrapper.getContentAsByteArray();
|
||||
log.debug("out.plain: {}", new String(buf, StandardCharsets.UTF_8));
|
||||
String encryptedData;
|
||||
// AuthSecretToken authSecretTokenOut = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType
|
||||
// (operatorId,
|
||||
// AuthSecretToken.SECRET_TOKEN_TYPE_OUT).orElse(null);
|
||||
if (encout == null) {
|
||||
encryptedData = encryptRespOut(authSecretTokenIn.getDataSecret(), authSecretTokenIn.getDataSecretIV(),
|
||||
authSecretTokenIn.getSigSecret(), buf).toString();
|
||||
log.debug("out.enc: {}", encryptedData);
|
||||
// log.debug("out.enc: {}", encryptedData);
|
||||
response.getOutputStream().write(encryptedData == null ? internalError() :
|
||||
encryptedData.getBytes(StandardCharsets.UTF_8));
|
||||
} else if ("false".equals(encout)) {
|
||||
response.getOutputStream().write(buf);
|
||||
// } else {
|
||||
// resp.setRet("4004");
|
||||
// resp.setMsg("Encryption error");
|
||||
// String data = JSONUtil.toJSONString(resp);
|
||||
// response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
//// chain.doFilter(requestWrapper, responseWrapper);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -195,8 +171,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
|
||||
private boolean handleQueryToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
|
||||
ServletRequest requestWrapper, String bodyString, CommonRequest commonRequest,
|
||||
String operatorId, ContentCachingResponseWrapper responseWrapper,
|
||||
AuthSecretToken authSecretToken) throws IOException,
|
||||
ContentCachingResponseWrapper responseWrapper, AuthSecretToken authSecretToken) throws IOException,
|
||||
ServletException {
|
||||
|
||||
if (authSecretToken == null) {
|
||||
@ -205,8 +180,6 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
resp.setMsg("Invalid OperatorID");
|
||||
String data = JSONUtil.toJSONString(resp);
|
||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
// response.setStatus(403);
|
||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
return false;
|
||||
} else {
|
||||
@ -220,13 +193,11 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
resp.setMsg("Invalid Encryption");
|
||||
String data = JSONUtil.toJSONString(resp);
|
||||
response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8));
|
||||
responseWrapper = new ContentCachingResponseWrapper(response);
|
||||
chain.doFilter(requestWrapper, responseWrapper);
|
||||
return false;
|
||||
}
|
||||
((HttpServletRequestRepeatReadWrapper) requestWrapper).setBody(decrypt);
|
||||
return true;
|
||||
// chain.doFilter(requestWrapper, response);
|
||||
}
|
||||
}
|
||||
|
||||
@ -298,7 +269,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException,
|
||||
InvalidKeyException {
|
||||
|
||||
byte[] buf = new byte[]{};
|
||||
byte[] buf;
|
||||
final String encin = request.getHeader("enc.in");
|
||||
if (request.getServletPath().endsWith("/query_token")) {
|
||||
String data;
|
||||
@ -335,7 +306,7 @@ public class EvcsFilter extends OncePerRequestFilter {
|
||||
authSecretToken.getDataSecretIV());
|
||||
((ObjectNode) rootNode).put("Data", decryptedData);
|
||||
}
|
||||
buf = decryptedData.getBytes();//rootNode.toString().getBytes();
|
||||
buf = decryptedData.getBytes();
|
||||
}
|
||||
}
|
||||
return buf;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user