diff --git a/evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/config/EvcsFilter.java b/evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/config/EvcsFilter.java index 12622a33..15a14a47 100644 --- a/evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/config/EvcsFilter.java +++ b/evcs-modules/evcs-core/src/main/java/com/xhpc/evcs/config/EvcsFilter.java @@ -94,7 +94,7 @@ public class EvcsFilter extends OncePerRequestFilter { if (servletPath.endsWith("query_token")) { authSecretTokenIn = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType(operatorId, AuthSecretToken.SECRET_TOKEN_TYPE_IN).orElse(null); - handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, operatorId, + handleQueryToken(request, response, chain, requestWrapper, bodyString, commonRequest, responseWrapper, authSecretTokenIn); } else { if (authorization != null && authorization.startsWith("Bearer ")) { @@ -107,17 +107,15 @@ public class EvcsFilter extends OncePerRequestFilter { resp.setMsg("Invalid token(db)"); String data = JSONUtil.toJSONString(resp); response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); - responseWrapper = new ContentCachingResponseWrapper(response); chain.doFilter(requestWrapper, responseWrapper); return; } else if (!token.equals(authSecretTokenIn.getToken())) { log.error("op[{}] Invalid auth: {}", operatorId, authorization); - resp.setRet("4002"); // todo YBD... + resp.setRet("4002"); resp.setMsg("Invalid token(inequal)"); String data = JSONUtil.toJSONString(resp); response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); -// responseWrapper = new ContentCachingResponseWrapper(response); -// chain.doFilter(requestWrapper, responseWrapper); + chain.doFilter(requestWrapper, responseWrapper); return; } } else { @@ -126,7 +124,6 @@ public class EvcsFilter extends OncePerRequestFilter { resp.setMsg("Authorization header is not present or invalid"); String data = JSONUtil.toJSONString(resp); response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); - responseWrapper = new ContentCachingResponseWrapper(response); chain.doFilter(requestWrapper, responseWrapper); return; } @@ -134,13 +131,7 @@ public class EvcsFilter extends OncePerRequestFilter { byte[] decryptedReq = null; String erroMsg = "Decryption error"; try { -// if (authSecretTokenIn.isEncrypt() && !"false".equals(encin)) { // test code decryptedReq = decrypt(request, authSecretTokenIn, commonRequest, bodyString); -// } else { -// String data = commonRequest.getData(); -// if (data == null) data = bodyString; -// decryptedReq = data.getBytes(StandardCharsets.UTF_8); -// } commonRequest.setData(new String(decryptedReq)); log.debug("in.dec: {}", commonRequest); } catch (BadPaddingException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | InvalidKeyException e) { @@ -161,33 +152,18 @@ public class EvcsFilter extends OncePerRequestFilter { //encrypt response final String encout = request.getHeader("enc.out"); -// if (requestWrapper == null) { -// chain.doFilter(request, responseWrapper); -// } else { chain.doFilter(requestWrapper, responseWrapper); -// } -// responseWrapper.copyBodyToResponse(); -// responseWrapper = new ContentCachingResponseWrapper(responseWrapper); byte[] buf = responseWrapper.getContentAsByteArray(); log.debug("out.plain: {}", new String(buf, StandardCharsets.UTF_8)); String encryptedData; -// AuthSecretToken authSecretTokenOut = authSecretTokenRepository.findByOperatorId3irdptyAndSecretTokenType -// (operatorId, -// AuthSecretToken.SECRET_TOKEN_TYPE_OUT).orElse(null); if (encout == null) { encryptedData = encryptRespOut(authSecretTokenIn.getDataSecret(), authSecretTokenIn.getDataSecretIV(), authSecretTokenIn.getSigSecret(), buf).toString(); - log.debug("out.enc: {}", encryptedData); +// log.debug("out.enc: {}", encryptedData); response.getOutputStream().write(encryptedData == null ? internalError() : encryptedData.getBytes(StandardCharsets.UTF_8)); } else if ("false".equals(encout)) { response.getOutputStream().write(buf); -// } else { -// resp.setRet("4004"); -// resp.setMsg("Encryption error"); -// String data = JSONUtil.toJSONString(resp); -// response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); -//// chain.doFilter(requestWrapper, responseWrapper); } } } @@ -195,8 +171,7 @@ public class EvcsFilter extends OncePerRequestFilter { private boolean handleQueryToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain, ServletRequest requestWrapper, String bodyString, CommonRequest commonRequest, - String operatorId, ContentCachingResponseWrapper responseWrapper, - AuthSecretToken authSecretToken) throws IOException, + ContentCachingResponseWrapper responseWrapper, AuthSecretToken authSecretToken) throws IOException, ServletException { if (authSecretToken == null) { @@ -205,8 +180,6 @@ public class EvcsFilter extends OncePerRequestFilter { resp.setMsg("Invalid OperatorID"); String data = JSONUtil.toJSONString(resp); response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); -// response.setStatus(403); - responseWrapper = new ContentCachingResponseWrapper(response); chain.doFilter(requestWrapper, responseWrapper); return false; } else { @@ -220,13 +193,11 @@ public class EvcsFilter extends OncePerRequestFilter { resp.setMsg("Invalid Encryption"); String data = JSONUtil.toJSONString(resp); response.getOutputStream().write(data.getBytes(StandardCharsets.UTF_8)); - responseWrapper = new ContentCachingResponseWrapper(response); chain.doFilter(requestWrapper, responseWrapper); return false; } ((HttpServletRequestRepeatReadWrapper) requestWrapper).setBody(decrypt); return true; -// chain.doFilter(requestWrapper, response); } } @@ -298,7 +269,7 @@ public class EvcsFilter extends OncePerRequestFilter { InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidKeyException { - byte[] buf = new byte[]{}; + byte[] buf; final String encin = request.getHeader("enc.in"); if (request.getServletPath().endsWith("/query_token")) { String data; @@ -335,7 +306,7 @@ public class EvcsFilter extends OncePerRequestFilter { authSecretToken.getDataSecretIV()); ((ObjectNode) rootNode).put("Data", decryptedData); } - buf = decryptedData.getBytes();//rootNode.toString().getBytes(); + buf = decryptedData.getBytes(); } } return buf;