From 44d81a9845bcd1866fc7d8acb71afaef99ea72b1 Mon Sep 17 00:00:00 2001 From: wxz Date: Fri, 11 Sep 2020 09:57:26 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=96=E9=83=A8=E5=BA=94=E7=94=A8=EF=BC=8C?= =?UTF-8?q?=E6=89=93=E5=BC=80token=E6=97=B6=E9=97=B4=E6=88=B3=E6=A0=A1?= =?UTF-8?q?=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../extappauth/aspect/ExternalAppRequestAuthAspect.java | 3 ++- .../epmet/utils/externalapp/ExtAppJwtAuthProcessor.java | 9 ++++----- .../epmet/utils/externalapp/ExtAppMD5AuthProcessor.java | 9 ++++----- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/epmet-commons/epmet-commons-extapp-auth/src/main/java/com/epmet/commons/extappauth/aspect/ExternalAppRequestAuthAspect.java b/epmet-commons/epmet-commons-extapp-auth/src/main/java/com/epmet/commons/extappauth/aspect/ExternalAppRequestAuthAspect.java index 82ffd68882..ec98b35d7b 100644 --- a/epmet-commons/epmet-commons-extapp-auth/src/main/java/com/epmet/commons/extappauth/aspect/ExternalAppRequestAuthAspect.java +++ b/epmet-commons/epmet-commons-extapp-auth/src/main/java/com/epmet/commons/extappauth/aspect/ExternalAppRequestAuthAspect.java @@ -63,7 +63,8 @@ public class ExternalAppRequestAuthAspect { throw new RenException("请求头中的token和appId不能为空"); } - logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}", appId, token); + logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}, ts:{}, customerId:{}, authType:{}", + appId, token, ts, customerId, authType); ExternalAppAuthFormDTO form = new ExternalAppAuthFormDTO(); form.setAppId(appId); diff --git a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtAuthProcessor.java b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtAuthProcessor.java index 2ec771fd02..7330d1e3ae 100644 --- a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtAuthProcessor.java +++ b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtAuthProcessor.java @@ -45,11 +45,10 @@ public class ExtAppJwtAuthProcessor extends ExtAppAuthProcessor { return fillAuthResult(false, "access token不完整。", null); } - // TODO 暂时去掉时间差判断 - //if (!validTimeStamp(timestamp)) { - // logger.error("服务器存在时差过大,请求被拒绝"); - // return fillAuthResult(false, "服务器存在时差过大,请求被拒绝", null); - //} + if (!validTimeStamp(timestamp)) { + logger.error("extapp token已经超时,请求被拒绝"); + return fillAuthResult(false, "extapp token已经超时,请求被拒绝", null); + } if (!appId.equals(appIdIn)) { logger.error("AppId不对应,token外部的:{}, token内部解析出来的:{}", appId, appIdIn); diff --git a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppMD5AuthProcessor.java b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppMD5AuthProcessor.java index 3954738758..b19e963f53 100644 --- a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppMD5AuthProcessor.java +++ b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppMD5AuthProcessor.java @@ -30,11 +30,10 @@ public class ExtAppMD5AuthProcessor extends ExtAppAuthProcessor { return fillAuthResult(false, "签名不匹配,认证失败", null); } - // TODO 暂时去掉时间差判断 - //if (!validTimeStamp(ts)) { - // logger.error("服务器存在时差过大,请求被拒绝"); - // return fillAuthResult(false, "服务器存在时差过大,请求被拒绝", null); - //} + if (!validTimeStamp(ts)) { + logger.error("extapp token已经超时,请求被拒绝"); + return fillAuthResult(false, "extapp token已经超时,请求被拒绝", null); + } return fillAuthResult(true, "签名匹配,认证成功", null); }