Browse Source

修复:jwt过期之后,取过期时间为空,造成的空指针问题

dev_shibei_match
wxz 4 years ago
parent
commit
98806364b4
  1. 7
      epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java
  2. 7
      epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java
  3. 13
      epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java
  4. 2
      epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java

7
epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java

@ -61,14 +61,15 @@ public class OpenApiSignUtils {
public static void main(String[] args) {
generateGetAccessTokenSign();
//generateGetOrgDetailSign();
System.out.println("==============");
generateGetOrgDetailSign();
}
private static void generateGetAccessTokenSign() {
long now = System.currentTimeMillis();
System.out.println(now);
String uuid = UUID.randomUUID().toString();
String uuid = UUID.randomUUID().toString().replace("-", "");
HashMap<String, String> content = new HashMap<>();
content.put("app_id", "7d98b8af2d05752b4225709c4cfd4bd0");
@ -87,7 +88,7 @@ public class OpenApiSignUtils {
private static void generateGetOrgDetailSign() {
long now = System.currentTimeMillis();
String uuid = UUID.randomUUID().toString();
String uuid = UUID.randomUUID().toString().replace("-", "");;
System.out.println("时间戳:" + now);
System.out.println("随机数:" + uuid);

7
epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java

@ -19,6 +19,8 @@ import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import java.util.Date;
/**
* 外部应用认证处理器来平台token的方式
*/
@ -37,8 +39,11 @@ public class ExtAppTakeTokenAuthProcessor extends ExtAppAuthProcessor {
// 1.过期验证
String accessTokenInCache = redisUtils.getString(RedisKeys.getOpenApiAccessTokenKey(appId));
Date expiration = jwtTokenUtils.getExpiration(token, secret);
if (StringUtils.isBlank(accessTokenInCache) ||
jwtTokenUtils.isTokenExpired(jwtTokenUtils.getExpiration(token, secret))) {
expiration == null ||
jwtTokenUtils.isTokenExpired(expiration)
) {
throw new RenException(EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getCode(),
EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getMsg());

13
epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java

@ -47,6 +47,11 @@ public class OpenApiRequestCheckAspect {
@Autowired
private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient;
//请求时差单位:s
long requestTimeSecDiff = 120;
//请求时差,单位:ms
long requestTimeMillSecDiff = requestTimeSecDiff * 1000;//单位:ms
private static final Logger log = LoggerFactory.getLogger(DataFilterAspect.class);
/**
@ -117,10 +122,10 @@ public class OpenApiRequestCheckAspect {
}
long timestamp = Long.valueOf(timestampStr).longValue();
long now = System.currentTimeMillis();
long requestTimeDiff = 120000;
if (Math.abs(now - timestamp) > requestTimeDiff) {
if (Math.abs(now - timestamp) > requestTimeMillSecDiff) {
// 只允许1分钟之内的请求,允许服务器之间时差为1分钟
throw new RenException(String.format("请求已过时,允许时差为%s ms", requestTimeDiff));
throw new RenException(String.format("请求已过时,允许时差为%s s", requestTimeSecDiff));
}
String nonce = argMap.get(RequestParamKeys.NONCE);
String nonceInCache = redisUtils.getString(RedisKeys.getOpenApiNonceKey(nonce));
@ -128,7 +133,7 @@ public class OpenApiRequestCheckAspect {
throw new RenException("请求重复");
}
//将nonce缓存到redis,有效期1分钟
redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeDiff);
redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeSecDiff);
}
/**

2
epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java

@ -5,8 +5,6 @@ import com.epmet.commons.tools.exception.RenException;
import com.epmet.commons.tools.redis.RedisKeys;
import com.epmet.commons.tools.redis.RedisUtils;
import com.epmet.commons.tools.utils.Result;
import com.epmet.commons.tools.validator.ValidatorUtils;
import com.epmet.dto.form.openapi.OpenApiBaseFormDTO;
import com.epmet.dto.result.openapi.GetAccessTokenResultDTO;
import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
import com.epmet.service.OpenApiAccessTokenService;

Loading…
Cancel
Save