Browse Source

大屏居民信息接口-请求头校验

feature/syp_points
songyunpeng 5 years ago
parent
commit
b8acd62c5f
  1. 10
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java
  2. 4
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java
  3. 29
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java
  4. 93
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java
  5. 5
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties
  6. 5
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties
  7. 5
      esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties
  8. 15
      esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java
  9. 97
      esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java
  10. 2
      esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java
  11. 8
      esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml

10
esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java

@ -119,4 +119,14 @@ public interface Constant {
* 动作记录时机
*/
String BEHAVIOR_RECORDING_TIME_AFTER = "1";
/**
* AccessToken header
*/
String ACCESS_TOKEN = "AccessToken";
/**
* 时间戳
*/
String TIMESTAMP = "Timestamp";
}

4
esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java

@ -40,4 +40,8 @@ public interface ErrorCode {
int JSON_FORMAT_ERROR = 10016;
int PARSING_ERROR = 10017;
int INVALID_ERROR = 10018;
int ACCESS_TOKEN_NOT_EMPTY = 10022;
int ACCESS_TOKEN_INVALID = 10023;
int TIMESTAMP_NOT_EMPTY = 10024;
}

29
esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java

@ -0,0 +1,29 @@
package com.elink.esua.epdc.commons.tools.properties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
/**
* 党群e事通接口配置
*
* @Authorsongyunpeng
* @Date2020/8/20 13:22
*/
@Configuration
@ConfigurationProperties(prefix = "js.screen.population")
public class ScreenPopulationProperties {
/**
* 锦水居民信息采集大屏接口appId
*/
private String screenAppId;
public String getScreenAppId() {
return screenAppId;
}
public void setScreenAppId(String screenAppId) {
this.screenAppId = screenAppId;
}
}

93
esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java

@ -0,0 +1,93 @@
package com.elink.esua.epdc.commons.tools.utils;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* MD5加密生成摘要
*
* @Authorliuchuang
* @Date2020/8/25 17:27
*/
public class MD5Util {
/**
* 对一段String生成MD5加密信息
*
* @param message 要加密的String
* @return java.lang.String
* @author Liuchuang
* @since 2020/8/26 9:56
*/
public static String getMD5(String message) {
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] b = md.digest(message.getBytes("utf-8"));
return byteToHexStringSingle(b);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
/**
* 对文件全文生成MD5摘要
*
* @param file 要加密的文件
* @return java.lang.String
* @author Liuchuang
* @since 2020/8/26 9:58
*/
public static String getMD5(File file) {
FileInputStream fis = null;
try {
MessageDigest md = MessageDigest.getInstance("MD5");
fis = new FileInputStream(file);
byte[] buffer = new byte[2048];
int length = -1;
long s = System.currentTimeMillis();
while ((length = fis.read(buffer)) != -1) {
md.update(buffer, 0, length);
}
byte[] b = md.digest();
return byteToHexStringSingle(b);
} catch (Exception ex) {
ex.printStackTrace();
return null;
} finally {
try {
fis.close();
} catch (IOException ex) {
ex.printStackTrace();
}
}
}
/**
* 独立把byte[]数组转换成十六进制字符串表示形式
*
* @param byteArray
* @return java.lang.String
* @author Liuchuang
* @since 2020/8/26 9:59
*/
public static String byteToHexStringSingle(byte[] byteArray) {
StringBuffer md5StrBuff = new StringBuffer();
for (int i = 0; i < byteArray.length; i++) {
if (Integer.toHexString(0xFF & byteArray[i]).length() == 1) {
md5StrBuff.append("0").append(
Integer.toHexString(0xFF & byteArray[i]));
} else {
md5StrBuff.append(Integer.toHexString(0xFF & byteArray[i]));
}
}
return md5StrBuff.toString();
}
}

5
esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties

@ -19,4 +19,7 @@
10015=Please delete the user under the department first
10016=The parameter format is incorrect. Please use JSON format.
10017=Parsing {0} error
10018=Invalid {0}
10018=Invalid {0}
10022=AccessToken cannot be empty
10024=Timestamp cannot be empty
10023=AccessToken is invalid

5
esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties

@ -19,4 +19,7 @@
10015=\u8BF7\u5148\u5220\u9664\u90E8\u95E8\u4E0B\u7684\u7528\u6237
10016=\u53C2\u6570\u683C\u5F0F\u4E0D\u6B63\u786E\uFF0C\u8BF7\u4F7F\u7528JSON\u683C\u5F0F
10017=\u89E3\u6790{0}\u51FA\u9519
10018=\u65E0\u6548\u7684{0}
10018=\u65E0\u6548\u7684{0}
10022=AccessToken\u4E0D\u80FD\u4E3A\u7A7A
10024=Timestamp\u4E0D\u80FD\u4E3A\u7A7A
10023=AccessToken\u65E0\u6548

5
esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties

@ -19,4 +19,7 @@
10015=\u8ACB\u5148\u522A\u9664\u90E8\u9580\u4E0B\u7684\u7528\u6236
10016=\u53C3\u6578\u683C\u5F0F\u4E0D\u6B63\u78BA\uFF0C\u8ACB\u4F7F\u7528JSON\u683C\u5F0F
10017=\u89E3\u6790{0}\u51FA\u932F
10018=\u7121\u6548\u7684{0}
10018=\u7121\u6548\u7684{0}
10022=AccessToken\u4E0D\u80FD\u70BA\u7A7A
10024=Timestamp\u4E0D\u80FD\u70BA\u7A7A
10023=AccessToken\u65E0\u6548

15
esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java

@ -0,0 +1,15 @@
package com.elink.esua.epdc.annotation;
import java.lang.annotation.*;
/**
* 居民信息采集 - 接口验证
*
* @author Liuchuang
* @since 2020/8/25 17:09
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface ReportData {
}

97
esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java

@ -0,0 +1,97 @@
package com.elink.esua.epdc.aspect;
import com.elink.esua.epdc.commons.tools.constant.Constant;
import com.elink.esua.epdc.commons.tools.exception.ErrorCode;
import com.elink.esua.epdc.commons.tools.exception.RenException;
import com.elink.esua.epdc.commons.tools.properties.ScreenPopulationProperties;
import com.elink.esua.epdc.commons.tools.utils.MD5Util;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.util.Objects;
import java.util.Optional;
/**
* 居民信息大屏接口验证
*
* @author songyunpeng
* @Date 20-04-28
*/
@Aspect
@Component
public class ScreenPopulationAop {
@Autowired
private ScreenPopulationProperties screenPopulationProperties;
/**
* 使用org.slf4j.Logger,这是Spring实现日志的方法
*/
private final Logger logger = LogManager.getLogger(getClass());
/**
* 定义AOP扫描路径
* 第一个注解只扫描aopTest方法
*/
@Pointcut("@annotation(com.elink.esua.epdc.annotation.ReportData)")
public void ScreenPopulation() {
}
/**
* 前置
*/
@Before("ScreenPopulation()")
public void deBefore(JoinPoint joinPoint) {
HttpServletRequest request = currentRequest();
if (Objects.isNull(request)) {
logger.info("without request, skip");
return;
}
// 从header中获取token
String headerAccessToken = request.getHeader(Constant.ACCESS_TOKEN);
// 如果header中不存在token,则从参数中获取token
if(StringUtils.isBlank(headerAccessToken)){
headerAccessToken = request.getParameter(Constant.ACCESS_TOKEN);
if(StringUtils.isBlank(headerAccessToken)){
throw new RenException(ErrorCode.ACCESS_TOKEN_NOT_EMPTY);
}
}
// 从header中获取Timestamp
String ts = request.getHeader(Constant.TIMESTAMP);
if (StringUtils.isBlank(ts)) {
ts = request.getParameter(Constant.TIMESTAMP);
if(StringUtils.isBlank(ts)){
throw new RenException(ErrorCode.TIMESTAMP_NOT_EMPTY);
}
}
// 校验AccessToken
String accessToken = MD5Util.getMD5(screenPopulationProperties.getScreenAppId().concat(ts));
if (!headerAccessToken.equals(accessToken)) {
throw new RenException(ErrorCode.ACCESS_TOKEN_INVALID);
}
return;
}
/**
* Return request current thread bound or null if none bound.
*
* @return Current request or null
*/
private HttpServletRequest currentRequest() {
// Use getRequestAttributes because of its return null if none bound
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
return Optional.ofNullable(servletRequestAttributes).map(ServletRequestAttributes::getRequest).orElse(null);
}
}

2
esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java

@ -1,6 +1,6 @@
package com.elink.esua.epdc.controller;
import com.elink.esua.epdc.commons.tools.annotation.ReportData;
import com.elink.esua.epdc.annotation.ReportData;
import com.elink.esua.epdc.commons.tools.utils.Result;
import com.elink.esua.epdc.commons.tools.validator.ValidatorUtils;
import com.elink.esua.epdc.dto.DeptOption;

8
esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml

@ -145,4 +145,10 @@ rocketmq:
group: @rocketmq.producer.group@
consumer:
group: @rocketmq.consumer.group@
points-group: @rocketmq.consumer.points.group@
points-group: @rocketmq.consumer.points.group@
js:
screen:
population:
screenAppId: 9ce9fc63460401e7a3b3a6cab3b9c126
Loading…
Cancel
Save