11 changed files with 268 additions and 5 deletions
@ -0,0 +1,29 @@ |
|||
package com.elink.esua.epdc.commons.tools.properties; |
|||
|
|||
import org.springframework.boot.context.properties.ConfigurationProperties; |
|||
import org.springframework.context.annotation.Configuration; |
|||
|
|||
/** |
|||
* 党群e事通接口配置 |
|||
* |
|||
* @Author:songyunpeng |
|||
* @Date:2020/8/20 13:22 |
|||
*/ |
|||
@Configuration |
|||
@ConfigurationProperties(prefix = "js.screen.population") |
|||
public class ScreenPopulationProperties { |
|||
|
|||
|
|||
/** |
|||
* 锦水居民信息采集大屏接口appId |
|||
*/ |
|||
private String screenAppId; |
|||
|
|||
public String getScreenAppId() { |
|||
return screenAppId; |
|||
} |
|||
|
|||
public void setScreenAppId(String screenAppId) { |
|||
this.screenAppId = screenAppId; |
|||
} |
|||
} |
@ -0,0 +1,93 @@ |
|||
package com.elink.esua.epdc.commons.tools.utils; |
|||
|
|||
import java.io.File; |
|||
import java.io.FileInputStream; |
|||
import java.io.IOException; |
|||
import java.io.UnsupportedEncodingException; |
|||
import java.security.MessageDigest; |
|||
import java.security.NoSuchAlgorithmException; |
|||
|
|||
/** |
|||
* MD5加密生成摘要 |
|||
* |
|||
* @Author:liuchuang |
|||
* @Date:2020/8/25 17:27 |
|||
*/ |
|||
public class MD5Util { |
|||
|
|||
/** |
|||
* 对一段String生成MD5加密信息 |
|||
* |
|||
* @param message 要加密的String |
|||
* @return java.lang.String |
|||
* @author Liuchuang |
|||
* @since 2020/8/26 9:56 |
|||
*/ |
|||
public static String getMD5(String message) { |
|||
try { |
|||
MessageDigest md = MessageDigest.getInstance("MD5"); |
|||
byte[] b = md.digest(message.getBytes("utf-8")); |
|||
return byteToHexStringSingle(b); |
|||
} catch (NoSuchAlgorithmException e) { |
|||
e.printStackTrace(); |
|||
} catch (UnsupportedEncodingException e) { |
|||
e.printStackTrace(); |
|||
} |
|||
return null; |
|||
} |
|||
|
|||
/** |
|||
* 对文件全文生成MD5摘要 |
|||
* |
|||
* @param file 要加密的文件 |
|||
* @return java.lang.String |
|||
* @author Liuchuang |
|||
* @since 2020/8/26 9:58 |
|||
*/ |
|||
public static String getMD5(File file) { |
|||
FileInputStream fis = null; |
|||
try { |
|||
MessageDigest md = MessageDigest.getInstance("MD5"); |
|||
fis = new FileInputStream(file); |
|||
byte[] buffer = new byte[2048]; |
|||
int length = -1; |
|||
long s = System.currentTimeMillis(); |
|||
while ((length = fis.read(buffer)) != -1) { |
|||
md.update(buffer, 0, length); |
|||
} |
|||
byte[] b = md.digest(); |
|||
return byteToHexStringSingle(b); |
|||
} catch (Exception ex) { |
|||
ex.printStackTrace(); |
|||
return null; |
|||
} finally { |
|||
try { |
|||
fis.close(); |
|||
} catch (IOException ex) { |
|||
ex.printStackTrace(); |
|||
} |
|||
} |
|||
} |
|||
|
|||
/** |
|||
* 独立把byte[]数组转换成十六进制字符串表示形式 |
|||
* |
|||
* @param byteArray |
|||
* @return java.lang.String |
|||
* @author Liuchuang |
|||
* @since 2020/8/26 9:59 |
|||
*/ |
|||
public static String byteToHexStringSingle(byte[] byteArray) { |
|||
StringBuffer md5StrBuff = new StringBuffer(); |
|||
for (int i = 0; i < byteArray.length; i++) { |
|||
if (Integer.toHexString(0xFF & byteArray[i]).length() == 1) { |
|||
md5StrBuff.append("0").append( |
|||
Integer.toHexString(0xFF & byteArray[i])); |
|||
} else { |
|||
md5StrBuff.append(Integer.toHexString(0xFF & byteArray[i])); |
|||
} |
|||
} |
|||
|
|||
return md5StrBuff.toString(); |
|||
} |
|||
} |
@ -0,0 +1,15 @@ |
|||
package com.elink.esua.epdc.annotation; |
|||
|
|||
import java.lang.annotation.*; |
|||
|
|||
/** |
|||
* 居民信息采集 - 接口验证 |
|||
* |
|||
* @author Liuchuang |
|||
* @since 2020/8/25 17:09 |
|||
*/ |
|||
@Target(ElementType.METHOD) |
|||
@Retention(RetentionPolicy.RUNTIME) |
|||
@Documented |
|||
public @interface ReportData { |
|||
} |
@ -0,0 +1,97 @@ |
|||
package com.elink.esua.epdc.aspect; |
|||
|
|||
import com.elink.esua.epdc.commons.tools.constant.Constant; |
|||
import com.elink.esua.epdc.commons.tools.exception.ErrorCode; |
|||
import com.elink.esua.epdc.commons.tools.exception.RenException; |
|||
import com.elink.esua.epdc.commons.tools.properties.ScreenPopulationProperties; |
|||
import com.elink.esua.epdc.commons.tools.utils.MD5Util; |
|||
import org.apache.commons.lang3.StringUtils; |
|||
import org.apache.logging.log4j.LogManager; |
|||
import org.apache.logging.log4j.Logger; |
|||
import org.aspectj.lang.JoinPoint; |
|||
import org.aspectj.lang.annotation.Aspect; |
|||
import org.aspectj.lang.annotation.Before; |
|||
import org.aspectj.lang.annotation.Pointcut; |
|||
import org.springframework.beans.factory.annotation.Autowired; |
|||
import org.springframework.stereotype.Component; |
|||
import org.springframework.web.context.request.RequestContextHolder; |
|||
import org.springframework.web.context.request.ServletRequestAttributes; |
|||
|
|||
import javax.servlet.http.HttpServletRequest; |
|||
import java.util.Objects; |
|||
import java.util.Optional; |
|||
|
|||
/** |
|||
* 居民信息大屏接口验证 |
|||
* |
|||
* @author songyunpeng |
|||
* @Date 20-04-28 |
|||
*/ |
|||
@Aspect |
|||
@Component |
|||
public class ScreenPopulationAop { |
|||
|
|||
@Autowired |
|||
private ScreenPopulationProperties screenPopulationProperties; |
|||
|
|||
/** |
|||
* 使用org.slf4j.Logger,这是Spring实现日志的方法 |
|||
*/ |
|||
private final Logger logger = LogManager.getLogger(getClass()); |
|||
|
|||
/** |
|||
* 定义AOP扫描路径 |
|||
* 第一个注解只扫描aopTest方法 |
|||
*/ |
|||
@Pointcut("@annotation(com.elink.esua.epdc.annotation.ReportData)") |
|||
public void ScreenPopulation() { |
|||
} |
|||
|
|||
/** |
|||
* 前置 |
|||
*/ |
|||
@Before("ScreenPopulation()") |
|||
public void deBefore(JoinPoint joinPoint) { |
|||
HttpServletRequest request = currentRequest(); |
|||
if (Objects.isNull(request)) { |
|||
logger.info("without request, skip"); |
|||
return; |
|||
} |
|||
// 从header中获取token
|
|||
String headerAccessToken = request.getHeader(Constant.ACCESS_TOKEN); |
|||
// 如果header中不存在token,则从参数中获取token
|
|||
if(StringUtils.isBlank(headerAccessToken)){ |
|||
headerAccessToken = request.getParameter(Constant.ACCESS_TOKEN); |
|||
if(StringUtils.isBlank(headerAccessToken)){ |
|||
throw new RenException(ErrorCode.ACCESS_TOKEN_NOT_EMPTY); |
|||
} |
|||
} |
|||
|
|||
// 从header中获取Timestamp
|
|||
String ts = request.getHeader(Constant.TIMESTAMP); |
|||
if (StringUtils.isBlank(ts)) { |
|||
ts = request.getParameter(Constant.TIMESTAMP); |
|||
if(StringUtils.isBlank(ts)){ |
|||
throw new RenException(ErrorCode.TIMESTAMP_NOT_EMPTY); |
|||
} |
|||
} |
|||
|
|||
// 校验AccessToken
|
|||
String accessToken = MD5Util.getMD5(screenPopulationProperties.getScreenAppId().concat(ts)); |
|||
if (!headerAccessToken.equals(accessToken)) { |
|||
throw new RenException(ErrorCode.ACCESS_TOKEN_INVALID); |
|||
} |
|||
return; |
|||
} |
|||
/** |
|||
* Return request current thread bound or null if none bound. |
|||
* |
|||
* @return Current request or null |
|||
*/ |
|||
private HttpServletRequest currentRequest() { |
|||
// Use getRequestAttributes because of its return null if none bound
|
|||
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); |
|||
return Optional.ofNullable(servletRequestAttributes).map(ServletRequestAttributes::getRequest).orElse(null); |
|||
} |
|||
|
|||
} |
Loading…
Reference in new issue