From b8acd62c5fce3bec27b4eccc868e027dd0f66483 Mon Sep 17 00:00:00 2001 From: songyunpeng Date: Thu, 17 Sep 2020 10:43:46 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=A7=E5=B1=8F=E5=B1=85=E6=B0=91=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=E6=8E=A5=E5=8F=A3-=E8=AF=B7=E6=B1=82=E5=A4=B4?= =?UTF-8?q?=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../epdc/commons/tools/constant/Constant.java | 10 ++ .../commons/tools/exception/ErrorCode.java | 4 + .../ScreenPopulationProperties.java | 29 ++++++ .../epdc/commons/tools/utils/MD5Util.java | 93 ++++++++++++++++++ .../i18n/messages_common_en_US.properties | 5 +- .../i18n/messages_common_zh_CN.properties | 5 +- .../i18n/messages_common_zh_TW.properties | 5 +- .../esua/epdc/annotation/ReportData.java | 15 +++ .../esua/epdc/aspect/ScreenPopulationAop.java | 97 +++++++++++++++++++ .../ApiScreenPopulationController.java | 2 +- .../src/main/resources/application.yml | 8 +- 11 files changed, 268 insertions(+), 5 deletions(-) create mode 100644 esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java create mode 100644 esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java create mode 100644 esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java create mode 100644 esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java index 8091e94f..8e432560 100644 --- a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/constant/Constant.java @@ -119,4 +119,14 @@ public interface Constant { * 动作记录时机 后 */ String BEHAVIOR_RECORDING_TIME_AFTER = "1"; + + /** + * AccessToken header + */ + String ACCESS_TOKEN = "AccessToken"; + + /** + * 时间戳 + */ + String TIMESTAMP = "Timestamp"; } diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java index 097b9eff..d9ec13d3 100644 --- a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/exception/ErrorCode.java @@ -40,4 +40,8 @@ public interface ErrorCode { int JSON_FORMAT_ERROR = 10016; int PARSING_ERROR = 10017; int INVALID_ERROR = 10018; + int ACCESS_TOKEN_NOT_EMPTY = 10022; + int ACCESS_TOKEN_INVALID = 10023; + int TIMESTAMP_NOT_EMPTY = 10024; + } diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java new file mode 100644 index 00000000..0ff89ec1 --- /dev/null +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/properties/ScreenPopulationProperties.java @@ -0,0 +1,29 @@ +package com.elink.esua.epdc.commons.tools.properties; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +/** + * 党群e事通接口配置 + * + * @Author:songyunpeng + * @Date:2020/8/20 13:22 + */ +@Configuration +@ConfigurationProperties(prefix = "js.screen.population") +public class ScreenPopulationProperties { + + + /** + * 锦水居民信息采集大屏接口appId + */ + private String screenAppId; + + public String getScreenAppId() { + return screenAppId; + } + + public void setScreenAppId(String screenAppId) { + this.screenAppId = screenAppId; + } +} diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java new file mode 100644 index 00000000..b4a5833f --- /dev/null +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/MD5Util.java @@ -0,0 +1,93 @@ +package com.elink.esua.epdc.commons.tools.utils; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +/** + * MD5加密生成摘要 + * + * @Author:liuchuang + * @Date:2020/8/25 17:27 + */ +public class MD5Util { + + /** + * 对一段String生成MD5加密信息 + * + * @param message 要加密的String + * @return java.lang.String + * @author Liuchuang + * @since 2020/8/26 9:56 + */ + public static String getMD5(String message) { + try { + MessageDigest md = MessageDigest.getInstance("MD5"); + byte[] b = md.digest(message.getBytes("utf-8")); + return byteToHexStringSingle(b); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } + return null; + } + + /** + * 对文件全文生成MD5摘要 + * + * @param file 要加密的文件 + * @return java.lang.String + * @author Liuchuang + * @since 2020/8/26 9:58 + */ + public static String getMD5(File file) { + FileInputStream fis = null; + try { + MessageDigest md = MessageDigest.getInstance("MD5"); + fis = new FileInputStream(file); + byte[] buffer = new byte[2048]; + int length = -1; + long s = System.currentTimeMillis(); + while ((length = fis.read(buffer)) != -1) { + md.update(buffer, 0, length); + } + byte[] b = md.digest(); + return byteToHexStringSingle(b); + } catch (Exception ex) { + ex.printStackTrace(); + return null; + } finally { + try { + fis.close(); + } catch (IOException ex) { + ex.printStackTrace(); + } + } + } + + /** + * 独立把byte[]数组转换成十六进制字符串表示形式 + * + * @param byteArray + * @return java.lang.String + * @author Liuchuang + * @since 2020/8/26 9:59 + */ + public static String byteToHexStringSingle(byte[] byteArray) { + StringBuffer md5StrBuff = new StringBuffer(); + for (int i = 0; i < byteArray.length; i++) { + if (Integer.toHexString(0xFF & byteArray[i]).length() == 1) { + md5StrBuff.append("0").append( + Integer.toHexString(0xFF & byteArray[i])); + } else { + md5StrBuff.append(Integer.toHexString(0xFF & byteArray[i])); + } + } + + return md5StrBuff.toString(); + } +} diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties index 85737691..13e2388d 100644 --- a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_en_US.properties @@ -19,4 +19,7 @@ 10015=Please delete the user under the department first 10016=The parameter format is incorrect. Please use JSON format. 10017=Parsing {0} error -10018=Invalid {0} \ No newline at end of file +10018=Invalid {0} +10022=AccessToken cannot be empty +10024=Timestamp cannot be empty +10023=AccessToken is invalid diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties index 59f765d9..4832fe39 100644 --- a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_CN.properties @@ -19,4 +19,7 @@ 10015=\u8BF7\u5148\u5220\u9664\u90E8\u95E8\u4E0B\u7684\u7528\u6237 10016=\u53C2\u6570\u683C\u5F0F\u4E0D\u6B63\u786E\uFF0C\u8BF7\u4F7F\u7528JSON\u683C\u5F0F 10017=\u89E3\u6790{0}\u51FA\u9519 -10018=\u65E0\u6548\u7684{0} \ No newline at end of file +10018=\u65E0\u6548\u7684{0} +10022=AccessToken\u4E0D\u80FD\u4E3A\u7A7A +10024=Timestamp\u4E0D\u80FD\u4E3A\u7A7A +10023=AccessToken\u65E0\u6548 \ No newline at end of file diff --git a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties index aedf1184..3083339a 100644 --- a/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties +++ b/esua-epdc/epdc-commons/epdc-commons-tools/src/main/resources/i18n/messages_common_zh_TW.properties @@ -19,4 +19,7 @@ 10015=\u8ACB\u5148\u522A\u9664\u90E8\u9580\u4E0B\u7684\u7528\u6236 10016=\u53C3\u6578\u683C\u5F0F\u4E0D\u6B63\u78BA\uFF0C\u8ACB\u4F7F\u7528JSON\u683C\u5F0F 10017=\u89E3\u6790{0}\u51FA\u932F -10018=\u7121\u6548\u7684{0} \ No newline at end of file +10018=\u7121\u6548\u7684{0} +10022=AccessToken\u4E0D\u80FD\u70BA\u7A7A +10024=Timestamp\u4E0D\u80FD\u70BA\u7A7A +10023=AccessToken\u65E0\u6548 \ No newline at end of file diff --git a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java new file mode 100644 index 00000000..5caa3cbf --- /dev/null +++ b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/ReportData.java @@ -0,0 +1,15 @@ +package com.elink.esua.epdc.annotation; + +import java.lang.annotation.*; + +/** + * 居民信息采集 - 接口验证 + * + * @author Liuchuang + * @since 2020/8/25 17:09 + */ +@Target(ElementType.METHOD) +@Retention(RetentionPolicy.RUNTIME) +@Documented +public @interface ReportData { +} diff --git a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java new file mode 100644 index 00000000..5d94acd1 --- /dev/null +++ b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/aspect/ScreenPopulationAop.java @@ -0,0 +1,97 @@ +package com.elink.esua.epdc.aspect; + +import com.elink.esua.epdc.commons.tools.constant.Constant; +import com.elink.esua.epdc.commons.tools.exception.ErrorCode; +import com.elink.esua.epdc.commons.tools.exception.RenException; +import com.elink.esua.epdc.commons.tools.properties.ScreenPopulationProperties; +import com.elink.esua.epdc.commons.tools.utils.MD5Util; +import org.apache.commons.lang3.StringUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.aspectj.lang.JoinPoint; +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.annotation.Before; +import org.aspectj.lang.annotation.Pointcut; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.servlet.http.HttpServletRequest; +import java.util.Objects; +import java.util.Optional; + +/** + * 居民信息大屏接口验证 + * + * @author songyunpeng + * @Date 20-04-28 + */ +@Aspect +@Component +public class ScreenPopulationAop { + + @Autowired + private ScreenPopulationProperties screenPopulationProperties; + + /** + * 使用org.slf4j.Logger,这是Spring实现日志的方法 + */ + private final Logger logger = LogManager.getLogger(getClass()); + + /** + * 定义AOP扫描路径 + * 第一个注解只扫描aopTest方法 + */ + @Pointcut("@annotation(com.elink.esua.epdc.annotation.ReportData)") + public void ScreenPopulation() { + } + + /** + * 前置 + */ + @Before("ScreenPopulation()") + public void deBefore(JoinPoint joinPoint) { + HttpServletRequest request = currentRequest(); + if (Objects.isNull(request)) { + logger.info("without request, skip"); + return; + } + // 从header中获取token + String headerAccessToken = request.getHeader(Constant.ACCESS_TOKEN); + // 如果header中不存在token,则从参数中获取token + if(StringUtils.isBlank(headerAccessToken)){ + headerAccessToken = request.getParameter(Constant.ACCESS_TOKEN); + if(StringUtils.isBlank(headerAccessToken)){ + throw new RenException(ErrorCode.ACCESS_TOKEN_NOT_EMPTY); + } + } + + // 从header中获取Timestamp + String ts = request.getHeader(Constant.TIMESTAMP); + if (StringUtils.isBlank(ts)) { + ts = request.getParameter(Constant.TIMESTAMP); + if(StringUtils.isBlank(ts)){ + throw new RenException(ErrorCode.TIMESTAMP_NOT_EMPTY); + } + } + + // 校验AccessToken + String accessToken = MD5Util.getMD5(screenPopulationProperties.getScreenAppId().concat(ts)); + if (!headerAccessToken.equals(accessToken)) { + throw new RenException(ErrorCode.ACCESS_TOKEN_INVALID); + } + return; + } + /** + * Return request current thread bound or null if none bound. + * + * @return Current request or null + */ + private HttpServletRequest currentRequest() { + // Use getRequestAttributes because of its return null if none bound + ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); + return Optional.ofNullable(servletRequestAttributes).map(ServletRequestAttributes::getRequest).orElse(null); + } + +} diff --git a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java index 5bf9e0a6..81c39737 100644 --- a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java +++ b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/controller/ApiScreenPopulationController.java @@ -1,6 +1,6 @@ package com.elink.esua.epdc.controller; -import com.elink.esua.epdc.commons.tools.annotation.ReportData; +import com.elink.esua.epdc.annotation.ReportData; import com.elink.esua.epdc.commons.tools.utils.Result; import com.elink.esua.epdc.commons.tools.validator.ValidatorUtils; import com.elink.esua.epdc.dto.DeptOption; diff --git a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml index e23ebcdc..dedff174 100644 --- a/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml +++ b/esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml @@ -145,4 +145,10 @@ rocketmq: group: @rocketmq.producer.group@ consumer: group: @rocketmq.consumer.group@ - points-group: @rocketmq.consumer.points.group@ \ No newline at end of file + points-group: @rocketmq.consumer.points.group@ + + +js: + screen: + population: + screenAppId: 9ce9fc63460401e7a3b3a6cab3b9c126 \ No newline at end of file