调整完了openApi参数模式，待测试

4 years ago · 8de86b0716
17 changed files with 121 additions and 108 deletions
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/HeaderFieldKeys.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/HeaderFieldKeys.java
@ -1,7 +0,0 @@
-package com.epmet.openapi;
-
-public interface HeaderFieldKeys {
-
-    String APP_ID = "AppId";
-
-}
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/RequestBodyFieldKeys.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/RequestBodyFieldKeys.java
@ -1,10 +0,0 @@
-package com.epmet.openapi;
-
-/**
- * 请求体字段key
- */
-public interface RequestBodyFieldKeys {
-
-    String APP_ID = "appId";
-
-}
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/RequestParamKeys.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/RequestParamKeys.java
@ -1,11 +0,0 @@
-package com.epmet.openapi;
-
-/**
- * url请求参数key
- */
-public class RequestParamKeys {
-
-    public static String APP_ID = "app_id";
-    public static String AUTH_TYPE = "auth_type";
-
-}
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/AuthTypes.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/AuthTypes.java
@ -0,0 +1,8 @@
+package com.epmet.openapi.constant;
+
+/**
+ * 认证方式
+ */
+public interface AuthTypes {
+    String TAKE_TOKEN = "take_token";
+}
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/InClusterHeaderKeys.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/InClusterHeaderKeys.java
@ -0,0 +1,10 @@
+package com.epmet.openapi.constant;
+
+/**
+ * 集群内的Header key
+ */
+public interface InClusterHeaderKeys {
+
+    String APP_ID = "AppId";
+
+}
--- a/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/RequestParamKeys.java
+++ b/epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/RequestParamKeys.java
@ -0,0 +1,14 @@
+package com.epmet.openapi.constant;
+
+/**
+ * url请求参数key
+ */
+public class RequestParamKeys {
+
+    public static String APP_ID = "app_id";
+    public static String AUTH_TYPE = "auth_type";
+    public static String TIMESTAMP = "timestamp";
+    public static String SIGN = "sign";
+    public static String NONCE = "nonce";
+
+}
--- a/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java
+++ b/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java
@ -17,7 +17,7 @@ public class OpenApiSignUtils {
    */
    public static String createSign(Map<String, String> contentMap, String signKey) {
        String str2beSigned = mapToSignStr(contentMap);
-        str2beSigned = str2beSigned.concat("&signKey=").concat(signKey);
+        str2beSigned = str2beSigned.concat("&sign_key=").concat(signKey);
        return Md5Util.md5(str2beSigned);
    }

@ -68,15 +68,21 @@ public class OpenApiSignUtils {
        long now = System.currentTimeMillis();
        System.out.println(now);

+        String uuid = UUID.randomUUID().toString();
+
        HashMap<String, String> content = new HashMap<>();
-        content.put("appId", "7d98b8af2d05752b4225709c4cfd4bd0");
+        content.put("app_id", "7d98b8af2d05752b4225709c4cfd4bd0");
        content.put("timestamp", String.valueOf(now));
-        content.put("nonce", "aaa");
+        content.put("nonce", uuid);
+        content.put("auth_type", "take_token");

        String secret = "3209ee9f41704482be1a1fb5873a25376f2899191ca846119d44168316bc3e44";

        String sign = createSign(content, secret);
-        System.out.println(sign);
+
+        System.out.println("时间戳:" + now);
+        System.out.println("随机数:" + uuid);
+        System.out.println("签名：" + sign);
    }

    private static void generateGetOrgDetailSign() {
@ -90,6 +96,7 @@ public class OpenApiSignUtils {
        content.put("test", null);
        content.put("timestamp", String.valueOf(now));
        content.put("nonce", uuid);
+        content.put("auth_type", "take_token");

        String secret = "3209ee9f41704482be1a1fb5873a25376f2899191ca846119d44168316bc3e44";

--- a/epmet-gateway/pom.xml
+++ b/epmet-gateway/pom.xml
@ -76,6 +76,11 @@
            <version>2.0.0</version>
            <scope>compile</scope>
        </dependency>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-openapi</artifactId>
+            <version>2.0.0</version>
+        </dependency>
    </dependencies>

    <build>
@ -237,8 +242,8 @@

                <!-- redis配置 -->
                <spring.redis.index>0</spring.redis.index>
-                <spring.redis.host>192.168.1.130</spring.redis.host>
-                <spring.redis.port>6379</spring.redis.port>
+                <spring.redis.host>118.190.150.119</spring.redis.host>
+                <spring.redis.port>47379</spring.redis.port>
                <spring.redis.password>123456</spring.redis.password>
                <!-- nacos -->
                <nacos.register-enabled>false</nacos.register-enabled>
@ -309,8 +314,8 @@
 <!--                   <gateway.routes.gov-project-server.uri>http://localhost:8102</gateway.routes.gov-project-server.uri>-->
                <gateway.routes.gov-project-server.uri>lb://gov-project-server</gateway.routes.gov-project-server.uri>
                <!--  24、公共服务              -->
-                <gateway.routes.common-service-server.uri>lb://common-service-server</gateway.routes.common-service-server.uri>
-<!--                <gateway.routes.common-service-server.uri>http://localhost:8103</gateway.routes.common-service-server.uri>-->
+                <!--<gateway.routes.common-service-server.uri>lb://common-service-server</gateway.routes.common-service-server.uri>-->
+                <gateway.routes.common-service-server.uri>http://localhost:8103</gateway.routes.common-service-server.uri>
                <!--  25、党建园地              -->
                <gateway.routes.resi-home-server.uri>lb://resi-home-server</gateway.routes.resi-home-server.uri>
                <!--                <gateway.routes.resi-home-server.uri>http://localhost:8104</gateway.routes.resi-home-server.uri>-->
--- a/epmet-gateway/src/main/java/com/epmet/auth/ExtAppFetchTokenAuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/ExtAppFetchTokenAuthProcessor.java
@ -9,6 +9,8 @@ import com.epmet.commons.tools.redis.RedisUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.utils.SpringContextUtils;
 import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
+import com.epmet.openapi.constant.InClusterHeaderKeys;
+import com.epmet.openapi.constant.RequestParamKeys;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import org.apache.commons.lang3.StringUtils;
@ -28,12 +30,6 @@ public class ExtAppFetchTokenAuthProcessor extends ExtAppAuthProcessor {

    @Override
    public void auth(String appId, String token, Long ts, ServerWebExchange exchange) {
-        // 1.token过期校验
-        if (StringUtils.isBlank(appId)) {
-            throw new RenException(EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getCode(),
-                    EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getMsg());
-        }
-
        String secret = getSecret(appId);

        if (jwtTokenUtils.isTokenExpired(jwtTokenUtils.getExpiration(token, secret))) {
@ -47,7 +43,7 @@ public class ExtAppFetchTokenAuthProcessor extends ExtAppAuthProcessor {

        // 2. 获取claims
        Claims claims = jwtTokenUtils.getClaimByToken(token, secret);
-        String appIdInAccessToken = claims.get("appId", String.class);
+        String appIdInAccessToken = claims.get(RequestParamKeys.APP_ID, String.class);

        if (!appId.equals(appIdInAccessToken)) {
            // 参数列表的appId和token中封装的不一致
@ -57,13 +53,13 @@ public class ExtAppFetchTokenAuthProcessor extends ExtAppAuthProcessor {

        // 3.将app_id放入header中
        ServerHttpRequest.Builder mutate = exchange.getRequest().mutate();
-        mutate.header("AppId", appId);
+        mutate.header(InClusterHeaderKeys.APP_ID, new String[]{appId});
        exchange.mutate().request(mutate.build()).build();
    }

    /**
-     * @Description 获取秘钥
     * @return
+     * @Description 获取秘钥
     * @author wxz
     * @date 2021.03.23 14:12
     */
--- a/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
@ -4,6 +4,8 @@ import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.filter.CpProperty;
+import com.epmet.openapi.constant.AuthTypes;
+import com.epmet.openapi.constant.RequestParamKeys;
 import com.epmet.utils.ServerHttpRequestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@ -40,9 +42,6 @@ public class ExternalAuthProcessor extends AuthProcessor {
    public static final String APP_AUTH_TYPE_JWT = "jwt";
    // 调用方生成md5
    public static final String APP_AUTH_TYPE_MD5 = "md5";
-    // 获取token方式
-    public static final String APP_AUTH_TYPE_FETCH_TOKEN = "fetchToken";
-

    @Autowired
    private ExtAppJwtAuthProcessor jwtAuthProcessor;
@ -89,7 +88,7 @@ public class ExternalAuthProcessor extends AuthProcessor {
        String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY);
        String ts = headers.getFirst(APP_ID_TIMESTAMP_KEY);
        String customerId = headers.getFirst(APP_ID_CUSTOMER_ID_KEY);
-        String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
+        String authType = getAuthType(headers, request);

        logger.info("外部应用请求认证拦截Aspect执行,token:{}, ts:{}, customerId:{}, authType:{}",
                token, ts, customerId, authType);
@ -108,11 +107,10 @@ public class ExternalAuthProcessor extends AuthProcessor {
                    throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空");
                }
                md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
-            } else if (APP_AUTH_TYPE_FETCH_TOKEN.equals(authType)) {
-                String paramName = "app_id";
-                String appId = ServerHttpRequestUtils.getRequestParam(request, paramName);
+            } else if (AuthTypes.TAKE_TOKEN.equals(authType)) {
+                String appId = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.APP_ID);
                if (StringUtils.isBlank(appId)) {
-                    throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_MISSING.getCode(),"缺少参数".concat(paramName));
+                    throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_MISSING.getCode(),"缺少参数".concat(RequestParamKeys.APP_ID));
                }
                fetchTokenAuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
            } else {
@ -129,4 +127,12 @@ public class ExternalAuthProcessor extends AuthProcessor {

        return exchange;
    }
+
+    private String getAuthType(HttpHeaders headers, ServerHttpRequest request) {
+        String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE);
+        if (StringUtils.isBlank(authType)) {
+            authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
+        }
+        return authType;
+    }
 }
--- a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
@ -10,6 +10,8 @@ import com.epmet.commons.tools.utils.IpUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.constant.AuthTypeConstant;
 import com.epmet.constant.TokenHeaderKeyConstant;
+import com.epmet.openapi.constant.AuthTypes;
+import com.epmet.openapi.constant.RequestParamKeys;
 import com.epmet.utils.ServerHttpRequestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@ -112,8 +114,8 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 		//	}
 		//}

-		String authType = ServerHttpRequestUtils.getRequestParam(request, RequestBodyField.);
-		if (StringUtils.isNotBlank(authType) && ExternalAuthProcessor.APP_AUTH_TYPE_FETCH_TOKEN.equals(authType)) {
+		String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE);
+		if (StringUtils.isNotBlank(authType) && AuthTypes.TAKE_TOKEN.equals(authType)) {
 			return AuthTypeConstant.AUTH_TYPE_EXTERNAL;
 		}

--- a/epmet-module/epmet-common-service/common-service-server/pom.xml
+++ b/epmet-module/epmet-common-service/common-service-server/pom.xml
@ -150,7 +150,7 @@

                <!-- 数据库配置-->
                <spring.datasource.druid.url>
-                    <![CDATA[jdbc:mysql://192.168.1.130:3306/epmet_common_service?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai]]>
+                    <![CDATA[jdbc:mysql://118.190.150.119:47306/epmet_common_service?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai]]>
                </spring.datasource.druid.url>
                <!--                <spring.datasource.druid.username>root</spring.datasource.druid.username>-->
                <!--                <spring.datasource.druid.password>root</spring.datasource.druid.password>-->
@ -158,8 +158,8 @@
                <spring.datasource.druid.password>EpmEt-db-UsEr</spring.datasource.druid.password>
                <!-- redis配置 -->
                <spring.redis.index>0</spring.redis.index>
-                <spring.redis.host>192.168.1.130</spring.redis.host>
-                <spring.redis.port>6379</spring.redis.port>
+                <spring.redis.host>118.190.150.119</spring.redis.host>
+                <spring.redis.port>47379</spring.redis.port>
                <spring.redis.password>123456</spring.redis.password>
                <!-- nacos -->
                <nacos.register-enabled>false</nacos.register-enabled>
--- a/epmet-module/epmet-ext/epmet-ext-client/src/main/java/com/epmet/dto/form/AccessTokenFormDTO.java
+++ b/epmet-module/epmet-ext/epmet-ext-client/src/main/java/com/epmet/dto/form/AccessTokenFormDTO.java
@ -1,14 +0,0 @@
-package com.epmet.dto.form;
-
-import com.epmet.dto.form.openapi.OpenApiBaseFormDTO;
-import lombok.Data;
-
-import javax.validation.constraints.NotBlank;
-
-@Data
-public class AccessTokenFormDTO extends OpenApiBaseFormDTO {
-
-    // 应用id
-    @NotBlank(message = "AppId字段不能为空", groups = { GetAccessTokenGroup.class })
-    private String appId;
-}
--- a/epmet-module/epmet-ext/epmet-ext-server/pom.xml
+++ b/epmet-module/epmet-ext/epmet-ext-server/pom.xml
@ -21,6 +21,11 @@
    </properties>

    <dependencies>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-openapi</artifactId>
+            <version>2.0.0</version>
+        </dependency>
        <dependency>
            <groupId>com.epmet</groupId>
            <artifactId>common-service-client</artifactId>
@ -239,14 +244,14 @@

                <!-- 数据库配置-->
                <spring.datasource.druid.url>
-                    <![CDATA[jdbc:mysql://192.168.1.130:3306/epmet_third?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai]]>
+                    <![CDATA[jdbc:mysql://118.190.150.119:47306/epmet_third?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai]]>
                </spring.datasource.druid.url>
                <spring.datasource.druid.username>epmet_third_user</spring.datasource.druid.username>
                <spring.datasource.druid.password>EpmEt-db-UsEr</spring.datasource.druid.password>
                <!-- redis配置 -->
                <spring.redis.index>0</spring.redis.index>
-                <spring.redis.host>192.168.1.130</spring.redis.host>
-                <spring.redis.port>6379</spring.redis.port>
+                <spring.redis.host>118.190.150.119</spring.redis.host>
+                <spring.redis.port>47379</spring.redis.port>
                <spring.redis.password>123456</spring.redis.password>
                <!-- nacos -->
                <nacos.register-enabled>false</nacos.register-enabled>
--- a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java
+++ b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java
@ -9,6 +9,7 @@ import com.epmet.commons.tools.redis.RedisUtils;
 import com.epmet.commons.tools.utils.ConvertUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
+import com.epmet.openapi.constant.RequestParamKeys;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
@ -31,6 +32,7 @@ import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.lang.reflect.Parameter;
 import java.util.Arrays;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;

@ -66,25 +68,40 @@ public class OpenApiRequestCheckAspect {
        Parameter[] parameters = method.getParameters();

        HttpServletRequest request = getRequest();
-        String appId = request.getHeader("AppId");

+        Map<String, String> argMap = new HashMap<>();
        for (int i = 0; i < parameters.length; i++) {
            if (parameters[i].isAnnotationPresent(RequestBody.class)) {
-                Map<String, String> argMap;
                try {
                    argMap = ConvertUtils.entityToMap(args[i]);
                } catch (Exception e) {
                    throw new RenException("验签参数转化发生异常");
                }

-                argMap.put("");
+                break;
+            }
+        }

-                if (!OpenApiSignUtils.checkSign(argMap, getSecret(appId))) {
+        fillRequestParamsInfoArgMap(argMap, request);
+        if (!OpenApiSignUtils.checkSign(argMap, getSecret(argMap.get(RequestParamKeys.APP_ID)))) {
            // 验签失败
            throw new RenException(EpmetErrorCode.OPEN_API_SIGN_ERROR.getCode());
        }
        checkRepeatRequest(argMap);
    }
+
+    private void fillRequestParamsInfoArgMap(Map<String, String> argMap, HttpServletRequest request) {
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.APP_ID);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.AUTH_TYPE);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.NONCE);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.TIMESTAMP);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.SIGN);
+    }
+
+    private void fillRequestParamsInfoArgMap(Map<String, String> argMap, HttpServletRequest request, String paramName) {
+        String paramValue = request.getParameter(paramName);
+        if (StringUtils.isNotBlank(paramName)) {
+            argMap.put(paramName, paramValue);
        }
    }

@ -93,7 +110,7 @@ public class OpenApiRequestCheckAspect {
     * @param argMap
     */
    void checkRepeatRequest(Map<String, String> argMap) {
-        String timestampStr = argMap.get("timestamp");
+        String timestampStr = argMap.get(RequestParamKeys.TIMESTAMP);
        if (StringUtils.isBlank(timestampStr)) {
            throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_MISSING.getCode());
        }
@ -104,13 +121,13 @@ public class OpenApiRequestCheckAspect {
            // 只允许1分钟之内的请求，允许服务器之间时差为1分钟
            throw new RenException(String.format("请求已过时，允许时差为%s ms", requestTimeDiff));
        }
-        String nonce = argMap.get("nonce");
+        String nonce = argMap.get(RequestParamKeys.NONCE);
        String nonceInCache = redisUtils.getString(RedisKeys.getOpenApiNonceKey(nonce));
        if (StringUtils.isNotBlank(nonceInCache)) {
            throw new RenException("请求重复");
        }
        //将nonce缓存到redis，有效期1分钟
-        redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), "1", requestTimeDiff);
+        redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeDiff);
    }

    /**
--- a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java
+++ b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java
@ -1,16 +1,11 @@
 package com.epmet.controller;

 import com.epmet.annotation.OpenApiCheckSign;
-import com.epmet.commons.security.sign.openapi.OpenApiSignUtils;
-import com.epmet.commons.tools.exception.EpmetErrorCode;
-import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.redis.RedisKeys;
 import com.epmet.commons.tools.redis.RedisUtils;
-import com.epmet.commons.tools.utils.ConvertUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.ValidatorUtils;
-import com.epmet.dto.form.AccessTokenFormDTO;
 import com.epmet.dto.form.openapi.OpenApiBaseFormDTO;
 import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
 import com.epmet.service.OpenApiAccessTokenService;
@ -18,13 +13,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-import java.beans.IntrospectionException;
-import java.lang.reflect.InvocationTargetException;
+import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("open-api")
@ -49,12 +38,8 @@ public class OpenApiAccessTokenController {
    */
    @OpenApiCheckSign
    @PostMapping("get-access-token")
-    public Result<String> getAccessToken(@RequestBody AccessTokenFormDTO input) {
-        // 1.校验参数
-        ValidatorUtils.validateEntity(input, OpenApiBaseFormDTO.GetAccessTokenGroup.class);
-        String appId = input.getAppId();
-
-        // 2.取secret
+    public Result<String> getAccessToken(@RequestParam("app_id") String appId) {
+        // 1.取secret
        String secret = (String)redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
        if (StringUtils.isBlank(secret)) {
            Result<String> result = commonServiceOpenFeignClient.getSecret(appId);
@ -68,7 +53,7 @@ public class OpenApiAccessTokenController {
            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
        }

-        //4.生成token
+        //2.生成token
        String accessToken = openApiAccessTokenService.getAccessToken(appId, secret);
        return new Result<String>().ok(accessToken);
    }
--- a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/service/impl/OpenApiAccessTokenServiceImpl.java
+++ b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/service/impl/OpenApiAccessTokenServiceImpl.java
@ -30,7 +30,7 @@ public class OpenApiAccessTokenServiceImpl implements OpenApiAccessTokenService
        String token = jwtTokenUtils.createToken(claim, openApiConfig.getAccessTokenExpire(), secret);

        // 缓存token
-        redisUtils.set(RedisKeys.getOpenApiAccessTokenKey(token), appId, openApiConfig.getAccessTokenExpire());
+        redisUtils.set(RedisKeys.getOpenApiAccessTokenKey(appId), token, openApiConfig.getAccessTokenExpire());

        return token;
    }