diff --git a/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java b/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java index f96a3777bb..8551289868 100644 --- a/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java +++ b/epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java @@ -61,14 +61,15 @@ public class OpenApiSignUtils { public static void main(String[] args) { generateGetAccessTokenSign(); - //generateGetOrgDetailSign(); + System.out.println("=============="); + generateGetOrgDetailSign(); } private static void generateGetAccessTokenSign() { long now = System.currentTimeMillis(); System.out.println(now); - String uuid = UUID.randomUUID().toString(); + String uuid = UUID.randomUUID().toString().replace("-", ""); HashMap content = new HashMap<>(); content.put("app_id", "7d98b8af2d05752b4225709c4cfd4bd0"); @@ -87,7 +88,7 @@ public class OpenApiSignUtils { private static void generateGetOrgDetailSign() { long now = System.currentTimeMillis(); - String uuid = UUID.randomUUID().toString(); + String uuid = UUID.randomUUID().toString().replace("-", "");; System.out.println("时间戳:" + now); System.out.println("随机数:" + uuid); diff --git a/epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java b/epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java index 433b5ef01b..6b527dc074 100644 --- a/epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java +++ b/epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java @@ -19,6 +19,8 @@ import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.stereotype.Component; import org.springframework.web.server.ServerWebExchange; +import java.util.Date; + /** * 外部应用认证处理器:来平台token的方式 */ @@ -37,8 +39,11 @@ public class ExtAppTakeTokenAuthProcessor extends ExtAppAuthProcessor { // 1.过期验证 String accessTokenInCache = redisUtils.getString(RedisKeys.getOpenApiAccessTokenKey(appId)); + Date expiration = jwtTokenUtils.getExpiration(token, secret); if (StringUtils.isBlank(accessTokenInCache) || - jwtTokenUtils.isTokenExpired(jwtTokenUtils.getExpiration(token, secret))) { + expiration == null || + jwtTokenUtils.isTokenExpired(expiration) + ) { throw new RenException(EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getCode(), EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getMsg()); diff --git a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java index 3ef87a5c04..6661ac747d 100644 --- a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java +++ b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java @@ -47,6 +47,11 @@ public class OpenApiRequestCheckAspect { @Autowired private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient; + //请求时差单位:s + long requestTimeSecDiff = 120; + //请求时差,单位:ms + long requestTimeMillSecDiff = requestTimeSecDiff * 1000;//单位:ms + private static final Logger log = LoggerFactory.getLogger(DataFilterAspect.class); /** @@ -117,10 +122,10 @@ public class OpenApiRequestCheckAspect { } long timestamp = Long.valueOf(timestampStr).longValue(); long now = System.currentTimeMillis(); - long requestTimeDiff = 120000; - if (Math.abs(now - timestamp) > requestTimeDiff) { + + if (Math.abs(now - timestamp) > requestTimeMillSecDiff) { // 只允许1分钟之内的请求,允许服务器之间时差为1分钟 - throw new RenException(String.format("请求已过时,允许时差为%s ms", requestTimeDiff)); + throw new RenException(String.format("请求已过时,允许时差为%s s", requestTimeSecDiff)); } String nonce = argMap.get(RequestParamKeys.NONCE); String nonceInCache = redisUtils.getString(RedisKeys.getOpenApiNonceKey(nonce)); @@ -128,7 +133,7 @@ public class OpenApiRequestCheckAspect { throw new RenException("请求重复"); } //将nonce缓存到redis,有效期1分钟 - redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeDiff); + redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeSecDiff); } /** diff --git a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java index 27c44ae532..5f24502bfa 100644 --- a/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java +++ b/epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java @@ -5,8 +5,6 @@ import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.redis.RedisKeys; import com.epmet.commons.tools.redis.RedisUtils; import com.epmet.commons.tools.utils.Result; -import com.epmet.commons.tools.validator.ValidatorUtils; -import com.epmet.dto.form.openapi.OpenApiBaseFormDTO; import com.epmet.dto.result.openapi.GetAccessTokenResultDTO; import com.epmet.feign.EpmetCommonServiceOpenFeignClient; import com.epmet.service.OpenApiAccessTokenService;