|
|
@@ -72,34 +72,28 @@ public class SignVerifyAspect {
|
|
|
public static Boolean checkSign(String sign,String appIdValue,String privateKey) {
|
|
|
try {
|
|
|
if(StringUtils.isBlank(sign)){
|
|
|
- log.info("checkSign-blank-sign:{},appId:{},privateKey:{}",sign,appIdValue,privateKey);
|
|
|
return false;
|
|
|
}
|
|
|
String deTxt = RsaUtils.decipher(sign, privateKey);
|
|
|
if(StringUtils.isBlank(deTxt)){
|
|
|
- log.info("checkSign-blank-deTxt-sign:{},appId:{},privateKey:{}",sign,appIdValue,privateKey);
|
|
|
return false;
|
|
|
}
|
|
|
org.json.JSONObject jsonObject = new org.json.JSONObject(deTxt);
|
|
|
String appId = jsonObject.getString("appId");
|
|
|
Long timestamp = jsonObject.getLong("timestamp");
|
|
|
if(StringUtils.isBlank(appId) || timestamp == null){
|
|
|
- log.info("checkSign-appid-isBlank-sign:{},appId:{},privateKey:{}",sign,appIdValue,privateKey);
|
|
|
-
|
|
|
return false;
|
|
|
}
|
|
|
if(!appId.equals(appIdValue)){
|
|
|
- log.info("checkSign-appid-equals-sign:{},appId:{},appIdValue:{},privateKey:{}",sign,appId,appIdValue,privateKey);
|
|
|
return false;
|
|
|
}
|
|
|
Long time = new Date().getTime();
|
|
|
- if(Math.abs( time -timestamp) >1000 * 60 *5){
|
|
|
- log.info("checkSign-time--sign:{},appId:{},appIdValue:{},privateKey:{}",sign,appId,appIdValue,privateKey);
|
|
|
+ log.info("time:{},timestamp:{}",time,timestamp);
|
|
|
+ if(Math.abs( time -timestamp) >1000 * 60 *5){ //app使用会有误差,未来时间
|
|
|
return false;
|
|
|
}
|
|
|
return true;
|
|
|
}catch (Exception e){
|
|
|
- log.info("checkSign-blank-deTxt-sign:{},appId:{},privateKey:{}",sign,appIdValue,privateKey,e);
|
|
|
return false;
|
|
|
}
|
|
|
}
|
lyhzzz