Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
lyhzzz
/
4dkankan-center-user
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: 7c47d253aa
Dallar Biçim İmleri
4dkankan-cen...
/
src
/
main
/
java
/
com
/
fdkankan
/
ucenter
/
aop
/
SignVerifyAspect.java

SignVerifyAspect.java 2.5 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. package com.fdkankan.ucenter.aop;
    2. 

  2. 

  3. import com.alibaba.fastjson.JSONObject;
    4. 

  4. import com.fdkankan.redis.util.RedisUtil;
    5. 

  5. import com.fdkankan.sign.SignUtils;
    6. 

  6. import com.fdkankan.ucenter.annotation.VerifySign;
    7. 

  7. import com.fdkankan.ucenter.common.constants.ResultCode;
    8. 

  8. import com.fdkankan.ucenter.entity.AppSecret;
    9. 

  9. import com.fdkankan.ucenter.exception.BusinessException;
    10. 

  10. import com.fdkankan.ucenter.service.IAppSecretService;
    11. 

  11. import lombok.extern.slf4j.Slf4j;
    12. 

  12. import org.apache.commons.lang3.StringUtils;
    13. 

  13. import org.aspectj.lang.ProceedingJoinPoint;
    14. 

  14. import org.aspectj.lang.annotation.Around;
    15. 

  15. import org.aspectj.lang.annotation.Aspect;
    16. 

  16. import org.springframework.beans.factory.annotation.Autowired;
    17. 

  17. import org.springframework.stereotype.Component;
    18. 

  18. import org.springframework.web.context.request.RequestContextHolder;
    19. 

  19. import org.springframework.web.context.request.ServletRequestAttributes;
    20. 

  20. 

  21. import javax.servlet.http.HttpServletRequest;
    22. 

  22. import java.util.*;
    23. 

  23. 

  24. @Aspect
    25. 

  25. @Component
    26. 

  26. @Slf4j
    27. 

  27. public class SignVerifyAspect {
    28. 

  28. 

  29.     @Autowired
    30. 

  30.     IAppSecretService appSecretService;
    31. 

  31.     @Autowired
    32. 

  32.     RedisUtil redisUtil;
    33. 

  33. 

  34.     @Around("@annotation(verifySign)")
    35. 

  35.     public Object verifySign(ProceedingJoinPoint joinPoint, VerifySign verifySign) throws Throwable {
    36. 

  36.         if (!verifySign.enabled()) {
    37. 

  37.             return joinPoint.proceed();
    38. 

  38.         }
    39. 

  39.         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
    40. 

  40.         String header = request.getHeader("X-UA");
    41. 

  41.         if(StringUtils.isNotBlank(header)){
    42. 

  42.             return joinPoint.proceed();
    43. 

  43.         }
    44. 

  44.         String sign = request.getHeader(verifySign.signParam().toLowerCase());
    45. 

  45.         String appId = request.getHeader(verifySign.appId().toLowerCase());
    46. 

  46. 

  47.         log.info("verifySign--requestPath:{},sign:{},appId:{}",request.getRequestURL(),sign,appId);
    48. 

  48.         AppSecret byAppId = null;
    49. 

  49.         if(redisUtil.hasKey("ucenter:sign:appid:"+appId)){
    50. 

  50.             byAppId = JSONObject.parseObject(redisUtil.get("ucenter:sign:appid:"+appId),AppSecret.class);
    51. 

  51.         }else {
    52. 

  52.             byAppId = appSecretService.getByAppId(appId);
    53. 

  53.         }
    54. 

  54.         if(byAppId == null){
    55. 

  55.             throw new BusinessException(ResultCode.SIGN_ERROR);
    56. 

  56.         }
    57. 

  57.         if(!SignUtils.checkSign(sign,appId,byAppId.getPrivateKey())){
    58. 

  58.             throw new BusinessException(ResultCode.SIGN_ERROR);
    59. 

  59.         }
    60. 

  60.         if(!redisUtil.hasKey("ucenter:sign:appid:"+appId)){
    61. 

  61.             redisUtil.set("ucenter:sign:appid:"+appId, JSONObject.toJSONString(byAppId),60 *60 *2);
    62. 

  62.         }
    63. 

  63.         return joinPoint.proceed();
    64. 

  64.     }
    65. 

  65. 

  66. }
    67.