Skip to content

C
cloud-backend
Commit e5b2af94 by 袁伟铭
Options

1.0.0

parent 277608a6
Showing with 73 additions and 94 deletions
api-server/src/main/java/com/zq/api/controller/ApiController.java
......@@ -43,15 +43,17 @@ public class ApiController {
long start = System.currentTimeMillis();
ApiForm form = ServletUtil.toBean(request, ApiForm.class, true);
if (!form.parseBizContent()) {
return ApiUtils.getParamError(form);
}
// 不处理Request Method:OPTIONS的请求
if (request.getMethod().equals("OPTIONS")) {
return ApiUtils.getSuccessResp(form);
}
//解析业务参数
if (!form.parseBizContent()) {
return ApiUtils.getParamError(form);
}
String method = form.getMethod();
if (StrUtil.isBlank(method)) {
method = request.getParameter("method");
......@@ -124,6 +126,6 @@ public class ApiController {
ApiForm from = ServletUtil.toBean(request, ApiForm.class, true);
ApiUtils.DEBUG = !ApiUtils.DEBUG;
return new ApiResp(from).addData("debug", ApiUtils.DEBUG);
return new ApiResp(from).setData(ApiUtils.DEBUG);
}
}
api-server/src/main/java/com/zq/api/form/ApiForm.java
......@@ -7,12 +7,13 @@ import com.alibaba.fastjson.JSONObject;
import com.zq.api.config.ConfigCache;
import com.zq.api.utils.ApiUtils;
import com.zq.api.utils.NumberUtils;
import com.zq.common.encrypt.EncryptUtils;
import com.zq.common.encrypt.RsaUtils;
import com.zq.common.vo.ApiTokenVo;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import java.io.UnsupportedEncodingException;
import java.util.Map;
import java.util.TreeMap;
......@@ -43,6 +44,10 @@ public class ApiForm {
public boolean parseBizContent() {
try {
boolean flag = ConfigCache.getValueToBoolean("API.PARAM.ENCRYPT"); // API参数是否加密
if (StrUtil.isNotBlank(bizContent) && flag) {
bizContent = ApiUtils.decode(bizContent);
}
bizContentJson = JSON.parseObject(bizContent);
if (bizContentJson == null) {
bizContentJson = new JSONObject();
......@@ -192,20 +197,8 @@ public class ApiForm {
treeMap.put("nonce", this.nonce);
treeMap.put("method", this.method);
treeMap.put("version", this.version);
String bizContent = null;
try {
bizContent = this.bizContent;
bizContent = StrUtil.isBlank(bizContent) ? "" : bizContent;
boolean flag = ConfigCache.getValueToBoolean("API.PARAM.ENCRYPT"); // API参数是否加密
if (StrUtil.isNotBlank(bizContent) && flag) {
bizContent = ApiUtils.decode(bizContent);
}
} catch (UnsupportedEncodingException e) {
log.error("bizContent参数解析失败", e);
}
String bizContent = StrUtil.isBlank(this.bizContent) ? "" : this.bizContent;
treeMap.put("bizContent", bizContent);
return treeMap;
}
......
api-server/src/main/java/com/zq/api/form/ApiResp.java
package com.zq.api.form;
import com.zq.api.constant.ApiCodeEnum;
import lombok.Data;
import lombok.Getter;
import java.util.HashMap;
import java.util.Map;
@Data
@Getter
public class ApiResp {
private String apiNo = "";
private String code = ApiCodeEnum.SUCCESS.code();
private String msg = ApiCodeEnum.SUCCESS.msg();
private Long timestamp = System.currentTimeMillis();
private Map<String, Map<String, Object>> data = new HashMap<>();
public ApiResp(ApiForm from) {
setFrom(from);
}
private Object data;
public ApiResp(ApiForm from, Map<String, Object> map) {
setFrom(from);
data.put("data", map);
public ApiResp(ApiForm form) {
this.apiNo = form.getApiNo() == null ? "" : form.getApiNo();
}
public ApiResp(ApiForm from, ApiCodeEnum apiCodeEnum) {
setFrom(from);
public ApiResp(ApiCodeEnum apiCodeEnum) {
this.code = apiCodeEnum.code();
this.msg = apiCodeEnum.msg();
}
public ApiResp(ApiCodeEnum apiCodeEnum) {
public ApiResp(ApiForm form, ApiCodeEnum apiCodeEnum) {
this.code = apiCodeEnum.code();
this.msg = apiCodeEnum.msg();
}
public ApiResp setFrom(ApiForm from) {
if (from != null) {
this.apiNo = from.getApiNo() == null ? "" : from.getApiNo();
}
return this;
}
public String getApiNo() {
return apiNo;
}
public ApiResp setApiNo(String apiNo) {
this.apiNo = apiNo;
return this;
}
public String getCode() {
return code;
}
public ApiResp setCode(String code) {
this.code = code;
return this;
}
public String getMsg() {
return msg;
}
public ApiResp setMsg(String msg) {
this.msg = msg;
return this;
}
public Boolean isSuccess() {
return this.getCode().equals(ApiCodeEnum.SUCCESS.code());
}
public Map<String, Object> getData() {
return this.data.get("data");
}
public ApiResp setData(Map<String, Object> dataMap) {
this.data.put("data", dataMap);
public ApiResp setTimestamp(Long timestamp) {
this.timestamp = timestamp;
return this;
}
public ApiResp addData(String key, Object value) {
Map<String, Object> dataMap = getData();
if (dataMap == null) {
dataMap = new HashMap<>();
}
dataMap.put(key, value);
this.data.put("data", dataMap);
public ApiResp setData(Object data) {
this.data = data;
return this;
}
@Override
public String toString() {
return "[apiNo=" + this.apiNo + "]"
+ "[code=" + this.code + "]"
+ "[msg=" + this.msg + "]"
+ "[data=" + this.data + "]";
public Boolean isSuccess() {
return this.getCode().equals(ApiCodeEnum.SUCCESS.code());
}
}
api-server/src/main/java/com/zq/api/interceptor/ApiInterceptor.java
......@@ -74,6 +74,8 @@ public class ApiInterceptor extends HandlerInterceptorAdapter {
+ "\n[time=" + (System.currentTimeMillis() - start) + "ms]");
}
return true;
}
......
api-server/src/main/java/com/zq/api/service/impl/BaseApiLogic.java
package com.zq.api.service.impl;
import com.zq.api.constant.ApiCodeEnum;
import com.zq.api.form.ApiForm;
import com.zq.api.form.ApiResp;
import com.zq.api.service.IApiLogic;
......@@ -24,15 +23,20 @@ public abstract class BaseApiLogic implements IApiLogic {
public ApiResp valid(ApiForm form) {
// 不需要验证的方法
if (notValid(form)) {
return new ApiResp(form);
return ApiUtils.getSuccessResp(form);
}
TreeMap<String, String> tree = form.getSignTreeMap();
String serverSign = ApiUtils.getSign(tree);
String timestamp = form.getTimestamp();
// 一分钟内的数据有效
if (Long.parseLong(timestamp) + (60 * 1000) > System.currentTimeMillis()) {
return ApiUtils.getCheckSignValidError(form);
}
String serverSign = ApiUtils.getSign(form.getSignTreeMap());
if (!serverSign.equals(form.getSign())) {
return new ApiResp(form, ApiCodeEnum.CHECK_SIGN_VALID_ERROR);
return ApiUtils.getCheckSignValidError(form);
}
return new ApiResp(form);
return ApiUtils.getSuccessResp(form);
}
/**
......@@ -49,7 +53,7 @@ public abstract class BaseApiLogic implements IApiLogic {
@Override
public ApiResp logout(ApiForm form) {
return new ApiResp(form).addData("r", "ok");
return new ApiResp(form).setData("ok");
}
@Override
......
api-server/src/main/java/com/zq/api/utils/ApiUtils.java
package com.zq.api.utils;
import cn.hutool.crypto.digest.MD5;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.zq.api.constant.ApiCodeEnum;
import com.zq.api.form.ApiForm;
import com.zq.api.form.ApiResp;
import com.zq.api.service.IApiLogic;
import com.zq.api.service.impl.ApiV100Logic;
import com.zq.api.service.impl.ApiV101Logic;
import com.zq.common.encrypt.EncryptUtils;
import com.zq.common.encrypt.RsaUtils;
import com.zq.common.vo.ResultVo;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;
import java.io.UnsupportedEncodingException;
......@@ -128,10 +133,21 @@ public class ApiUtils {
return new ApiResp(form, ApiCodeEnum.PARAM_ERROR);
}
/**
* 传递参数异常
* <p>
* 2016年9月29日 上午11:44:38
*
* @return
*/
public static ApiResp getCheckSignValidError(ApiForm form) {
return new ApiResp(form, ApiCodeEnum.CHECK_SIGN_VALID_ERROR);
}
public static ApiResp toApiResp(ApiForm form, ResultVo resultVo) {
ApiResp apiResp = new ApiResp(form);
if (resultVo.isSuccess()) {
apiResp.addData("data", resultVo.getData() == null ? "" : resultVo.getData());
apiResp.setData(resultVo.getData() == null ? "" : resultVo.getData());
} else {
return apiResp.setCode(String.valueOf(resultVo.getErrCode())).setMsg(resultVo.getErrMsg());
}
......@@ -149,7 +165,7 @@ public class ApiUtils {
*/
public static String decode(String params) throws UnsupportedEncodingException {
params = URLDecoder.decode(params, "utf-8");
params = new String(Base64.decodeBase64(params.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
params = EncryptUtils.rsaDecodeByPrivateKey(params, RsaUtils.privateKey);
return params;
}
......@@ -163,7 +179,10 @@ public class ApiUtils {
* @throws UnsupportedEncodingException
*/
public static String encode(String params) throws UnsupportedEncodingException {
params = new String(Base64.encodeBase64(params.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
params = EncryptUtils.rsaDecodeByPrivateKey(params, RsaUtils.publicKey);
if (StringUtils.isBlank(params)) {
return "";
}
params = URLEncoder.encode(params, "utf-8");
return params;
}
......@@ -177,19 +196,12 @@ public class ApiUtils {
* @return
*/
public static String getSign(TreeMap<String, String> paramMaps) {
String nonce = "";
// 原始请求串
StringBuilder src = new StringBuilder();
for (Map.Entry<String, String> entry : paramMaps.entrySet()) {
if (entry.getKey().equals("nonce")) {
nonce = entry.getValue();
continue;
}
src.append(entry.getKey()).append("=").append(entry.getValue()).append("&");
}
// 待加密串
src.append("nonce=").append(nonce == null ? "" : nonce);
System.out.println("签名:" + src.toString());
return MD5.create().digestHex(src.toString());
}
}
common-utils/src/main/java/com/zq/common/encrypt/EncryptUtils.java
......@@ -44,6 +44,14 @@ public class EncryptUtils {
private static final int HEX_RADIUS = 16;
public static void main(String[] args) throws Exception {
String data = "123456";
String bytes = rsaEncryptByPublicKey(data, RsaUtils.publicKey);
System.out.println(bytes);
String bytes1 = rsaDecodeByPrivateKey(bytes, RsaUtils.privateKey);
System.out.println(bytes1);
}
/**
* MD5 加密字符串
*
......
common-utils/src/main/java/com/zq/common/encrypt/RsaUtils.java
......@@ -48,6 +48,9 @@ public class RsaUtils {
*/
private static final int MAX_DECRYPT_BLOCK = 128;
public static String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMTaoTuj4LU9WAMeaVWcpwgyMcdvAA3JRDcG0+pWG086c+WPdSggNNZaVw3szCKOTnWvNc6SoqjpjpbQpC57uag67VzKWLmsZoF6SXjCARyRaEkfK2VRHTfkVpyd8FF16gebVhhyjbkkja9JVEekwqOGzfmnfSKfx5LwvcSxdiSrAgMBAAECgYBZgGHQQPk4zhRHDrurnhbfhhrV5yTqH7kxH5yYLeAqzJPHKsuEm+gKEXcFMMW7bGJF5YycSFVGYTJgZapQLBbDlrZdM8SjxsNyrCKI3v3LNQDsqs5x751HfFVvTme7wroN/uJszUaQJPagEUckMkHvpv7XWoL3Wbz7oy94T3ENoQJBAPAhj2yo9jRZv5JRlYy5BFwqYpxSWqGjzr2k2YiGqB9/y/pDpDx3q42FaBcOlOOeh/My+iVNLcezqgj+U0yx79ECQQDR3Oz9ckCm2q7AMCLFmp9cs4dws6DLim35awOvLIXtm/Z1tRNyuLqb6g2VM4O/QiTu64F3+ljKiOWHAcgxqUe7AkEArTuYy4vs6gFhCb6fg8Cp24+cSifDSF7zM67sW+jA+tBoJ+iKYDD46wS1/gQ/9yGT9Cfve998ylfbr9dB4s9vMQJAOH/uHd3gogtF+N/8vI6AUQjUcfcqVyIRsZCqEUM/W1Ud6VqyvbQWKVu+BGk2EwvPvbMRzCdOOFja0pocN6KHeQJAQPwlDo1IHJI5F60CvfIG8dIwtGexMnd4NNHQ4KH0peK9jUCPkkpW0No5ZEtKNgfdPk23erfyx5cGqocvnoUpoQ==";
public static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDE2qE7o+C1PVgDHmlVnKcIMjHHbwANyUQ3BtPqVhtPOnPlj3UoIDTWWlcN7Mwijk51rzXOkqKo6Y6W0KQue7moOu1cyli5rGaBekl4wgEckWhJHytlUR035FacnfBRdeoHm1YYco25JI2vSVRHpMKjhs35p30in8eS8L3EsXYkqwIDAQAB";
/**
* 生成密钥对(公钥和私钥)
*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment