20190828 bug修复

3ba9ae9b · 万建斌 · 106f3c4f · 3ba9ae9b · 3ba9ae9b · 3ba9ae9b
Commit 3ba9ae9b authored Aug 28, 2019 by 万建斌
9 changed files
--- a/kyb-search.db
+++ b/kyb-search.db
--- a/pom.xml
+++ b/pom.xml
@@ -88,6 +88,24 @@
          <artifactId>alipay-sdk-java</artifactId>
          <version>20150820220052</version>
      </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-api</artifactId>
+          <version>0.10.5</version>
+      </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-impl</artifactId>
+          <version>0.10.5</version>
+          <scope>runtime</scope>
+      </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-jackson</artifactId>
+          <version>0.10.5</version>
+          <scope>runtime</scope>
+      </dependency>
+
  </dependencies>
  
  

--- a/src/main/java/com/cesgroup/common/utils/ApiResponseEnum.java
+++ b/src/main/java/com/cesgroup/common/utils/ApiResponseEnum.java
@@ -21,8 +21,12 @@ public enum ApiResponseEnum {
     */
    AUTH_SIGN_ERROR(10201,"签名验证失败"),
    AUTH_IP_ERROR(10202,"IP白名单验证失败"),
+    AUTH_TOKEN_ERROR(10203, "token验证失败"),
+    TOKEN_OVERTIME_ERROR(10204, "token已过期")
    ;

+    public static String AUTH_CENTER_SERVICE = "kyb-search";
+
    private int errCode = 0;

    private String errMsg;

--- a/src/main/java/com/cesgroup/common/utils/RSAEncryptUtil.java
+++ b/src/main/java/com/cesgroup/common/utils/RSAEncryptUtil.java
@@ -54,8 +54,8 @@ public class RSAEncryptUtil {
            map.put("password", "password123");
            map.put("flag", "0");

-//            String content = AlipaySignature.getSignCheckContentV2(map);
-            String content = JSON.toJSONString(map);
+            String content = AlipaySignature.getSignCheckContentV2(map);
+//            String content = JSON.toJSONString(map);

            System.out.println("拼接待签名字符串:"+content);

@@ -63,18 +63,18 @@ public class RSAEncryptUtil {
            /*
             * 对数据签名  RSA2对应的函数和密钥
             */
-//            String sign = AlipaySignature.rsaSign(map, MapUtils.getString(keyMap, "privateKey"), CHARSET);
-            String sign = sign(content, MapUtils.getString(keyMap, "privateKey"));
+            String sign = AlipaySignature.rsaSign(map, MapUtils.getString(keyMap, "privateKey"), CHARSET);
+//            String sign = sign(content, MapUtils.getString(keyMap, "privateKey"));

            System.out.println("原始sign：" + sign);

-//            map.put("sign", sign);
+            map.put("sign", sign);

            /*
             * 进入验签流程
             */
-//            boolean result = AlipaySignature.rsaCheckV2(map, MapUtils.getString(keyMap, "publicKey"), CHARSET);
-            boolean result = doCheck(content, sign, MapUtils.getString(keyMap, "publicKey"), CHARSET);
+            boolean result = AlipaySignature.rsaCheckV2(map, MapUtils.getString(keyMap, "publicKey"), CHARSET);
+//            boolean result = doCheck(content, sign, MapUtils.getString(keyMap, "publicKey"), CHARSET);

            System.out.println("验签结果：" + result);


--- a/src/main/java/com/cesgroup/kingkong/entity/IPCheckEntity.java
+++ b/src/main/java/com/cesgroup/kingkong/entity/IPCheckEntity.java
@@ -3,6 +3,7 @@ package com.cesgroup.kingkong.entity;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
 import lombok.Data;
+import org.springframework.format.annotation.DateTimeFormat;

 import java.util.Date;

@@ -21,5 +22,9 @@ public class IPCheckEntity {

    private String ipAddress;

-    private Date lastCheckTime;
+    private Long lastCheckTime;
+
+    private String token;
+
+    private Long lastTokenTime;
 }
--- a/src/main/java/com/cesgroup/kingkong/interceptor/TokenInterceptor.java
+++ b/src/main/java/com/cesgroup/kingkong/interceptor/TokenInterceptor.java
 package com.cesgroup.kingkong.interceptor;

-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.alipay.api.internal.util.AlipaySignature;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.cesgroup.common.utils.ApiResponse;
 import com.cesgroup.common.utils.ApiResponseEnum;
 import com.cesgroup.common.utils.ApiResultUtil;
-import com.cesgroup.common.utils.RSAEncryptUtil;
 import com.cesgroup.kingkong.entity.IPCheckEntity;
 import com.cesgroup.kingkong.entity.SecretKeyEntity;
 import com.cesgroup.kingkong.service.IPCheckService;
 import com.cesgroup.kingkong.service.SecretKeyService;
+import com.github.pagehelper.util.StringUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.MapUtils;
 import org.apache.commons.lang.StringUtils;
@@ -23,6 +23,8 @@ import org.springframework.web.servlet.HandlerInterceptor;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.PrintWriter;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.Map;

 /**
@@ -45,14 +47,16 @@ public class TokenInterceptor implements HandlerInterceptor {
        log.info("--------------------HTTP BEGIN, PREHANDLE BEGIN--------------------");
        log.info("--------------------REQUEST URI IS: {}", request.getRequestURI());
        log.info("--------------------PARAMS BEGIN--------------------");
-        Map<String, String[]> params = request.getParameterMap();
-        for (Map.Entry<String, String[]> entry : params.entrySet()){
+        Map<String, String[]> paramsMap = request.getParameterMap();
+        Map<String, String> params = new HashMap<>();
+        for (Map.Entry<String, String[]> entry : paramsMap.entrySet()){
            String[] values = entry.getValue();
            StringBuilder sb = new StringBuilder();
            for (String value : values) {
-                sb.append(value + " ");
+                sb.append(value);
            }
            log.info(entry.getKey() + " : " + sb.toString());
+            params.put(entry.getKey(), sb.toString());
        }
        log.info("--------------------PARAMS END----------------------");

@@ -63,14 +67,33 @@ public class TokenInterceptor implements HandlerInterceptor {
        }

        ApiResponse apiResponse =null;
-        if (checkIp(request)){
-            if (checkSign(params)){
-                return true;
+        String token = request.getHeader("access_token");
+        if(StringUtil.isEmpty(token)){
+            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_TOKEN_ERROR);
+        }else {
+            IPCheckEntity ipCheckEntity = ipCheckService.getOne(new QueryWrapper<IPCheckEntity>().eq("token", token));
+            if(ipCheckEntity != null){
+                // 校验token是否过期
+                if(checkToken(ipCheckEntity)){
+                    if (checkIp(request, token)){
+                        if (checkSign(params)){
+                            IPCheckEntity entity = new IPCheckEntity();
+                            entity.setLastCheckTime(new Date().getTime());
+                            this.ipCheckService.update(entity, new UpdateWrapper<IPCheckEntity>().eq("token", token));
+                            return true;
+                        }else {
+                            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_SIGN_ERROR);
+                        }
+                    }else {
+                        apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_IP_ERROR);
+                    }
+
+                }else {
+                    apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.TOKEN_OVERTIME_ERROR);
+                }
            }else {
-                apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_SIGN_ERROR);
+                apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_TOKEN_ERROR);
            }
-        }else {
-            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_IP_ERROR);
        }

        response.setCharacterEncoding("utf-8");
@@ -78,6 +101,17 @@ public class TokenInterceptor implements HandlerInterceptor {
        return false;
    }

+    private boolean checkToken(IPCheckEntity ipCheckEntity){
+        Long lastTokenTime = ipCheckEntity.getLastTokenTime();
+        Date now = new Date();
+        long diff = now.getTime() - lastTokenTime;
+        if(diff < 1000*60*60*24){
+            return true;
+        }
+
+        return false;
+    }
+
    /** 
    * @Description: 校验IP白名单
    * @Param: [request] 
@@ -85,9 +119,9 @@ public class TokenInterceptor implements HandlerInterceptor {
    * @Author: Wanjianbin
    * @Date: 2019/8/27 
    */
-    private boolean checkIp(HttpServletRequest request) {
+    private boolean checkIp(HttpServletRequest request, String token) {
        String remoteAddr = ApiResultUtil.getUserIP(request);
-        int i = ipCheckService.getBaseMapper().selectCount(new QueryWrapper<IPCheckEntity>().eq("ip_address", remoteAddr));
+        int i = ipCheckService.getBaseMapper().selectCount(new QueryWrapper<IPCheckEntity>().eq("ip_address", remoteAddr).eq("token", token));
        if(i < 1){
            return false;
        }
@@ -116,7 +150,7 @@ public class TokenInterceptor implements HandlerInterceptor {

 //        params.remove("sign");
 //        String paramsString = JSON.toJSONString(params);
-        if(AlipaySignature.rsaCheckV2(params, publicKey, "UTF-8")){
+        if(!AlipaySignature.rsaCheckV2(params, publicKey, "UTF-8")){
            log.info("-------------------- HTTP END, TOKEN ERROR : {}--------------------", sign);
            return false;
        }

--- a/src/main/java/com/cesgroup/kingkong/web/TestController.java
+++ b/src/main/java/com/cesgroup/kingkong/web/TestController.java
 package com.cesgroup.kingkong.web;

+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.cesgroup.common.utils.ApiResponse;
 import com.cesgroup.common.utils.ApiResponseEnum;
 import com.cesgroup.common.utils.ApiResultUtil;
+import com.cesgroup.kingkong.commons.utils.JwtUtils;
+import com.cesgroup.kingkong.core.security.model.JwtUser;
 import com.cesgroup.kingkong.entity.IPCheckEntity;
+import com.cesgroup.kingkong.interceptor.RequiredPermission;
 import com.cesgroup.kingkong.service.IPCheckService;
 import com.cesgroup.kingkong.web.bind.annotation.KingkongRestController;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;

-import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Date;

 /**
 * @program: kyb-search
- * @description: 测试接口
+ * @description: token
 * @author: Wanjianbin
 * @create: 2019-08-27 15:32
 **/
 @KingkongRestController
-@RequestMapping("/test")
-public class TestController extends BaseServiceController<IPCheckEntity, IPCheckService> {
+@RequestMapping("/token")
+public class TokenController extends BaseServiceController<IPCheckEntity, IPCheckService> {

-    @PostMapping
-    public ApiResponse test(Map params){
+    @PostMapping("/getToken")
+    @RequiredPermission
+    public ApiResponse getToken(HttpServletRequest request){
+        String ip = ApiResultUtil.getUserIP(request);
+        IPCheckEntity ipCheckEntity = this.service.getOne(new QueryWrapper<IPCheckEntity>().eq("ip_address", ip));
+        JwtUser user = new JwtUser();
+        user.setId(ipCheckEntity.getId().toString());
+        user.setUserName(ip);
+        user.setLoginName(ip);

+        String token = JwtUtils.createJwtBySimpleUser(user, 1000*60*60*24, ApiResponseEnum.AUTH_CENTER_SERVICE);
+        ipCheckEntity.setToken(token);
+        ipCheckEntity.setLastTokenTime(new Date().getTime());
+        this.service.updateById(ipCheckEntity);
+
+        return ApiResultUtil.getApiResponse(token, ApiResponseEnum.SUCCESS);
+    }
+
+    @RequestMapping("/test")
+    public ApiResponse test(){
        return ApiResultUtil.getApiResponse(null, ApiResponseEnum.SUCCESS);
    }
 }
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
 spring:
  datasource:
-    url: jdbc:sqlite::resource:db/kyb-search.db
+    url: jdbc:sqlite:kyb-search.db
    username:
    password:
    driverClassName: org.sqlite.JDBC

--- a/src/main/resources/db/kyb-search.db
+++ b/src/main/resources/db/kyb-search.db