20190828 bug修复

pom.xml

@@ -88,6 +88,24 @@
           <artifactId>alipay-sdk-java</artifactId>
           <version>20150820220052</version>
       </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-api</artifactId>
+          <version>0.10.5</version>
+      </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-impl</artifactId>
+          <version>0.10.5</version>
+          <scope>runtime</scope>
+      </dependency>
+      <dependency>
+          <groupId>io.jsonwebtoken</groupId>
+          <artifactId>jjwt-jackson</artifactId>
+          <version>0.10.5</version>
+          <scope>runtime</scope>
+      </dependency>
+
   </dependencies>
   
   

src/main/java/com/cesgroup/common/utils/ApiResponseEnum.java

@@ -21,8 +21,12 @@ public enum ApiResponseEnum {
      */
     AUTH_SIGN_ERROR(10201,"签名验证失败"),
     AUTH_IP_ERROR(10202,"IP白名单验证失败"),
+    AUTH_TOKEN_ERROR(10203, "token验证失败"),
+    TOKEN_OVERTIME_ERROR(10204, "token已过期")
     ;
 
+    public static String AUTH_CENTER_SERVICE = "kyb-search";
+
     private int errCode = 0;
 
     private String errMsg;

src/main/java/com/cesgroup/common/utils/RSAEncryptUtil.java

@@ -54,8 +54,8 @@ public class RSAEncryptUtil {
             map.put("password", "password123");
             map.put("flag", "0");
 
-//            String content = AlipaySignature.getSignCheckContentV2(map);
-            String content = JSON.toJSONString(map);
+            String content = AlipaySignature.getSignCheckContentV2(map);
+//            String content = JSON.toJSONString(map);
 
             System.out.println("拼接待签名字符串:"+content);
 
@@ -63,18 +63,18 @@ public class RSAEncryptUtil {
             /*
              * 对数据签名  RSA2对应的函数和密钥
              */
-//            String sign = AlipaySignature.rsaSign(map, MapUtils.getString(keyMap, "privateKey"), CHARSET);
-            String sign = sign(content, MapUtils.getString(keyMap, "privateKey"));
+            String sign = AlipaySignature.rsaSign(map, MapUtils.getString(keyMap, "privateKey"), CHARSET);
+//            String sign = sign(content, MapUtils.getString(keyMap, "privateKey"));
 
             System.out.println("原始sign：" + sign);
 
-//            map.put("sign", sign);
+            map.put("sign", sign);
 
             /*
              * 进入验签流程
              */
-//            boolean result = AlipaySignature.rsaCheckV2(map, MapUtils.getString(keyMap, "publicKey"), CHARSET);
-            boolean result = doCheck(content, sign, MapUtils.getString(keyMap, "publicKey"), CHARSET);
+            boolean result = AlipaySignature.rsaCheckV2(map, MapUtils.getString(keyMap, "publicKey"), CHARSET);
+//            boolean result = doCheck(content, sign, MapUtils.getString(keyMap, "publicKey"), CHARSET);
 
             System.out.println("验签结果：" + result);
 

src/main/java/com/cesgroup/kingkong/entity/IPCheckEntity.java

@@ -3,6 +3,7 @@ package com.cesgroup.kingkong.entity;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
 import lombok.Data;
+import org.springframework.format.annotation.DateTimeFormat;
 
 import java.util.Date;
 
@@ -21,5 +22,9 @@ public class IPCheckEntity {
 
     private String ipAddress;
 
-    private Date lastCheckTime;
+    private Long lastCheckTime;
+
+    private String token;
+
+    private Long lastTokenTime;
 }

src/main/java/com/cesgroup/kingkong/interceptor/TokenInterceptor.java

 package com.cesgroup.kingkong.interceptor;
 
-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.alipay.api.internal.util.AlipaySignature;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.cesgroup.common.utils.ApiResponse;
 import com.cesgroup.common.utils.ApiResponseEnum;
 import com.cesgroup.common.utils.ApiResultUtil;
-import com.cesgroup.common.utils.RSAEncryptUtil;
 import com.cesgroup.kingkong.entity.IPCheckEntity;
 import com.cesgroup.kingkong.entity.SecretKeyEntity;
 import com.cesgroup.kingkong.service.IPCheckService;
 import com.cesgroup.kingkong.service.SecretKeyService;
+import com.github.pagehelper.util.StringUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.MapUtils;
 import org.apache.commons.lang.StringUtils;
@@ -23,6 +23,8 @@ import org.springframework.web.servlet.HandlerInterceptor;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.PrintWriter;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.Map;
 
 /**
@@ -45,14 +47,16 @@ public class TokenInterceptor implements HandlerInterceptor {
         log.info("--------------------HTTP BEGIN, PREHANDLE BEGIN--------------------");
         log.info("--------------------REQUEST URI IS: {}", request.getRequestURI());
         log.info("--------------------PARAMS BEGIN--------------------");
-        Map<String, String[]> params = request.getParameterMap();
-        for (Map.Entry<String, String[]> entry : params.entrySet()){
+        Map<String, String[]> paramsMap = request.getParameterMap();
+        Map<String, String> params = new HashMap<>();
+        for (Map.Entry<String, String[]> entry : paramsMap.entrySet()){
             String[] values = entry.getValue();
             StringBuilder sb = new StringBuilder();
             for (String value : values) {
-                sb.append(value + " ");
+                sb.append(value);
             }
             log.info(entry.getKey() + " : " + sb.toString());
+            params.put(entry.getKey(), sb.toString());
         }
         log.info("--------------------PARAMS END----------------------");
 
@@ -63,14 +67,33 @@ public class TokenInterceptor implements HandlerInterceptor {
         }
 
         ApiResponse apiResponse =null;
-        if (checkIp(request)){
-            if (checkSign(params)){
-                return true;
+        String token = request.getHeader("access_token");
+        if(StringUtil.isEmpty(token)){
+            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_TOKEN_ERROR);
+        }else {
+            IPCheckEntity ipCheckEntity = ipCheckService.getOne(new QueryWrapper<IPCheckEntity>().eq("token", token));
+            if(ipCheckEntity != null){
+                // 校验token是否过期
+                if(checkToken(ipCheckEntity)){
+                    if (checkIp(request, token)){
+                        if (checkSign(params)){
+                            IPCheckEntity entity = new IPCheckEntity();
+                            entity.setLastCheckTime(new Date().getTime());
+                            this.ipCheckService.update(entity, new UpdateWrapper<IPCheckEntity>().eq("token", token));
+                            return true;
+                        }else {
+                            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_SIGN_ERROR);
+                        }
+                    }else {
+                        apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_IP_ERROR);
+                    }
+
+                }else {
+                    apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.TOKEN_OVERTIME_ERROR);
+                }
             }else {
-                apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_SIGN_ERROR);
+                apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_TOKEN_ERROR);
             }
-        }else {
-            apiResponse = ApiResultUtil.getApiResponse(null, ApiResponseEnum.AUTH_IP_ERROR);
         }
 
         response.setCharacterEncoding("utf-8");
@@ -78,6 +101,17 @@ public class TokenInterceptor implements HandlerInterceptor {
         return false;
     }
 
+    private boolean checkToken(IPCheckEntity ipCheckEntity){
+        Long lastTokenTime = ipCheckEntity.getLastTokenTime();
+        Date now = new Date();
+        long diff = now.getTime() - lastTokenTime;
+        if(diff < 1000*60*60*24){
+            return true;
+        }
+
+        return false;
+    }
+
     /** 
     * @Description: 校验IP白名单
     * @Param: [request] 
@@ -85,9 +119,9 @@ public class TokenInterceptor implements HandlerInterceptor {
     * @Author: Wanjianbin
     * @Date: 2019/8/27 
     */
-    private boolean checkIp(HttpServletRequest request) {
+    private boolean checkIp(HttpServletRequest request, String token) {
         String remoteAddr = ApiResultUtil.getUserIP(request);
-        int i = ipCheckService.getBaseMapper().selectCount(new QueryWrapper<IPCheckEntity>().eq("ip_address", remoteAddr));
+        int i = ipCheckService.getBaseMapper().selectCount(new QueryWrapper<IPCheckEntity>().eq("ip_address", remoteAddr).eq("token", token));
         if(i < 1){
             return false;
         }
@@ -116,7 +150,7 @@ public class TokenInterceptor implements HandlerInterceptor {
 
 //        params.remove("sign");
 //        String paramsString = JSON.toJSONString(params);
-        if(AlipaySignature.rsaCheckV2(params, publicKey, "UTF-8")){
+        if(!AlipaySignature.rsaCheckV2(params, publicKey, "UTF-8")){
             log.info("-------------------- HTTP END, TOKEN ERROR : {}--------------------", sign);
             return false;
         }

src/main/java/com/cesgroup/kingkong/web/TestController.java → src/main/java/com/cesgroup/kingkong/web/TokenController.java

 package com.cesgroup.kingkong.web;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.cesgroup.common.utils.ApiResponse;
 import com.cesgroup.common.utils.ApiResponseEnum;
 import com.cesgroup.common.utils.ApiResultUtil;
+import com.cesgroup.kingkong.commons.utils.JwtUtils;
+import com.cesgroup.kingkong.core.security.model.JwtUser;
 import com.cesgroup.kingkong.entity.IPCheckEntity;
+import com.cesgroup.kingkong.interceptor.RequiredPermission;
 import com.cesgroup.kingkong.service.IPCheckService;
 import com.cesgroup.kingkong.web.bind.annotation.KingkongRestController;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 
-import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Date;
 
 /**
  * @program: kyb-search
- * @description: 测试接口
+ * @description: token
  * @author: Wanjianbin
  * @create: 2019-08-27 15:32
  **/
 @KingkongRestController
-@RequestMapping("/test")
-public class TestController extends BaseServiceController<IPCheckEntity, IPCheckService> {
+@RequestMapping("/token")
+public class TokenController extends BaseServiceController<IPCheckEntity, IPCheckService> {
 
-    @PostMapping
-    public ApiResponse test(Map params){
+    @PostMapping("/getToken")
+    @RequiredPermission
+    public ApiResponse getToken(HttpServletRequest request){
+        String ip = ApiResultUtil.getUserIP(request);
+        IPCheckEntity ipCheckEntity = this.service.getOne(new QueryWrapper<IPCheckEntity>().eq("ip_address", ip));
+        JwtUser user = new JwtUser();
+        user.setId(ipCheckEntity.getId().toString());
+        user.setUserName(ip);
+        user.setLoginName(ip);
 
+        String token = JwtUtils.createJwtBySimpleUser(user, 1000*60*60*24, ApiResponseEnum.AUTH_CENTER_SERVICE);
+        ipCheckEntity.setToken(token);
+        ipCheckEntity.setLastTokenTime(new Date().getTime());
+        this.service.updateById(ipCheckEntity);
+
+        return ApiResultUtil.getApiResponse(token, ApiResponseEnum.SUCCESS);
+    }
+
+    @RequestMapping("/test")
+    public ApiResponse test(){
         return ApiResultUtil.getApiResponse(null, ApiResponseEnum.SUCCESS);
     }
 }

src/main/resources/application-dev.yml

 spring:
   datasource:
-    url: jdbc:sqlite::resource:db/kyb-search.db
+    url: jdbc:sqlite:kyb-search.db
     username:
     password:
     driverClassName: org.sqlite.JDBC