diff --git a/src/main/java/com/yxt/ss/gateway/api/AuthFilter.java b/src/main/java/com/yxt/ss/gateway/api/AuthFilter.java index 2432bda..838c11a 100644 --- a/src/main/java/com/yxt/ss/gateway/api/AuthFilter.java +++ b/src/main/java/com/yxt/ss/gateway/api/AuthFilter.java @@ -43,12 +43,9 @@ public class AuthFilter implements GlobalFilter, Ordered { @Autowired private IgnoreWhiteProperties ignoreWhite; - @Autowired - private AppKeyConfig appKeyConfig; - public String getSecret(String appKey) { - return appKeyConfig.getKeys().get(appKey); - } + @Autowired + private Signature signature; @Override public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { @@ -62,7 +59,7 @@ public class AuthFilter implements GlobalFilter, Ordered { return extractParameters(exchange) .flatMap(parameters -> { // 校验请求参数 - ResultBean validationResult = validate(parameters); + ResultBean validationResult = signature.validate(parameters); // 校验失败,返回 401 Unauthorized 错误响应 if (!validationResult.getSuccess()) { return setUnauthorizedResponse(exchange, validationResult.getMsg()); @@ -177,47 +174,4 @@ public class AuthFilter implements GlobalFilter, Ordered { public int getOrder() { return 0; } - - ResultBean validate(Map data) { - ResultBean rb = ResultBean.fireFail(); - // 解析参数 - String app = data.get("_app"); - if (org.springframework.util.StringUtils.isEmpty(app)) { - return rb.setMsg("_app参数缺失或无效"); - } - // 获取 secret 值 - String secret = getSecret(app); - if (org.springframework.util.StringUtils.isEmpty(secret)) { - return rb.setMsg("_app参数不正确"); - } - // 校验时间戳 _t 参数 - String timestampStr = data.get("_t"); - if (org.springframework.util.StringUtils.isEmpty(timestampStr)) { - return rb.setMsg("_t参数缺失"); - } - long timestamp; - try { - timestamp = Long.parseLong(timestampStr); - } catch (NumberFormatException e) { - return rb.setMsg("_t参数格式不正确"); - } - // 时间范围校验 - long currentTimestamp = Instant.now().getEpochSecond(); - long timeDifference = Math.abs(currentTimestamp - timestamp); - final int ALLOWED_TIME_DIFF = 300; // 最大允许时间偏差(秒) - if (timeDifference > ALLOWED_TIME_DIFF) { - return rb.setMsg("时间已超过5分钟,时间失效"); - } - - // 签名验证 - ResultBean resultBean = SignatureUtil.validateSignature(data, secret); - if (!resultBean.getSuccess()) { - return rb.setMsg(resultBean.getMsg()); - } - - return rb.success(); - - - } - } diff --git a/src/main/java/com/yxt/ss/gateway/api/Signature.java b/src/main/java/com/yxt/ss/gateway/api/Signature.java index 1caefd7..3a2bc3e 100644 --- a/src/main/java/com/yxt/ss/gateway/api/Signature.java +++ b/src/main/java/com/yxt/ss/gateway/api/Signature.java @@ -1,8 +1,9 @@ -package com.yxt.ss.gateway.api.service; +package com.yxt.ss.gateway.api; import com.yxt.ss.gateway.api.utils.*; import okhttp3.*; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -19,8 +20,9 @@ import java.util.Map; * @author: dimengzhe * @date: 2024/12/6 **/ -@RestController -@RequestMapping("/signature") +//@RestController +//@RequestMapping("/signature") +@Component public class Signature { @Autowired @@ -31,7 +33,7 @@ public class Signature { } //验证 - @PostMapping("/validate") +// @PostMapping("/validate") ResultBean validate(Map data) { ResultBean rb = ResultBean.fireFail(); // 解析参数:_app是否存在、_app参数值是否在数据库中存在 diff --git a/src/main/java/com/yxt/ss/gateway/api/rest/ApiTestRest.java b/src/main/java/com/yxt/ss/gateway/api/rest/ApiTestRest.java deleted file mode 100644 index b64d1b5..0000000 --- a/src/main/java/com/yxt/ss/gateway/api/rest/ApiTestRest.java +++ /dev/null @@ -1,128 +0,0 @@ -package com.yxt.ss.gateway.api.rest; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.yxt.ss.gateway.api.authutils.StringUtils; -import com.yxt.ss.gateway.api.service.ClientService; -import com.yxt.ss.gateway.api.utils.AppKeyConfig; -import com.yxt.ss.gateway.api.utils.ResultBean; -import com.yxt.ss.gateway.api.utils.SignatureQuery; -import okhttp3.*; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.security.NoSuchAlgorithmException; -import java.util.Map; -import java.util.TreeMap; -import java.util.concurrent.TimeUnit; - -/** - * @description:服务器对外Api业务接口 - * @author: dimengzhe - * @date: 2024/12/10 - **/ -@RestController -@RequestMapping("/ApiTestRest") -public class ApiTestRest { - - @Autowired - private ClientService clientService; - - - //appkey - static final String APPKEY = "appKey4"; - static final String SECRET = "secret"; - - //开发端,生成签名并调用服务器端验证签名、appKey等值。 - @PostMapping("/getSign") - ResultBean getSign(SignatureQuery query) { - ResultBean rb = ResultBean.fireFail(); - try { - Map formData = query.getParameters(); - //使用treeMap排序 - Map tree = new TreeMap<>(formData); - tree.put("_app", APPKEY); - tree.put("_t", String.valueOf(System.currentTimeMillis() / 1000)); - tree.put("_s", ""); - // 生成签名 - String sign = clientService.generateSignature(tree, SECRET); - //添加签名值map - tree.put("_sign", sign); - //发起请求 - ResultBean resultBean = client(tree); - if (!resultBean.getSuccess()) { - return rb.setMsg(resultBean.getMsg()); - } - //通过验证继续调用接口 - - - return rb.success(); - } catch (UnsupportedEncodingException e) { - return rb.setMsg("Unsupported encoding: " + e.getMessage()); - } catch (NoSuchAlgorithmException e) { - return rb.setMsg("Algorithm not found: " + e.getMessage()); - } - } - - //发起请求验证签名等 - public ResultBean client(Map data) { - ResultBean rb = ResultBean.fireFail(); - OkHttpClient client = new OkHttpClient.Builder() - .connectTimeout(10, TimeUnit.SECONDS) - .writeTimeout(10, TimeUnit.SECONDS) - .readTimeout(30, TimeUnit.SECONDS) - .build(); - - try { - // 构建URL - String endPoint = "http://127.0.0.1:9999"; - String path = "/signature/validate"; - - // 创建FormData - FormBody.Builder formBuilder = new FormBody.Builder(); - for (Map.Entry entry : data.entrySet()) { - formBuilder.add(entry.getKey(), entry.getValue()); - } - RequestBody formBody = formBuilder.build(); - - // 构建POST请求 - String url = endPoint + path; - System.out.println("Request URL: " + url); - System.out.println("Request Data: " + data); - - Request request = new Request.Builder() - .url(url) - .post(formBody) - .build(); - - // 发送请求 - try (Response response = client.newCall(request).execute()) { - String responseBody = response.body().string(); - // 使用 Jackson 解析 JSON 响应 - ObjectMapper objectMapper = new ObjectMapper(); - JsonNode jsonNode = objectMapper.readTree(responseBody); - String success = jsonNode.path("success").asText(); - String msg = jsonNode.path("msg").asText(); - if ("false".equals(success)) { - return rb.setMsg(msg); - } - if (response.isSuccessful()) { - System.out.println("Response: " + response.body().string()); - } else { - System.err.println("Request failed: " + response.message()); - } - - - } - } catch (IOException e) { - System.err.println("Network error: " + e.getMessage()); - } catch (Exception e) { - System.err.println("Unexpected error: " + e.getMessage()); - } - return rb.success(); - } -} diff --git a/src/main/java/com/yxt/ss/gateway/api/rest/ClientRest.java b/src/main/java/com/yxt/ss/gateway/api/rest/ClientRest.java index 9fae8f1..0a53a87 100644 --- a/src/main/java/com/yxt/ss/gateway/api/rest/ClientRest.java +++ b/src/main/java/com/yxt/ss/gateway/api/rest/ClientRest.java @@ -1,4 +1,3 @@ -/* package com.yxt.ss.gateway.api.rest; import com.fasterxml.jackson.databind.JsonNode; @@ -19,12 +18,11 @@ import java.util.Map; import java.util.TreeMap; import java.util.concurrent.TimeUnit; -*/ -/** - * @description:开发端请求 +/* + * @description:模拟开发端请求 * @author: dimengzhe * @date: 2024/12/10 - **//* + */ @RestController @RequestMapping("/client") @@ -36,6 +34,7 @@ public class ClientRest { //appkey static final String APPKEY = "appKey4"; + static final String SECRET = "secret"; //开发端,生成签名并调用服务器端验证签名、appKey等值。 @PostMapping("/getSign") @@ -49,7 +48,7 @@ public class ClientRest { tree.put("_t", String.valueOf(System.currentTimeMillis() / 1000)); tree.put("_s", ""); // 生成签名 - String sign = clientService.generateSignature(tree); + String sign = clientService.generateSignature(tree, SECRET); //添加签名值map tree.put("_sign", sign); //发起请求 @@ -126,4 +125,3 @@ public class ClientRest { return rb.success(); } } -*/