open_platform/ss-gateway-api
10
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修改

Browse Source
This commit is contained in:
dimengzhe
2024-12-12 10:31:25 +08:00
parent b68cde7c8b
commit f7d2eb7b48
4 changed files with 14 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/main/java/com/yxt/ss/gateway/api/AuthFilter.java
View File

@@ -43,12 +43,9 @@ public class AuthFilter implements GlobalFilter, Ordered {
@Autowired @Autowired
private IgnoreWhiteProperties ignoreWhite; private IgnoreWhiteProperties ignoreWhite;
@Autowired
private AppKeyConfig appKeyConfig;
public String getSecret(String appKey) { @Autowired
return appKeyConfig.getKeys().get(appKey); private Signature signature;
}
@Override @Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
@@ -62,7 +59,7 @@ public class AuthFilter implements GlobalFilter, Ordered {
return extractParameters(exchange) return extractParameters(exchange)
.flatMap(parameters -> { .flatMap(parameters -> {
// 校验请求参数 // 校验请求参数
ResultBean validationResult = validate(parameters); ResultBean validationResult = signature.validate(parameters);
// 校验失败,返回 401 Unauthorized 错误响应 // 校验失败,返回 401 Unauthorized 错误响应
if (!validationResult.getSuccess()) { if (!validationResult.getSuccess()) {
return setUnauthorizedResponse(exchange, validationResult.getMsg()); return setUnauthorizedResponse(exchange, validationResult.getMsg());
@@ -177,47 +174,4 @@ public class AuthFilter implements GlobalFilter, Ordered {
public int getOrder() { public int getOrder() {
return 0; return 0;
} }
ResultBean validate(Map<String, String> data) {
ResultBean rb = ResultBean.fireFail();
// 解析参数
String app = data.get("_app");
if (org.springframework.util.StringUtils.isEmpty(app)) {
return rb.setMsg("_app参数缺失或无效");
}
// 获取 secret 值
String secret = getSecret(app);
if (org.springframework.util.StringUtils.isEmpty(secret)) {
return rb.setMsg("_app参数不正确");
}
// 校验时间戳 _t 参数
String timestampStr = data.get("_t");
if (org.springframework.util.StringUtils.isEmpty(timestampStr)) {
return rb.setMsg("_t参数缺失");
}
long timestamp;
try {
timestamp = Long.parseLong(timestampStr);
} catch (NumberFormatException e) {
return rb.setMsg("_t参数格式不正确");
}
// 时间范围校验
long currentTimestamp = Instant.now().getEpochSecond();
long timeDifference = Math.abs(currentTimestamp - timestamp);
final int ALLOWED_TIME_DIFF = 300; // 最大允许时间偏差(秒)
if (timeDifference > ALLOWED_TIME_DIFF) {
return rb.setMsg("时间已超过5分钟时间失效");
}
// 签名验证
ResultBean<Boolean> resultBean = SignatureUtil.validateSignature(data, secret);
if (!resultBean.getSuccess()) {
return rb.setMsg(resultBean.getMsg());
}
return rb.success();
}
} }

10
src/main/java/com/yxt/ss/gateway/api/Signature.java
View File

@@ -1,8 +1,9 @@
package com.yxt.ss.gateway.api.service; package com.yxt.ss.gateway.api;
import com.yxt.ss.gateway.api.utils.*; import com.yxt.ss.gateway.api.utils.*;
import okhttp3.*; import okhttp3.*;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
@@ -19,8 +20,9 @@ import java.util.Map;
* @author: dimengzhe * @author: dimengzhe
* @date: 2024/12/6 * @date: 2024/12/6
**/ **/
@RestController //@RestController
@RequestMapping("/signature") //@RequestMapping("/signature")
@Component
public class Signature { public class Signature {
@Autowired @Autowired
@@ -31,7 +33,7 @@ public class Signature {
} }
//验证 //验证
@PostMapping("/validate") // @PostMapping("/validate")
ResultBean validate(Map<String, String> data) { ResultBean validate(Map<String, String> data) {
ResultBean rb = ResultBean.fireFail(); ResultBean rb = ResultBean.fireFail();
// 解析参数:_app是否存在、_app参数值是否在数据库中存在 // 解析参数:_app是否存在、_app参数值是否在数据库中存在

128
src/main/java/com/yxt/ss/gateway/api/rest/ApiTestRest.java
View File

@@ -1,128 +0,0 @@
package com.yxt.ss.gateway.api.rest;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.yxt.ss.gateway.api.authutils.StringUtils;
import com.yxt.ss.gateway.api.service.ClientService;
import com.yxt.ss.gateway.api.utils.AppKeyConfig;
import com.yxt.ss.gateway.api.utils.ResultBean;
import com.yxt.ss.gateway.api.utils.SignatureQuery;
import okhttp3.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.TreeMap;
import java.util.concurrent.TimeUnit;
/**
* @description:服务器对外Api业务接口
* @author: dimengzhe
* @date: 2024/12/10
**/
@RestController
@RequestMapping("/ApiTestRest")
public class ApiTestRest {
@Autowired
private ClientService clientService;
//appkey
static final String APPKEY = "appKey4";
static final String SECRET = "secret";
//开发端生成签名并调用服务器端验证签名、appKey等值。
@PostMapping("/getSign")
ResultBean getSign(SignatureQuery query) {
ResultBean<String> rb = ResultBean.fireFail();
try {
Map<String, String> formData = query.getParameters();
//使用treeMap排序
Map<String, String> tree = new TreeMap<>(formData);
tree.put("_app", APPKEY);
tree.put("_t", String.valueOf(System.currentTimeMillis() / 1000));
tree.put("_s", "");
// 生成签名
String sign = clientService.generateSignature(tree, SECRET);
//添加签名值map
tree.put("_sign", sign);
//发起请求
ResultBean resultBean = client(tree);
if (!resultBean.getSuccess()) {
return rb.setMsg(resultBean.getMsg());
}
//通过验证继续调用接口
return rb.success();
} catch (UnsupportedEncodingException e) {
return rb.setMsg("Unsupported encoding: " + e.getMessage());
} catch (NoSuchAlgorithmException e) {
return rb.setMsg("Algorithm not found: " + e.getMessage());
}
}
//发起请求验证签名等
public ResultBean client(Map<String, String> data) {
ResultBean rb = ResultBean.fireFail();
OkHttpClient client = new OkHttpClient.Builder()
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.build();
try {
// 构建URL
String endPoint = "http://127.0.0.1:9999";
String path = "/signature/validate";
// 创建FormData
FormBody.Builder formBuilder = new FormBody.Builder();
for (Map.Entry<String, String> entry : data.entrySet()) {
formBuilder.add(entry.getKey(), entry.getValue());
}
RequestBody formBody = formBuilder.build();
// 构建POST请求
String url = endPoint + path;
System.out.println("Request URL: " + url);
System.out.println("Request Data: " + data);
Request request = new Request.Builder()
.url(url)
.post(formBody)
.build();
// 发送请求
try (Response response = client.newCall(request).execute()) {
String responseBody = response.body().string();
// 使用 Jackson 解析 JSON 响应
ObjectMapper objectMapper = new ObjectMapper();
JsonNode jsonNode = objectMapper.readTree(responseBody);
String success = jsonNode.path("success").asText();
String msg = jsonNode.path("msg").asText();
if ("false".equals(success)) {
return rb.setMsg(msg);
}
if (response.isSuccessful()) {
System.out.println("Response: " + response.body().string());
} else {
System.err.println("Request failed: " + response.message());
}
}
} catch (IOException e) {
System.err.println("Network error: " + e.getMessage());
} catch (Exception e) {
System.err.println("Unexpected error: " + e.getMessage());
}
return rb.success();
}
}

12
src/main/java/com/yxt/ss/gateway/api/rest/ClientRest.java
View File

@@ -1,4 +1,3 @@
/*
package com.yxt.ss.gateway.api.rest; package com.yxt.ss.gateway.api.rest;
import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.JsonNode;
@@ -19,12 +18,11 @@ import java.util.Map;
import java.util.TreeMap; import java.util.TreeMap;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
*/ /*
/** * @description:模拟开发端请求
* @description:开发端请求
* @author: dimengzhe * @author: dimengzhe
* @date: 2024/12/10 * @date: 2024/12/10
**//* */
@RestController @RestController
@RequestMapping("/client") @RequestMapping("/client")
@@ -36,6 +34,7 @@ public class ClientRest {
//appkey //appkey
static final String APPKEY = "appKey4"; static final String APPKEY = "appKey4";
static final String SECRET = "secret";
//开发端生成签名并调用服务器端验证签名、appKey等值。 //开发端生成签名并调用服务器端验证签名、appKey等值。
@PostMapping("/getSign") @PostMapping("/getSign")
@@ -49,7 +48,7 @@ public class ClientRest {
tree.put("_t", String.valueOf(System.currentTimeMillis() / 1000)); tree.put("_t", String.valueOf(System.currentTimeMillis() / 1000));
tree.put("_s", ""); tree.put("_s", "");
// 生成签名 // 生成签名
String sign = clientService.generateSignature(tree); String sign = clientService.generateSignature(tree, SECRET);
//添加签名值map //添加签名值map
tree.put("_sign", sign); tree.put("_sign", sign);
//发起请求 //发起请求
@@ -126,4 +125,3 @@ public class ClientRest {
return rb.success(); return rb.success();
} }
} }
*/