|
|
@@ -19,17 +19,14 @@ import com.zswl.dataservice.utils.mqtt.type.LogsLevel;
|
|
|
import com.zswl.dataservice.utils.net.IPUtil;
|
|
|
import com.zswl.dataservice.utils.os.SystemUtil;
|
|
|
import com.zswl.dataservice.utils.result.ResultContent;
|
|
|
-import jakarta.servlet.ServletInputStream;
|
|
|
-import jakarta.servlet.ServletOutputStream;
|
|
|
import jakarta.servlet.http.HttpServletRequest;
|
|
|
import jakarta.servlet.http.HttpServletResponse;
|
|
|
-import lombok.Data;
|
|
|
import lombok.SneakyThrows;
|
|
|
import lombok.extern.slf4j.Slf4j;
|
|
|
import org.apache.commons.lang3.ObjectUtils;
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
-import org.aspectj.apache.bcel.classfile.Module;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
+import org.springframework.beans.factory.annotation.Value;
|
|
|
import org.springframework.context.ApplicationContext;
|
|
|
import org.springframework.http.HttpStatus;
|
|
|
import org.springframework.stereotype.Service;
|
|
|
@@ -39,15 +36,11 @@ import org.springframework.web.servlet.ModelAndView;
|
|
|
import org.springframework.web.util.ContentCachingRequestWrapper;
|
|
|
import org.springframework.web.util.ContentCachingResponseWrapper;
|
|
|
|
|
|
-import java.io.BufferedReader;
|
|
|
-import java.io.InputStreamReader;
|
|
|
-import java.io.OutputStream;
|
|
|
import java.io.PrintWriter;
|
|
|
import java.util.Date;
|
|
|
import java.util.HashMap;
|
|
|
import java.util.concurrent.ExecutorService;
|
|
|
import java.util.concurrent.Executors;
|
|
|
-import java.util.concurrent.TimeUnit;
|
|
|
|
|
|
/**
|
|
|
* @author TRX
|
|
|
@@ -75,6 +68,10 @@ public class OpenApiVerifyService {
|
|
|
@Autowired
|
|
|
OpenApiSignInfoDao openApiSignInfoDao;
|
|
|
|
|
|
+ // 是否开启 openAPI验证
|
|
|
+ @Value("${openapi.openVerify}")
|
|
|
+ public static final boolean openVerify = true;
|
|
|
+
|
|
|
//线程池
|
|
|
ExecutorService executorService = Executors.newFixedThreadPool(SystemUtil.getCpuCoreCount() * 2);
|
|
|
|
|
|
@@ -97,6 +94,9 @@ public class OpenApiVerifyService {
|
|
|
public boolean verifyOpenAPI(HttpServletRequest request, HttpServletResponse response, Object object) {
|
|
|
log.info("---------------------openAPI验证----------------------");
|
|
|
OpenAPIContext.setTime(System.currentTimeMillis());
|
|
|
+ if (!openVerify) {
|
|
|
+ return true;
|
|
|
+ }
|
|
|
if (request instanceof ContentCachingRequestWrapper) {
|
|
|
ContentCachingRequestWrapper contentCachingRequestWrapper = (ContentCachingRequestWrapper) request;
|
|
|
ContentCachingResponseWrapper responseWrapper = (ContentCachingResponseWrapper) response;
|
|
|
@@ -160,7 +160,7 @@ public class OpenApiVerifyService {
|
|
|
msg = "Timestamp格式错误";
|
|
|
}
|
|
|
|
|
|
- if (isSuccess){
|
|
|
+ if (isSuccess) {
|
|
|
Long time = DateUtils.timeToLong(timestamp, DateUtils.unionAuth);
|
|
|
if (time == null || Math.abs(time - System.currentTimeMillis()) > OpenAPIConfig.timeBetween) {
|
|
|
isSuccess = false;
|
|
|
@@ -187,7 +187,7 @@ public class OpenApiVerifyService {
|
|
|
msg = "Signature为空或长度不符合要求";
|
|
|
}
|
|
|
|
|
|
- if(isSuccess) {
|
|
|
+ if (isSuccess) {
|
|
|
String sign = AesUtils.signData(requestStr);
|
|
|
log.info("数据sign {}", sign);
|
|
|
String appKey = signInfo.getAppKey();
|
