清理废弃功能代码-oauth
This commit is contained in:
@@ -1,93 +0,0 @@
|
||||
package com.accompany.oauth2.service.account;
|
||||
|
||||
import com.accompany.common.constant.Constant;
|
||||
import com.accompany.common.constant.SmsConstant;
|
||||
import com.accompany.common.redis.RedisKey;
|
||||
import com.accompany.common.utils.CommonUtil;
|
||||
import com.accompany.core.model.Account;
|
||||
import com.accompany.core.model.Users;
|
||||
import com.accompany.core.service.account.AccountService;
|
||||
import com.accompany.core.service.common.JedisService;
|
||||
import com.accompany.core.service.user.UsersBaseService;
|
||||
import com.accompany.oauth2.exception.CustomOAuth2Exception;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Objects;
|
||||
|
||||
/**
|
||||
* 超管登陆相关
|
||||
*/
|
||||
@Service
|
||||
public class SuperAdminGrantService {
|
||||
|
||||
private static final transient Logger logger = LoggerFactory.getLogger(SuperAdminGrantService.class);
|
||||
|
||||
@Autowired
|
||||
private AccountService accountService;
|
||||
@Autowired
|
||||
private JedisService jedisService;
|
||||
@Autowired
|
||||
private UsersBaseService usersBaseService;
|
||||
|
||||
public void grant(String phone,String sCode,String os,String version){
|
||||
Account account = accountService.getAccount(phone);
|
||||
if(account == null){
|
||||
logger.error("account not exist,phone:{},sCode:{},os:{},version:{}",phone,sCode,os,version);
|
||||
throw new CustomOAuth2Exception(CustomOAuth2Exception.INVALID_USER, "账号不存在");
|
||||
}
|
||||
if(!isSuperAdmin(account.getUid())){
|
||||
return;
|
||||
}
|
||||
CustomOAuth2Exception exception = new CustomOAuth2Exception(CustomOAuth2Exception.INVALID_SUPER_USER, "Bad credentials");
|
||||
if(!CommonUtil.checkPhoneFormat(account.getPhoneAreaCode(),account.getPhone())){
|
||||
logger.error("super-admin login error.:{}",phone);
|
||||
exception.addAdditionalInformation("msgWithValue","账号异常,未绑定手机号码");
|
||||
throw exception;
|
||||
}
|
||||
if(StringUtils.isBlank(sCode)){
|
||||
// 开启超管短信登录验证
|
||||
exception.addAdditionalInformation("superCodeVerify", "1");
|
||||
exception.addAdditionalInformation("msgWithValue","请输入超级管理员手机验证码");
|
||||
throw exception;
|
||||
}
|
||||
// 校验短信验证码
|
||||
if(!verifySmsCodeByCache(account.getPhone(),sCode, SmsConstant.SmsType.SUPER_ADMIN_LOGIN)){
|
||||
exception.addAdditionalInformation("superCodeVerify", "1");
|
||||
exception.addAdditionalInformation("msgWithValue","超级管理员验证码校验失败");
|
||||
throw exception;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public boolean verifySmsCodeByCache(String mobile, String code, Byte bizType){
|
||||
String codeStr = jedisService.get(getSmsKey(mobile, bizType));
|
||||
if(!StringUtils.isEmpty(codeStr) && codeStr.equals(code)){
|
||||
return true;
|
||||
}else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public String getSmsKey(String mobile, Byte bizType) {
|
||||
return RedisKey.sms.getKey(mobile + "_" + bizType);
|
||||
}
|
||||
|
||||
public boolean isSuperAdmin(Long uid){
|
||||
Users user = usersBaseService.getUsersByUid(uid);
|
||||
return user != null && Objects.equals(user.getPlatformRole(), Constant.PlatformRole.superAdmin);
|
||||
}
|
||||
|
||||
public void ifSuperAdminNotAllow(Long uid){
|
||||
if(isSuperAdmin(uid)){
|
||||
CustomOAuth2Exception exception = new CustomOAuth2Exception(CustomOAuth2Exception.INVALID_SUPER_USER, "Bad credentials");
|
||||
logger.error("super-admin third-login error.uid:{}",uid);
|
||||
exception.addAdditionalInformation("msgWithValue","超级管理员不允许第三方登陆");
|
||||
throw exception;
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,156 +0,0 @@
|
||||
package com.accompany.oauth2.util;
|
||||
|
||||
import org.apache.commons.httpclient.methods.InputStreamRequestEntity;
|
||||
import org.apache.commons.httpclient.methods.PostMethod;
|
||||
import org.apache.commons.httpclient.methods.RequestEntity;
|
||||
import org.apache.http.NameValuePair;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.config.RequestConfig;
|
||||
import org.apache.http.client.entity.UrlEncodedFormEntity;
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
|
||||
import org.apache.http.message.BasicNameValuePair;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.nio.charset.Charset;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class HttpClient4Utils {
|
||||
private static HttpClient defaultClient = createHttpClient(20, 20, 5000, 5000, 3000);
|
||||
|
||||
/**
|
||||
* 实例化HttpClient
|
||||
*
|
||||
* @param maxTotal
|
||||
* @param maxPerRoute
|
||||
* @param socketTimeout
|
||||
* @param connectTimeout
|
||||
* @param connectionRequestTimeout
|
||||
* @return
|
||||
*/
|
||||
public static HttpClient createHttpClient(int maxTotal, int maxPerRoute, int socketTimeout, int connectTimeout,
|
||||
int connectionRequestTimeout) {
|
||||
RequestConfig defaultRequestConfig = RequestConfig.custom().setSocketTimeout(socketTimeout)
|
||||
.setConnectTimeout(connectTimeout).setConnectionRequestTimeout(connectionRequestTimeout).build();
|
||||
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
|
||||
cm.setMaxTotal(maxTotal);
|
||||
cm.setDefaultMaxPerRoute(maxPerRoute);
|
||||
CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(cm)
|
||||
.setDefaultRequestConfig(defaultRequestConfig).build();
|
||||
return httpClient;
|
||||
}
|
||||
|
||||
/**
|
||||
* 发送post请求
|
||||
*
|
||||
* @param httpClient
|
||||
* @param url 请求地址
|
||||
* @param params 请求参数
|
||||
* @param encoding 编码
|
||||
* @return
|
||||
*/
|
||||
public static String sendPost(HttpClient httpClient, String url, Map<String, String> params, Charset encoding) {
|
||||
String resp = "";
|
||||
HttpPost httpPost = new HttpPost(url);
|
||||
if (params != null && params.size() > 0) {
|
||||
List<NameValuePair> formParams = new ArrayList<NameValuePair>();
|
||||
Iterator<Map.Entry<String, String>> itr = params.entrySet().iterator();
|
||||
while (itr.hasNext()) {
|
||||
Map.Entry<String, String> entry = itr.next();
|
||||
formParams.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
|
||||
}
|
||||
UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(formParams, encoding);
|
||||
httpPost.setEntity(postEntity);
|
||||
}
|
||||
CloseableHttpResponse response = null;
|
||||
try {
|
||||
response = (CloseableHttpResponse) httpClient.execute(httpPost);
|
||||
resp = EntityUtils.toString(response.getEntity(), encoding);
|
||||
} catch (Exception e) {
|
||||
// log
|
||||
e.printStackTrace();
|
||||
} finally {
|
||||
if (response != null) {
|
||||
try {
|
||||
response.close();
|
||||
} catch (IOException e) {
|
||||
// log
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
}
|
||||
return resp;
|
||||
}
|
||||
|
||||
/**
|
||||
* 发送post请求
|
||||
* @param url 请求地址
|
||||
* @param params 请求参数
|
||||
* @return
|
||||
*/
|
||||
public static String sendPost(String url, Map<String, String> params) {
|
||||
Charset encoding = Charset.forName("utf8");
|
||||
return sendPost(defaultClient, url, params, encoding);
|
||||
}
|
||||
|
||||
|
||||
public static String post(String params, String requestUrl) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
// try {
|
||||
//HttpRequester request = new HttpRequester();
|
||||
// request.setDefaultContentEncoding("utf-8");
|
||||
byte[] requestBytes = params.getBytes("utf-8"); // 将参数转为二进制流
|
||||
org.apache.commons.httpclient.HttpClient httpClient = new org.apache.commons.httpclient.HttpClient(); // 客户端实例化
|
||||
PostMethod postMethod = new PostMethod(requestUrl);
|
||||
//设置请求头Authorization
|
||||
// postMethod.setRequestHeader("Authorization", "Basic " + authorization);
|
||||
// 设置请求头 Content-Type
|
||||
postMethod.setRequestHeader("Content-Type", "application/json");
|
||||
InputStream inputStream = new ByteArrayInputStream(requestBytes, 0, requestBytes.length);
|
||||
RequestEntity requestEntity = new InputStreamRequestEntity(inputStream, requestBytes.length, "application/json; charset=utf-8"); // 请求体
|
||||
postMethod.setRequestEntity(requestEntity);
|
||||
httpClient.executeMethod(postMethod);// 执行请求
|
||||
InputStream soapResponseStream = postMethod.getResponseBodyAsStream();// 获取返回的流
|
||||
byte[] datas = null;
|
||||
try {
|
||||
datas = readInputStream(soapResponseStream);// 从输入流中读取数据
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
String result = new String(datas, "UTF-8");// 将二进制流转为String
|
||||
// 打印返回结果
|
||||
// System.out.println(result);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 从输入流中读取数据
|
||||
*
|
||||
* @param inStream
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
public static byte[] readInputStream(InputStream inStream) throws Exception {
|
||||
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
|
||||
byte[] buffer = new byte[1024];
|
||||
int len = 0;
|
||||
while ((len = inStream.read(buffer)) != -1) {
|
||||
outStream.write(buffer, 0, len);
|
||||
}
|
||||
byte[] data = outStream.toByteArray();
|
||||
outStream.close();
|
||||
inStream.close();
|
||||
return data;
|
||||
}
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
package com.accompany.oauth2.util;
|
||||
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Map;
|
||||
|
||||
public class SignatureUtils {
|
||||
|
||||
/**
|
||||
* 生成签名信息
|
||||
* @param secretKey 产品私钥
|
||||
* @param params 接口请求参数名和参数值map,不包括signature参数名
|
||||
* @return
|
||||
* @throws UnsupportedEncodingException
|
||||
*/
|
||||
public static String genSignature(String secretKey, Map<String, String> params) throws UnsupportedEncodingException {
|
||||
// 1. 参数名按照ASCII码表升序排序
|
||||
String[] keys = params.keySet().toArray(new String[0]);
|
||||
Arrays.sort(keys);
|
||||
|
||||
// 2. 按照排序拼接参数名与参数值
|
||||
StringBuffer paramBuffer = new StringBuffer();
|
||||
for (String key : keys) {
|
||||
paramBuffer.append(key).append(params.get(key) == null ? "" : params.get(key));
|
||||
}
|
||||
// 3. 将secretKey拼接到最后
|
||||
paramBuffer.append(secretKey);
|
||||
|
||||
// 4. MD5是128位长度的摘要算法,用16进制表示,一个十六进制的字符能表示4个位,所以签名后的字符串长度固定为32个十六进制字符。
|
||||
return DigestUtils.md5Hex(paramBuffer.toString().getBytes("UTF-8"));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
#http\://music.yy.com/schema/security/oauth2=com.accompany.oauth2.service.config.xml.OAuth2SecurityNamespaceHandler
|
||||
@@ -1,3 +0,0 @@
|
||||
#http\://music.yy.com/schema/security/spring-security-oauth2-1.0.xsd=/xsd/spring-security-oauth2-1.0.xsd
|
||||
#http\://music.yy.com/schema/security/spring-security-oauth2-2.0.xsd=/xsd/spring-security-oauth2-2.0.xsd
|
||||
#http\://music.yy.com/schema/security/spring-security-oauth2.xsd=/xsd/spring-security-oauth2-2.0.xsd
|
||||
@@ -1,70 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE generatorConfiguration
|
||||
PUBLIC "-//mybatis.org//DTD MyBatis Generator Configuration 1.0//EN"
|
||||
"http://mybatis.org/dtd/mybatis-generator-config_1_0.dtd">
|
||||
<generatorConfiguration>
|
||||
|
||||
<!--<classPathEntry-->
|
||||
<!--location="F:\mysql-connector-java-5.1.26-bin.jar"/>-->
|
||||
<!--<classPathEntry location="/Users/raymondjack/myBatis/mysql-connector-java-5.1.26-bin.jar" />-->
|
||||
<classPathEntry location="C:\Users\Administrator\.m2\repository\mysql\mysql-connector-java\5.1.26\mysql-connector-java-5.1.26.jar" />
|
||||
<context id="DB2Tables" targetRuntime="MyBatis3">
|
||||
<commentGenerator>
|
||||
<property name="suppressDate" value="true" />
|
||||
|
||||
<property name="suppressAllComments" value="true" />
|
||||
</commentGenerator>
|
||||
|
||||
<jdbcConnection driverClass="com.mysql.jdbc.Driver"
|
||||
connectionURL="jdbc:mysql://115.28.86.139:3306/xchat" userId="root"
|
||||
password="sfw#s0l88*$pcof84">
|
||||
</jdbcConnection>
|
||||
<javaTypeResolver>
|
||||
<property name="forceBigDecimals" value="false" />
|
||||
</javaTypeResolver>
|
||||
|
||||
<javaModelGenerator targetPackage="com.accompany.oauth2.service.model"
|
||||
targetProject="src/main/java">
|
||||
<property name="enableSubPackages" value="true" />
|
||||
<property name="trimStrings" value="true" />
|
||||
</javaModelGenerator>
|
||||
|
||||
<sqlMapGenerator targetPackage="myoauth2.sqlmappers"
|
||||
targetProject="src/main/resources">
|
||||
<property name="enableSubPackages" value="true" />
|
||||
</sqlMapGenerator>
|
||||
|
||||
<javaClientGenerator type="XMLMAPPER"
|
||||
targetPackage="com.accompany.oauth2.service.infrastructure.myaccountmybatis" targetProject="src/main/java">
|
||||
<property name="enableSubPackages" value="true" />
|
||||
</javaClientGenerator>
|
||||
|
||||
<!--<table tableName="account" domainObjectName="Account"-->
|
||||
<!--enableCountByExample="false" enableUpdateByExample="false"-->
|
||||
<!--enableDeleteByExample="true" enableSelectByExample="true"-->
|
||||
<!--selectByExampleQueryId="false">-->
|
||||
<!--<generatedKey column="uid" sqlStatement="MySql" identity="true" />-->
|
||||
<!--</table>-->
|
||||
|
||||
<!--<table tableName="tutu_bind_qq_log" domainObjectName="TutuBindQqLog"-->
|
||||
<!--enableCountByExample="true" enableUpdateByExample="true"-->
|
||||
<!--enableDeleteByExample="true" enableSelectByExample="true"-->
|
||||
<!--selectByExampleQueryId="true">-->
|
||||
<!--<generatedKey column="log_id" sqlStatement="MySql" identity="true"/>-->
|
||||
<!--</table>-->
|
||||
<table tableName="account_protect_record" domainObjectName="AccountProtectRecord"
|
||||
enableCountByExample="true" enableUpdateByExample="true"
|
||||
enableDeleteByExample="true" enableSelectByExample="true"
|
||||
selectByExampleQueryId="true">
|
||||
<generatedKey column="uid" sqlStatement="MySql" identity="true"/>
|
||||
</table>
|
||||
<!--<table tableName="account" domainObjectName="Account"-->
|
||||
<!--enableCountByExample="true" enableUpdateByExample="true"-->
|
||||
<!--enableDeleteByExample="true" enableSelectByExample="true"-->
|
||||
<!--selectByExampleQueryId="true">-->
|
||||
<!--<generatedKey column="uid" sqlStatement="JDBC" identity="true"/>-->
|
||||
<!--</table>-->
|
||||
|
||||
</context>
|
||||
|
||||
</generatorConfiguration>
|
||||
@@ -1,23 +0,0 @@
|
||||
|
||||
#yidun
|
||||
yidun.register.business-id=af43d0f8752147c48f8281800da6049e
|
||||
yidun.register.secret-id=53ac2fc2d00e3ffc4eafbfe6305aed03
|
||||
yidun.register.switch=true
|
||||
yidun.register.api-url=https://ac.dun.163yun.com/v2/register/check
|
||||
yidun.register.secret-key=0b9cd0854bc6be2e5d709cc967f3fc38
|
||||
|
||||
yidun.login.business-id=67881c7a69764c058435ba93a51b1285
|
||||
yidun.login.api-url=https://ac.dun.163yun.com/v2/login/check
|
||||
yidun.login.switch=true
|
||||
|
||||
|
||||
#shumei
|
||||
shumei.register.accessKey=kQ8QOffYuq79qys2JOsP
|
||||
shumei.register.appId=default
|
||||
shumei.register.api.url=http://api.fengkongcloud.com/v3/event
|
||||
shumei.register.switch=true
|
||||
shumei.login.switch=true
|
||||
|
||||
register.opened=false
|
||||
|
||||
login.opened=false
|
||||
@@ -7,7 +7,6 @@ package com.accompany.oauth2.config;
|
||||
*/
|
||||
|
||||
import com.accompany.oauth2.interceptor.LoginInterceptor;
|
||||
import com.accompany.oauth2.interceptor.SecurityInterceptor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||
@@ -16,15 +15,6 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
@Configuration
|
||||
public class WebMvcConfig implements WebMvcConfigurer{
|
||||
|
||||
/**
|
||||
* 自己定义的拦截器类
|
||||
* @return
|
||||
*/
|
||||
@Bean
|
||||
public SecurityInterceptor getSecurityInterceptor() {
|
||||
return new SecurityInterceptor();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public LoginInterceptor getLoginInterceptor() {
|
||||
return new LoginInterceptor();
|
||||
|
||||
@@ -1,114 +0,0 @@
|
||||
package com.accompany.oauth2.interceptor;
|
||||
|
||||
import com.accompany.common.constant.ApplicationConstant;
|
||||
import com.accompany.common.redis.RedisKey;
|
||||
import com.accompany.common.utils.StringUtils;
|
||||
import com.accompany.core.service.common.JedisService;
|
||||
import com.accompany.core.util.KeyStore;
|
||||
import com.accompany.core.util.MD5;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.TreeMap;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* @author yangziwen
|
||||
* @description
|
||||
* @date 2018/6/7 17:27
|
||||
*/
|
||||
public class SecurityInterceptor extends BasicInterceptor {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(SecurityInterceptor.class);
|
||||
|
||||
private static Pattern pattern = Pattern.compile("\\s*|\t|\r|\n");
|
||||
|
||||
@Autowired
|
||||
private JedisService jedisService;
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
|
||||
// 校验是否开启签名,是否 URI 白名单
|
||||
if (!isSignEnable() || this.isExcludeUri(request.getRequestURI())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// 检查 IP 是否被封禁
|
||||
/*String ip = IPUtils.getRealIpAddress(request);
|
||||
if (this.jedisService.sismember(RedisKey.global_block_ip.getKey(), ip)){
|
||||
logger.warn("IP {} 被封禁,不允许访问", ip);
|
||||
return false;
|
||||
}*/
|
||||
|
||||
// 检查设备号是否被封禁
|
||||
/*String deviceId = request.getParameter("deviceId");
|
||||
if (StringUtils.isNotEmpty(deviceId) && this.jedisService.sismember(RedisKey.global_block_device.getKey(), deviceId)){
|
||||
logger.warn("设备号 {} 被封禁,不允许访问", deviceId);
|
||||
return false;
|
||||
}*/
|
||||
|
||||
// 验证签名
|
||||
if (this.isLegalRequest(request)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
this.writeResponse(response, 403, "Illegal Request");
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean isSignEnable() {
|
||||
String sign = this.jedisService.get(RedisKey.sign_enable.getKey());
|
||||
return StringUtils.equalsIgnoreCase(sign, Boolean.TRUE.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验请求是否合法
|
||||
*
|
||||
* @param request
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
private boolean isLegalRequest(HttpServletRequest request) {
|
||||
TreeMap<String, String[]> paramsMap = new TreeMap<>(request.getParameterMap());
|
||||
|
||||
StringBuilder builder = new StringBuilder();
|
||||
Set<Map.Entry<String, String[]>> entries = paramsMap.entrySet();
|
||||
for (Map.Entry<String, String[]> entry : entries) {
|
||||
String name = entry.getKey();
|
||||
if (ApplicationConstant.PUBLIC_PARAMTER_NAMES.contains(name)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
String param = String.join(",", entry.getValue());
|
||||
builder.append(name).append("=").append(param).append("&");
|
||||
}
|
||||
|
||||
// 去除最后一个多余的连接符
|
||||
if (builder.length() > 0) {
|
||||
builder.replace(builder.length() - 1, builder.length(), "");
|
||||
builder.append("&");
|
||||
}
|
||||
|
||||
builder.append("key=").append(KeyStore.DES_SIGN_KEY);
|
||||
String serverSign = MD5.getMD5(builder.toString());
|
||||
Matcher matcher = pattern.matcher(serverSign);
|
||||
serverSign = matcher.replaceAll("");
|
||||
|
||||
String clientSign = request.getParameter(ApplicationConstant.PublicParameters.SIGN);
|
||||
logger.warn("非法请求: uri={}, headers={}, parameters={}",
|
||||
request.getRequestURI(), JSON.toJSONString(request.getHeaderNames()), JSON.toJSONString(request.getParameterMap()));
|
||||
return StringUtils.equalsIgnoreCase(clientSign, serverSign);
|
||||
}
|
||||
|
||||
private boolean isExcludeUri(String url) {
|
||||
String excludeUri = this.jedisService.hget(RedisKey.exclude_uri.getKey(), url);
|
||||
return StringUtils.isNotEmpty(excludeUri) && StringUtils.equalsIgnoreCase(excludeUri, Boolean.TRUE.toString());
|
||||
}
|
||||
}
|
||||
@@ -1,30 +0,0 @@
|
||||
package servicetest;
|
||||
|
||||
import com.accompany.oauth2.OAuth2Application;
|
||||
import com.accompany.oauth2.service.MyUserDetailsService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SpringBootTest(classes = OAuth2Application.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
|
||||
public class CommonTest {
|
||||
|
||||
@Autowired
|
||||
private MyUserDetailsService myUserDetailsService;
|
||||
|
||||
@Test
|
||||
public void getUserClanInfoTest() {
|
||||
|
||||
try {
|
||||
myUserDetailsService.loadUserByPhone("8615626451870","86","111111",null,"127.0.0.1");
|
||||
myUserDetailsService.loadUserByPhone("8615626451870","86","122211",null,"127.2.2.1");
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user