2020_src/epc/feeCloud-backend.git

2020-05-18 a18bfacbf56b401f6e0fdae8710fbca4df8cff77

commit \| author \| age
a18bfa	1	package com.changhong.epc.zuul.filter;
Z	2
	3	import com.iemsoft.framework.cloud.core.constant.BaseConst;
	4	import com.iemsoft.framework.cloud.core.exception.IEMRuntimeException;
	5	import com.iemsoft.framework.cloud.zuul.filter.url.UrlFilter;
	6	import lombok.extern.slf4j.Slf4j;
	7	import org.springframework.beans.factory.annotation.Value;
	8	import org.springframework.stereotype.Service;
	9
	10	import javax.servlet.http.HttpServletRequest;
	11	import java.text.DateFormat;
	12	import java.text.SimpleDateFormat;
	13	import java.util.*;
	14
	15	@Slf4j
	16	@Service
	17	public class ApiCscFilter implements UrlFilter, BaseConst{
	18
	19	/* 云帐仿秘钥 */
	20	private String cloudKey;
	21
	22	/* 属性编号 */
	23	private String accessNumber;
	24
	25	public ApiCscFilter(@Value("${platform_fyy}") String cloudKey, @Value("${accessNumber}") String accessNumber){
	26	this.cloudKey = cloudKey;
	27	this.accessNumber = accessNumber;
	28	}
	29
	30	public static final DateFormat uid1 = new SimpleDateFormat("yyyyMMdd");
	31
	32	private static final Set<String> SERIAL_NUMBER = new HashSet<>(100);
	33	/*
	34	* 7位接入编号
	35	*/
	36	public static final int ACCESS_NUMBER_SIZE = 7;
	37	/*
	38	* 8位日期值
	39	*/
	40	public static final int DATE_INFO_SIZE = 8;
	41	/*
	42	* 9位唯一序列号
	43	*/
	44	public static final int SERIAL_NUMBER_SIZE = 9;
	45	/*
	46	* id总长度
	47	*/
	48	public static final int ID_SUM_SIZE = ACCESS_NUMBER_SIZE + DATE_INFO_SIZE + SERIAL_NUMBER_SIZE;
	49
	50
	51	@Override
	52	public void filter(HttpServletRequest request) {
	53	//鉴定sign
	54	validateSign(request);
	55	//鉴定ID
	56	validateId(ValiParams.getId(request));
	57	}
	58
	59	@Override
	60	public String getRegExp() {
	61	return "http://[^:]+(:\\d+)?/epc/epc-center-api/push/power";
	62	}
	63
	64	/*
	65	* 验证流水号
	66	*/
	67	private void validateId(String id){
	68	log.debug(String.format("开始验证id:'%s'", id));
	69	log.debug(String.format("已访问过id为:%s", SERIAL_NUMBER));
	70	if(id == null \|\| id.length() != ID_SUM_SIZE){
	71	/* 请求格式错误 */
	72	throw new IEMRuntimeException(C0008);
	73	}
	74	// 判断接入编号
	75	String number = id.substring(0, ACCESS_NUMBER_SIZE);
	76	if(this.accessNumber.equals(number)){
	77	// 日期
	78	String dateInfo = id.substring(ACCESS_NUMBER_SIZE, ACCESS_NUMBER_SIZE+DATE_INFO_SIZE);
	79	if(!ApiCscFilter.uid1.format(new Date()).equals(dateInfo)){
	80	log.debug("日期错误!");
	81	/* 请求格式错误 */
	82	throw new IEMRuntimeException(C0008);
	83	}
	84	}else{
	85	log.debug("接入平台编码错误!");
	86	/* 接入平台不存在 */
	87	throw new IEMRuntimeException(C0008);
	88	}
	89	}
	90
	91	/*
	92	* 验证sign
	93	*/
	94	private void validateSign(HttpServletRequest request){
	95	String sign = ValiParams.getSign(request);
	96	if(!Objects.equals(getQueryStringMD5(request), sign)){
	97	/* 请求格式错误 */
	98	throw new IEMRuntimeException("U0039");
	99	}
	100	}
	101
	102	/*
	103	* 获得参数的md5
	104	*/
	105	private String getQueryStringMD5(HttpServletRequest request){
	106
	107	StringBuilder sb = new StringBuilder();
	108	log.debug("开始计算sign");
	109	Enumeration<String> params = request.getParameterNames();
	110	Set<String> setKey = new TreeSet<>();
	111	while(params.hasMoreElements()){
	112	setKey.add(params.nextElement());
	113	}
	114	for (String string : setKey) {
	115	if(!ValiParams.SIGN_KEY.equals(string)){
	116	/* 拼接条件 */
	117	sb.append(string)
	118	.append('=')
	119	.append(request.getParameter(string))
	120	.append('&');
	121	}
	122	}
	123	sb.append("key=").append(cloudKey);
	124	log.debug(String.format("生成的条件为'%s'", sb.toString()));
	125	String md5 = MD5.toMD5(sb.toString());
	126	log.debug(String.format("加密的md5为:'%s',sign:'%s'", md5, ValiParams.getSign(request)));
	127	return md5;
	128	}
	129
	130	}