2020_src/epc/feeCloud-backend.git

package com.changhong.epc.zuul.filter;
 
import com.iemsoft.framework.cloud.core.constant.BaseConst;
import com.iemsoft.framework.cloud.core.exception.IEMRuntimeException;
import com.iemsoft.framework.cloud.zuul.filter.url.UrlFilter;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
 
import javax.servlet.http.HttpServletRequest;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.*;
 
@Slf4j
@Service
public class ApiCscFilter implements UrlFilter, BaseConst{
    
    /* 云帐仿秘钥 */
    private String cloudKey;
    
    /* 属性编号 */
    private String accessNumber;
 
    public ApiCscFilter(@Value("${platform_fyy}") String cloudKey, @Value("${accessNumber}") String accessNumber){
        this.cloudKey = cloudKey;
        this.accessNumber = accessNumber;
    }
    
    public static final DateFormat uid1 = new SimpleDateFormat("yyyyMMdd");
    
    private static final Set<String> SERIAL_NUMBER = new HashSet<>(100);
    /*
     * 7位接入编号
     */
    public static final int ACCESS_NUMBER_SIZE     = 7;
    /*
     * 8位日期值
     */
    public static final int DATE_INFO_SIZE         = 8;
    /*
     * 9位唯一序列号
     */
    public static final int SERIAL_NUMBER_SIZE     = 9;
    /*
     * id总长度
     */
    public static final int ID_SUM_SIZE = ACCESS_NUMBER_SIZE + DATE_INFO_SIZE + SERIAL_NUMBER_SIZE;
    
 
    @Override
    public void filter(HttpServletRequest request) {
        //鉴定sign
        validateSign(request);
        //鉴定ID
        validateId(ValiParams.getId(request));
    }
 
    @Override
    public String getRegExp() {
        return "http://[^:]+(:\\d+)?/epc/epc-center-api/push/power";
    }
 
    /*
     * 验证流水号
     */
    private void validateId(String id){
        log.debug(String.format("开始验证id:'%s'", id));
        log.debug(String.format("已访问过id为:%s", SERIAL_NUMBER));
        if(id == null || id.length() != ID_SUM_SIZE){
            /* 请求格式错误 */
            throw new IEMRuntimeException(C0008);
        }
        // 判断接入编号 
        String number = id.substring(0, ACCESS_NUMBER_SIZE);
        if(this.accessNumber.equals(number)){
            // 日期
            String dateInfo = id.substring(ACCESS_NUMBER_SIZE, ACCESS_NUMBER_SIZE+DATE_INFO_SIZE);
            if(!ApiCscFilter.uid1.format(new Date()).equals(dateInfo)){
                log.debug("日期错误!");
                /* 请求格式错误 */
                throw new IEMRuntimeException(C0008);
            }
        }else{
            log.debug("接入平台编码错误!");
            /* 接入平台不存在 */
            throw new IEMRuntimeException(C0008);
        }
    }
    
     /*
     * 验证sign
     */
    private void validateSign(HttpServletRequest request){
        String sign = ValiParams.getSign(request);
        if(!Objects.equals(getQueryStringMD5(request), sign)){
            /* 请求格式错误 */
            throw new IEMRuntimeException("U0039");
        }
    }
    
    /*
     * 获得参数的md5
     */
    private String getQueryStringMD5(HttpServletRequest request){
 
        StringBuilder sb = new StringBuilder();
        log.debug("开始计算sign");
        Enumeration<String> params = request.getParameterNames();
        Set<String> setKey = new TreeSet<>();        
        while(params.hasMoreElements()){
            setKey.add(params.nextElement());
        }
        for (String string : setKey) {
            if(!ValiParams.SIGN_KEY.equals(string)){
                /* 拼接条件 */
                sb.append(string)
                    .append('=')
                    .append(request.getParameter(string))
                    .append('&');    
            }
        }
        sb.append("key=").append(cloudKey);
        log.debug(String.format("生成的条件为'%s'", sb.toString()));
        String md5 = MD5.toMD5(sb.toString());
        log.debug(String.format("加密的md5为:'%s',sign:'%s'", md5, ValiParams.getSign(request)));
        return md5;
    }
 
}