package com.changhong.epc.zuul.filter;
|
|
import com.iemsoft.framework.cloud.core.constant.BaseConst;
|
import com.iemsoft.framework.cloud.core.exception.IEMRuntimeException;
|
import com.iemsoft.framework.cloud.zuul.filter.url.UrlFilter;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.stereotype.Service;
|
|
import javax.servlet.http.HttpServletRequest;
|
import java.util.*;
|
@Slf4j
|
@Service
|
public class ApiMasterFilter implements UrlFilter, BaseConst {
|
/* 云帐仿秘钥 */
|
@Value("${platform_fyy}")
|
private String cloudKey;
|
|
|
/* 属性编号 */
|
@Value("${accessNumber}")
|
private String accessNumber;
|
|
private static final Set<String> SERIAL_NUMBER = new HashSet<>(100);
|
/*
|
* 7位接入编号
|
*/
|
public static final int ACCESS_NUMBER_SIZE = 7;
|
/*
|
* 8位日期值
|
*/
|
public static final int DATE_INFO_SIZE = 8;
|
/*
|
* 9位唯一序列号
|
*/
|
public static final int SERIAL_NUMBER_SIZE = 9;
|
/*
|
* id总长度
|
*/
|
public static final int ID_SUM_SIZE = ACCESS_NUMBER_SIZE + DATE_INFO_SIZE + SERIAL_NUMBER_SIZE;
|
|
|
@Override
|
public void filter(HttpServletRequest request) {
|
//鉴定sign
|
validateSign(request);
|
//鉴定ID
|
validateId(ValiParams.getId(request));
|
}
|
|
@Override
|
public String getRegExp() {
|
return "http://[^:]+(:\\d+)?/epc/epc-(tenant|center)-api/json/addFtpPath";
|
}
|
|
/*
|
* 验证流水号
|
*/
|
private void validateId(String id){
|
log.debug(String.format("开始验证id:'%s'", id));
|
log.debug(String.format("已访问过id为:%s", SERIAL_NUMBER));
|
// System.out.println("主数据ftp单独拦截——————————————>");
|
if(id == null || id.length() != ID_SUM_SIZE){
|
/* 请求格式错误 */
|
throw new IEMRuntimeException(C0008);
|
}
|
// 判断接入编号
|
String number = id.substring(0, ACCESS_NUMBER_SIZE);
|
if(this.accessNumber.equals(number)){
|
// System.out.println("接入编号验证----->");
|
// 日期
|
String dateInfo = id.substring(ACCESS_NUMBER_SIZE, ACCESS_NUMBER_SIZE+DATE_INFO_SIZE);
|
if(!ApiParamFilter.uid1.format(new Date()).equals(dateInfo)){
|
log.debug("日期错误!");
|
/* 请求格式错误 */
|
throw new IEMRuntimeException(C0008);
|
}
|
}else{
|
log.debug("接入平台编码错误!");
|
/* 接入平台不存在 */
|
throw new IEMRuntimeException(C0008);
|
}
|
}
|
|
/*
|
* 验证sign
|
*/
|
private void validateSign(HttpServletRequest request){
|
String sign = ValiParams.getSign(request);
|
if(!Objects.equals(getQueryStringMD5(request), sign)){
|
/* 请求格式错误 */
|
throw new IEMRuntimeException("C0006");
|
}
|
}
|
|
|
|
/*
|
* 获得参数的md5
|
*/
|
private String getQueryStringMD5(HttpServletRequest request){
|
StringBuilder sb = new StringBuilder();
|
log.debug("开始计算sign");
|
Enumeration<String> params = request.getParameterNames();
|
Set<String> setKey = new TreeSet<>();
|
while(params.hasMoreElements()){
|
setKey.add(params.nextElement());
|
}
|
for (String string : setKey) {
|
if(!ValiParams.SIGN_KEY.equals(string)){
|
/* 拼接条件 */
|
sb.append(string)
|
.append('=')
|
.append(request.getParameter(string))
|
.append('&');
|
}
|
}
|
sb.append("key=").append(cloudKey);
|
log.debug(String.format("生成的条件为'%s'", sb.toString()));
|
String md5 = MD5.toMD5(sb.toString());
|
log.debug(String.format("加密的md5为:'%s',sign:'%s'", md5, ValiParams.getSign(request)));
|
return md5;
|
}
|
|
public void setCloudKey(String cloudKey) {
|
this.cloudKey = cloudKey;
|
}
|
|
}
|
