From ab46a451cf1c94b01e8718e2aa6be6c7fc1886c1 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期五, 16 八月 2024 15:32:50 +0800
Subject: [PATCH] 合并代码
---
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java | 26 ++++++++++++++------------
1 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
index c8b573a..0fe0de6 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
@@ -67,16 +67,16 @@
if(method != HttpMethod.POST){
return chain.filter(exchange.mutate().request(mutate.build()).build());
}
- String sing = request.getHeaders().getFirst(TokenConstants.SING);
+ String sign = request.getHeaders().getFirst(TokenConstants.SIGN);
String nonce_str = request.getHeaders().getFirst(TokenConstants.NONCE_STR);
-// if (parameter_signature && StringUtils.isEmpty(sing)) {
-// return unauthorizedResponse(exchange, "签名不能为空!");
-// }
-// if (parameter_signature && StringUtils.isEmpty(nonce_str)) {
-// return unauthorizedResponse(exchange, "签名不能为空!");
-// }
+ if (parameter_signature && StringUtils.isEmpty(sign)) {
+ return unauthorizedResponse(exchange, "签名不能为空!");
+ }
+ if (parameter_signature && StringUtils.isEmpty(nonce_str)) {
+ return unauthorizedResponse(exchange, "签名不能为空!");
+ }
if(parameter_signature){
- return authSign(exchange, chain, sing, nonce_str);
+ return authSign(exchange, chain, sign, nonce_str);
}
return chain.filter(exchange.mutate().request(mutate.build()).build());
}
@@ -93,14 +93,14 @@
* 校验签名
* @return
*/
- private Mono<Void> authSign(ServerWebExchange exchange, GatewayFilterChain chain, String sing, String nonce_str){
+ private Mono<Void> authSign(ServerWebExchange exchange, GatewayFilterChain chain, String sign, String nonce_str){
return DataBufferUtils.join(exchange.getRequest().getBody())
.flatMap(dataBuffer -> {
byte[] bytes = new byte[dataBuffer.readableByteCount()];
dataBuffer.read(bytes);
String bodyString = new String(bytes, StandardCharsets.UTF_8);
log.info("请求参数:{}", bodyString);
- if(!authSign(JSON.parseObject(bodyString), sing, nonce_str)){
+ if(!authSign(JSON.parseObject(bodyString), sign, nonce_str)){
return unauthorizedResponse(exchange, "签名验证失败!");
}
DataBufferUtils.release(dataBuffer);
@@ -129,11 +129,12 @@
private boolean authSign(JSONObject jsonStr, String sign, String nonce_str) {
String signUrlEncode = localSignUrl(jsonStr, nonce_str);
signUrlEncode = signUrlEncode.replaceAll("& #40;", "\\(")
- .replaceAll("& #41;", "\\)")
- .replaceAll("\\+", " ");
+ .replaceAll("& #41;", "\\)");
if(sign.equals(signUrlEncode)){
return true;
}
+
+ System.err.println("签名值:" + signUrlEncode);
return false;
}
@@ -161,6 +162,7 @@
}
}
String signUrl = sb.substring(0, sb.length() - 1);
+ System.err.println("签名串:" + signUrl);
return signUrlEncode(signUrl, key);
}
--
Gitblit v1.7.1