From d7f599824d4ab79c35e6aacdc59d2581c28504b3 Mon Sep 17 00:00:00 2001
From: xuhy <3313886187@qq.com>
Date: 星期五, 09 八月 2024 18:20:01 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
ruoyi-service/ruoyi-other/src/main/resources/bootstrap.yml | 1
ruoyi-service/ruoyi-order/src/main/resources/bootstrap.yml | 1
ruoyi-service/ruoyi-payment/src/main/resources/bootstrap.yml | 1
ruoyi-service/ruoyi-account/src/main/resources/bootstrap.yml | 1
ruoyi-service/ruoyi-chargingPile/src/main/resources/bootstrap.yml | 1
ruoyi-api/ruoyi-api-other/src/main/java/com/ruoyi/other/api/factory/OtherFallbackFactory.java | 7 +++
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java | 67 +++++++++++++++++++--------------
ruoyi-service/ruoyi-integration/src/main/resources/bootstrap.yml | 1
8 files changed, 51 insertions(+), 29 deletions(-)
diff --git a/ruoyi-api/ruoyi-api-other/src/main/java/com/ruoyi/other/api/factory/OtherFallbackFactory.java b/ruoyi-api/ruoyi-api-other/src/main/java/com/ruoyi/other/api/factory/OtherFallbackFactory.java
index cfb52c2..4d8eb24 100644
--- a/ruoyi-api/ruoyi-api-other/src/main/java/com/ruoyi/other/api/factory/OtherFallbackFactory.java
+++ b/ruoyi-api/ruoyi-api-other/src/main/java/com/ruoyi/other/api/factory/OtherFallbackFactory.java
@@ -44,7 +44,12 @@
public R unitDelete(Integer id) {
return R.fail("删除单位失败:" + throwable.getMessage());
}
-
+
+ @Override
+ public R<TCompany> unitDetail(Integer id) {
+ return R.fail("查询单位失败:" + throwable.getMessage());
+ }
+
@Override
public R<Page<TUserTag>> queryTagPage(TagListQueryDto unitListQueryDto) {
return R.fail("查询标签:" + throwable.getMessage());
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
index 799de22..c8b573a 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/SignFilter.java
@@ -1,5 +1,6 @@
package com.ruoyi.gateway.filter;
+import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.HttpStatus;
@@ -20,6 +21,7 @@
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -29,6 +31,7 @@
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
+import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
@@ -66,14 +69,14 @@
}
String sing = request.getHeaders().getFirst(TokenConstants.SING);
String nonce_str = request.getHeaders().getFirst(TokenConstants.NONCE_STR);
- if (parameter_signature && StringUtils.isEmpty(sing)) {
- return unauthorizedResponse(exchange, "签名不能为空!");
- }
- if (parameter_signature && StringUtils.isEmpty(nonce_str)) {
- return unauthorizedResponse(exchange, "签名不能为空!");
- }
- if(parameter_signature && !authSign(exchange)){
- return unauthorizedResponse(exchange, "签名不通过!");
+// if (parameter_signature && StringUtils.isEmpty(sing)) {
+// return unauthorizedResponse(exchange, "签名不能为空!");
+// }
+// if (parameter_signature && StringUtils.isEmpty(nonce_str)) {
+// return unauthorizedResponse(exchange, "签名不能为空!");
+// }
+ if(parameter_signature){
+ return authSign(exchange, chain, sing, nonce_str);
}
return chain.filter(exchange.mutate().request(mutate.build()).build());
}
@@ -88,36 +91,43 @@
/**
* 校验签名
- * @param exchange
* @return
*/
- private boolean authSign(ServerWebExchange exchange){
- return false;
+ private Mono<Void> authSign(ServerWebExchange exchange, GatewayFilterChain chain, String sing, String nonce_str){
+ return DataBufferUtils.join(exchange.getRequest().getBody())
+ .flatMap(dataBuffer -> {
+ byte[] bytes = new byte[dataBuffer.readableByteCount()];
+ dataBuffer.read(bytes);
+ String bodyString = new String(bytes, StandardCharsets.UTF_8);
+ log.info("请求参数:{}", bodyString);
+ if(!authSign(JSON.parseObject(bodyString), sing, nonce_str)){
+ return unauthorizedResponse(exchange, "签名验证失败!");
+ }
+ DataBufferUtils.release(dataBuffer);
+ Flux<DataBuffer> cachedFlux = Flux.defer(() -> {
+ DataBuffer buffer = exchange.getResponse().bufferFactory()
+ .wrap(bytes);
+ return Mono.just(buffer);
+ });
+ ServerHttpRequest mutatedRequest = new ServerHttpRequestDecorator(exchange.getRequest()) {
+ @Override
+ public Flux<DataBuffer> getBody() {
+ return cachedFlux;
+ }
+ };
+ return chain.filter(exchange.mutate().request(mutatedRequest)
+ .build());
+ });
}
/**
* 签名校验
- * @param httpRequestDecorator
* @return
*/
- private boolean authSign(ServerHttpRequestDecorator httpRequestDecorator) {
- HttpHeaders headers = httpRequestDecorator.getHeaders();
- Flux<DataBuffer> body = httpRequestDecorator.getBody();
- AtomicReference<JSONObject> jsonObject = new AtomicReference<>(new JSONObject());
- httpRequestDecorator.getBody().map(dataBuffers -> dataBuffers.toString());
- JSONObject params = jsonObject.get();
- String sign = headers.getFirst(TokenConstants.SING);
- if(StringUtils.isEmpty(sign)){
- return false;
- }
- String nonce_str = headers.getFirst(TokenConstants.NONCE_STR);
- if(StringUtils.isEmpty(nonce_str)){
- return false;
- }
-
- String signUrlEncode = localSignUrl(params, nonce_str);
+ private boolean authSign(JSONObject jsonStr, String sign, String nonce_str) {
+ String signUrlEncode = localSignUrl(jsonStr, nonce_str);
signUrlEncode = signUrlEncode.replaceAll("& #40;", "\\(")
.replaceAll("& #41;", "\\)")
.replaceAll("\\+", " ");
@@ -166,6 +176,7 @@
try {
signByte = HMACSHA1.HmacSHA1Encrypt(signUrl, encryptKey);
} catch (Exception e) {
+ e.printStackTrace();
throw new RuntimeException(e);
}
String localSign = Base64.encodeBase64String(signByte);
diff --git a/ruoyi-service/ruoyi-account/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-account/src/main/resources/bootstrap.yml
index 8c876b7..7ca4a3c 100644
--- a/ruoyi-service/ruoyi-account/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-account/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-account
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
diff --git a/ruoyi-service/ruoyi-chargingPile/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-chargingPile/src/main/resources/bootstrap.yml
index f923f2a..1dc2633 100644
--- a/ruoyi-service/ruoyi-chargingPile/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-chargingPile/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-chargingPile
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
diff --git a/ruoyi-service/ruoyi-integration/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-integration/src/main/resources/bootstrap.yml
index db469bd..b0bc8fc 100644
--- a/ruoyi-service/ruoyi-integration/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-integration/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-integration
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
diff --git a/ruoyi-service/ruoyi-order/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-order/src/main/resources/bootstrap.yml
index c895ca7..7c243b4 100644
--- a/ruoyi-service/ruoyi-order/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-order/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-order
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
diff --git a/ruoyi-service/ruoyi-other/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-other/src/main/resources/bootstrap.yml
index 8366a70..e22d860 100644
--- a/ruoyi-service/ruoyi-other/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-other/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-other
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
diff --git a/ruoyi-service/ruoyi-payment/src/main/resources/bootstrap.yml b/ruoyi-service/ruoyi-payment/src/main/resources/bootstrap.yml
index d57151d..71850da 100644
--- a/ruoyi-service/ruoyi-payment/src/main/resources/bootstrap.yml
+++ b/ruoyi-service/ruoyi-payment/src/main/resources/bootstrap.yml
@@ -5,6 +5,7 @@
name: ruoyi-payment
main:
allow-bean-definition-overriding: true
+ allow-circular-references: true
profiles:
# 环境配置
active: dev
--
Gitblit v1.7.1