From d60876299ce16db1d35f7c434f4a1145c9d7dd8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9C=B1=E6=AF=85=E9=AA=8F?= Date: Thu, 13 Apr 2023 10:57:51 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=84=E7=90=86=E5=BC=82=E5=B8=B8=E7=B1=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/replay/AntiReplayProperties.java | 2 ++ .../exception/AntiReplayException.java | 8 ++++++ .../java/cn/zyjblogs/filter/AuthFilter.java | 27 ++++++++++--------- .../zyjblogs/filter/SignatureValidator.java | 12 +++++++-- .../sms/exception/SmsRuntimeException.java | 7 +++++ .../exception/AbstractBusinessException.java | 24 +++++++++++++++++ .../exception/AbstractFrameworkException.java | 6 +++++ .../exception/AssartRuntimeException.java | 10 +++++++ .../exception/AuthRuntimeException.java | 15 ++++++++++- .../exception/CommonBusinessException.java | 12 +++++++++ .../exception/CommonFrameworkException.java | 4 +++ .../common/exception/UtilException.java | 11 ++++++-- 12 files changed, 120 insertions(+), 18 deletions(-) diff --git a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/config/replay/AntiReplayProperties.java b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/config/replay/AntiReplayProperties.java index be2156f..e874063 100644 --- a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/config/replay/AntiReplayProperties.java +++ b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/config/replay/AntiReplayProperties.java @@ -17,6 +17,8 @@ public class AntiReplayProperties { */ private Boolean enabled = true; + private Boolean signEnabled = false; + /** * 请求ID 防止重放 diff --git a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/exception/AntiReplayException.java b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/exception/AntiReplayException.java index 6f489ac..2e0a103 100644 --- a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/exception/AntiReplayException.java +++ b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/exception/AntiReplayException.java @@ -10,7 +10,15 @@ public class AntiReplayException extends AbstractFrameworkException { super(message); } + public AntiReplayException(String message, Object obj) { + super(message); + } + public AntiReplayException(String message, Throwable cause) { super(message, cause); } + + public AntiReplayException(String message, Object... params) { + super(message, params); + } } diff --git a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java index e0df17b..35619ce 100644 --- a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java +++ b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/AuthFilter.java @@ -113,34 +113,35 @@ public class AuthFilter implements GlobalFilter { return chain.filter(exchange); } - + /** + * 校验 + * + * @param nonce + * @param timestamp + * @param request + * @throws Exception + */ private void validateNonceAndTimestamp(String nonce, String timestamp, ServerHttpRequest request) throws Exception { - // 判断Nonce和Timestamp是否为空 - if (nonce == null || timestamp == null) { - throw new AntiReplayException("请求头参数错误"); - } Boolean flag = redisTemplateHandler.hasKey(AntiReplayProperties.REDIS_PREFIX + nonce); // 验证Nonce是否已经使用过 if (Boolean.TRUE.equals(flag)) { throw new AntiReplayException("请重复请求!"); } - redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp); - redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS); - // 请求传过来的间戳与服务器当前时间戳差值大于120,则当前请求的timestamp无效 - long l = System.currentTimeMillis(); - log.info("{}", l); // 验证Timestamp是否在合理时间范围内 long timeStampValue; try { timeStampValue = Long.parseLong(timestamp); } catch (NumberFormatException e) { - throw new AntiReplayException(antiReplayProperties.getTimestamp() + "参数错误!"); + throw new AntiReplayException("{} 参数错误!", antiReplayProperties.getTimestamp()); } - if (Math.abs(timeStampValue - l) / 1000 > antiReplayProperties.getExpireTime()) { - throw new AntiReplayException(antiReplayProperties.getTimestamp() + "请求过期!"); + // 请求传过来的间戳与服务器当前时间戳差值大于120,则当前请求的timestamp无效 + if (Math.abs(timeStampValue - System.currentTimeMillis()) / 1000 > antiReplayProperties.getExpireTime()) { + throw new AntiReplayException("{} 请求过期!", antiReplayProperties.getTimestamp()); } //校验签名 SignatureValidator.builder().data(antiReplayProperties, request).execute(); + redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp); + redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS); } /** diff --git a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/SignatureValidator.java b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/SignatureValidator.java index f150382..257be03 100644 --- a/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/SignatureValidator.java +++ b/server/zyjblogs-gateway/src/main/java/cn/zyjblogs/filter/SignatureValidator.java @@ -3,7 +3,6 @@ package cn.zyjblogs.filter; import cn.zyjblogs.config.replay.AntiReplayProperties; import cn.zyjblogs.crypto.sm3.SM3; import cn.zyjblogs.exception.AntiReplayException; -import cn.zyjblogs.starter.common.utils.lang.Asserts; import com.alibaba.fastjson2.JSON; import com.alibaba.nacos.common.utils.ConvertUtils; import lombok.extern.log4j.Log4j2; @@ -25,6 +24,7 @@ public class SignatureValidator { public static class SignatureWorker { + private AntiReplayProperties antiReplayProperties; /** * 请求标识 */ @@ -50,6 +50,11 @@ public class SignatureValidator { return this; } + public SignatureWorker antiReplayProperties(AntiReplayProperties antiReplayProperties) { + this.antiReplayProperties = antiReplayProperties; + return this; + } + public SignatureWorker timestamp(Long timestamp) { this.timestamp = timestamp; return this; @@ -61,7 +66,6 @@ public class SignatureValidator { } public SignatureWorker sign(String sign) { - Asserts.notNull(sign, "签名不能为空"); this.sign = sign; return this; } @@ -78,6 +82,7 @@ public class SignatureValidator { String timestamp = headers.getFirst(antiReplayProperties.getTimestamp()); String sign = headers.getFirst(antiReplayProperties.getSign()); return this.nonce(nonce) + .antiReplayProperties(antiReplayProperties) .timestamp(ConvertUtils.toLong(timestamp)) .queryParams(request.getQueryParams()) .sign(sign); @@ -85,6 +90,9 @@ public class SignatureValidator { public void execute() { + if (Boolean.FALSE.equals(antiReplayProperties.getSignEnabled())) { + return; + } String digest = this.nonce + this.timestamp + this.queryParams; if (!SM3.verify(digest, this.sign)) { if (log.isDebugEnabled()) { diff --git a/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/exception/SmsRuntimeException.java b/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/exception/SmsRuntimeException.java index e4a8a8d..bc225d1 100644 --- a/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/exception/SmsRuntimeException.java +++ b/server/zyjblogs-sms/src/main/java/cn/zyjblogs/sms/exception/SmsRuntimeException.java @@ -37,4 +37,11 @@ public class SmsRuntimeException extends AbstractBusinessException { super(responseCode, message); } + public SmsRuntimeException(String message, Object... params) { + super(message, params); + } + + public SmsRuntimeException(HttpCode responseCode, String message, Object... params) { + super(responseCode, message, params); + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractBusinessException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractBusinessException.java index 976db9d..adeb338 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractBusinessException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractBusinessException.java @@ -1,6 +1,7 @@ package cn.zyjblogs.starter.common.exception; import cn.zyjblogs.starter.common.entity.response.HttpCode; +import cn.zyjblogs.starter.common.utils.string.StringUtils; /** * @author zhuyijun @@ -44,4 +45,27 @@ public class AbstractBusinessException extends RuntimeException { this.responseCode = HttpCode.INTERNAL_SERVER_ERROR; this.message = message; } + + /** + * 创建业务异常对象 + * + * @param message 错误消息 + */ + public AbstractBusinessException(String message, Object... params) { + super(StringUtils.format(message, params)); + this.responseCode = HttpCode.INTERNAL_SERVER_ERROR; + this.message = message; + } + + /** + * 创建业务异常对象 + * + * @param responseCode 错误码 + * @param message 错误消息 + */ + public AbstractBusinessException(HttpCode responseCode, String message, Object... params) { + super(StringUtils.format(message, params)); + this.responseCode = responseCode; + this.message = message; + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractFrameworkException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractFrameworkException.java index 5abb81d..807835d 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractFrameworkException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AbstractFrameworkException.java @@ -1,5 +1,7 @@ package cn.zyjblogs.starter.common.exception; +import cn.zyjblogs.starter.common.utils.string.StringUtils; + /** * @author zhuyijun */ @@ -8,6 +10,10 @@ public abstract class AbstractFrameworkException extends RuntimeException { super(message); } + public AbstractFrameworkException(String message, Object... params) { + super(StringUtils.format(message, params)); + } + public AbstractFrameworkException(String message, Throwable cause) { super(message, cause); } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AssartRuntimeException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AssartRuntimeException.java index 3e1c201..c3e0ef0 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AssartRuntimeException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AssartRuntimeException.java @@ -1,9 +1,11 @@ package cn.zyjblogs.starter.common.exception; import cn.zyjblogs.starter.common.entity.response.HttpCode; +import cn.zyjblogs.starter.common.utils.string.StringUtils; /** * 权限异常处理类 + * * @author zhuyijun */ public class AssartRuntimeException extends AbstractBusinessException { @@ -15,7 +17,15 @@ public class AssartRuntimeException extends AbstractBusinessException { super(message); } + public AssartRuntimeException(String message, Object... params) { + super(StringUtils.format(message, params)); + } + public AssartRuntimeException(HttpCode responseCode, String message) { super(responseCode, message); } + + public AssartRuntimeException(HttpCode responseCode, String message, Object... params) { + super(responseCode, StringUtils.format(message, params)); + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AuthRuntimeException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AuthRuntimeException.java index 93ef54d..3e73065 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AuthRuntimeException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/AuthRuntimeException.java @@ -4,9 +4,10 @@ import cn.zyjblogs.starter.common.entity.response.HttpCode; /** * 权限异常处理类 + * * @author zhuyijun */ -public class AuthRuntimeException extends AbstractBusinessException{ +public class AuthRuntimeException extends AbstractBusinessException { public AuthRuntimeException() { super(); } @@ -14,4 +15,16 @@ public class AuthRuntimeException extends AbstractBusinessException{ public AuthRuntimeException(HttpCode responseCode, String message) { super(responseCode, message); } + + public AuthRuntimeException(String message) { + super(message); + } + + public AuthRuntimeException(String message, Object... params) { + super(message, params); + } + + public AuthRuntimeException(HttpCode responseCode, String message, Object... params) { + super(responseCode, message, params); + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonBusinessException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonBusinessException.java index 89b2529..8f713fa 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonBusinessException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonBusinessException.java @@ -15,4 +15,16 @@ public class CommonBusinessException extends AbstractBusinessException { public CommonBusinessException(HttpCode responseCode, String message) { super(responseCode, message); } + + public CommonBusinessException(String message) { + super(message); + } + + public CommonBusinessException(String message, Object... params) { + super(message, params); + } + + public CommonBusinessException(HttpCode responseCode, String message, Object... params) { + super(responseCode, message, params); + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonFrameworkException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonFrameworkException.java index f747f00..1d14e02 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonFrameworkException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/CommonFrameworkException.java @@ -8,4 +8,8 @@ public class CommonFrameworkException extends AbstractFrameworkException { public CommonFrameworkException(String message, Throwable cause) { super(message, cause); } + + public CommonFrameworkException(String message, Object... params) { + super(message, params); + } } diff --git a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/UtilException.java b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/UtilException.java index 867bb39..b026751 100644 --- a/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/UtilException.java +++ b/starter/zyjblogs-common-spring-boot-starter/src/main/java/cn/zyjblogs/starter/common/exception/UtilException.java @@ -2,11 +2,10 @@ package cn.zyjblogs.starter.common.exception; import cn.zyjblogs.starter.common.entity.response.HttpCode; +import cn.zyjblogs.starter.common.utils.string.StringUtils; /** * 工具类异常 - * - * @author lingyi */ public class UtilException extends AbstractBusinessException { private static final long serialVersionUID = 8247610319171014183L; @@ -15,7 +14,15 @@ public class UtilException extends AbstractBusinessException { super(message); } + public UtilException(String message, Object... params) { + super(StringUtils.format(message, params)); + } + public UtilException(HttpCode code, String message) { super(code, message); } + + public UtilException(HttpCode code, String message, Object... params) { + super(code, StringUtils.format(message, params)); + } }