处理异常类
This commit is contained in:
parent
6187d3d9c3
commit
d60876299c
@ -17,6 +17,8 @@ public class AntiReplayProperties {
|
||||
*/
|
||||
private Boolean enabled = true;
|
||||
|
||||
private Boolean signEnabled = false;
|
||||
|
||||
|
||||
/**
|
||||
* 请求ID 防止重放
|
||||
|
@ -10,7 +10,15 @@ public class AntiReplayException extends AbstractFrameworkException {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public AntiReplayException(String message, Object obj) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public AntiReplayException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
public AntiReplayException(String message, Object... params) {
|
||||
super(message, params);
|
||||
}
|
||||
}
|
||||
|
@ -113,34 +113,35 @@ public class AuthFilter implements GlobalFilter {
|
||||
return chain.filter(exchange);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 校验
|
||||
*
|
||||
* @param nonce
|
||||
* @param timestamp
|
||||
* @param request
|
||||
* @throws Exception
|
||||
*/
|
||||
private void validateNonceAndTimestamp(String nonce, String timestamp, ServerHttpRequest request) throws Exception {
|
||||
// 判断Nonce和Timestamp是否为空
|
||||
if (nonce == null || timestamp == null) {
|
||||
throw new AntiReplayException("请求头参数错误");
|
||||
}
|
||||
Boolean flag = redisTemplateHandler.hasKey(AntiReplayProperties.REDIS_PREFIX + nonce);
|
||||
// 验证Nonce是否已经使用过
|
||||
if (Boolean.TRUE.equals(flag)) {
|
||||
throw new AntiReplayException("请重复请求!");
|
||||
}
|
||||
redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp);
|
||||
redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS);
|
||||
// 请求传过来的间戳与服务器当前时间戳差值大于120,则当前请求的timestamp无效
|
||||
long l = System.currentTimeMillis();
|
||||
log.info("{}", l);
|
||||
// 验证Timestamp是否在合理时间范围内
|
||||
long timeStampValue;
|
||||
try {
|
||||
timeStampValue = Long.parseLong(timestamp);
|
||||
} catch (NumberFormatException e) {
|
||||
throw new AntiReplayException(antiReplayProperties.getTimestamp() + "参数错误!");
|
||||
throw new AntiReplayException("{} 参数错误!", antiReplayProperties.getTimestamp());
|
||||
}
|
||||
if (Math.abs(timeStampValue - l) / 1000 > antiReplayProperties.getExpireTime()) {
|
||||
throw new AntiReplayException(antiReplayProperties.getTimestamp() + "请求过期!");
|
||||
// 请求传过来的间戳与服务器当前时间戳差值大于120,则当前请求的timestamp无效
|
||||
if (Math.abs(timeStampValue - System.currentTimeMillis()) / 1000 > antiReplayProperties.getExpireTime()) {
|
||||
throw new AntiReplayException("{} 请求过期!", antiReplayProperties.getTimestamp());
|
||||
}
|
||||
//校验签名
|
||||
SignatureValidator.builder().data(antiReplayProperties, request).execute();
|
||||
redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp);
|
||||
redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -3,7 +3,6 @@ package cn.zyjblogs.filter;
|
||||
import cn.zyjblogs.config.replay.AntiReplayProperties;
|
||||
import cn.zyjblogs.crypto.sm3.SM3;
|
||||
import cn.zyjblogs.exception.AntiReplayException;
|
||||
import cn.zyjblogs.starter.common.utils.lang.Asserts;
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.alibaba.nacos.common.utils.ConvertUtils;
|
||||
import lombok.extern.log4j.Log4j2;
|
||||
@ -25,6 +24,7 @@ public class SignatureValidator {
|
||||
|
||||
public static class SignatureWorker {
|
||||
|
||||
private AntiReplayProperties antiReplayProperties;
|
||||
/**
|
||||
* 请求标识
|
||||
*/
|
||||
@ -50,6 +50,11 @@ public class SignatureValidator {
|
||||
return this;
|
||||
}
|
||||
|
||||
public SignatureWorker antiReplayProperties(AntiReplayProperties antiReplayProperties) {
|
||||
this.antiReplayProperties = antiReplayProperties;
|
||||
return this;
|
||||
}
|
||||
|
||||
public SignatureWorker timestamp(Long timestamp) {
|
||||
this.timestamp = timestamp;
|
||||
return this;
|
||||
@ -61,7 +66,6 @@ public class SignatureValidator {
|
||||
}
|
||||
|
||||
public SignatureWorker sign(String sign) {
|
||||
Asserts.notNull(sign, "签名不能为空");
|
||||
this.sign = sign;
|
||||
return this;
|
||||
}
|
||||
@ -78,6 +82,7 @@ public class SignatureValidator {
|
||||
String timestamp = headers.getFirst(antiReplayProperties.getTimestamp());
|
||||
String sign = headers.getFirst(antiReplayProperties.getSign());
|
||||
return this.nonce(nonce)
|
||||
.antiReplayProperties(antiReplayProperties)
|
||||
.timestamp(ConvertUtils.toLong(timestamp))
|
||||
.queryParams(request.getQueryParams())
|
||||
.sign(sign);
|
||||
@ -85,6 +90,9 @@ public class SignatureValidator {
|
||||
|
||||
|
||||
public void execute() {
|
||||
if (Boolean.FALSE.equals(antiReplayProperties.getSignEnabled())) {
|
||||
return;
|
||||
}
|
||||
String digest = this.nonce + this.timestamp + this.queryParams;
|
||||
if (!SM3.verify(digest, this.sign)) {
|
||||
if (log.isDebugEnabled()) {
|
||||
|
@ -37,4 +37,11 @@ public class SmsRuntimeException extends AbstractBusinessException {
|
||||
super(responseCode, message);
|
||||
}
|
||||
|
||||
public SmsRuntimeException(String message, Object... params) {
|
||||
super(message, params);
|
||||
}
|
||||
|
||||
public SmsRuntimeException(HttpCode responseCode, String message, Object... params) {
|
||||
super(responseCode, message, params);
|
||||
}
|
||||
}
|
||||
|
@ -1,6 +1,7 @@
|
||||
package cn.zyjblogs.starter.common.exception;
|
||||
|
||||
import cn.zyjblogs.starter.common.entity.response.HttpCode;
|
||||
import cn.zyjblogs.starter.common.utils.string.StringUtils;
|
||||
|
||||
/**
|
||||
* @author zhuyijun
|
||||
@ -44,4 +45,27 @@ public class AbstractBusinessException extends RuntimeException {
|
||||
this.responseCode = HttpCode.INTERNAL_SERVER_ERROR;
|
||||
this.message = message;
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建业务异常对象
|
||||
*
|
||||
* @param message 错误消息
|
||||
*/
|
||||
public AbstractBusinessException(String message, Object... params) {
|
||||
super(StringUtils.format(message, params));
|
||||
this.responseCode = HttpCode.INTERNAL_SERVER_ERROR;
|
||||
this.message = message;
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建业务异常对象
|
||||
*
|
||||
* @param responseCode 错误码
|
||||
* @param message 错误消息
|
||||
*/
|
||||
public AbstractBusinessException(HttpCode responseCode, String message, Object... params) {
|
||||
super(StringUtils.format(message, params));
|
||||
this.responseCode = responseCode;
|
||||
this.message = message;
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,7 @@
|
||||
package cn.zyjblogs.starter.common.exception;
|
||||
|
||||
import cn.zyjblogs.starter.common.utils.string.StringUtils;
|
||||
|
||||
/**
|
||||
* @author zhuyijun
|
||||
*/
|
||||
@ -8,6 +10,10 @@ public abstract class AbstractFrameworkException extends RuntimeException {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public AbstractFrameworkException(String message, Object... params) {
|
||||
super(StringUtils.format(message, params));
|
||||
}
|
||||
|
||||
public AbstractFrameworkException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
@ -1,9 +1,11 @@
|
||||
package cn.zyjblogs.starter.common.exception;
|
||||
|
||||
import cn.zyjblogs.starter.common.entity.response.HttpCode;
|
||||
import cn.zyjblogs.starter.common.utils.string.StringUtils;
|
||||
|
||||
/**
|
||||
* 权限异常处理类
|
||||
*
|
||||
* @author zhuyijun
|
||||
*/
|
||||
public class AssartRuntimeException extends AbstractBusinessException {
|
||||
@ -15,7 +17,15 @@ public class AssartRuntimeException extends AbstractBusinessException {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public AssartRuntimeException(String message, Object... params) {
|
||||
super(StringUtils.format(message, params));
|
||||
}
|
||||
|
||||
public AssartRuntimeException(HttpCode responseCode, String message) {
|
||||
super(responseCode, message);
|
||||
}
|
||||
|
||||
public AssartRuntimeException(HttpCode responseCode, String message, Object... params) {
|
||||
super(responseCode, StringUtils.format(message, params));
|
||||
}
|
||||
}
|
||||
|
@ -4,6 +4,7 @@ import cn.zyjblogs.starter.common.entity.response.HttpCode;
|
||||
|
||||
/**
|
||||
* 权限异常处理类
|
||||
*
|
||||
* @author zhuyijun
|
||||
*/
|
||||
public class AuthRuntimeException extends AbstractBusinessException {
|
||||
@ -14,4 +15,16 @@ public class AuthRuntimeException extends AbstractBusinessException{
|
||||
public AuthRuntimeException(HttpCode responseCode, String message) {
|
||||
super(responseCode, message);
|
||||
}
|
||||
|
||||
public AuthRuntimeException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public AuthRuntimeException(String message, Object... params) {
|
||||
super(message, params);
|
||||
}
|
||||
|
||||
public AuthRuntimeException(HttpCode responseCode, String message, Object... params) {
|
||||
super(responseCode, message, params);
|
||||
}
|
||||
}
|
||||
|
@ -15,4 +15,16 @@ public class CommonBusinessException extends AbstractBusinessException {
|
||||
public CommonBusinessException(HttpCode responseCode, String message) {
|
||||
super(responseCode, message);
|
||||
}
|
||||
|
||||
public CommonBusinessException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public CommonBusinessException(String message, Object... params) {
|
||||
super(message, params);
|
||||
}
|
||||
|
||||
public CommonBusinessException(HttpCode responseCode, String message, Object... params) {
|
||||
super(responseCode, message, params);
|
||||
}
|
||||
}
|
||||
|
@ -8,4 +8,8 @@ public class CommonFrameworkException extends AbstractFrameworkException {
|
||||
public CommonFrameworkException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
public CommonFrameworkException(String message, Object... params) {
|
||||
super(message, params);
|
||||
}
|
||||
}
|
||||
|
@ -2,11 +2,10 @@ package cn.zyjblogs.starter.common.exception;
|
||||
|
||||
|
||||
import cn.zyjblogs.starter.common.entity.response.HttpCode;
|
||||
import cn.zyjblogs.starter.common.utils.string.StringUtils;
|
||||
|
||||
/**
|
||||
* 工具类异常
|
||||
*
|
||||
* @author lingyi
|
||||
*/
|
||||
public class UtilException extends AbstractBusinessException {
|
||||
private static final long serialVersionUID = 8247610319171014183L;
|
||||
@ -15,7 +14,15 @@ public class UtilException extends AbstractBusinessException {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public UtilException(String message, Object... params) {
|
||||
super(StringUtils.format(message, params));
|
||||
}
|
||||
|
||||
public UtilException(HttpCode code, String message) {
|
||||
super(code, message);
|
||||
}
|
||||
|
||||
public UtilException(HttpCode code, String message, Object... params) {
|
||||
super(code, StringUtils.format(message, params));
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user