处理异常类

This commit is contained in:
朱毅骏 2023-04-13 10:57:51 +08:00
parent 6187d3d9c3
commit d60876299c
12 changed files with 120 additions and 18 deletions

View File

@ -17,6 +17,8 @@ public class AntiReplayProperties {
*/
private Boolean enabled = true;
private Boolean signEnabled = false;
/**
* 请求ID 防止重放

View File

@ -10,7 +10,15 @@ public class AntiReplayException extends AbstractFrameworkException {
super(message);
}
public AntiReplayException(String message, Object obj) {
super(message);
}
public AntiReplayException(String message, Throwable cause) {
super(message, cause);
}
public AntiReplayException(String message, Object... params) {
super(message, params);
}
}

View File

@ -113,34 +113,35 @@ public class AuthFilter implements GlobalFilter {
return chain.filter(exchange);
}
/**
* 校验
*
* @param nonce
* @param timestamp
* @param request
* @throws Exception
*/
private void validateNonceAndTimestamp(String nonce, String timestamp, ServerHttpRequest request) throws Exception {
// 判断Nonce和Timestamp是否为空
if (nonce == null || timestamp == null) {
throw new AntiReplayException("请求头参数错误");
}
Boolean flag = redisTemplateHandler.hasKey(AntiReplayProperties.REDIS_PREFIX + nonce);
// 验证Nonce是否已经使用过
if (Boolean.TRUE.equals(flag)) {
throw new AntiReplayException("请重复请求!");
}
redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp);
redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS);
// 请求传过来的间戳与服务器当前时间戳差值大于120则当前请求的timestamp无效
long l = System.currentTimeMillis();
log.info("{}", l);
// 验证Timestamp是否在合理时间范围内
long timeStampValue;
try {
timeStampValue = Long.parseLong(timestamp);
} catch (NumberFormatException e) {
throw new AntiReplayException(antiReplayProperties.getTimestamp() + "参数错误!");
throw new AntiReplayException("{} 参数错误!", antiReplayProperties.getTimestamp());
}
if (Math.abs(timeStampValue - l) / 1000 > antiReplayProperties.getExpireTime()) {
throw new AntiReplayException(antiReplayProperties.getTimestamp() + "请求过期!");
// 请求传过来的间戳与服务器当前时间戳差值大于120则当前请求的timestamp无效
if (Math.abs(timeStampValue - System.currentTimeMillis()) / 1000 > antiReplayProperties.getExpireTime()) {
throw new AntiReplayException("{} 请求过期!", antiReplayProperties.getTimestamp());
}
//校验签名
SignatureValidator.builder().data(antiReplayProperties, request).execute();
redisTemplateHandler.set(AntiReplayProperties.REDIS_PREFIX + nonce, timestamp);
redisTemplateHandler.expire(AntiReplayProperties.REDIS_PREFIX + nonce, antiReplayProperties.getExpireTime(), TimeUnit.SECONDS);
}
/**

View File

@ -3,7 +3,6 @@ package cn.zyjblogs.filter;
import cn.zyjblogs.config.replay.AntiReplayProperties;
import cn.zyjblogs.crypto.sm3.SM3;
import cn.zyjblogs.exception.AntiReplayException;
import cn.zyjblogs.starter.common.utils.lang.Asserts;
import com.alibaba.fastjson2.JSON;
import com.alibaba.nacos.common.utils.ConvertUtils;
import lombok.extern.log4j.Log4j2;
@ -25,6 +24,7 @@ public class SignatureValidator {
public static class SignatureWorker {
private AntiReplayProperties antiReplayProperties;
/**
* 请求标识
*/
@ -50,6 +50,11 @@ public class SignatureValidator {
return this;
}
public SignatureWorker antiReplayProperties(AntiReplayProperties antiReplayProperties) {
this.antiReplayProperties = antiReplayProperties;
return this;
}
public SignatureWorker timestamp(Long timestamp) {
this.timestamp = timestamp;
return this;
@ -61,7 +66,6 @@ public class SignatureValidator {
}
public SignatureWorker sign(String sign) {
Asserts.notNull(sign, "签名不能为空");
this.sign = sign;
return this;
}
@ -78,6 +82,7 @@ public class SignatureValidator {
String timestamp = headers.getFirst(antiReplayProperties.getTimestamp());
String sign = headers.getFirst(antiReplayProperties.getSign());
return this.nonce(nonce)
.antiReplayProperties(antiReplayProperties)
.timestamp(ConvertUtils.toLong(timestamp))
.queryParams(request.getQueryParams())
.sign(sign);
@ -85,6 +90,9 @@ public class SignatureValidator {
public void execute() {
if (Boolean.FALSE.equals(antiReplayProperties.getSignEnabled())) {
return;
}
String digest = this.nonce + this.timestamp + this.queryParams;
if (!SM3.verify(digest, this.sign)) {
if (log.isDebugEnabled()) {

View File

@ -37,4 +37,11 @@ public class SmsRuntimeException extends AbstractBusinessException {
super(responseCode, message);
}
public SmsRuntimeException(String message, Object... params) {
super(message, params);
}
public SmsRuntimeException(HttpCode responseCode, String message, Object... params) {
super(responseCode, message, params);
}
}

View File

@ -1,6 +1,7 @@
package cn.zyjblogs.starter.common.exception;
import cn.zyjblogs.starter.common.entity.response.HttpCode;
import cn.zyjblogs.starter.common.utils.string.StringUtils;
/**
* @author zhuyijun
@ -44,4 +45,27 @@ public class AbstractBusinessException extends RuntimeException {
this.responseCode = HttpCode.INTERNAL_SERVER_ERROR;
this.message = message;
}
/**
* 创建业务异常对象
*
* @param message 错误消息
*/
public AbstractBusinessException(String message, Object... params) {
super(StringUtils.format(message, params));
this.responseCode = HttpCode.INTERNAL_SERVER_ERROR;
this.message = message;
}
/**
* 创建业务异常对象
*
* @param responseCode 错误码
* @param message 错误消息
*/
public AbstractBusinessException(HttpCode responseCode, String message, Object... params) {
super(StringUtils.format(message, params));
this.responseCode = responseCode;
this.message = message;
}
}

View File

@ -1,5 +1,7 @@
package cn.zyjblogs.starter.common.exception;
import cn.zyjblogs.starter.common.utils.string.StringUtils;
/**
* @author zhuyijun
*/
@ -8,6 +10,10 @@ public abstract class AbstractFrameworkException extends RuntimeException {
super(message);
}
public AbstractFrameworkException(String message, Object... params) {
super(StringUtils.format(message, params));
}
public AbstractFrameworkException(String message, Throwable cause) {
super(message, cause);
}

View File

@ -1,9 +1,11 @@
package cn.zyjblogs.starter.common.exception;
import cn.zyjblogs.starter.common.entity.response.HttpCode;
import cn.zyjblogs.starter.common.utils.string.StringUtils;
/**
* 权限异常处理类
*
* @author zhuyijun
*/
public class AssartRuntimeException extends AbstractBusinessException {
@ -15,7 +17,15 @@ public class AssartRuntimeException extends AbstractBusinessException {
super(message);
}
public AssartRuntimeException(String message, Object... params) {
super(StringUtils.format(message, params));
}
public AssartRuntimeException(HttpCode responseCode, String message) {
super(responseCode, message);
}
public AssartRuntimeException(HttpCode responseCode, String message, Object... params) {
super(responseCode, StringUtils.format(message, params));
}
}

View File

@ -4,6 +4,7 @@ import cn.zyjblogs.starter.common.entity.response.HttpCode;
/**
* 权限异常处理类
*
* @author zhuyijun
*/
public class AuthRuntimeException extends AbstractBusinessException {
@ -14,4 +15,16 @@ public class AuthRuntimeException extends AbstractBusinessException{
public AuthRuntimeException(HttpCode responseCode, String message) {
super(responseCode, message);
}
public AuthRuntimeException(String message) {
super(message);
}
public AuthRuntimeException(String message, Object... params) {
super(message, params);
}
public AuthRuntimeException(HttpCode responseCode, String message, Object... params) {
super(responseCode, message, params);
}
}

View File

@ -15,4 +15,16 @@ public class CommonBusinessException extends AbstractBusinessException {
public CommonBusinessException(HttpCode responseCode, String message) {
super(responseCode, message);
}
public CommonBusinessException(String message) {
super(message);
}
public CommonBusinessException(String message, Object... params) {
super(message, params);
}
public CommonBusinessException(HttpCode responseCode, String message, Object... params) {
super(responseCode, message, params);
}
}

View File

@ -8,4 +8,8 @@ public class CommonFrameworkException extends AbstractFrameworkException {
public CommonFrameworkException(String message, Throwable cause) {
super(message, cause);
}
public CommonFrameworkException(String message, Object... params) {
super(message, params);
}
}

View File

@ -2,11 +2,10 @@ package cn.zyjblogs.starter.common.exception;
import cn.zyjblogs.starter.common.entity.response.HttpCode;
import cn.zyjblogs.starter.common.utils.string.StringUtils;
/**
* 工具类异常
*
* @author lingyi
*/
public class UtilException extends AbstractBusinessException {
private static final long serialVersionUID = 8247610319171014183L;
@ -15,7 +14,15 @@ public class UtilException extends AbstractBusinessException {
super(message);
}
public UtilException(String message, Object... params) {
super(StringUtils.format(message, params));
}
public UtilException(HttpCode code, String message) {
super(code, message);
}
public UtilException(HttpCode code, String message, Object... params) {
super(code, StringUtils.format(message, params));
}
}