diff --git a/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java b/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java index 679441084..e9263e407 100644 --- a/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java @@ -21,6 +21,7 @@ public class AppPermissionSupportImpl implements AppPermissionSupport { private SysAppsMapper sysAppsMapper; private final String signTemplate = "%s&%s&%s&%s&%s"; private Logger logger = LoggerFactory.getLogger(getClass()); + public static final String[] NODES_IP_ADDRESSS = new String[]{"119.28.3.196","150.109.64.108", "119.28.178.24", "119.28.24.146", "119.28.77.25"}; @Override public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) { @@ -44,6 +45,15 @@ public class AppPermissionSupportImpl implements AppPermissionSupport { logger.debug("sso-str before hash:" + str); String hash = DigestUtils.sha256Hex(str).toLowerCase(); if (!StringUtils.equals(hash, sign)) { + logger.error("[{}]请求的签名有误,使用节点 [{}] 签名", appid, NODES_IP_ADDRESSS.toString()); + for (String nodeIp : NODES_IP_ADDRESSS) { + str = String.format(signTemplate, appid, auth, timestamp, requestUri, nodeIp); + logger.debug("NodeIp check sso-str before hash:" + str); + hash = DigestUtils.sha256Hex(str).toLowerCase(); + if (StringUtils.equals(hash, sign)) { + return app; + } + } throw new ForbiddenException("InvalidSign"); } return app;