[Y] 签名增加验证节点ip

src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java

@@ -21,6 +21,7 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
     private SysAppsMapper sysAppsMapper;
     private final String signTemplate = "%s&%s&%s&%s&%s";
     private Logger logger = LoggerFactory.getLogger(getClass());
+    public static final String[] NODES_IP_ADDRESSS = new String[]{"119.28.3.196","150.109.64.108", "119.28.178.24", "119.28.24.146", "119.28.77.25"};
 
     @Override
     public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) {
@@ -44,6 +45,15 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
         logger.debug("sso-str before hash:" + str);
         String hash = DigestUtils.sha256Hex(str).toLowerCase();
         if (!StringUtils.equals(hash, sign)) {
+            logger.error("[{}]请求的签名有误，使用节点 [{}] 签名", appid, NODES_IP_ADDRESSS.toString());
+            for (String nodeIp : NODES_IP_ADDRESSS) {
+                str = String.format(signTemplate, appid, auth, timestamp, requestUri, nodeIp);
+                logger.debug("NodeIp check sso-str before hash:" + str);
+                hash = DigestUtils.sha256Hex(str).toLowerCase();
+                if (StringUtils.equals(hash, sign)) {
+                    return app;
+                }
+            }
             throw new ForbiddenException("InvalidSign");
         }
         return app;