From 60baa2682afa32208abe57b7e1cf7c525fd506bb Mon Sep 17 00:00:00 2001 From: yixian Date: Tue, 20 Aug 2019 14:45:46 +0800 Subject: [PATCH] aba file --- .../manage/apps/core/impls/AppPermissionSupportImpl.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java b/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java index a5eeac222..d1523e2f3 100644 --- a/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/apps/core/impls/AppPermissionSupportImpl.java @@ -19,7 +19,6 @@ import javax.annotation.Resource; public class AppPermissionSupportImpl implements AppPermissionSupport { @Resource private SysAppsMapper sysAppsMapper; - private final String signTemplate = "%s&%s&%s&%s&%s"; private Logger logger = LoggerFactory.getLogger(getClass()); @Override @@ -40,7 +39,7 @@ public class AppPermissionSupportImpl implements AppPermissionSupport { throw new ForbiddenException("Timeout"); } String auth = app.getString("auth_code"); - String str = String.format(signTemplate, appid, auth, timestamp, requestUri, ip); + String str = String.join("&", appid, auth, timestamp + "", requestUri); logger.debug("sso-str before hash:{}", str); String hash = DigestUtils.sha256Hex(str).toLowerCase(); if (!StringUtils.equals(hash, sign)) {