|
|
@ -21,6 +21,7 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
|
|
|
|
private SysAppsMapper sysAppsMapper;
|
|
|
|
private SysAppsMapper sysAppsMapper;
|
|
|
|
private final String signTemplate = "%s&%s&%s&%s&%s";
|
|
|
|
private final String signTemplate = "%s&%s&%s&%s&%s";
|
|
|
|
private Logger logger = LoggerFactory.getLogger(getClass());
|
|
|
|
private Logger logger = LoggerFactory.getLogger(getClass());
|
|
|
|
|
|
|
|
public static final String[] NODES_IP_ADDRESSS = new String[]{"119.28.3.196","150.109.64.108", "119.28.178.24", "119.28.24.146", "119.28.77.25"};
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) {
|
|
|
|
public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) {
|
|
|
@ -44,6 +45,15 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
|
|
|
|
logger.debug("sso-str before hash:" + str);
|
|
|
|
logger.debug("sso-str before hash:" + str);
|
|
|
|
String hash = DigestUtils.sha256Hex(str).toLowerCase();
|
|
|
|
String hash = DigestUtils.sha256Hex(str).toLowerCase();
|
|
|
|
if (!StringUtils.equals(hash, sign)) {
|
|
|
|
if (!StringUtils.equals(hash, sign)) {
|
|
|
|
|
|
|
|
logger.error("[{}]请求的签名有误,使用节点 [{}] 签名", appid, NODES_IP_ADDRESSS.toString());
|
|
|
|
|
|
|
|
for (String nodeIp : NODES_IP_ADDRESSS) {
|
|
|
|
|
|
|
|
str = String.format(signTemplate, appid, auth, timestamp, requestUri, nodeIp);
|
|
|
|
|
|
|
|
logger.debug("NodeIp check sso-str before hash:" + str);
|
|
|
|
|
|
|
|
hash = DigestUtils.sha256Hex(str).toLowerCase();
|
|
|
|
|
|
|
|
if (StringUtils.equals(hash, sign)) {
|
|
|
|
|
|
|
|
return app;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
throw new ForbiddenException("InvalidSign");
|
|
|
|
throw new ForbiddenException("InvalidSign");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return app;
|
|
|
|
return app;
|
|
|
|