[Y] 签名增加验证节点ip

master
Tayl0r 7 years ago
parent 9acc33a509
commit a910ba063f

@ -21,6 +21,7 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
private SysAppsMapper sysAppsMapper; private SysAppsMapper sysAppsMapper;
private final String signTemplate = "%s&%s&%s&%s&%s"; private final String signTemplate = "%s&%s&%s&%s&%s";
private Logger logger = LoggerFactory.getLogger(getClass()); private Logger logger = LoggerFactory.getLogger(getClass());
public static final String[] NODES_IP_ADDRESSS = new String[]{"119.28.3.196","150.109.64.108", "119.28.178.24", "119.28.24.146", "119.28.77.25"};
@Override @Override
public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) { public JSONObject validateSign(String appid, long timestamp, String ip, String requestUri, String sign) {
@ -44,6 +45,15 @@ public class AppPermissionSupportImpl implements AppPermissionSupport {
logger.debug("sso-str before hash:" + str); logger.debug("sso-str before hash:" + str);
String hash = DigestUtils.sha256Hex(str).toLowerCase(); String hash = DigestUtils.sha256Hex(str).toLowerCase();
if (!StringUtils.equals(hash, sign)) { if (!StringUtils.equals(hash, sign)) {
logger.error("[{}]请求的签名有误,使用节点 [{}] 签名", appid, NODES_IP_ADDRESSS.toString());
for (String nodeIp : NODES_IP_ADDRESSS) {
str = String.format(signTemplate, appid, auth, timestamp, requestUri, nodeIp);
logger.debug("NodeIp check sso-str before hash:" + str);
hash = DigestUtils.sha256Hex(str).toLowerCase();
if (StringUtils.equals(hash, sign)) {
return app;
}
}
throw new ForbiddenException("InvalidSign"); throw new ForbiddenException("InvalidSign");
} }
return app; return app;

Loading…
Cancel
Save