From 77f33f1b262fdde0631204fb1e2e31886f7dd1fa Mon Sep 17 00:00:00 2001 From: Cruyse <742557672@163.com> Date: Fri, 16 May 2025 21:08:26 +0800 Subject: [PATCH] =?UTF-8?q?=E9=87=8D=E5=BA=86=E7=83=AD=E7=BA=BF-=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E5=8A=A0=E8=A7=A3=E5=AF=86=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/configure/DecryptThirdTokenFilter.java | 14 ++++++++------ .../business/controller/OutBusinessController.java | 10 ++++++++-- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/ruoyi-auth/src/main/java/cc/mrbird/febs/auth/configure/DecryptThirdTokenFilter.java b/ruoyi-auth/src/main/java/cc/mrbird/febs/auth/configure/DecryptThirdTokenFilter.java index 3fe9c38..feab76f 100644 --- a/ruoyi-auth/src/main/java/cc/mrbird/febs/auth/configure/DecryptThirdTokenFilter.java +++ b/ruoyi-auth/src/main/java/cc/mrbird/febs/auth/configure/DecryptThirdTokenFilter.java @@ -33,6 +33,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; import java.util.Enumeration; import java.util.HashMap; import java.util.Map; @@ -56,8 +57,8 @@ public class DecryptThirdTokenFilter extends OncePerRequestFilter { private final Gson gson = new Gson(); // 新增加密服务实例(在类顶部) private final SMCryptoService smCryptoService = new SMCryptoServiceImpl(); - private static final String encrypt_key_bjiemi = "8iot1blDJgNK36Do"; // 部解密省加密 - private static final String encrypt_key_bjiami = "QLdQIASYMlT9SUUg"; //部加密省解密 + private static final String encrypt_key = "8iot1blDJgNK36Do"; // 部解密省加密 + private static final String decrypt_key = "QLdQIASYMlT9SUUg"; //部加密省解密 private static final BytesKeyGenerator DEFAULT_TOKEN_GENERATOR = KeyGenerators.secureRandom(20); private static final Charset US_ASCII = Charset.forName("US-ASCII"); @Autowired @@ -192,7 +193,8 @@ public class DecryptThirdTokenFilter extends OncePerRequestFilter { } else { String sourceType = "data_exchange_client"; String tokenValue = new String(Base64.encodeBase64URLSafe(DEFAULT_TOKEN_GENERATOR.generateKey()), US_ASCII); - tokenMap.put("token",sourceType + "_" + tokenValue); + String tokenValueBase64 = Base64.encodeBase64String((sourceType + "_" + tokenValue).getBytes(StandardCharsets.UTF_8)); + tokenMap.put("token", encryptBody(tokenValueBase64)); String tokenBody = gson.toJson(tokenMap); String crc = calculateSM3(tokenBody); String responseBody = encryptBody(tokenBody); @@ -201,7 +203,7 @@ public class DecryptThirdTokenFilter extends OncePerRequestFilter { transportRequest.getHeader().setCrc(crc); transportRequest.setBody(responseBody); OauthClientDetails client = this.oauthClientDetailsService.findById(user); - client.setAccessTokenInfo(responseBody); + client.setAccessTokenInfo(encryptBody(tokenValueBase64)); oauthClientDetailsService.updateOauthClientDetails(client); } @@ -252,7 +254,7 @@ public class DecryptThirdTokenFilter extends OncePerRequestFilter { // SM4加密Body(ECB模式) public String encryptBody(String plainText) throws Exception { EncryptCodeBean encryptCodeBean = new EncryptCodeBean(); - encryptCodeBean.setSecretKey(encrypt_key_bjiami); + encryptCodeBean.setSecretKey(encrypt_key); encryptCodeBean.setPass(plainText); String cipherText = smCryptoService.encrypt_Body(encryptCodeBean); return cipherText; @@ -260,7 +262,7 @@ public class DecryptThirdTokenFilter extends OncePerRequestFilter { // SM4解密Body(ECB模式) public String decryptBody(String plainText) throws Exception { DecryptCodeBean encrypt2 = new DecryptCodeBean(); - encrypt2.setSecretKey(encrypt_key_bjiami); + encrypt2.setSecretKey(decrypt_key); encrypt2.setPass(plainText); String cipherText = smCryptoService.decrypt_Body(encrypt2); return cipherText; diff --git a/ruoyi-modules/ruoyi-system-dataexchange/src/main/java/com/ruoyi/business/controller/OutBusinessController.java b/ruoyi-modules/ruoyi-system-dataexchange/src/main/java/com/ruoyi/business/controller/OutBusinessController.java index 45b3c5e..c59fb9c 100644 --- a/ruoyi-modules/ruoyi-system-dataexchange/src/main/java/com/ruoyi/business/controller/OutBusinessController.java +++ b/ruoyi-modules/ruoyi-system-dataexchange/src/main/java/com/ruoyi/business/controller/OutBusinessController.java @@ -99,12 +99,15 @@ public class OutBusinessController { // } else { // return outInsert1(request,jsonData); // } - + log.info("==================================外部调用begin================================"); String requestBody = IOUtils.toString(request.getInputStream(), "UTF-8"); + log.info("请求体信息requestBody: {}", requestBody); // 获取请求体内容(新增部分) TransportRequest transportRequest = gson.fromJson(requestBody, TransportRequest.class); String body = transportRequest.getBody(); + log.info("请求体信息body: {}", body); String token = transportRequest.getHeader().getToken(); + log.info("请求体信息token: {}", body); Map crcBodyMap = new HashMap<>(); Boolean tokenFlag = false; String user = "cq12328"; @@ -124,11 +127,14 @@ public class OutBusinessController { OauthClientDetails client = this.oauthClientDetailsService.findById(user); if (StringUtils.isNotEmpty(client.getAccessTokenInfo())) { if (token.equals(client.getAccessTokenInfo())) { + log.info("==================================token验证成功================================"); tokenFlag = true; } else { + log.info("==================================token验证失败2================================"); tokenFlag = false; } } else { + log.info("==================================token验证失败3================================"); transportRequest.getHeader().setReqType("1"); transportRequest.getHeader().setCode("9999"); transportRequest.getHeader().setMessage("token不存在"); @@ -747,7 +753,7 @@ public class OutBusinessController { // SM4解密(ECB模式) private String decryptBody(String plainText) throws Exception { DecryptCodeBean encrypt2 = new DecryptCodeBean(); - encrypt2.setSecretKey(encrypt_key); + encrypt2.setSecretKey(decrypt_key); encrypt2.setPass(plainText); String cipherText = smCryptoService.decrypt_Body(encrypt2); return cipherText;