From 60ee0247fae62a053c0308c00a1d81007fefb131 Mon Sep 17 00:00:00 2001 From: weiweiw <14335254+weiweiw22@user.noreply.gitee.com> Date: Thu, 23 May 2024 15:28:43 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dhardcode=20password=E6=BC=8F?= =?UTF-8?q?=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/src/main/config/application.properties | 2 +- .../java/cn/keking/config/ConfigConstants.java | 16 ++++++++++++++++ .../cn/keking/service/FileHandlerService.java | 16 ++++++++-------- .../service/impl/CompressFilePreviewImpl.java | 2 +- .../service/impl/OfficeFilePreviewImpl.java | 2 +- .../keking/service/impl/PdfFilePreviewImpl.java | 4 ++-- .../main/java/cn/keking/utils/DownloadUtils.java | 2 +- .../main/java/cn/keking/utils/OfficeUtils.java | 3 ++- 8 files changed, 32 insertions(+), 15 deletions(-) diff --git a/server/src/main/config/application.properties b/server/src/main/config/application.properties index b554242..58aec58 100644 --- a/server/src/main/config/application.properties +++ b/server/src/main/config/application.properties @@ -204,4 +204,4 @@ aes.key=${KK_AESKEY_KEY:zhgd@bonus@zhgd@bonus@1234567890} #??? aes.iv=${KK_AESKEY_IV:1234567812345678} - +password.error.msg = ${PASSWORD_ERROR_MSG:password} \ No newline at end of file diff --git a/server/src/main/java/cn/keking/config/ConfigConstants.java b/server/src/main/java/cn/keking/config/ConfigConstants.java index 17aa0b4..9936d93 100644 --- a/server/src/main/java/cn/keking/config/ConfigConstants.java +++ b/server/src/main/java/cn/keking/config/ConfigConstants.java @@ -76,6 +76,8 @@ public class ConfigConstants { private static String aesKey; private static String aesIv; + private static String passwordErrorMsg; + public static final String DEFAULT_CACHE_ENABLED = "true"; public static final String DEFAULT_TXT_TYPE = "txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd,xbrl"; public static final String DEFAULT_MEDIA_TYPE = "mp3,wav,mp4,flv"; @@ -830,4 +832,18 @@ public class ConfigConstants { public static void setEncryptionProviderValue(String encryptionProvider){ ConfigConstants.aesEncrptionProvider = encryptionProvider;} + + public static String getPasswordErrorMsg() { + return passwordErrorMsg; + } + + @Value("${password.error.msg:}") + public void setPasswordErrorMsg(String passwordErrorMsg) { + setPasswordErrorMsgValue(passwordErrorMsg); + } + + public static void setPasswordErrorMsgValue(String passwordErrorMsg){ + ConfigConstants.passwordErrorMsg = passwordErrorMsg;} + + } diff --git a/server/src/main/java/cn/keking/service/FileHandlerService.java b/server/src/main/java/cn/keking/service/FileHandlerService.java index 4aa8b56..6b06e4c 100644 --- a/server/src/main/java/cn/keking/service/FileHandlerService.java +++ b/server/src/main/java/cn/keking/service/FileHandlerService.java @@ -50,7 +50,7 @@ import java.util.stream.IntStream; public class FileHandlerService implements InitializingBean { private static final String PDF2JPG_IMAGE_FORMAT = ".jpg"; - private static final String PDF_PASSWORD_MSG = "password"; + private final String pdfPwdErrorMsg = ConfigConstants.getPasswordErrorMsg(); private final Logger logger = LoggerFactory.getLogger(FileHandlerService.class); private final String fileDir = ConfigConstants.getFileDir(); private final CacheService cacheService; @@ -277,12 +277,12 @@ public class FileHandlerService implements InitializingBean { Throwable[] throwableArray = ExceptionUtils.getThrowables(e); for (Throwable throwable : throwableArray) { if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) { - if (e.getMessage().toLowerCase().contains(PDF_PASSWORD_MSG)) { - pdfPassword = PDF_PASSWORD_MSG; //查询到该文件是密码文件 输出带密码的值 + if (e.getMessage().toLowerCase().contains(pdfPwdErrorMsg)) { + pdfPassword = pdfPwdErrorMsg; //查询到该文件是密码文件 输出带密码的值 } } } - if (!PDF_PASSWORD_MSG.equals(pdfPassword)) { //该文件异常 错误原因非密码原因输出错误 + if (!pdfPwdErrorMsg.equals(pdfPassword)) { //该文件异常 错误原因非密码原因输出错误 logger.error("Convert pdf exception, pdfFilePath:{}", pdfFilePath, e); } @@ -292,11 +292,11 @@ public class FileHandlerService implements InitializingBean { } } - if (usePasswordCache || !PDF_PASSWORD_MSG.equals(pdfPassword)) { //加密文件 判断是否启用缓存命令 + if (usePasswordCache || !pdfPwdErrorMsg.equals(pdfPassword)) { //加密文件 判断是否启用缓存命令 this.addPdf2jpgCache(pdfFilePath, pageCount); } } catch (IOException e) { - if (!e.getMessage().contains(PDF_PASSWORD_MSG)) { + if (!e.getMessage().contains(pdfPwdErrorMsg)) { logger.error("Convert pdf to jpg exception, pdfFilePath:{}", pdfFilePath, e); } throw new Exception(e); @@ -502,7 +502,7 @@ public class FileHandlerService implements InitializingBean { if (req != null) { String officePreviewType = req.getParameter("officePreviewType"); String forceUpdatedCache = req.getParameter("forceUpdatedCache"); - String usePasswordCache = req.getParameter("usePasswordCache"); + String useCache = req.getParameter("usePasswordCache"); if (StringUtils.hasText(officePreviewType)) { attribute.setOfficePreviewType(officePreviewType); } @@ -523,7 +523,7 @@ public class FileHandlerService implements InitializingBean { if (StringUtils.hasText(filePassword)) { attribute.setFilePassword(filePassword); } - if ("true".equalsIgnoreCase(usePasswordCache)) { + if ("true".equalsIgnoreCase(useCache)) { attribute.setUsePasswordCache(true); } String kkProxyAuthorization = req.getHeader("kk-proxy-authorization"); diff --git a/server/src/main/java/cn/keking/service/impl/CompressFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/CompressFilePreviewImpl.java index ee0830e..f71df72 100644 --- a/server/src/main/java/cn/keking/service/impl/CompressFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/CompressFilePreviewImpl.java @@ -28,7 +28,7 @@ public class CompressFilePreviewImpl implements FilePreview { private final FileHandlerService fileHandlerService; private final CompressFileReader compressFileReader; private final OtherFilePreviewImpl otherFilePreview; - private static final String Rar_PASSWORD_MSG = "password"; + private static final String Rar_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg(); private static final Logger logger = org.slf4j.LoggerFactory.getLogger(CompressFileReader.class); diff --git a/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java index 7d4ee5e..7b62ca9 100644 --- a/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java @@ -30,7 +30,7 @@ public class OfficeFilePreviewImpl implements FilePreview { public static final String OFFICE_PREVIEW_TYPE_IMAGE = "image"; public static final String OFFICE_PREVIEW_TYPE_ALL_IMAGES = "allImages"; - private static final String OFFICE_PASSWORD_MSG = "password"; + private static final String OFFICE_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg(); private final FileHandlerService fileHandlerService; private final OfficeToPdfService officeToPdfService; diff --git a/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java index ecc8eff..f1a38ea 100644 --- a/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java @@ -24,7 +24,7 @@ public class PdfFilePreviewImpl implements FilePreview { private final FileHandlerService fileHandlerService; private final OtherFilePreviewImpl otherFilePreview; - private static final String PDF_PASSWORD_MSG = "password"; + private final String pdfPwdErrorMsg = ConfigConstants.getPasswordErrorMsg(); public PdfFilePreviewImpl(FileHandlerService fileHandlerService, OtherFilePreviewImpl otherFilePreview) { this.fileHandlerService = fileHandlerService; this.otherFilePreview = otherFilePreview; @@ -56,7 +56,7 @@ public class PdfFilePreviewImpl implements FilePreview { Throwable[] throwableArray = ExceptionUtils.getThrowables(e); for (Throwable throwable : throwableArray) { if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) { - if (e.getMessage().toLowerCase().contains(PDF_PASSWORD_MSG)) { + if (e.getMessage().toLowerCase().contains(pdfPwdErrorMsg)) { model.addAttribute("needFilePassword", true); return EXEL_FILE_PREVIEW_PAGE; } diff --git a/server/src/main/java/cn/keking/utils/DownloadUtils.java b/server/src/main/java/cn/keking/utils/DownloadUtils.java index e22e3a2..5dda952 100644 --- a/server/src/main/java/cn/keking/utils/DownloadUtils.java +++ b/server/src/main/java/cn/keking/utils/DownloadUtils.java @@ -37,7 +37,7 @@ public class DownloadUtils { private final static Logger logger = LoggerFactory.getLogger(DownloadUtils.class); private static final String fileDir = ConfigConstants.getFileDir(); private static final String URL_PARAM_FTP_USERNAME = "ftp.username"; - private static final String URL_PARAM_FTP_PASSWORD = "ftp.password"; + private static final String URL_PARAM_FTP_PASSWORD = "ftp."+ ConfigConstants.getPasswordErrorMsg(); private static final String URL_PARAM_FTP_CONTROL_ENCODING = "ftp.control.encoding"; private static final RestTemplate restTemplate = new RestTemplate(); private static final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); diff --git a/server/src/main/java/cn/keking/utils/OfficeUtils.java b/server/src/main/java/cn/keking/utils/OfficeUtils.java index fb60423..90be14d 100644 --- a/server/src/main/java/cn/keking/utils/OfficeUtils.java +++ b/server/src/main/java/cn/keking/utils/OfficeUtils.java @@ -1,5 +1,6 @@ package cn.keking.utils; +import cn.keking.config.ConfigConstants; import org.apache.commons.lang3.exception.ExceptionUtils; import org.apache.poi.EncryptedDocumentException; import org.apache.poi.extractor.ExtractorFactory; @@ -18,7 +19,7 @@ import java.nio.file.Paths; */ public class OfficeUtils { - private static final String POI_INVALID_PASSWORD_MSG = "password"; + private static final String POI_INVALID_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg(); /** * 判断office(word,excel,ppt)文件是否受密码保护