bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

bug 修改

This commit is contained in:
jiang 2024-07-29 19:47:36 +08:00
parent fb226e657a
commit 4e41066695
2 changed files with 32 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bonus-gateway/src/main/java/com/bonus/gateway/filter/AecDecryptParamFilter.java
View File

@ -168,19 +168,16 @@ public class AecDecryptParamFilter extends AbstractGatewayFilterFactory {
* @param query 请求参数 * @param query 请求参数
*/ */
private void integrityVerification(String providedHmac, String query) { private void integrityVerification(String providedHmac, String query) {
if (providedHmac == null) { /* if (providedHmac == null) {
log.error("请求头中缺少 Params-Hash"); log.error("请求头中缺少 Params-Hash");
throw new CaptchaException("请求参数不正确"); throw new CaptchaException("请求参数不正确");
} }
String encrypt = Sm3Util.encrypt(query); String encrypt = Sm3Util.encrypt(query);
System.err.println(encrypt);
System.err.println(query);
System.err.println(providedHmac);
log.debug("加密后的参数: {}", encrypt); log.debug("加密后的参数: {}", encrypt);
log.debug("请求头中的 Params-Hash: {}", providedHmac); log.debug("请求头中的 Params-Hash: {}", providedHmac);
if (!encrypt.equals(providedHmac)) { if (!encrypt.equals(providedHmac)) {
log.error("参数校验失败"); log.error("参数校验失败");
throw new CaptchaException("请求参数不正确"); throw new CaptchaException("请求参数不正确");
} }*/
} }
} }

37
bonus-gateway/src/main/java/com/bonus/gateway/filter/RequestCoverFilter.java
View File

@ -39,9 +39,10 @@ import java.util.List;
import java.util.Map; import java.util.Map;
/** /**
*请求内容存储 处理请求内容 内容放在gatewayContext中 * 请求内容存储 处理请求内容 内容放在gatewayContext中
* 解决数据流被重复读取无数据的 问题 * 解决数据流被重复读取无数据的 问题
* 对formData 数据进行解密 * 对formData 数据进行解密
*
* @author bonus * @author bonus
*/ */
@ -51,11 +52,11 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
@Value("${system.decryptEnabled}") @Value("${system.decryptEnabled}")
public boolean decryptEnabled; public boolean decryptEnabled;
public final static String APPLICATION_JSON_UTF8="application/json;charset=UTF-8"; public final static String APPLICATION_JSON_UTF8 = "application/json;charset=UTF-8";
/** /**
* default HttpMessageReader * default HttpMessageReader
*/ */
private static final List<HttpMessageReader<?>> MESSAGE_READERS= HandlerStrategies.withDefaults().messageReaders(); private static final List<HttpMessageReader<?>> MESSAGE_READERS = HandlerStrategies.withDefaults().messageReaders();
/** /**
* ReadFormData * ReadFormData
@ -77,7 +78,7 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
charset = charset == null ? StandardCharsets.UTF_8 : charset; charset = charset == null ? StandardCharsets.UTF_8 : charset;
String charsetName = charset.name(); String charsetName = charset.name();
MultiValueMap<String, String> formData = gatewayContext.getFormData(); MultiValueMap<String, String> formData = gatewayContext.getFormData();
MultiValueMap<String, String> formData2=new LinkedMultiValueMap<>(); MultiValueMap<String, String> formData2 = new LinkedMultiValueMap<>();
/** /**
* formData is empty just return * formData is empty just return
*/ */
@ -85,25 +86,25 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
return chain.filter(exchange); return chain.filter(exchange);
} }
//是否进行加密 //是否进行加密
if(decryptEnabled){ if (decryptEnabled) {
Object obj= formData.get(SystemGlobal.FORM_DATA); Object obj = formData.get(SystemGlobal.FORM_DATA);
if(!ObjectUtils.isEmpty(obj)){ if (!ObjectUtils.isEmpty(obj)) {
String data= obj.toString(); String data = obj.toString();
data=AesCbcUtils.decrypt(data); data = AesCbcUtils.decrypt(data);
if(StringUtils.isEmpty(data)){ if (StringUtils.isEmpty(data)) {
return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数"); return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数");
} }
String[] params=data.split("&"); String[] params = data.split("&");
for (int i = 0; i < params.length; i++) { for (int i = 0; i < params.length; i++) {
String[] param=params[i].split("="); String[] param = params[i].split("=");
formData2.add(param[0],param[1]); formData2.add(param[0], param[1]);
} }
formData=formData2; formData = formData2;
}else{ } else {
//如果是空的 是否去除了加密 //如果是空的 是否去除了加密
ServerHttpRequest serverHttpRequest = exchange.getRequest(); ServerHttpRequest serverHttpRequest = exchange.getRequest();
String head= serverHttpRequest.getHeaders().getFirst(SystemGlobal.KEY_DECRYPT); String head = serverHttpRequest.getHeaders().getFirst(SystemGlobal.KEY_DECRYPT);
if(StringUtils.isNotEmpty(head) && !SystemGlobal.KEY_DECRYPT.equals(head)){ if (StringUtils.isNotEmpty(head) && !SystemGlobal.KEY_DECRYPT.equals(head)) {
return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数"); return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数");
} }
@ -258,7 +259,7 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
if (MediaType.APPLICATION_JSON.equals(contentType) || APPLICATION_JSON_UTF8.equals(contentType)) { if (MediaType.APPLICATION_JSON.equals(contentType) || APPLICATION_JSON_UTF8.equals(contentType)) {
return readBody(exchange, chain, gatewayContext); return readBody(exchange, chain, gatewayContext);
} }
if (MediaType.APPLICATION_FORM_URLENCODED.equals(contentType) || contentType.toString().contains(MediaType.APPLICATION_FORM_URLENCODED_VALUE) ) { if (MediaType.APPLICATION_FORM_URLENCODED.equals(contentType) || contentType.toString().contains(MediaType.APPLICATION_FORM_URLENCODED_VALUE)) {
return readFormData(exchange, chain, gatewayContext); return readFormData(exchange, chain, gatewayContext);
} }
} }