修改服务bug漏洞及未修改的服务
This commit is contained in:
parent
10a6b034ac
commit
f183fea015
|
|
@ -27,7 +27,10 @@
|
||||||
</exclusion>
|
</exclusion>
|
||||||
</exclusions>
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
||||||
|
</dependency>
|
||||||
<!-- SpringCloud Alibaba Nacos Config -->
|
<!-- SpringCloud Alibaba Nacos Config -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.alibaba.cloud</groupId>
|
<groupId>com.alibaba.cloud</groupId>
|
||||||
|
|
|
||||||
|
|
@ -36,3 +36,15 @@ spring:
|
||||||
namespace: @name.space@
|
namespace: @name.space@
|
||||||
username: @username@
|
username: @username@
|
||||||
password: @password@
|
password: @password@
|
||||||
|
|
||||||
|
management:
|
||||||
|
server:
|
||||||
|
port: -1
|
||||||
|
endpoints:
|
||||||
|
web:
|
||||||
|
exposure:
|
||||||
|
exclude: []
|
||||||
|
enabled-by-default: false
|
||||||
|
endpoint:
|
||||||
|
beans:
|
||||||
|
enabled: false
|
||||||
|
|
@ -12,6 +12,9 @@ public class TokenConstants
|
||||||
*/
|
*/
|
||||||
public static final String AUTHENTICATION = "Authorization";
|
public static final String AUTHENTICATION = "Authorization";
|
||||||
|
|
||||||
|
|
||||||
|
public static final String TOKEN_HEAD = "token";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 令牌前缀
|
* 令牌前缀
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,12 @@ public class JwtUtils
|
||||||
*/
|
*/
|
||||||
public static Claims parseToken(String token)
|
public static Claims parseToken(String token)
|
||||||
{
|
{
|
||||||
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
|
try{
|
||||||
|
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
|
||||||
|
}catch (Exception e){
|
||||||
|
System.err.println("token不正确--->"+token);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,10 @@ import com.bonus.common.core.web.domain.AjaxResult;
|
||||||
public class GlobalExceptionHandler
|
public class GlobalExceptionHandler
|
||||||
{
|
{
|
||||||
private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
|
private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
|
||||||
|
public final static String BODY_ERROR="Required request body is missing:";
|
||||||
|
|
||||||
|
public final static String DATA_ERROR="Data truncation: Data too long for";
|
||||||
|
public final static String NUMBER_FORMAT_EXCEPTION ="java.lang.NumberFormatException";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 权限码异常
|
* 权限码异常
|
||||||
|
|
@ -79,6 +83,16 @@ public class GlobalExceptionHandler
|
||||||
public AjaxResult handleRuntimeException(RuntimeException e, HttpServletRequest request)
|
public AjaxResult handleRuntimeException(RuntimeException e, HttpServletRequest request)
|
||||||
{
|
{
|
||||||
String requestURI = request.getRequestURI();
|
String requestURI = request.getRequestURI();
|
||||||
|
String msg=e.getMessage();
|
||||||
|
if (StringUtils.hasText(msg)) {
|
||||||
|
if (msg.contains(BODY_ERROR)){
|
||||||
|
return AjaxResult.error("post请求body参数不能为空");
|
||||||
|
}
|
||||||
|
if (msg.contains(DATA_ERROR)){
|
||||||
|
return AjaxResult.error("数据长度过长");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
log.error("请求地址'{}',发生未知异常.", requestURI, e);
|
log.error("请求地址'{}',发生未知异常.", requestURI, e);
|
||||||
return AjaxResult.error(e.getMessage());
|
return AjaxResult.error(e.getMessage());
|
||||||
}
|
}
|
||||||
|
|
@ -102,6 +116,12 @@ public class GlobalExceptionHandler
|
||||||
{
|
{
|
||||||
log.error(e.getMessage(), e);
|
log.error(e.getMessage(), e);
|
||||||
String message = e.getAllErrors().get(0).getDefaultMessage();
|
String message = e.getAllErrors().get(0).getDefaultMessage();
|
||||||
|
|
||||||
|
assert message != null;
|
||||||
|
if(message.contains(NUMBER_FORMAT_EXCEPTION)){
|
||||||
|
return AjaxResult.error(HttpStatus.FORBIDDEN, "请求参数不正确");
|
||||||
|
}
|
||||||
|
|
||||||
return AjaxResult.error(message);
|
return AjaxResult.error(message);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,44 @@
|
||||||
|
package com.bonus.gateway.config;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author 黑子
|
||||||
|
*/
|
||||||
|
public class AuthWriteUtils {
|
||||||
|
|
||||||
|
|
||||||
|
public static boolean endWith(String url){
|
||||||
|
if(url.endsWith(".js")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".ttf")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".woff2")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".woff")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".ico")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".css")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".jpg")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".png")){
|
||||||
|
return true;
|
||||||
|
}else if(url.endsWith(".html")){
|
||||||
|
return true;
|
||||||
|
}else {
|
||||||
|
return url.endsWith(".jpeg");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
public static List<String> getBlackUrl(){
|
||||||
|
List<String> whiteUrl=new ArrayList<>();
|
||||||
|
whiteUrl.add("/bmw/**");
|
||||||
|
whiteUrl.add("/file/file/ynRealName/**");
|
||||||
|
return whiteUrl;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,42 @@
|
||||||
|
package com.bonus.gateway.config;
|
||||||
|
|
||||||
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||||
|
import org.springframework.boot.autoconfigure.web.ServerProperties;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
|
import org.springframework.core.annotation.Order;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||||
|
import org.springframework.web.server.ResponseStatusException;
|
||||||
|
import org.springframework.web.server.WebFilter;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author HeiZi
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
public class ContextPathConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@ConditionalOnProperty("server.servlet.context-path")
|
||||||
|
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||||
|
public WebFilter contextPathWebFilter(ServerProperties serverProperties){
|
||||||
|
String contextPath = serverProperties.getServlet().getContextPath();
|
||||||
|
return (serverWebExchange, webFilterChain) ->{
|
||||||
|
ServerHttpRequest request = serverWebExchange.getRequest();
|
||||||
|
String requestPath = request.getURI().getPath();
|
||||||
|
|
||||||
|
if(requestPath.contains(contextPath)){
|
||||||
|
String newPath = requestPath.replaceFirst(contextPath+"/", "");
|
||||||
|
ServerHttpRequest newRequest = request.mutate()
|
||||||
|
.path(newPath).build();
|
||||||
|
return webFilterChain.filter(serverWebExchange.mutate()
|
||||||
|
.request(newRequest)
|
||||||
|
.build()
|
||||||
|
);
|
||||||
|
}else {
|
||||||
|
throw new ResponseStatusException(HttpStatus.NOT_FOUND);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,31 @@
|
||||||
|
package com.bonus.gateway.config;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.web.cors.CorsConfiguration;
|
||||||
|
import org.springframework.web.cors.reactive.CorsWebFilter;
|
||||||
|
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
|
||||||
|
import org.springframework.web.util.pattern.PathPatternParser;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 跨域处理请求配置
|
||||||
|
* @author 黑子
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
public class CorsConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public CorsWebFilter corsWebFilter() {
|
||||||
|
CorsConfiguration config = new CorsConfiguration();
|
||||||
|
config.addAllowedOrigin("*");
|
||||||
|
config.addAllowedMethod("*");
|
||||||
|
config.addAllowedHeader("*");
|
||||||
|
config.addAllowedOriginPattern("*");
|
||||||
|
config.setAllowCredentials(false);
|
||||||
|
config.setMaxAge(3600L);
|
||||||
|
|
||||||
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||||
|
source.registerCorsConfiguration("/**", config);
|
||||||
|
return new CorsWebFilter(source);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
package com.bonus.gateway.filter;
|
package com.bonus.gateway.filter;
|
||||||
|
|
||||||
|
import com.bonus.gateway.config.AuthWriteUtils;
|
||||||
import com.bonus.gateway.config.properties.IgnoreWhiteProperties;
|
import com.bonus.gateway.config.properties.IgnoreWhiteProperties;
|
||||||
import com.bonus.common.core.constant.CacheConstants;
|
import com.bonus.common.core.constant.CacheConstants;
|
||||||
import com.bonus.common.core.constant.HttpStatus;
|
import com.bonus.common.core.constant.HttpStatus;
|
||||||
|
|
@ -18,6 +19,7 @@ import org.springframework.cloud.gateway.filter.GlobalFilter;
|
||||||
import org.springframework.core.Ordered;
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.util.MultiValueMap;
|
||||||
import org.springframework.web.server.ServerWebExchange;
|
import org.springframework.web.server.ServerWebExchange;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
|
|
@ -46,6 +48,13 @@ public class AuthFilter implements GlobalFilter, Ordered
|
||||||
ServerHttpRequest.Builder mutate = request.mutate();
|
ServerHttpRequest.Builder mutate = request.mutate();
|
||||||
|
|
||||||
String url = request.getURI().getPath();
|
String url = request.getURI().getPath();
|
||||||
|
if (StringUtils.matches(url, AuthWriteUtils.getBlackUrl()))
|
||||||
|
{
|
||||||
|
if(AuthWriteUtils.endWith(url)){
|
||||||
|
return chain.filter(exchange);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// 跳过不需要验证的路径
|
// 跳过不需要验证的路径
|
||||||
if (StringUtils.matches(url, ignoreWhite.getWhites()))
|
if (StringUtils.matches(url, ignoreWhite.getWhites()))
|
||||||
{
|
{
|
||||||
|
|
@ -124,7 +133,20 @@ public class AuthFilter implements GlobalFilter, Ordered
|
||||||
{
|
{
|
||||||
token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
|
token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
|
||||||
}
|
}
|
||||||
|
if(StringUtils.isEmpty(token)){
|
||||||
|
String hed="token";
|
||||||
|
String nl="null";
|
||||||
|
MultiValueMap<String, String> tokens= request.getQueryParams();
|
||||||
|
token = request.getHeaders().getFirst(TokenConstants.TOKEN_HEAD);
|
||||||
|
if(tokens.get(hed)!=null && !tokens.get(hed).isEmpty()){
|
||||||
|
token =tokens.get("token").get(0);
|
||||||
|
if(nl.equals(token)){
|
||||||
|
token=null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
return token;
|
return token;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
# Tomcat
|
# Tomcat
|
||||||
server:
|
server:
|
||||||
port: 39100
|
port: 39100
|
||||||
|
servlet:
|
||||||
|
context-path: lpRealName
|
||||||
|
|
||||||
# Spring
|
# Spring
|
||||||
spring:
|
spring:
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
# Tomcat
|
# Tomcat
|
||||||
server:
|
server:
|
||||||
port: 31913
|
port: 31913
|
||||||
servlet:
|
# servlet:
|
||||||
context-path: /app
|
# context-path: /app
|
||||||
|
|
||||||
# Spring
|
# Spring
|
||||||
spring:
|
spring:
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
# Tomcat
|
# Tomcat
|
||||||
server:
|
server:
|
||||||
port: 31912
|
port: 31912
|
||||||
servlet:
|
# servlet:
|
||||||
context-path: /bmw
|
# context-path: /bmw
|
||||||
|
|
||||||
# Spring
|
# Spring
|
||||||
spring:
|
spring:
|
||||||
|
|
@ -35,4 +35,15 @@ spring:
|
||||||
|
|
||||||
devtools:
|
devtools:
|
||||||
restart:
|
restart:
|
||||||
|
enabled: false
|
||||||
|
management:
|
||||||
|
server:
|
||||||
|
port: -1
|
||||||
|
endpoints:
|
||||||
|
web:
|
||||||
|
exposure:
|
||||||
|
exclude: []
|
||||||
|
enabled-by-default: false
|
||||||
|
endpoint:
|
||||||
|
beans:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
@ -1,5 +1,14 @@
|
||||||
let Authorization = localStorage.getItem("smz-token");
|
let Authorization = localStorage.getItem("smz-token");
|
||||||
|
|
||||||
|
|
||||||
|
$(document).ajaxSuccess(function (event, xhr, settings, data) {
|
||||||
|
if(data.code===401){
|
||||||
|
localStorage.removeItem("smz-token");
|
||||||
|
top.location.href = IP_URL + '/bmw/login.html';
|
||||||
|
}
|
||||||
|
return data;
|
||||||
|
});
|
||||||
|
|
||||||
$.ajaxSetup({
|
$.ajaxSetup({
|
||||||
cache : false,
|
cache : false,
|
||||||
headers : {
|
headers : {
|
||||||
|
|
@ -22,7 +31,7 @@ $.ajaxSetup({
|
||||||
layer.msg(message);
|
layer.msg(message);
|
||||||
} else if (code == 401) {
|
} else if (code == 401) {
|
||||||
localStorage.removeItem("smz-token");
|
localStorage.removeItem("smz-token");
|
||||||
location.href = '/login.html';
|
top.location.href = IP_URL + '/bmw/login.html';
|
||||||
} else if (code == 403) {
|
} else if (code == 403) {
|
||||||
console.log("未授权:" + message);
|
console.log("未授权:" + message);
|
||||||
layer.msg('未授权');
|
layer.msg('未授权');
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,15 @@
|
||||||
var ctxPath = getContextPath();
|
let IP_URL="http://127.0.0.1:39100/lpRealName"
|
||||||
var currentHostname = window.location.hostname;
|
let ctxPath = IP_URL+"/bmw";
|
||||||
|
let currentHostname = window.location.hostname;
|
||||||
|
|
||||||
|
|
||||||
//测试
|
//测试
|
||||||
var loginPath = "http://" + currentHostname + ":39200";//auth
|
let loginPath =IP_URL+"/auth"//auth
|
||||||
var systemPath = "http://" + currentHostname + ":31910";//system
|
let systemPath = IP_URL+"/system";//system
|
||||||
var fileUrl = "http://" + currentHostname + ":31909/file";
|
let fileUrl = IP_URL+"/file"; // ":31909/file";
|
||||||
var planUrl = "http://" + currentHostname + ":1918/ynPlan";
|
let planUrl = IP_URL+"/ynPlan"; // + ":1918/ynPlan";
|
||||||
var filePath = "http://" + currentHostname + ":31909/file";
|
let filePath = IP_URL+"/file"; //+ ":31909/file";
|
||||||
var oiPlanUrl = "http://" + currentHostname + ":31914/oiPlan";
|
let oiPlanUrl = IP_URL+"/oiPlan"; //+ ":31914/oiPlan";
|
||||||
//正式环境
|
//正式环境
|
||||||
// var loginPath = "http://" + currentHostname + ":14413/auth";
|
// var loginPath = "http://" + currentHostname + ":14413/auth";
|
||||||
// var systemPath = "http://" + currentHostname + ":14413/system";
|
// var systemPath = "http://" + currentHostname + ":14413/system";
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,10 @@
|
||||||
<scope>system</scope>
|
<scope>system</scope>
|
||||||
<systemPath>${project.basedir}/lib/aspose-words-15.8.0-jdk16.jar</systemPath>
|
<systemPath>${project.basedir}/lib/aspose-words-15.8.0-jdk16.jar</systemPath>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>aspose</groupId>
|
<groupId>aspose</groupId>
|
||||||
<artifactId>aspose-slide</artifactId>
|
<artifactId>aspose-slide</artifactId>
|
||||||
|
|
|
||||||
|
|
@ -30,4 +30,16 @@ spring:
|
||||||
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
|
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
|
||||||
namespace: @name.space@
|
namespace: @name.space@
|
||||||
# username: @username@
|
# username: @username@
|
||||||
# password: @password@
|
# password: @password@
|
||||||
|
|
||||||
|
management:
|
||||||
|
server:
|
||||||
|
port: -1
|
||||||
|
endpoints:
|
||||||
|
web:
|
||||||
|
exposure:
|
||||||
|
exclude: []
|
||||||
|
enabled-by-default: false
|
||||||
|
endpoint:
|
||||||
|
beans:
|
||||||
|
enabled: false
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
# Tomcat
|
# Tomcat
|
||||||
server:
|
server:
|
||||||
port: 31917
|
port: 31917
|
||||||
servlet:
|
# servlet:
|
||||||
context-path: /line
|
# context-path: /line
|
||||||
|
|
||||||
# Spring
|
# Spring
|
||||||
spring:
|
spring:
|
||||||
|
|
|
||||||
|
|
@ -13,8 +13,8 @@ server:
|
||||||
buffered: true
|
buffered: true
|
||||||
requestAttributesEnabled: true
|
requestAttributesEnabled: true
|
||||||
port: 31914
|
port: 31914
|
||||||
servlet:
|
# servlet:
|
||||||
context-path: /oiPlan
|
# context-path: /oiPlan
|
||||||
#
|
#
|
||||||
environment: @profiles.active@
|
environment: @profiles.active@
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -36,3 +36,4 @@ spring:
|
||||||
namespace: @name.space@
|
namespace: @name.space@
|
||||||
username: @username@
|
username: @username@
|
||||||
password: @password@
|
password: @password@
|
||||||
|
|
||||||
|
|
|
||||||
2
pom.xml
2
pom.xml
|
|
@ -353,7 +353,7 @@
|
||||||
<properties>
|
<properties>
|
||||||
<profiles.active>lp_smz_dev</profiles.active>
|
<profiles.active>lp_smz_dev</profiles.active>
|
||||||
<nacos.server>192.168.0.14:8848</nacos.server>
|
<nacos.server>192.168.0.14:8848</nacos.server>
|
||||||
<name.space>lp_smz_dev</name.space>
|
<name.space>lp_smz_new</name.space>
|
||||||
<username>nacos</username>
|
<username>nacos</username>
|
||||||
<password>nacos</password>
|
<password>nacos</password>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue