feat(all): 志邦工厂接受数据增加权限控制

1 增加接受志邦工厂数据时的权限处理

blade-service/logpm-factory-data/logpm-factory-data-zbom/src/main/java/com/logpm/factorydata/zbom/config/RequestWrapper.java

@@ -0,0 +1,71 @@
+package com.logpm.factorydata.zbom.config;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+
+public class RequestWrapper extends HttpServletRequestWrapper {
+	private final String body;
+	public RequestWrapper(HttpServletRequest request) throws IOException {
+		super(request);
+		StringBuilder stringBuilder = new StringBuilder();
+		BufferedReader bufferedReader = null;
+		try {
+			InputStream inputStream = request.getInputStream();
+			if (inputStream != null) {
+				bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
+				char[] charBuffer = new char[128];
+				int bytesRead = -1;
+				while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
+					stringBuilder.append(charBuffer, 0, bytesRead);
+				}
+			} else {
+				stringBuilder.append("");
+			}
+		} catch (IOException ex) {
+			throw ex;
+		} finally {
+			if (bufferedReader != null) {
+				try {
+					bufferedReader.close();
+				} catch (IOException ex) {
+					throw ex;
+				}
+			}
+		}
+		body = stringBuilder.toString();
+	}
+
+	@Override
+	public ServletInputStream getInputStream() throws IOException {
+		final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes());
+		ServletInputStream servletInputStream = new ServletInputStream() {
+			public boolean isFinished() {
+				return false;
+			}
+			public boolean isReady() {
+				return false;
+			}
+			public void setReadListener(ReadListener readListener) {}
+			public int read() throws IOException {
+				return byteArrayInputStream.read();
+			}
+		};
+		return servletInputStream;
+
+	}
+	@Override
+	public BufferedReader getReader() throws IOException {
+		return new BufferedReader(new InputStreamReader(this.getInputStream()));
+	}
+	public String getBody() {
+		return this.body;
+	}
+
+}

blade-service/logpm-factory-data/logpm-factory-data-zbom/src/main/java/com/logpm/factorydata/zbom/interceptor/ZbFactoryAccountsInterceptor.java

@@ -0,0 +1,95 @@
+package com.logpm.factorydata.zbom.interceptor;
+
+import com.alibaba.fastjson.JSONObject;
+import com.logpm.factorydata.zbom.config.RequestWrapper;
+import com.logpm.factorydata.zbom.pros.ZbFactoryProperties;
+import com.logpm.factorydata.zbom.util.QmSignUntil;
+import lombok.AllArgsConstructor;
+import lombok.extern.log4j.Log4j2;
+import org.springblade.core.tool.api.R;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.Map;
+
+@Log4j2
+@AllArgsConstructor
+public class ZbFactoryAccountsInterceptor implements HandlerInterceptor {
+
+	private final ZbFactoryProperties zbFactoryProperties;
+
+	@Override
+	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+		log.info("#################preHandle: 志邦权限 验证开始");
+		RequestWrapper myRequestWrapper = new RequestWrapper(request);
+
+		String method = request.getParameter("method");
+		String timestamp = request.getParameter("timestamp");
+		String format = request.getParameter("format");
+		String appKey = request.getParameter("app_key");
+		String v = request.getParameter("v");
+		String sign = request.getParameter("sign");
+		String signMethod = request.getParameter("sign_method");
+		String customerId = request.getParameter("customerId");
+
+		String body = myRequestWrapper.getBody();
+		JSONObject bodyJson = JSONObject.parseObject(body);
+		log.info("bodyJson ={}",bodyJson.toString());
+
+		Map<String, String> params = new HashMap<>();
+		params.put("app_key",appKey);
+		params.put("customerId",customerId);
+		params.put("format",format);
+		params.put("method",method);
+		params.put("sign_method",signMethod);
+		params.put("timestamp",timestamp);
+		params.put("v",v);
+
+		String s = body.replaceAll("\\s+", "");
+		log.info("###################   params={}",params);
+		log.info("###################   secretkey={}",zbFactoryProperties.getSecretkey());
+		log.info("###################   signMethod={}",signMethod);
+
+		String newSign = QmSignUntil.signTopRequest(params, zbFactoryProperties.getSecretkey(), signMethod, s);
+		log.info(" 签名 old {}",sign);
+		log.info(" 新签名 old {}",newSign);
+
+		if(!newSign.equals(sign)){
+			returnJson(response,JSONObject.toJSONString(R.fail(203,"签名认证失败")));
+			return false;
+		}
+		return true;
+	}
+
+
+	private void returnJson(HttpServletResponse response, String json) {
+		PrintWriter writer = null;
+		response.setCharacterEncoding("UTF-8");
+		response.setContentType("application/json");
+		try {
+			writer = response.getWriter();
+			writer.print(json);
+
+		} catch (IOException e) {
+			System.out.println(e.getMessage());
+		} finally {
+			if (writer != null)
+				writer.close();
+		}
+	}
+
+	@Override
+	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+		HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
+	}
+
+	@Override
+	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+		HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
+	}
+}