fwq
2023-02-06 7bc014fae086f3ade556981ff3e05c70bbf2fdff
提交 | 用户 | age
6c1bfc 1 package com.platform.verification;
C 2
ad5086 3 import com.hx.util.DateUtil;
6c1bfc 4 import com.hx.util.StringUtils;
C 5 import com.hx.util.rsa.RSAUtil;
a51ba7 6 import com.platform.constants.LoginConstant;
C 7 import com.platform.entity.ThirtApplication;
6c1bfc 8 import com.platform.resultTool.PlatformCode;
C 9 import com.platform.resultTool.PlatformResult;
ad5086 10
a51ba7 11 import javax.servlet.http.HttpServletRequest;
ad5086 12 import java.text.SimpleDateFormat;
C 13 import java.util.Date;
6c1bfc 14
C 15 /**平台校验方法
16  * @author CJH
17  * @date 2021-10-20
18  */
19 public class VerificationTool {
20
21     /**校验方法请求
a51ba7 22      * @param appId 用户的APPID `
6c1bfc 23      * @param sign 用户签名
a51ba7 24      * @param thirtApplication ThirtApplication
6c1bfc 25      * @return
C 26      */
a51ba7 27     public static PlatformResult verification(String appId, String sign, ThirtApplication thirtApplication,HttpServletRequest request){
6c1bfc 28
C 29         if (StringUtils.isEmpty(sign)) {
7842d6 30             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误01");
6c1bfc 31         }
C 32         if (StringUtils.isEmpty(appId)) {
670a05 33             return PlatformResult.failure(PlatformCode.ERROR_APPIS, "APPID错误");
6c1bfc 34         }
C 35
36         //校验appid是否存在
a51ba7 37         if(thirtApplication == null){
670a05 38             return PlatformResult.failure(PlatformCode.ERROR_APPIS, "APPID无效");
a51ba7 39         }
C 40
41         if(StringUtils.isEmpty(thirtApplication.getPrivateKey())){
42             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误,APPID无效");
6c1bfc 43         }
C 44
45         //解密RSA
46         String decrypt = null;
47         try{
a51ba7 48             decrypt = RSAUtil.privateDecrypt(sign, thirtApplication.getPrivateKey());
6c1bfc 49         }catch (Exception e){
C 50
51         }
52         if(StringUtils.isEmpty(decrypt)){
7842d6 53             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误02");
6c1bfc 54         }
C 55
56         //decrypt格式:appId_时间戳_随机数(尽量少)
57         String[] decrypts = decrypt.split("_");
58         if(decrypts.length != 3){
7842d6 59             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误03");
6c1bfc 60         }
C 61
62         if (!appId.equals(decrypts[0])) {
7842d6 63             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误04");
6c1bfc 64         }
ad5086 65
C 66         Date date  = null;
67         try{
68             //判断接口时间
69             SimpleDateFormat sdf= new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
70             String sd = sdf.format(new Date(Long.parseLong(String.valueOf(decrypts[1]))));      // 时间戳转换成时间
71             date = DateUtil.parseString(sd,"yyyy-MM-dd HH:mm:ss");
72         }catch (Exception e){
7842d6 73             return PlatformResult.failure(PlatformCode.ERROR_SIGN, "签名错误05");
ad5086 74         }
C 75
2b3533 76         //接口有效30秒钟
7bc014 77         if(System.currentTimeMillis()-date.getTime() > 30000){
670a05 78             return PlatformResult.failure(PlatformCode.ERRO_VISIT_OVERTIMR, "访问超时");
7bc014 79         }
ad5086 80
a51ba7 81         thirtApplication.setPrivateKey(null);
2da63b 82         request.getSession().setAttribute(LoginConstant.LOGIN_APPLY,thirtApplication);
a51ba7 83
6c1bfc 84         return PlatformResult.success();
C 85     }
86
ad5086 87     public static void main(String[] args) {
C 88
89         Long timeStamp = System.currentTimeMillis();  //获取当前时间戳
90         SimpleDateFormat sdf= new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
91         String sd = sdf.format(new Date(Long.parseLong(String.valueOf(timeStamp))));
92
93         Date date = DateUtil.parseString(sd,"yyyy-MM-dd HH:mm:ss");
94
95         System.out.println();
96
97         // 时间戳转换成时间
98         System.out.println("格式化结果:" + sd);
99
100     }
101
6c1bfc 102 }