From 2b35339fd67969df7acb8c75bfceafa1ba134b41 Mon Sep 17 00:00:00 2001 From: chenjiahe <763432473@qq.com> Date: 星期四, 11 八月 2022 14:32:11 +0800 Subject: [PATCH] 签名有效时间提升到30秒钟 --- src/main/java/com/platform/verification/VerificationTool.java | 26 +++++++++++++++++--------- 1 files changed, 17 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/platform/verification/VerificationTool.java b/src/main/java/com/platform/verification/VerificationTool.java index e52b87c..a94fca7 100644 --- a/src/main/java/com/platform/verification/VerificationTool.java +++ b/src/main/java/com/platform/verification/VerificationTool.java @@ -1,12 +1,14 @@ package com.platform.verification; - import com.hx.util.DateUtil; import com.hx.util.StringUtils; import com.hx.util.rsa.RSAUtil; +import com.platform.constants.LoginConstant; +import com.platform.entity.ThirtApplication; import com.platform.resultTool.PlatformCode; import com.platform.resultTool.PlatformResult; +import javax.servlet.http.HttpServletRequest; import java.text.SimpleDateFormat; import java.util.Date; @@ -17,13 +19,12 @@ public class VerificationTool { /**鏍¢獙鏂规硶璇锋眰 - * @param appId 鐢ㄦ埛鐨凙PPID + * @param appId 鐢ㄦ埛鐨凙PPID ` * @param sign 鐢ㄦ埛绛惧悕 - * @param sys_appId 绯荤粺鐨刟ppid - * @param sys_private_key 绯荤粺鐨凴SA绉橀挜 + * @param thirtApplication ThirtApplication * @return */ - public static PlatformResult verification(String appId,String sign,String sys_appId,String sys_private_key){ + public static PlatformResult verification(String appId, String sign, ThirtApplication thirtApplication,HttpServletRequest request){ if (StringUtils.isEmpty(sign)) { return PlatformResult.failure(PlatformCode.ERROR_SIGN, "绛惧悕閿欒01"); @@ -33,14 +34,18 @@ } //鏍¢獙appid鏄惁瀛樺湪 - if(!sys_appId.equals(appId)){ + if(thirtApplication == null){ return PlatformResult.failure(PlatformCode.ERROR_APPIS, "APPID鏃犳晥"); + } + + if(StringUtils.isEmpty(thirtApplication.getPrivateKey())){ + return PlatformResult.failure(PlatformCode.ERROR_SIGN, "绛惧悕閿欒,APPID鏃犳晥"); } //瑙e瘑RSA String decrypt = null; try{ - decrypt = RSAUtil.privateDecrypt(sign, sys_private_key); + decrypt = RSAUtil.privateDecrypt(sign, thirtApplication.getPrivateKey()); }catch (Exception e){ } @@ -68,11 +73,14 @@ return PlatformResult.failure(PlatformCode.ERROR_SIGN, "绛惧悕閿欒05"); } - //鎺ュ彛鏈夋晥2绉掗挓 - if(System.currentTimeMillis()-date.getTime() > 2000){ + //鎺ュ彛鏈夋晥30绉掗挓 + if(System.currentTimeMillis()-date.getTime() > 30000){ return PlatformResult.failure(PlatformCode.ERRO_VISIT_OVERTIMR, "璁块棶瓒呮椂"); } + thirtApplication.setPrivateKey(null); + request.getSession().setAttribute(LoginConstant.LOGIN_APPLY,thirtApplication); + return PlatformResult.success(); } -- Gitblit v1.8.0