fix: 错误校验
13009
parent
941709d154
commit
5eee93a4b3
|
|
@ -30,6 +30,10 @@ public final class DefaultValidator implements Validator {
|
|||
this.verifier = profile.getSignature().getVerifier();
|
||||
}
|
||||
|
||||
public Profile getProfile() {
|
||||
return profile;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void validate(HttpRequest request, OriginalResponse response, Channel channel) {
|
||||
// 校验应答状态码
|
||||
|
|
@ -45,7 +49,7 @@ public final class DefaultValidator implements Validator {
|
|||
private void isInvalidHttpCode(OriginalResponse response) {
|
||||
if (response.getStatusCode() < HTTP_OK || response.getStatusCode() >= HTTP_MULT_CHOICE) {
|
||||
throw new ValidationException(String.format("校验失败, HttpStatusCode=%s, Request-Id=%s, HttpResponseBody=%s",
|
||||
response.getStatusCode(), response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
||||
response.getStatusCode(), response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -53,14 +57,14 @@ public final class DefaultValidator implements Validator {
|
|||
String timestamp = response.getHttpHeaders().getHeader(TIMESTAMP);
|
||||
if (Strings.isEmpty(timestamp)) {
|
||||
throw new TimestampException(String.format("校验失败, 时间戳[%s]不存在, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
||||
response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
||||
response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||
}
|
||||
|
||||
Instant responseTime = Instant.ofEpochSecond(Long.parseLong(timestamp));
|
||||
// 拒绝过期请求
|
||||
if (Duration.between(responseTime, Instant.now()).abs().toMinutes() >= RESPONSE_EXPIRED_MINUTES) {
|
||||
throw new TimestampException(String.format("校验失败, 时间戳[%s=%s]已过期, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
||||
timestamp, response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
||||
timestamp, response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -70,14 +74,29 @@ public final class DefaultValidator implements Validator {
|
|||
String signature = response.getHttpHeaders().getHeader(SIGNATURE);
|
||||
if (signature == null || signature.isEmpty()) {
|
||||
throw new ValidationException(String.format("校验失败, 签名[%s]不存在, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
||||
response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
||||
response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||
}
|
||||
|
||||
// 签名证书编号
|
||||
String serialNumber = response.getHttpHeaders().getHeader(BANK_CERTIFICATE_SERIAL);
|
||||
if (!verifier.verify(serialNumber, message, signature)) {
|
||||
throw new ValidationException(String.format("校验失败, 签名[%s=%s]校验未通过, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
||||
signature, response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
||||
signature, response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||
}
|
||||
}
|
||||
|
||||
private String plainBody(OriginalResponse originalResponse) {
|
||||
byte[] body = originalResponse.getBody();
|
||||
|
||||
// 判断是否有body加密密钥
|
||||
if (!originalResponse.getHttpHeaders().hasHeader(SECRET_KEY)) {
|
||||
return Strings.toStr(body);
|
||||
}
|
||||
|
||||
// 解密密钥
|
||||
String secretKey = originalResponse.getHttpHeaders().getHeader(SECRET_KEY);
|
||||
String decryptSecretKey = getProfile().getPrivacy().getDecryptor().decrypt(secretKey);
|
||||
// 解密body
|
||||
return getProfile().getPrivacy().getSecretCipher().decrypt(Strings.toBytes(decryptSecretKey), body);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -80,21 +80,6 @@ public class HttpLogger {
|
|||
logger.info("{}应答报文:{}", logPrefixText, text);
|
||||
}
|
||||
|
||||
/**
|
||||
* 打印异常日志
|
||||
*
|
||||
* @param originalResponse 响应数据
|
||||
*/
|
||||
public void logResponseError(HttpRequest request, OriginalResponse originalResponse, String errorMessage) {
|
||||
String logPrefixText = logPrefix(request);
|
||||
if (isFull(logLevel)) {
|
||||
originalResponse.getHttpHeaders().getHeaders().forEach((k, v) -> logger.info("{}应答头:{}:{}", logPrefixText, k, v));
|
||||
}
|
||||
|
||||
String body = Strings.toStr(originalResponse.getBody() == null ? new byte[]{} : originalResponse.getBody());
|
||||
logger.error("{}{}, 应答原始报文:{}", logPrefixText, errorMessage, body);
|
||||
}
|
||||
|
||||
public String httpReasonPhrase(OriginalResponse response) {
|
||||
HttpStatus status = HttpStatus.resolve(response.getStatusCode());
|
||||
if (Objects.isNull(status)) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,35 @@
|
|||
package com.czcb.scfs.api.test;
|
||||
|
||||
import com.czcb.scfs.api.service.v2.communal.CommunalDataService;
|
||||
import com.czcb.scfs.api.service.v2.communal.model.FiveCascadeQueryRequest;
|
||||
import com.czcb.scfs.api.service.v2.communal.model.FiveCascadeQueryResponse;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* @author wangwei
|
||||
* @date 2024/5/22
|
||||
*/
|
||||
@SpringBootTest
|
||||
public class CommunalDataServiceTest {
|
||||
|
||||
@Resource
|
||||
private CommunalDataService communalDataService;
|
||||
|
||||
@Test
|
||||
void fiveCascadeQuery() {
|
||||
FiveCascadeQueryRequest request = new FiveCascadeQueryRequest();
|
||||
request.setChannelNo("0000");
|
||||
request.setAppNo("10");
|
||||
request.setSerialNo(UUID.randomUUID().toString().replace("-", ""));
|
||||
request.setSysTime("2024-03-20");
|
||||
request.setSysDate("2024-03-20");
|
||||
request.setZoningCode("110101001000000");
|
||||
FiveCascadeQueryResponse response = communalDataService.fiveCascadeQuery(request);
|
||||
|
||||
System.out.println(response);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue