fix: 错误校验
13009
parent
941709d154
commit
5eee93a4b3
|
|
@ -30,6 +30,10 @@ public final class DefaultValidator implements Validator {
|
||||||
this.verifier = profile.getSignature().getVerifier();
|
this.verifier = profile.getSignature().getVerifier();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Profile getProfile() {
|
||||||
|
return profile;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void validate(HttpRequest request, OriginalResponse response, Channel channel) {
|
public void validate(HttpRequest request, OriginalResponse response, Channel channel) {
|
||||||
// 校验应答状态码
|
// 校验应答状态码
|
||||||
|
|
@ -45,7 +49,7 @@ public final class DefaultValidator implements Validator {
|
||||||
private void isInvalidHttpCode(OriginalResponse response) {
|
private void isInvalidHttpCode(OriginalResponse response) {
|
||||||
if (response.getStatusCode() < HTTP_OK || response.getStatusCode() >= HTTP_MULT_CHOICE) {
|
if (response.getStatusCode() < HTTP_OK || response.getStatusCode() >= HTTP_MULT_CHOICE) {
|
||||||
throw new ValidationException(String.format("校验失败, HttpStatusCode=%s, Request-Id=%s, HttpResponseBody=%s",
|
throw new ValidationException(String.format("校验失败, HttpStatusCode=%s, Request-Id=%s, HttpResponseBody=%s",
|
||||||
response.getStatusCode(), response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
response.getStatusCode(), response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -53,14 +57,14 @@ public final class DefaultValidator implements Validator {
|
||||||
String timestamp = response.getHttpHeaders().getHeader(TIMESTAMP);
|
String timestamp = response.getHttpHeaders().getHeader(TIMESTAMP);
|
||||||
if (Strings.isEmpty(timestamp)) {
|
if (Strings.isEmpty(timestamp)) {
|
||||||
throw new TimestampException(String.format("校验失败, 时间戳[%s]不存在, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
throw new TimestampException(String.format("校验失败, 时间戳[%s]不存在, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
||||||
response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||||
}
|
}
|
||||||
|
|
||||||
Instant responseTime = Instant.ofEpochSecond(Long.parseLong(timestamp));
|
Instant responseTime = Instant.ofEpochSecond(Long.parseLong(timestamp));
|
||||||
// 拒绝过期请求
|
// 拒绝过期请求
|
||||||
if (Duration.between(responseTime, Instant.now()).abs().toMinutes() >= RESPONSE_EXPIRED_MINUTES) {
|
if (Duration.between(responseTime, Instant.now()).abs().toMinutes() >= RESPONSE_EXPIRED_MINUTES) {
|
||||||
throw new TimestampException(String.format("校验失败, 时间戳[%s=%s]已过期, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
throw new TimestampException(String.format("校验失败, 时间戳[%s=%s]已过期, Request-Id=%s, HttpResponseBody=%s", TIMESTAMP,
|
||||||
timestamp, response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
timestamp, response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -70,14 +74,29 @@ public final class DefaultValidator implements Validator {
|
||||||
String signature = response.getHttpHeaders().getHeader(SIGNATURE);
|
String signature = response.getHttpHeaders().getHeader(SIGNATURE);
|
||||||
if (signature == null || signature.isEmpty()) {
|
if (signature == null || signature.isEmpty()) {
|
||||||
throw new ValidationException(String.format("校验失败, 签名[%s]不存在, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
throw new ValidationException(String.format("校验失败, 签名[%s]不存在, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
||||||
response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||||
}
|
}
|
||||||
|
|
||||||
// 签名证书编号
|
// 签名证书编号
|
||||||
String serialNumber = response.getHttpHeaders().getHeader(BANK_CERTIFICATE_SERIAL);
|
String serialNumber = response.getHttpHeaders().getHeader(BANK_CERTIFICATE_SERIAL);
|
||||||
if (!verifier.verify(serialNumber, message, signature)) {
|
if (!verifier.verify(serialNumber, message, signature)) {
|
||||||
throw new ValidationException(String.format("校验失败, 签名[%s=%s]校验未通过, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
throw new ValidationException(String.format("校验失败, 签名[%s=%s]校验未通过, Request-Id=%s, HttpResponseBody=%s", SIGNATURE,
|
||||||
signature, response.getHttpHeaders().getHeader(REQUEST_ID), Strings.toStr(response.getBody())));
|
signature, response.getHttpHeaders().getHeader(REQUEST_ID), plainBody(response)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private String plainBody(OriginalResponse originalResponse) {
|
||||||
|
byte[] body = originalResponse.getBody();
|
||||||
|
|
||||||
|
// 判断是否有body加密密钥
|
||||||
|
if (!originalResponse.getHttpHeaders().hasHeader(SECRET_KEY)) {
|
||||||
|
return Strings.toStr(body);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 解密密钥
|
||||||
|
String secretKey = originalResponse.getHttpHeaders().getHeader(SECRET_KEY);
|
||||||
|
String decryptSecretKey = getProfile().getPrivacy().getDecryptor().decrypt(secretKey);
|
||||||
|
// 解密body
|
||||||
|
return getProfile().getPrivacy().getSecretCipher().decrypt(Strings.toBytes(decryptSecretKey), body);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -80,21 +80,6 @@ public class HttpLogger {
|
||||||
logger.info("{}应答报文:{}", logPrefixText, text);
|
logger.info("{}应答报文:{}", logPrefixText, text);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* 打印异常日志
|
|
||||||
*
|
|
||||||
* @param originalResponse 响应数据
|
|
||||||
*/
|
|
||||||
public void logResponseError(HttpRequest request, OriginalResponse originalResponse, String errorMessage) {
|
|
||||||
String logPrefixText = logPrefix(request);
|
|
||||||
if (isFull(logLevel)) {
|
|
||||||
originalResponse.getHttpHeaders().getHeaders().forEach((k, v) -> logger.info("{}应答头:{}:{}", logPrefixText, k, v));
|
|
||||||
}
|
|
||||||
|
|
||||||
String body = Strings.toStr(originalResponse.getBody() == null ? new byte[]{} : originalResponse.getBody());
|
|
||||||
logger.error("{}{}, 应答原始报文:{}", logPrefixText, errorMessage, body);
|
|
||||||
}
|
|
||||||
|
|
||||||
public String httpReasonPhrase(OriginalResponse response) {
|
public String httpReasonPhrase(OriginalResponse response) {
|
||||||
HttpStatus status = HttpStatus.resolve(response.getStatusCode());
|
HttpStatus status = HttpStatus.resolve(response.getStatusCode());
|
||||||
if (Objects.isNull(status)) {
|
if (Objects.isNull(status)) {
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,35 @@
|
||||||
|
package com.czcb.scfs.api.test;
|
||||||
|
|
||||||
|
import com.czcb.scfs.api.service.v2.communal.CommunalDataService;
|
||||||
|
import com.czcb.scfs.api.service.v2.communal.model.FiveCascadeQueryRequest;
|
||||||
|
import com.czcb.scfs.api.service.v2.communal.model.FiveCascadeQueryResponse;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author wangwei
|
||||||
|
* @date 2024/5/22
|
||||||
|
*/
|
||||||
|
@SpringBootTest
|
||||||
|
public class CommunalDataServiceTest {
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private CommunalDataService communalDataService;
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void fiveCascadeQuery() {
|
||||||
|
FiveCascadeQueryRequest request = new FiveCascadeQueryRequest();
|
||||||
|
request.setChannelNo("0000");
|
||||||
|
request.setAppNo("10");
|
||||||
|
request.setSerialNo(UUID.randomUUID().toString().replace("-", ""));
|
||||||
|
request.setSysTime("2024-03-20");
|
||||||
|
request.setSysDate("2024-03-20");
|
||||||
|
request.setZoningCode("110101001000000");
|
||||||
|
FiveCascadeQueryResponse response = communalDataService.fiveCascadeQuery(request);
|
||||||
|
|
||||||
|
System.out.println(response);
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue