统一网关secret获取

hos-camel/src/main/java/gateway/processor/GatewayProcessor.java

@@ -1,12 +1,13 @@
package gateway.processor;
import com.yihu.hos.core.datatype.DateUtil;
import com.yihu.hos.core.datatype.StringUtil;
import org.apache.camel.Body;
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
import java.sql.Date;
import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Map;
@@ -18,8 +19,24 @@ public class GatewayProcessor implements Processor {
    public void process(Exchange exchange) throws Exception {
    }
    public String route(@Body String body) {
        Map<String, String> params = parseBody(body);
    public String secret(@Body String body, Exchange exchange) throws IOException, ParseException {
        System.out.println(body);
        String appKey = exchange.getIn().getHeaders().get("appKey").toString();
        return "restlet:http://sdw2:10000/api/v1.0/admin/apps/" + appKey;
    }
    public String route(@Body Map<String, Object> body, Exchange exchange) throws IOException, ParseException {
//        body = URLDecoder.decode(body, "UTF-8");
        if ("true".equals(body.get("successFlg"))) {
            return "jetty:http://0.0.0.0:9999/error/paramError";    //TODO:
        }
        Map<String, Object> obj = (Map) body.get("obj");
        if (obj == null) {
            return "jetty:http://0.0.0.0:9999/error/paramError";    //TODO:
        }
        String secret = obj.get("secret").toString();
        Map<String, Object> params = exchange.getIn().getHeaders();
        boolean pass = checkParams(params);
        if (!pass) {
            return "jetty:http://0.0.0.0:9999/error/paramError";    //TODO:
@@ -30,17 +47,17 @@ public class GatewayProcessor implements Processor {
            return "jetty:http://0.0.0.0:9999/error/outdataError";    //TODO:
        }
        pass = checkSign(params);
        if (pass) {
        pass = checkSign(params, secret);
        if (!pass) {
            return "jetty:http://0.0.0.0:9999/error/signValidError";    //TODO:
        }
        pass = checkAuthorized(params);
        if (pass) {
        if (!pass) {
            return "jetty:http://0.0.0.0:9999/error/unauthorizedError";    //TODO:
        }
        String api = params.get("api");
        String api = params.get("api").toString();
        Map<String, String> apiRouters = new HashMap<>();
        if (api == null) {
            System.out.println("api参数为null");
@@ -53,44 +70,46 @@ public class GatewayProcessor implements Processor {
        return apiRouters.get(api);
    }
    private boolean checkParams(Map<String, String> params) {
        String api = params.get("api");                     // API接口名称
        String sign = params.get("sign");                     // 簽名
        String timestamp = params.get("timestamp");        // 时间戳
        String appKey = params.get("appKey");               // HOP分配给应用的AppKey ，创建应用时可获得
        String version = params.get("v");                   // API协议版本
    private boolean checkParams(Map<String, Object> params) {
        Object api = params.get("api");                     // API接口名称
        Object sign = params.get("sign");                     // 簽名
        Object timestamp = params.get("timestamp");        // 时间戳
        Object appKey = params.get("appKey");               // HOP分配给应用的AppKey ，创建应用时可获得
        Object version = params.get("v");                   // API协议版本
        return !(StringUtil.isEmpty(api) || StringUtil.isEmpty(timestamp)
                || StringUtil.isEmpty(appKey) || StringUtil.isEmpty(version)
                || StringUtil.isEmpty(sign));
    }
    private boolean checkTimeStamp(Map<String, String> params) {
    private boolean checkTimeStamp(Map<String, Object> params) throws ParseException {
        final long ONE_MIN = 60000; //millisecond
        String timestamp = params.get("timestamp");
        Date ts = DateUtil.toDateFromTime(timestamp);
        if (ts == null){
        String timestamp = params.get("timestamp").toString();
        SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
        java.util.Date ts = format.parse(timestamp);
        if (ts == null) {
            return false;   //时间格式不正确
        }
        Calendar date = Calendar.getInstance();
        long timeInMillis = date.getTimeInMillis();
        Date min = new Date(timeInMillis - 5 * ONE_MIN);
        Date max = new Date(timeInMillis + 5 * ONE_MIN);
        java.util.Date min = new java.util.Date(timeInMillis - 5 * ONE_MIN);
        java.util.Date max = new java.util.Date(timeInMillis + 5 * ONE_MIN);
        return ts.after(min) && ts.before(max);
    }
    private boolean checkSign(Map<String, String> params) {
    private boolean checkSign(Map<String, Object> params, String secret) {
        try {
            String sign = params.get("sign");                     // 簽名
            String sign = params.get("sign").toString();                     // 簽名
            ParamVerifyBean paramSign = new ParamVerifyBean();
            paramSign.addParam(params);
            paramSign.genParam();
            String md5Sign = paramSign.signParam();
//            paramSign.genParam();
            //TODO 获取app secret传入验证
            String md5Sign = paramSign.signParam(secret);
            if (!md5Sign.equals(sign)) {
                System.out.println("传递的签名：" + sign);
                System.out.println("生成的签名：" + md5Sign);
@@ -104,11 +123,11 @@ public class GatewayProcessor implements Processor {
        }
    }
    private boolean checkAuthorized(Map<String, String> params) {
    private boolean checkAuthorized(Map<String, Object> params) {
        return true;
    }
    private Map<String, String> parseBody(String body) {
    private Map<String, String> parseBody(String body) throws IOException {
        return Stream.of(body.split("&")).map(obj -> obj.split("="))
                .collect(Collectors.toMap(entry -> entry[0], entry -> entry[1]));
    }

hos-camel/src/main/java/gateway/processor/ParamVerifyBean.java

@@ -25,7 +25,6 @@ public class ParamVerifyBean {
    private String gatewayUrl = "seb-gatewayUrl";
    private String api;
    private String appKey = "esb-key";
    private String appSecret = "esb-secret";
    private String token;
    public static void main(String[] args) throws Exception {
@@ -34,7 +33,7 @@ public class ParamVerifyBean {
        paramSignUtil.addParam("patientId", "11111", true);
        paramSignUtil.addParam("eventNo", "2222222", true);
        paramSignUtil.genParam();
        String s = paramSignUtil.signParam();
        String s = paramSignUtil.signParam("secret");
        System.out.println(s);
    }
@@ -47,18 +46,14 @@ public class ParamVerifyBean {
        this.gatewayUrl = gatewayUrl;
    }
    public void addParam(Map<String, String> params) throws Exception {
    public void addParam(Map<String, Object> params) throws Exception {
        if (params != null) {
            params.remove("sign");
            Iterator<Map.Entry<String, String>> iterator = params.entrySet().iterator();
            while (iterator.hasNext()) {
                Map.Entry<String, String> next = iterator.next();
                String key = next.getKey();
                String value = next.getValue();
                String encodeValue = URLEncoder.encode(value, "UTF-8");
                paramMap.put(key, encodeValue);
            }
            paramMap.put("api", params.get("api").toString());
            paramMap.put("v", params.get("v").toString());
            paramMap.put("timestamp", params.get("timestamp").toString());
            paramMap.put("param", params.get("param").toString());
            paramMap.put("appKey", params.get("appKey").toString());
        } else {
            return;
        }
@@ -69,10 +64,10 @@ public class ParamVerifyBean {
     *
     * @return
     */
    public String signParam() {
    public String signParam(String secret) {
        Iterator<Map.Entry<String, String>> iterator = paramMap.entrySet().iterator();
        StringBuilder builder = new StringBuilder();
        builder.append(appSecret);
        builder.append(secret);
        while (iterator.hasNext()) {
            Map.Entry<String, String> next = iterator.next();
            String key = next.getKey();
@@ -81,7 +76,7 @@ public class ParamVerifyBean {
            builder.append(value);
        }
        builder.append(appSecret);
        builder.append(secret);
        try {
            return MD5.hash(builder.toString());
        } catch (Exception e) {
@@ -130,31 +125,6 @@ public class ParamVerifyBean {
        this.token = token;
    }
    /**
     * TODO 无用可删除
     * 获取完整请求地址
     *
     * @return
     */
    private String completeUrl() {
        try {
            addParam("api", api, true);
            addParam("param", genParam(), false);
            addParam("appKey", appKey, true);
            addParam("token", token, false);
            addParam("v", version, true);
            addParam("timestamp", getTimestamp(), false);
            addParam("sign", signParam(), true);
            String completeUrl = gatewayUrl + genParam();
            return completeUrl;
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
    private void addParam(String paramName, String paramValue, boolean bMust) throws Exception {
        if (StringUtil.isEmpty(paramValue)) {
            if (bMust) {

hos-camel/src/main/java/gateway/route/GatewayRouterBuilder.java

@@ -16,8 +16,8 @@ public class GatewayRouterBuilder extends RouteBuilder {
    public void configure() throws Exception {
        from("jetty:http://localhost:8888/api/v1").routeId("mock:collect")
                .process(new GatewayProcessor())
                .routingSlip(method(GatewayProcessor.class,"route"));
//                .dynamicRouter(method(DynamicRouterBean.class, "slip"));
                .routingSlip(method(GatewayProcessor.class, "secret"))
                .routingSlip(method(GatewayProcessor.class, "route"));
    }
}