OpenApiInterceptor.java
1.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package com.diligrp.rider.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.diligrp.rider.common.result.Result;
import com.diligrp.rider.service.OpenAppService;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
/**
* 开放平台签名拦截器
* 验证请求头:X-App-Key, X-Timestamp, X-Nonce, X-Sign
*/
@Component
@RequiredArgsConstructor
public class OpenApiInterceptor implements HandlerInterceptor {
private final OpenAppService openAppService;
private final ObjectMapper objectMapper;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String appKey = request.getHeader("X-App-Key");
String timestamp = request.getHeader("X-Timestamp");
String nonce = request.getHeader("X-Nonce");
String sign = request.getHeader("X-Sign");
if (!StringUtils.hasText(appKey) || !StringUtils.hasText(timestamp)
|| !StringUtils.hasText(nonce) || !StringUtils.hasText(sign)) {
writeError(response, 401, "缺少认证头信息(X-App-Key/X-Timestamp/X-Nonce/X-Sign)");
return false;
}
boolean valid = openAppService.verifySign(appKey, timestamp, nonce, sign);
if (!valid) {
writeError(response, 401, "签名验证失败或已过期");
return false;
}
return true;
}
private void writeError(HttpServletResponse response, int code, String msg) throws Exception {
response.setContentType("application/json;charset=UTF-8");
response.setStatus(200);
response.getWriter().write(objectMapper.writeValueAsString(Result.error(code, msg)));
}
}