Merge branch 'master' of http://192.168.168.218/wcyuee/szpt

src/main/java/com/zksy/szpt/filter/SignatureVerificationFilter.java

@@ -131,13 +131,15 @@ public class SignatureVerificationFilter extends OncePerRequestFilter {
         }
 
         body = objectMapper.writeValueAsString(objectMap);
+        logger.info("请求参数appId: {}, nonce: {}, timestampStr: {}, 原始body: {}", appId, nonce, timestampStr, body);
         body = EncryptUtil.getInstance().AESEncode(body, appSecret);
+//        logger.info("appSecret{}加密后body: {}", appSecret,body);
         // 校验签名appId+nonce+timestampStr+aes(body,secret)
         String data = String.format("%s%s%s%s", appId, nonce, timestampStr, body);
         String generatedSignature = DigestUtil.md5Hex(data);
         if (!generatedSignature.equals(sign)) {
             logger.warn("签名有误,generatedSignature:{},sign:{},appId:{},nonce:{},timestampStr:{}", generatedSignature, sign, appId, nonce, timestampStr);
-            write(response, "签名有误,sign: " + sign + ",appId:" + appId + ",nonce:" + nonce + ",timestamp:" + timestampStr);
+            write(response, "签名有误,sign: " + sign + ",appId: " + appId + ",nonce: " + nonce + ",timestamp: " + timestampStr);
             return false;
         }
 

src/test/java/com/zksy/szpt/TestAppStore.java

@@ -19,6 +19,8 @@ public class TestAppStore {
         appStoreDTO.setAppKey("us2");
         appStoreDTO.setAppSecret(DigestUtil.md5Hex("us"));
         appStoreDTO.setDeptCode("123456");
+
+        TestHttpUtil.signatureAndRequest("/rest/appStore/updateAppIdSecret", appStoreDTO, AppStoreDTO.class);
         TestHttpUtil.signatureAndRequest("/rest/appStore/insertAppStore", appStoreDTO, AppStoreDTO.class);
 //        TestHttpUtil.signatureAndRequest("/rest/appStore/insertAppStore", appStoreDTO);
     }

src/test/java/com/zksy/szpt/TestHttpUtil.java

@@ -15,7 +15,7 @@ public class TestHttpUtil {
     static String nonce = "2";
     static String timestampStr = "21";
     static String appId = "1872576325743943682";
-    static String appSecret = "2";
+    static String appSecret = DigestUtil.md5Hex("2");;
     static String deptCode = "330102";
 
     private static final ObjectMapper objectMapper = new ObjectMapper();
@@ -25,16 +25,17 @@ public class TestHttpUtil {
         Assertions.assertNotNull(path, "path不能为空");
         Assertions.assertNotNull(source, "请求参数不能为空");
         timestampStr = String.valueOf(System.currentTimeMillis() / 1000);
-        nonce = String.valueOf(System.currentTimeMillis() / 1000);
-        appSecret = DigestUtil.md5Hex(appSecret);
+        nonce = String.valueOf(System.currentTimeMillis());
         String json = null;
         try {
             json = objectMapper.writeValueAsString(source);
         } catch (JsonProcessingException e) {
             Assertions.fail("json序列化失败");
         }
+//        log.info("请求参数appId: {}, nonce: {}, timestampStr: {}, 原始body: {}", appId, nonce, timestampStr, json);
         //请求体加密
         json = EncryptUtil.getInstance().AESEncode(json, appSecret);
+//        log.info("{}加密后json: {}", appSecret,json);
         //签名appId+nonce+timestampStr+aes(body)
         String data = String.format("%s%s%s%s", appId, nonce, timestampStr, json);
         String generatedSignature = DigestUtil.md5Hex(data);
@@ -60,8 +61,7 @@ public class TestHttpUtil {
         Assertions.assertNotNull(path, "path不能为空");
         Assertions.assertNotNull(source, "请求参数不能为空");
         timestampStr = String.valueOf(System.currentTimeMillis() / 1000);
-        nonce = String.valueOf(System.currentTimeMillis() / 1000);
-        appSecret = DigestUtil.md5Hex(appSecret);
+        nonce = String.valueOf(System.currentTimeMillis());
         String json = null;
         try {
             json = objectMapper.writeValueAsString(source);