2

cdb08408 · 以墨为白 · b5cb6865 · cdb08408 · cdb08408 · cdb08408
Commit cdb08408 authored Dec 27, 2024 by 以墨为白 🎧
6 changed files
--- a/rest.http
+++ b/rest.http
+######1
+POST http://localhost:8086/rest/appStore/getAppSecretByAppKey
+Content-Type: application/json
+x-szpt-appid: 1
+x-szpt-timestamp: 21
+x-szpt-nonce: nonce
+x-szpt-sign: 804a69ec3288bd90a9955fef6b6f4cfa
+
+{
+  "id":"23",
+  "appKey":"wer"
+}
+
+######
+
--- a/src/main/java/com/zksy/szpt/config/SwaggerConfig.java
+++ b/src/main/java/com/zksy/szpt/config/SwaggerConfig.java
 package com.zksy.szpt.config;

+import com.zksy.szpt.util.SignatureUtil;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.ParameterBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.schema.ModelRef;
 import springfox.documentation.service.ApiInfo;
+import springfox.documentation.service.Parameter;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;

+import java.util.ArrayList;
+import java.util.List;
+

 /**
 * Created by wcy on 2023/5/14.
@@ -18,6 +25,18 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
 @EnableSwagger2
 public class SwaggerConfig {

+    @Bean
+    public Docket createRestApi() {
+
+        List<Parameter> pars = new ArrayList<>();
+        Parameter param1 = new ParameterBuilder().name(SignatureUtil.APPID).description("appid").modelRef(new ModelRef("string")).parameterType("header").required(false).build();
+        Parameter param2 = new ParameterBuilder().name(SignatureUtil.NONCE).description("nonce").modelRef(new ModelRef("string")).parameterType("header").required(false).build();
+        Parameter param3 = new ParameterBuilder().name(SignatureUtil.TIMESTAMP).description("timestamp").modelRef(new ModelRef("string")).parameterType("header").required(false).build();
+        Parameter param4 = new ParameterBuilder().name(SignatureUtil.SIGNATURE).description("signature").modelRef(new ModelRef("string")).parameterType("header").required(false).build();
+        pars.add(param1);
+        pars.add(param2);
+        pars.add(param3);
+        pars.add(param4);
        ApiInfo apiInfo = new ApiInfoBuilder()
 //            .title("模块服务接口文档")
 //            .description("服务接口文档，遵循RESTful API设计规范")
@@ -25,8 +44,7 @@ public class SwaggerConfig {
 //            .version("1.0")
                .build();

-    @Bean
-    public Docket createRestApi() {
+
        return new Docket(DocumentationType.SWAGGER_2)
 //                .groupName("system")
                .apiInfo(apiInfo)
@@ -34,6 +52,7 @@ public class SwaggerConfig {
                //以扫描包的方式
                .apis(RequestHandlerSelectors.basePackage("com.zksy.szpt.controller"))
                .paths(PathSelectors.any())
-                .build();
+                .build()
+                .globalOperationParameters(pars);
    }
 }
--- a/src/main/java/com/zksy/szpt/controller/AppStoreController.java
+++ b/src/main/java/com/zksy/szpt/controller/AppStoreController.java
@@ -3,6 +3,7 @@ package com.zksy.szpt.controller;
 import com.zksy.szpt.domain.dto.AppStoreDTO;
 import com.zksy.szpt.service.AppStoreService;
 import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -20,11 +21,13 @@ public class AppStoreController {
        this.appStoreService = infApiSettingService;
    }

+    @ApiOperation(value = "根据appKey获取appSecret", notes = "根据appKey获取appSecret")
    @PostMapping("/getAppSecretByAppKey")
-    public Object infSetting(@RequestBody AppStoreDTO appStoreDTO) {
+    public Object getAppSecretByAppKey(@RequestBody AppStoreDTO appStoreDTO) {
        return appStoreService.getAppSecretByAppKey("1");
    }

+    @ApiOperation(value = "新增appKey", notes = "新增appKey")
    @PostMapping("/insertAppStore")
    public Integer insertAppStore(@RequestBody @Valid AppStoreDTO appStoreDTO) {
        return appStoreService.insertAppStore(appStoreDTO);

--- a/src/main/java/com/zksy/szpt/filter/SignatureVerificationFilter.java
+++ b/src/main/java/com/zksy/szpt/filter/SignatureVerificationFilter.java
@@ -6,10 +6,9 @@ import cn.hutool.json.JSONUtil;
 import com.zksy.szpt.domain.HttpResult;
 import com.zksy.szpt.domain.HttpResultState;
 import com.zksy.szpt.service.AppStoreService;
-import com.zksy.szpt.util.SignPayload;
+import com.zksy.szpt.util.SignatureUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.core.annotation.Order;

 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
@@ -19,7 +18,6 @@ import org.springframework.web.filter.OncePerRequestFilter;

 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
-import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -62,13 +60,13 @@ public class SignatureVerificationFilter extends OncePerRequestFilter {
     */
    public boolean verifySignature(HttpServletRequest request, HttpServletResponse response) throws IOException {
        // 签名
-        String appId = request.getHeader(SignPayload.appid);
+        String appId = request.getHeader(SignatureUtil.APPID);
        // 签名
-        String sign = request.getHeader(SignPayload.sign);
+        String sign = request.getHeader(SignatureUtil.SIGNATURE);
        // 随机数
-        String nonce = request.getHeader(SignPayload.nonce);
+        String nonce = request.getHeader(SignatureUtil.NONCE);
        // 时间戳
-        String timestampStr = request.getHeader(SignPayload.timestamp);
+        String timestampStr = request.getHeader(SignatureUtil.TIMESTAMP);


        if (!StringUtils.hasText(appId) || !StringUtils.hasText(sign) || !StringUtils.hasText(nonce) || !StringUtils.hasText(timestampStr)) {

--- a/src/main/java/com/zksy/szpt/util/SignPayload.java
+++ b/src/main/java/com/zksy/szpt/util/SignPayload.java
-package com.zksy.szpt.util;
-
-public class SignPayload {
-    public static String sign = "x-szpt-sign";
-    public static String timestamp = "x-szpt-timestamp";
-    public static String nonce = "x-szpt-nonce";
-    public static String appid = "x-szpt-appid";
-}
--- a/src/main/java/com/zksy/szpt/util/SignatureUtil.java
+++ b/src/main/java/com/zksy/szpt/util/SignatureUtil.java
+package com.zksy.szpt.util;
+
+public class SignatureUtil {
+    public static String SIGNATURE = "x-szpt-sign";
+    public static String TIMESTAMP = "x-szpt-timestamp";
+    public static String NONCE = "x-szpt-nonce";
+    public static String APPID = "x-szpt-appid";
+}