Compare commits
10 Commits
c05423c0a3
...
3fdf2f28b0
| Author | SHA1 | Date | |
|---|---|---|---|
|
3fdf2f28b0 | ||
|
|
3e1572dcad | ||
|
|
334607a896 | ||
|
|
f84de95e9a | ||
|
|
ad679f48fd | ||
|
|
8be178317a | ||
|
|
7d2d5c9e3c | ||
|
|
48b9fba0c3 | ||
|
|
5f9680c19b | ||
|
|
baf38de11a |
27
build.cmd
Normal file
27
build.cmd
Normal file
@ -0,0 +1,27 @@
|
||||
@echo off
|
||||
SETLOCAL
|
||||
|
||||
chcp 65001
|
||||
|
||||
del /S *.log
|
||||
|
||||
call mvn clean -DskipTests=true package
|
||||
|
||||
cd chsm-web-manage
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-manager:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
cd ../chsm-web-server
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-server:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
cd ..
|
||||
echo ">>>>>>>>>>>begin build offline tar ...<<<<<<<<<<<<<"
|
||||
docker save -o chsm-web-manager.tar chsm-web-manager:latest
|
||||
docker save -o chsm-web-server.tar chsm-web-server:latest
|
||||
echo ">>>>>>>>>>>build docker offline tar success<<<<<<<<<<<<<"
|
||||
|
||||
pause
|
||||
|
||||
20
build.sh
Normal file
20
build.sh
Normal file
@ -0,0 +1,20 @@
|
||||
#!/bin/bash
|
||||
call /app/maven/bin/mvn clean -DskipTests=true package
|
||||
|
||||
cd chsm-web-manage
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-manager:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
cd ../chsm-web-server
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-server:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
cd ..
|
||||
echo ">>>>>>>>>>>begin build offline tar ...<<<<<<<<<<<<<"
|
||||
docker save -o chsm-web-manager.tar chsm-web-manager:latest
|
||||
docker save -o chsm-web-server.tar chsm-web-server:latest
|
||||
echo ">>>>>>>>>>>build docker offline tar success<<<<<<<<<<<<<"
|
||||
|
||||
|
||||
@ -13,6 +13,7 @@ public interface ParamConfKeyConstant {
|
||||
String IP_WHITELIST_SWITCH = "ipWhitelistSwitch";
|
||||
|
||||
String TMK_INIT = "tmk_init";
|
||||
String TMK_CHECK_VALUE = "tmk_check_value";
|
||||
|
||||
String ENABLE_SOFT_DEVICE = "enable_soft_device";
|
||||
|
||||
|
||||
@ -17,6 +17,9 @@ public class TmkStatus {
|
||||
* 主密钥是否初始化
|
||||
*/
|
||||
private boolean tmkInit;
|
||||
|
||||
/**
|
||||
* 主密钥校验值
|
||||
*/
|
||||
private String checkValue;
|
||||
|
||||
}
|
||||
|
||||
@ -37,11 +37,16 @@ public class SdfApiAdapterFactory {
|
||||
// bc adaptor
|
||||
return BcSdfApiAdaptor.INSTANCE;
|
||||
}
|
||||
switch (modelEnum) {
|
||||
case enc001:
|
||||
return Platform.isMac() ? getProxyRcpAdapter(ip, port) : new SunyardJnaSdfAdaptor(ip, port);
|
||||
default:
|
||||
throw new UnsupportedOperationException("不支持的设备型号: " + model);
|
||||
try {
|
||||
switch (modelEnum) {
|
||||
case enc001:
|
||||
return Platform.isMac() ? getProxyRcpAdapter(ip, port) : new SunyardJnaSdfAdaptor(ip, port);
|
||||
default:
|
||||
throw new UnsupportedOperationException("不支持的设备型号: " + model);
|
||||
}
|
||||
} catch (Throwable ex) {
|
||||
log.warn("build SdfApiAdapter error", ex);
|
||||
throw new IllegalArgumentException("build SdfApiAdapter error");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -14,11 +14,19 @@ import com.sunyard.chsm.sdf.context.AlgId;
|
||||
import com.sunyard.chsm.sdf.model.DeviceInfo;
|
||||
import com.sunyard.chsm.sdf.model.EccCipher;
|
||||
import com.sunyard.chsm.sdf.model.EccPubKey;
|
||||
import com.sunyard.chsm.sdf.util.LangUtils;
|
||||
import com.sunyard.chsm.utils.CodecUtils;
|
||||
import com.sunyard.chsm.utils.gm.BCECUtils;
|
||||
import com.sunyard.chsm.utils.gm.BCSM2Utils;
|
||||
import com.sunyard.chsm.utils.gm.BCSM3Utils;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.tuple.Pair;
|
||||
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
|
||||
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
@ -40,6 +48,7 @@ public class TmkService {
|
||||
private final SpDeviceMapper spDeviceMapper;
|
||||
private final ParamConfMapper paramConfMapper;
|
||||
|
||||
@Transactional
|
||||
public void initTmk() {
|
||||
boolean tmkInit = isTmkInit();
|
||||
Assert.isTrue(!tmkInit, "主密钥已经初始化");
|
||||
@ -59,6 +68,8 @@ public class TmkService {
|
||||
byte[] prk = sdfApi.symDecrypt(hs, hk, AlgId.SGD_SM4_ECB, new byte[0], encrk);
|
||||
Assert.isTrue(Arrays.equals(rk, prk), "密码机加解密异常");
|
||||
|
||||
byte[] hash = BCSM3Utils.hash(rk);
|
||||
|
||||
sdfApi.destroyKey(hs, hk);
|
||||
sdfApi.closeSession(hs);
|
||||
sdfApi.closeDevice(hd);
|
||||
@ -72,7 +83,7 @@ public class TmkService {
|
||||
up.setTmkStatus(DeviceTmkStatus.finished.name());
|
||||
spDeviceMapper.updateById(up);
|
||||
}
|
||||
updateTmkInit(true);
|
||||
updateTmkInit(true, hash);
|
||||
|
||||
}
|
||||
|
||||
@ -82,6 +93,10 @@ public class TmkService {
|
||||
if (init) {
|
||||
status.setHasDevice(true);
|
||||
status.setTmkInit(true);
|
||||
ParamConf paramConf = paramConfMapper.selectByKey(ParamConfKeyConstant.TMK_CHECK_VALUE);
|
||||
if (paramConf != null) {
|
||||
status.setCheckValue(paramConf.getValue());
|
||||
}
|
||||
return status;
|
||||
}
|
||||
status.setTmkInit(false);
|
||||
@ -90,6 +105,89 @@ public class TmkService {
|
||||
return status;
|
||||
}
|
||||
|
||||
public String backup(String pubKey) {
|
||||
|
||||
boolean tmkInit = isTmkInit();
|
||||
Assert.isTrue(tmkInit, "主密钥未初始化");
|
||||
Device device = getOneByStatus(DeviceTmkStatus.finished);
|
||||
Assert.notNull(device, "没有可以用于备份主密钥的设备");
|
||||
byte[] xy;
|
||||
try {
|
||||
String pubBase6 = pubKey.replace("-----BEGIN ECDSA PUBLIC KEY-----", "").replace("-----END ECDSA PUBLIC KEY-----", "")
|
||||
.replace("\n", "");
|
||||
byte[] pubBytes = CodecUtils.decodeBase64(pubBase6);
|
||||
SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.getInstance(pubBytes);
|
||||
BCECPublicKey key = BCECUtils.createPublicKeyFromSubjectPublicKeyInfo(keyInfo);
|
||||
xy = LangUtils.merge(key.getQ().getXCoord().getEncoded(), key.getQ().getYCoord().getEncoded());
|
||||
} catch (Exception e) {
|
||||
throw new IllegalArgumentException(e);
|
||||
}
|
||||
|
||||
SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(device.getManufacturerModel(), device.getServiceIp(), device.getServicePort());
|
||||
|
||||
String hd = sdfApi.openDevice();
|
||||
String hs = sdfApi.openSession(hd);
|
||||
sdfApi.getPrivateKeyAccessRight(hs, device.getEncKeyIdx(), device.getAccessCredentials().getBytes());
|
||||
|
||||
EccCipher cipher = sdfApi.exchangeDigitEnvelopeBaseOnECC(hs, device.getEncKeyIdx(), EccPubKey.fromBytes(xy), EccCipher.fromHex(device.getEncTmk()));
|
||||
|
||||
try {
|
||||
byte[] der = BCSM2Utils.encodeSM2CipherToDER(LangUtils.merge(new byte[]{0x04}, cipher.getC1C3C2Bytes()));
|
||||
return CodecUtils.encodeBase64(der);
|
||||
} catch (Exception e) {
|
||||
throw new IllegalArgumentException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public Pair<Long, String> getDevicePubKey() {
|
||||
Device device = getOneByStatus(DeviceTmkStatus.available);
|
||||
Assert.notNull(device, "没有可以用于导入主密钥的设备");
|
||||
SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(device.getManufacturerModel(), device.getServiceIp(), device.getServicePort());
|
||||
String hd = sdfApi.openDevice();
|
||||
String hs = sdfApi.openSession(hd);
|
||||
EccPubKey pubKey = sdfApi.exportEncPublicKeyECC(hs, device.getEncKeyIdx());
|
||||
|
||||
BCECPublicKey publicKey = BCECUtils.createPublicKey(pubKey.getPubKeyHex());
|
||||
return Pair.of(device.getId(), CodecUtils.encodeBase64(publicKey.getEncoded()));
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public void importTmk(Long deviceId, String encTmk) {
|
||||
boolean tmkInit = isTmkInit();
|
||||
Assert.isTrue(!tmkInit, "主密钥已经初始化");
|
||||
|
||||
Device device = getOneByStatus(DeviceTmkStatus.available);
|
||||
Assert.notNull(device, "没有可以用于导入主密钥的设备");
|
||||
SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(device.getManufacturerModel(), device.getServiceIp(), device.getServicePort());
|
||||
String hd = sdfApi.openDevice();
|
||||
String hs = sdfApi.openSession(hd);
|
||||
byte[] rk = CodecUtils.decodeBase64(encTmk);
|
||||
EccPubKey pubKey = sdfApi.exportEncPublicKeyECC(hs, device.getEncKeyIdx());
|
||||
EccCipher cipher = sdfApi.externalEncryptECC(hs, pubKey, rk);
|
||||
sdfApi.getPrivateKeyAccessRight(hs, device.getEncKeyIdx(), device.getAccessCredentials().getBytes());
|
||||
String hk = sdfApi.importKeyWithISKECC(hs, device.getEncKeyIdx(), cipher);
|
||||
byte[] encrk = sdfApi.symEncrypt(hs, hk, AlgId.SGD_SM4_ECB, new byte[0], rk);
|
||||
byte[] prk = sdfApi.symDecrypt(hs, hk, AlgId.SGD_SM4_ECB, new byte[0], encrk);
|
||||
Assert.isTrue(Arrays.equals(rk, prk), "密码机加解密异常");
|
||||
|
||||
byte[] hash = BCSM3Utils.hash(rk);
|
||||
|
||||
sdfApi.destroyKey(hs, hk);
|
||||
sdfApi.closeSession(hs);
|
||||
sdfApi.closeDevice(hd);
|
||||
|
||||
if (Objects.equals(device.getManufacturerModel(), BouncyCastleProvider.PROVIDER_NAME)) {
|
||||
updateSoftDeviceEncTmk(cipher.getC1C3C2Bytes());
|
||||
} else {
|
||||
Device up = new Device();
|
||||
up.setId(device.getId());
|
||||
up.setEncTmk(cipher.getC1C3C2Hex());
|
||||
up.setTmkStatus(DeviceTmkStatus.finished.name());
|
||||
spDeviceMapper.updateById(up);
|
||||
}
|
||||
updateTmkInit(true, hash);
|
||||
}
|
||||
|
||||
|
||||
public DeviceCheckRes checkDevice(Device check) {
|
||||
|
||||
@ -209,6 +307,7 @@ public class TmkService {
|
||||
}
|
||||
if (isEnableSoftDevice()) {
|
||||
device = new Device();
|
||||
device.setId(0L);
|
||||
device.setManufacturerModel(BouncyCastleProvider.PROVIDER_NAME);
|
||||
device.setEncKeyIdx(1);
|
||||
device.setServiceIp("127.0.0.1");
|
||||
@ -227,7 +326,7 @@ public class TmkService {
|
||||
private boolean enableSoftDevice;
|
||||
private byte[] softEncTmk;
|
||||
|
||||
public synchronized boolean isTmkInit() {
|
||||
public synchronized boolean isTmkInitCached() {
|
||||
if (tmkInit) {
|
||||
return true;
|
||||
}
|
||||
@ -236,12 +335,17 @@ public class TmkService {
|
||||
return tmkInit;
|
||||
}
|
||||
|
||||
public boolean isTmkInit() {
|
||||
ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.TMK_INIT);
|
||||
return conf != null && String.valueOf(true).equals(conf.getValue());
|
||||
}
|
||||
|
||||
public boolean isEnableSoftDevice() {
|
||||
ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.ENABLE_SOFT_DEVICE);
|
||||
return conf != null && String.valueOf(true).equals(conf.getValue());
|
||||
}
|
||||
|
||||
private void updateTmkInit(boolean value) {
|
||||
private void updateTmkInit(boolean value, byte[] hash) {
|
||||
ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.TMK_INIT);
|
||||
if (conf == null) {
|
||||
conf = new ParamConf();
|
||||
@ -253,6 +357,18 @@ public class TmkService {
|
||||
conf.setValue(String.valueOf(value));
|
||||
paramConfMapper.updateById(conf);
|
||||
}
|
||||
|
||||
ParamConf check = paramConfMapper.selectByKey(ParamConfKeyConstant.TMK_CHECK_VALUE);
|
||||
if (check == null) {
|
||||
check = new ParamConf();
|
||||
check.setValue(CodecUtils.encodeHex(hash));
|
||||
check.setKey(ParamConfKeyConstant.TMK_CHECK_VALUE);
|
||||
check.setCreatTime(LocalDateTime.now());
|
||||
paramConfMapper.insert(check);
|
||||
} else {
|
||||
check.setValue(CodecUtils.encodeHex(hash));
|
||||
paramConfMapper.updateById(check);
|
||||
}
|
||||
}
|
||||
|
||||
public synchronized byte[] getSoftDeviceEncTmk() {
|
||||
|
||||
@ -61,7 +61,7 @@ import java.util.Arrays;
|
||||
/**
|
||||
* 这个工具类的方法,也适用于其他基于BC库的ECC算法
|
||||
*/
|
||||
public class BCECUtils {
|
||||
public class BCECUtils extends GMBaseUtil {
|
||||
private static final String ALGO_NAME_EC = "EC";
|
||||
private static final String PEM_STRING_PUBLIC = "PUBLIC KEY";
|
||||
private static final String PEM_STRING_ECPRIVATEKEY = "EC PRIVATE KEY";
|
||||
|
||||
8
chsm-web-manage/Dockerfile
Normal file
8
chsm-web-manage/Dockerfile
Normal file
@ -0,0 +1,8 @@
|
||||
FROM dragonwell8
|
||||
|
||||
WORKDIR /app
|
||||
COPY target/chsm-web-manager.jar /app/app.jar
|
||||
ENV JVM_OPTS=""
|
||||
ENV ARGS_OPTS=""
|
||||
EXPOSE 9880
|
||||
ENTRYPOINT ["sh","-c","java $JVM_OPTS -jar app.jar $ARGS_OPTS"]
|
||||
18
chsm-web-manage/build.cmd
Normal file
18
chsm-web-manage/build.cmd
Normal file
@ -0,0 +1,18 @@
|
||||
@echo off
|
||||
SETLOCAL
|
||||
|
||||
chcp 65001
|
||||
|
||||
del /S *.log
|
||||
|
||||
call mvn clean -DskipTests=true package -f ../pom.xml
|
||||
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-manager:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
docker save -o chsm-web-manager.tar chsm-web-manager:latest
|
||||
echo ">>>>>>>>>>>build docker offline tar success<<<<<<<<<<<<<"
|
||||
|
||||
pause
|
||||
|
||||
@ -118,16 +118,7 @@
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>src/main/resources</directory>
|
||||
<includes>
|
||||
<include>**/**</include>
|
||||
</includes>
|
||||
<filtering>false</filtering>
|
||||
</resource>
|
||||
</resources>
|
||||
|
||||
<finalName>chsm-web-manager</finalName>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
||||
@ -7,8 +7,10 @@ import com.sunyard.chsm.model.dto.CertDTO;
|
||||
import com.sunyard.chsm.service.AppCertService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -31,6 +33,11 @@ public class AppCertController {
|
||||
@Resource
|
||||
private AppCertService appCertService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询应用证书列表
|
||||
*
|
||||
|
||||
@ -10,8 +10,10 @@ import com.sunyard.chsm.service.ApplicationService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -35,6 +37,11 @@ public class ApplicationController {
|
||||
@Resource
|
||||
private ApplicationService applicationService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询应用列表
|
||||
*
|
||||
|
||||
@ -7,8 +7,10 @@ import com.sunyard.chsm.model.dto.CertDTO;
|
||||
import com.sunyard.chsm.service.CaCertService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -32,6 +34,11 @@ public class CaController {
|
||||
@Resource
|
||||
private CaCertService caCertService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询CA列表
|
||||
*
|
||||
|
||||
@ -10,8 +10,10 @@ import com.sunyard.chsm.service.CryptoServiceService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -38,6 +40,11 @@ public class CryptoServiceController {
|
||||
@Resource
|
||||
private CryptoServiceService cryptoServiceService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询密码服务接口分组列表
|
||||
*
|
||||
|
||||
@ -9,8 +9,10 @@ import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.service.DeviceService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -37,6 +39,11 @@ public class DeviceController {
|
||||
@Resource
|
||||
private DeviceService deviceService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询密码设备列表
|
||||
*
|
||||
|
||||
@ -6,8 +6,10 @@ import com.sunyard.chsm.dto.DeviceGroupDTO;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.service.DeviceGroupService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -30,6 +32,11 @@ public class DeviceGroupController {
|
||||
@Resource
|
||||
private DeviceGroupService deviceGroupService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询设备组列表
|
||||
*
|
||||
|
||||
@ -6,7 +6,9 @@ import com.sunyard.chsm.dto.IpWhitelistDTO;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.service.IpWhitelistService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -30,6 +32,11 @@ public class IpWhitelistController {
|
||||
@Resource
|
||||
private IpWhitelistService iIpWhitelistService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询设备组列表
|
||||
*
|
||||
|
||||
@ -10,7 +10,9 @@ import org.springframework.core.io.ByteArrayResource;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -32,6 +34,11 @@ public class KeyInfoAsymController {
|
||||
@Resource
|
||||
private KeyInfoService keyInfoService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 分页查询非对称密钥列表
|
||||
|
||||
@ -8,7 +8,9 @@ import com.sunyard.chsm.model.dto.KeyInfoDTO;
|
||||
import com.sunyard.chsm.service.KeyInfoService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import com.sunyard.ssp.common.exception.SspwebException;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -35,6 +37,11 @@ public class KeyInfoController {
|
||||
@Resource
|
||||
private KeyInfoService keyInfoService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取密钥状态选项
|
||||
*/
|
||||
|
||||
@ -12,7 +12,9 @@ import org.springframework.core.io.Resource;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -33,6 +35,11 @@ public class KeyInfoSymController {
|
||||
@Autowired
|
||||
private KeyInfoService keyInfoService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 分页查询对称密钥列表
|
||||
|
||||
@ -6,8 +6,10 @@ import com.sunyard.chsm.dto.KeyTemplateDTO;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.service.KeyTemplateService;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -30,6 +32,11 @@ public class KeyTemplateController {
|
||||
@Resource
|
||||
private KeyTemplateService keyTemplateService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 分页查询密钥模版
|
||||
*
|
||||
|
||||
@ -3,13 +3,21 @@ package com.sunyard.chsm.controller;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.model.dto.TmkStatus;
|
||||
import com.sunyard.chsm.service.TmkService;
|
||||
import lombok.Data;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.tuple.Pair;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.validation.Valid;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
/**
|
||||
* 主密钥管理
|
||||
@ -25,6 +33,11 @@ public class TmkController {
|
||||
@Resource
|
||||
private TmkService tmkService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询主密钥生成状态
|
||||
*
|
||||
@ -45,5 +58,63 @@ public class TmkController {
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
/**
|
||||
* 备份主密钥
|
||||
*/
|
||||
@PostMapping("/backup")
|
||||
public R<String> backup(@Valid @RequestBody TmkBackupReq req) {
|
||||
String en = tmkService.backup(req.pubKey);
|
||||
return R.data(en);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取设备公钥
|
||||
*/
|
||||
@GetMapping("/devicePubKey")
|
||||
public R<DevicePubKey> getDevicePubKey() {
|
||||
Pair<Long, String> pair = tmkService.getDevicePubKey();
|
||||
DevicePubKey res = new DevicePubKey();
|
||||
res.deviceId = pair.getLeft();
|
||||
res.pubKey = pair.getRight();
|
||||
return R.data(res);
|
||||
}
|
||||
|
||||
/**
|
||||
* 导入主密钥
|
||||
*/
|
||||
@PostMapping("/import")
|
||||
public R<Void> importTmk(@Valid @RequestBody TmkImportReq req) {
|
||||
tmkService.importTmk(req.deviceId, req.encTmk);
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
@Data
|
||||
public static class DevicePubKey {
|
||||
private Long deviceId;
|
||||
private String pubKey;
|
||||
}
|
||||
|
||||
@Data
|
||||
public static class TmkBackupReq {
|
||||
/**
|
||||
* ukey公钥
|
||||
*/
|
||||
@NotEmpty(message = "公钥不能为空")
|
||||
private String pubKey;
|
||||
}
|
||||
|
||||
@Data
|
||||
public static class TmkImportReq {
|
||||
/**
|
||||
* 设备id
|
||||
*/
|
||||
@NotNull(message = "设备id不能为空")
|
||||
private Long deviceId;
|
||||
/**
|
||||
* 加密主密钥
|
||||
*/
|
||||
@NotEmpty(message = "加密主密钥不能为空")
|
||||
private String encTmk;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -4,13 +4,13 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.sunyard.chsm.config.IpFilter;
|
||||
import com.sunyard.chsm.dto.IpWhitelistDTO;
|
||||
import com.sunyard.chsm.enums.EnableStatus;
|
||||
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
||||
import com.sunyard.chsm.model.entity.IpWhitelist;
|
||||
import com.sunyard.chsm.service.IpWhitelistService;
|
||||
import com.sunyard.chsm.utils.IpUtils;
|
||||
import com.sunyard.config.IpFilter;
|
||||
import com.sunyard.ssp.utils.SecurityUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package com.sunyard.chsm.config;
|
||||
package com.sunyard.config;
|
||||
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
@ -53,7 +53,7 @@ public class IpFilter extends OncePerRequestFilter implements ApplicationRunner
|
||||
syncWhiteIps();
|
||||
}
|
||||
String ip = IpUtils.getIpAddress(request);
|
||||
if (!enableWhiteIp || CollectionUtils.isEmpty(whiteIps) || whiteIps.contains(ip)) {
|
||||
if (!enableWhiteIp || whiteIps.contains(ip)) {
|
||||
chain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
@ -22,12 +22,10 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
@ -77,11 +75,6 @@ public class JWTAuthenticationFilter extends BasicAuthenticationFilter {
|
||||
header = request.getParameter(SecurityConstant.HEADER);
|
||||
}
|
||||
|
||||
if(StrUtil.isBlank(header) && request.getCookies()!=null){
|
||||
Cookie cookie = Arrays.stream(request.getCookies()).filter(tmpCookie -> SecurityConstant.HEADER.equals(tmpCookie.getName())).findAny().orElse(null);
|
||||
header = cookie == null?null: cookie.getValue();
|
||||
}
|
||||
|
||||
Boolean notValid = StrUtil.isBlank(header) || (!tokenRedis && !header.startsWith(SecurityConstant.TOKEN_SPLIT));
|
||||
if (notValid) {
|
||||
chain.doFilter(request, response);
|
||||
|
||||
@ -10,6 +10,8 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.data.redis.core.StringRedisTemplate;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -33,6 +35,11 @@ public class CaptchaController {
|
||||
@Autowired
|
||||
private StringRedisTemplate redisTemplate;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/init",method = RequestMethod.GET)
|
||||
@ApiOperation(value = "初始化验证码")
|
||||
public Result<Object> initCaptcha() {
|
||||
|
||||
@ -17,6 +17,8 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -46,6 +48,11 @@ public class AuditLogController {
|
||||
@Autowired
|
||||
private SecurityUtil securityUtil;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "通过id获取")
|
||||
|
||||
@ -7,7 +7,9 @@ import org.springframework.core.io.Resource;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@ -21,6 +23,11 @@ public class LogDownloadController {
|
||||
@Autowired
|
||||
private LogDownloadService logService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@GetMapping("/download/logs")
|
||||
public ResponseEntity<Resource> downloadLogs(
|
||||
@RequestParam("startDate") String startDateStr,
|
||||
|
||||
@ -29,6 +29,8 @@ import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -58,6 +60,11 @@ public class LogSignController {
|
||||
@Autowired
|
||||
private IAuditLogService auditLogService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getByCondition", method = RequestMethod.GET)
|
||||
@ApiOperation(value = "日志签名分页条件查询")
|
||||
public Result<org.springframework.data.domain.Page<LogSign>> getByCondition(@ModelAttribute LogSign logSign,
|
||||
|
||||
@ -12,6 +12,8 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
@ -35,6 +37,11 @@ public class SysLogController {
|
||||
@Autowired
|
||||
private ISysLogService iSysLogService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
|
||||
|
||||
@RequestMapping(value = "/queryList",method = RequestMethod.GET)
|
||||
|
||||
@ -10,6 +10,8 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -25,6 +27,11 @@ public class TransactionController {
|
||||
@Autowired
|
||||
private TransactionService transactionService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getTransactionData", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "获得交易监控的数据")
|
||||
|
||||
@ -11,11 +11,10 @@ import com.sunyard.ssp.constv.KeyType;
|
||||
import com.sunyard.ssp.constv.PublicKeyType;
|
||||
import com.sunyard.ssp.constv.SplitMode;
|
||||
import com.sunyard.ssp.proto.sdk.Sdk;
|
||||
import com.sunyard.ssp.utils.RandomUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Random;
|
||||
|
||||
/**
|
||||
* @author:tsz
|
||||
* @date:2020/5/21
|
||||
@ -258,7 +257,7 @@ public class SdkApiServiceImpl implements SdkApiService {
|
||||
@Override
|
||||
public byte[] PKCS1Sign(Alg alg, byte[] data) {
|
||||
byte[] sign = new byte[64];
|
||||
(new Random()).nextBytes( sign );
|
||||
(RandomUtils.getRandom()).nextBytes( sign );
|
||||
return sign;
|
||||
// SSPApi api = null;
|
||||
// try {
|
||||
|
||||
@ -1,230 +1,230 @@
|
||||
package com.sunyard.ssp.modules.sysconf.cipherunit.controller;
|
||||
|
||||
import com.sun.jna.Pointer;
|
||||
import com.sun.jna.ptr.PointerByReference;
|
||||
import com.sunyard.chsm.model.entity.ParamConf;
|
||||
import com.sunyard.ssp.common.Result;
|
||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
import com.sunyard.ssp.common.exception.SspwebException;
|
||||
import com.sunyard.ssp.modules.jna.CipherJna;
|
||||
import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachine;
|
||||
import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo;
|
||||
import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum;
|
||||
import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService;
|
||||
import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater;
|
||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||
import com.sunyard.ssp.utils.ResultUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.codec.binary.Hex;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
|
||||
/**
|
||||
* 密码部件管理控制层
|
||||
*
|
||||
* @author admin
|
||||
*/
|
||||
@Controller
|
||||
@Slf4j
|
||||
@Api(description = "关键密码部件管理接口", tags = "关键密码部件管理")
|
||||
@RequestMapping("/cipherMachine")
|
||||
public class ScCipherMachineController {
|
||||
@Autowired
|
||||
private ScCipherMachineService scCipherMachineService;
|
||||
|
||||
@Autowired
|
||||
private IParamConfService iParamConfService;
|
||||
|
||||
// @ControllerLog("获取关键密码部件部件")
|
||||
@RequestMapping(value = "/query", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "获取关键密码部件部件")
|
||||
public Result<ScCipherMachineVo> queryCipherMachine() {
|
||||
log.info("get请求 /cipherMachine/query接口");
|
||||
ScCipherMachineVo scCipherMachineVo = scCipherMachineService.queryCipherMachine();
|
||||
log.info("获取密码部件功能响应结果:{}", scCipherMachineVo);
|
||||
return new ResultUtil<ScCipherMachineVo>().setData(scCipherMachineVo);
|
||||
}
|
||||
|
||||
// @ControllerLog("添加关键密码部件配置")
|
||||
@RequestMapping(value = "/add", method = RequestMethod.POST)
|
||||
@AuditControllerLog(description = "添加关键密码部件配置",operateType = "增加")
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "添加关键密码部件配置")
|
||||
public Result<Object> addCipherMachine(@RequestBody ScCipherMachine scCipherMachine) {
|
||||
try {
|
||||
ScCipherMachine scCipherMachineVo = scCipherMachineService.addCipherMachine(scCipherMachine);
|
||||
IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort());
|
||||
return new ResultUtil<>().setData(scCipherMachineVo);
|
||||
} catch (SspwebException e) {
|
||||
return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
}
|
||||
}
|
||||
// @ControllerLog("检测")
|
||||
@RequestMapping(value = "/detection", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "检测")
|
||||
public Result<Object> detection() {
|
||||
int size = 16;
|
||||
PointerByReference phDeviceHandle = new PointerByReference();
|
||||
PointerByReference phSessionHandle = new PointerByReference();
|
||||
int code = RetEnum.SUCCESS.getCode();
|
||||
try {
|
||||
|
||||
// 打开设备
|
||||
int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle);
|
||||
if (ret != code) {
|
||||
return new ResultUtil<Object>().setErrorMsg(ret, "打开设备失败,密码模块初始化失败");
|
||||
}
|
||||
Pointer hDeviceHandle = phDeviceHandle.getValue();
|
||||
// 打开会话
|
||||
ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle);
|
||||
if (ret != code) {
|
||||
return new ResultUtil<Object>().setErrorMsg(ret, "打开会话失败,密码模块初始化失败");
|
||||
}
|
||||
byte[] nakedSign = new byte[size];
|
||||
// 生成随机数
|
||||
ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign);
|
||||
if (ret != code) {
|
||||
return new ResultUtil<Object>().setErrorMsg(ret, "生成随机数失败,密码模块初始化失败");
|
||||
}
|
||||
// 返回结果
|
||||
String result = Hex.encodeHexString(nakedSign);
|
||||
log.info("检测功能响应结果:{}", result);
|
||||
return new ResultUtil<>().setData(result);
|
||||
} catch (SspwebException e) {
|
||||
return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
} catch (Throwable e) {
|
||||
log.error("检测异常:" + e);
|
||||
return new ResultUtil<Object>().setErrorMsg("密码模块初始化失败");
|
||||
} finally {
|
||||
// 关闭会话
|
||||
if (phSessionHandle.getValue() != null) {
|
||||
int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue());
|
||||
if (ret != code) {
|
||||
log.error("关闭会话失败:{}", ret);
|
||||
}
|
||||
}
|
||||
// 关闭设备
|
||||
if (phDeviceHandle.getValue() != null) {
|
||||
int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue());
|
||||
if (ret != code) {
|
||||
log.error("关闭设备失败:{}", ret);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// @ControllerLog("密码模块初始化")
|
||||
@RequestMapping(value = "/init", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "密码模块初始化")
|
||||
public Result<Object> init() {
|
||||
int size = 16;
|
||||
PointerByReference phDeviceHandle = new PointerByReference();
|
||||
PointerByReference phSessionHandle = new PointerByReference();
|
||||
int code = RetEnum.SUCCESS.getCode();
|
||||
try {
|
||||
|
||||
//package com.sunyard.ssp.modules.sysconf.cipherunit.controller;
|
||||
//
|
||||
//import com.sun.jna.Pointer;
|
||||
//import com.sun.jna.ptr.PointerByReference;
|
||||
//import com.sunyard.chsm.model.entity.ParamConf;
|
||||
//import com.sunyard.ssp.common.Result;
|
||||
//import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||
//import com.sunyard.ssp.common.exception.SspwebException;
|
||||
//import com.sunyard.ssp.modules.jna.CipherJna;
|
||||
//import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachine;
|
||||
//import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo;
|
||||
//import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum;
|
||||
//import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService;
|
||||
//import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater;
|
||||
//import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||
//import com.sunyard.ssp.utils.ResultUtil;
|
||||
//import io.swagger.annotations.Api;
|
||||
//import io.swagger.annotations.ApiOperation;
|
||||
//import lombok.extern.slf4j.Slf4j;
|
||||
//import org.apache.commons.codec.binary.Hex;
|
||||
//import org.springframework.beans.factory.annotation.Autowired;
|
||||
//import org.springframework.stereotype.Controller;
|
||||
//import org.springframework.web.bind.annotation.PathVariable;
|
||||
//import org.springframework.web.bind.annotation.RequestBody;
|
||||
//import org.springframework.web.bind.annotation.RequestMapping;
|
||||
//import org.springframework.web.bind.annotation.RequestMethod;
|
||||
//import org.springframework.web.bind.annotation.ResponseBody;
|
||||
//
|
||||
//
|
||||
///**
|
||||
// * 密码部件管理控制层
|
||||
// *
|
||||
// * @author admin
|
||||
// */
|
||||
//@Controller
|
||||
//@Slf4j
|
||||
//@Api(description = "关键密码部件管理接口", tags = "关键密码部件管理")
|
||||
//@RequestMapping("/cipherMachine")
|
||||
//public class ScCipherMachineController {
|
||||
// @Autowired
|
||||
// private ScCipherMachineService scCipherMachineService;
|
||||
//
|
||||
// @Autowired
|
||||
// private IParamConfService iParamConfService;
|
||||
//
|
||||
//// @ControllerLog("获取关键密码部件部件")
|
||||
// @RequestMapping(value = "/query", method = RequestMethod.GET)
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "获取关键密码部件部件")
|
||||
// public Result<ScCipherMachineVo> queryCipherMachine() {
|
||||
// log.info("get请求 /cipherMachine/query接口");
|
||||
// ScCipherMachineVo scCipherMachineVo = scCipherMachineService.queryCipherMachine();
|
||||
// log.info("获取密码部件功能响应结果:{}", scCipherMachineVo);
|
||||
// return new ResultUtil<ScCipherMachineVo>().setData(scCipherMachineVo);
|
||||
// }
|
||||
//
|
||||
//// @ControllerLog("添加关键密码部件配置")
|
||||
// @RequestMapping(value = "/add", method = RequestMethod.POST)
|
||||
// @AuditControllerLog(description = "添加关键密码部件配置",operateType = "增加")
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "添加关键密码部件配置")
|
||||
// public Result<Object> addCipherMachine(@RequestBody ScCipherMachine scCipherMachine) {
|
||||
// try {
|
||||
// ScCipherMachine scCipherMachineVo = scCipherMachineService.addCipherMachine(scCipherMachine);
|
||||
// IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort());
|
||||
// return new ResultUtil<>().setData(scCipherMachineVo);
|
||||
// } catch (SspwebException e) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
// }
|
||||
// }
|
||||
//// @ControllerLog("检测")
|
||||
// @RequestMapping(value = "/detection", method = RequestMethod.POST)
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "检测")
|
||||
// public Result<Object> detection() {
|
||||
// int size = 16;
|
||||
// PointerByReference phDeviceHandle = new PointerByReference();
|
||||
// PointerByReference phSessionHandle = new PointerByReference();
|
||||
// int code = RetEnum.SUCCESS.getCode();
|
||||
// try {
|
||||
//
|
||||
// // 打开设备
|
||||
// int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle);
|
||||
// if (ret != code) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "打开设备失败");
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "打开设备失败,密码模块初始化失败");
|
||||
// }
|
||||
// Pointer hDeviceHandle = phDeviceHandle.getValue();
|
||||
// // 打开会话
|
||||
// ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle);
|
||||
// if (ret != code) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "打开会话失败");
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "打开会话失败,密码模块初始化失败");
|
||||
// }
|
||||
// byte[] nakedSign = new byte[size];
|
||||
// // 生成随机数
|
||||
// ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign);
|
||||
// if (ret != code) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "生成随机数失败");
|
||||
// return new ResultUtil<Object>().setErrorMsg(ret, "生成随机数失败,密码模块初始化失败");
|
||||
// }
|
||||
// // 返回结果
|
||||
// String result = Util.bytes2HexString(nakedSign);
|
||||
// String result = Hex.encodeHexString(nakedSign);
|
||||
// log.info("检测功能响应结果:{}", result);
|
||||
ParamConf paramConf = iParamConfService.selectByKey("initStatus");
|
||||
if (paramConf != null) {
|
||||
paramConf.setValue("1");
|
||||
iParamConfService.updateById(paramConf);
|
||||
}
|
||||
return new ResultUtil<>().setSuccessMsg("初始化成功");
|
||||
} catch (SspwebException e) {
|
||||
return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
} catch (Throwable e) {
|
||||
log.error("检测异常:" + e);
|
||||
return new ResultUtil<Object>().setErrorMsg("检测失败");
|
||||
} finally {
|
||||
// 关闭会话
|
||||
if (phSessionHandle.getValue() != null) {
|
||||
int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue());
|
||||
if (ret != code) {
|
||||
log.error("关闭会话失败:{}", ret);
|
||||
}
|
||||
}
|
||||
// 关闭设备
|
||||
if (phDeviceHandle.getValue() != null) {
|
||||
int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue());
|
||||
if (ret != code) {
|
||||
log.error("关闭设备失败:{}", ret);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// @ControllerLog("密码模块初始化状态获取")
|
||||
@RequestMapping(value = "/init/status", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "密码模块初始化状态获取")
|
||||
public Result<Object> initStatus() {
|
||||
ParamConf paramConf = iParamConfService.selectByKey("initStatus");
|
||||
if (paramConf != null) {
|
||||
return new ResultUtil<>().setData(paramConf.getValue());
|
||||
} else {
|
||||
return new ResultUtil<>().setErrorMsg("获取初始化状态失败");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// @ControllerLog("编辑关键密码部件配置")
|
||||
@RequestMapping(value = "/edit", method = RequestMethod.PUT)
|
||||
@AuditControllerLog(description = "编辑关键密码部件配置",operateType = "修改")
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "编辑关键密码部件配置")
|
||||
public Result<Object> editCipherMachine(@RequestBody ScCipherMachine scCipherMachine) {
|
||||
try {
|
||||
log.info("put请求 /cipherMachine/edit 请求参数:{}", scCipherMachine);
|
||||
ScCipherMachine scCipherMachineVo = scCipherMachineService.editCipherMachine(scCipherMachine);
|
||||
log.info("编辑关键密码部件功能响应结果:{}", scCipherMachineVo);
|
||||
IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort());
|
||||
return new ResultUtil<>().setData(scCipherMachineVo);
|
||||
} catch (SspwebException e) {
|
||||
return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
}
|
||||
}
|
||||
// @ControllerLog("删除关键密码部件配置")
|
||||
@RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE)
|
||||
@AuditControllerLog(description = "删除关键密码部件配置",operateType = "删除")
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "删除关键密码部件配置")
|
||||
public Result<Object> deleteCipherMachine(@PathVariable("id") Long id) {
|
||||
try {
|
||||
log.info("delete请求 /cipherMachine/delete 请求参数:{}", id);
|
||||
scCipherMachineService.deleteCipherMachine(id);
|
||||
return new ResultUtil<>().setData(null);
|
||||
} catch (SspwebException e) {
|
||||
return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
}
|
||||
}
|
||||
}
|
||||
// return new ResultUtil<>().setData(result);
|
||||
// } catch (SspwebException e) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
// } catch (Throwable e) {
|
||||
// log.error("检测异常:" + e);
|
||||
// return new ResultUtil<Object>().setErrorMsg("密码模块初始化失败");
|
||||
// } finally {
|
||||
// // 关闭会话
|
||||
// if (phSessionHandle.getValue() != null) {
|
||||
// int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue());
|
||||
// if (ret != code) {
|
||||
// log.error("关闭会话失败:{}", ret);
|
||||
// }
|
||||
// }
|
||||
// // 关闭设备
|
||||
// if (phDeviceHandle.getValue() != null) {
|
||||
// int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue());
|
||||
// if (ret != code) {
|
||||
// log.error("关闭设备失败:{}", ret);
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
//
|
||||
//// @ControllerLog("密码模块初始化")
|
||||
// @RequestMapping(value = "/init", method = RequestMethod.POST)
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "密码模块初始化")
|
||||
// public Result<Object> init() {
|
||||
// int size = 16;
|
||||
// PointerByReference phDeviceHandle = new PointerByReference();
|
||||
// PointerByReference phSessionHandle = new PointerByReference();
|
||||
// int code = RetEnum.SUCCESS.getCode();
|
||||
// try {
|
||||
//
|
||||
//// // 打开设备
|
||||
//// int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle);
|
||||
//// if (ret != code) {
|
||||
//// return new ResultUtil<Object>().setErrorMsg(ret, "打开设备失败");
|
||||
//// }
|
||||
//// Pointer hDeviceHandle = phDeviceHandle.getValue();
|
||||
//// // 打开会话
|
||||
//// ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle);
|
||||
//// if (ret != code) {
|
||||
//// return new ResultUtil<Object>().setErrorMsg(ret, "打开会话失败");
|
||||
//// }
|
||||
//// byte[] nakedSign = new byte[size];
|
||||
//// // 生成随机数
|
||||
//// ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign);
|
||||
//// if (ret != code) {
|
||||
//// return new ResultUtil<Object>().setErrorMsg(ret, "生成随机数失败");
|
||||
//// }
|
||||
//// // 返回结果
|
||||
//// String result = Util.bytes2HexString(nakedSign);
|
||||
//// log.info("检测功能响应结果:{}", result);
|
||||
// ParamConf paramConf = iParamConfService.selectByKey("initStatus");
|
||||
// if (paramConf != null) {
|
||||
// paramConf.setValue("1");
|
||||
// iParamConfService.updateById(paramConf);
|
||||
// }
|
||||
// return new ResultUtil<>().setSuccessMsg("初始化成功");
|
||||
// } catch (SspwebException e) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
// } catch (Throwable e) {
|
||||
// log.error("检测异常:" + e);
|
||||
// return new ResultUtil<Object>().setErrorMsg("检测失败");
|
||||
// } finally {
|
||||
// // 关闭会话
|
||||
// if (phSessionHandle.getValue() != null) {
|
||||
// int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue());
|
||||
// if (ret != code) {
|
||||
// log.error("关闭会话失败:{}", ret);
|
||||
// }
|
||||
// }
|
||||
// // 关闭设备
|
||||
// if (phDeviceHandle.getValue() != null) {
|
||||
// int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue());
|
||||
// if (ret != code) {
|
||||
// log.error("关闭设备失败:{}", ret);
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
//
|
||||
//// @ControllerLog("密码模块初始化状态获取")
|
||||
// @RequestMapping(value = "/init/status", method = RequestMethod.GET)
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "密码模块初始化状态获取")
|
||||
// public Result<Object> initStatus() {
|
||||
// ParamConf paramConf = iParamConfService.selectByKey("initStatus");
|
||||
// if (paramConf != null) {
|
||||
// return new ResultUtil<>().setData(paramConf.getValue());
|
||||
// } else {
|
||||
// return new ResultUtil<>().setErrorMsg("获取初始化状态失败");
|
||||
// }
|
||||
// }
|
||||
//
|
||||
//
|
||||
//// @ControllerLog("编辑关键密码部件配置")
|
||||
// @RequestMapping(value = "/edit", method = RequestMethod.PUT)
|
||||
// @AuditControllerLog(description = "编辑关键密码部件配置",operateType = "修改")
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "编辑关键密码部件配置")
|
||||
// public Result<Object> editCipherMachine(@RequestBody ScCipherMachine scCipherMachine) {
|
||||
// try {
|
||||
// log.info("put请求 /cipherMachine/edit 请求参数:{}", scCipherMachine);
|
||||
// ScCipherMachine scCipherMachineVo = scCipherMachineService.editCipherMachine(scCipherMachine);
|
||||
// log.info("编辑关键密码部件功能响应结果:{}", scCipherMachineVo);
|
||||
// IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort());
|
||||
// return new ResultUtil<>().setData(scCipherMachineVo);
|
||||
// } catch (SspwebException e) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
// }
|
||||
// }
|
||||
//// @ControllerLog("删除关键密码部件配置")
|
||||
// @RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE)
|
||||
// @AuditControllerLog(description = "删除关键密码部件配置",operateType = "删除")
|
||||
// @ResponseBody
|
||||
// @ApiOperation(value = "删除关键密码部件配置")
|
||||
// public Result<Object> deleteCipherMachine(@PathVariable("id") Long id) {
|
||||
// try {
|
||||
// log.info("delete请求 /cipherMachine/delete 请求参数:{}", id);
|
||||
// scCipherMachineService.deleteCipherMachine(id);
|
||||
// return new ResultUtil<>().setData(null);
|
||||
// } catch (SspwebException e) {
|
||||
// return new ResultUtil<Object>().setErrorMsg(e.getMsg());
|
||||
// }
|
||||
// }
|
||||
//}
|
||||
|
||||
@ -9,6 +9,8 @@ import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
@ -22,6 +24,11 @@ public class StatusController {
|
||||
@Autowired
|
||||
IParamConfService iParamConfService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
// @ControllerLog("获取全局密码模块状态")
|
||||
@RequestMapping(value = "/query", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
|
||||
@ -20,6 +20,8 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.dao.DuplicateKeyException;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -50,6 +52,11 @@ public class ScDictController {
|
||||
@Autowired
|
||||
IScDictDataService iScDictDataService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/search", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
@ApiOperation("根据字典关键字查询")
|
||||
|
||||
@ -18,6 +18,8 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.dao.DuplicateKeyException;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -51,6 +53,11 @@ public class ScDictDataController {
|
||||
@Autowired
|
||||
IScDictService iScDictService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
@ApiOperation("根据Id获取字典数据")
|
||||
|
||||
@ -12,6 +12,8 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -39,7 +41,10 @@ public class ParamConfController {
|
||||
@Autowired
|
||||
IParamConfService iParamConfService;
|
||||
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
|
||||
@RequestMapping(value = "/getAll",method = RequestMethod.GET)
|
||||
|
||||
@ -2,10 +2,10 @@ package com.sunyard.ssp.modules.sysconf.paramconf.serviceimpl;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.sunyard.chsm.config.IpFilter;
|
||||
import com.sunyard.chsm.mapper.ParamConfMapper;
|
||||
import com.sunyard.chsm.model.entity.ParamConf;
|
||||
import com.sunyard.chsm.service.IpWhitelistService;
|
||||
import com.sunyard.config.IpFilter;
|
||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||
import com.sunyard.ssp.modules.user.entity.ScPermission;
|
||||
import com.sunyard.ssp.modules.user.service.IScPermissionService;
|
||||
@ -18,17 +18,9 @@ import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.transaction.interceptor.TransactionAspectSupport;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.*;
|
||||
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.APPROVAL_TRUE;
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.AUTHORITY_APPROVAL_PARAM_ITEM;
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.ENCRYPTION_MACHINE_APPROVAL;
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_ITEM;
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_SWITCH;
|
||||
import static com.sunyard.chsm.constant.ParamConfKeyConstant.*;
|
||||
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_DISABLE;
|
||||
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_NORMAL;
|
||||
|
||||
|
||||
@ -81,6 +81,7 @@ public class ScDepartmentController {
|
||||
@InitBinder(value = ValidatorConstant.DEPARTMENT_BASE_NAME)
|
||||
public void initBainder(DataBinder binder){
|
||||
binder.replaceValidators(departmentValidator);
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getByParentId/{parentId}",method = RequestMethod.GET)
|
||||
|
||||
@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -38,6 +40,11 @@ public class ScDepartmentHeaderController {
|
||||
@Autowired
|
||||
IScDepartmentHeaderService iScDepartmentHeaderService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Result<ScDepartmentHeader> get(@RequestParam String id){
|
||||
|
||||
@ -99,6 +99,7 @@ public class ScPermissionController {
|
||||
@InitBinder(ValidatorConstant.PERMISSION_BASE_NAME)
|
||||
public void initBainder(DataBinder binder){
|
||||
binder.addValidators(permissionValidator);
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
|
||||
@ -63,6 +63,7 @@ public class ScPositionController {
|
||||
@InitBinder(ValidatorConstant.POSTION_BASE_NAME)
|
||||
public void initBainder(DataBinder binder){
|
||||
binder.replaceValidators(positionValidator);
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
|
||||
@ -70,6 +70,7 @@ public class ScRoleController {
|
||||
@InitBinder(ValidatorConstant.ROLE_BASE_NAME)
|
||||
public void initBainder(DataBinder binder){
|
||||
binder.replaceValidators(roleValidator);
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getAllList",method = RequestMethod.GET)
|
||||
|
||||
@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -38,6 +40,11 @@ public class ScRoleDepartmentController {
|
||||
@Autowired
|
||||
IScRoleDepartmentService iScRoleDepartmentService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Result<ScRoleDepartment> get(@RequestParam String id){
|
||||
|
||||
@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -37,7 +39,10 @@ public class ScRolePermissionController {
|
||||
|
||||
@Autowired
|
||||
IScRolePermissionService iScRolePermissionService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Result<ScRolePermission> get(@RequestParam String id){
|
||||
|
||||
@ -38,6 +38,8 @@ import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.FileCopyUtils;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -89,6 +91,11 @@ public class ScUShieldController {
|
||||
@Autowired
|
||||
private IAuditLogService auditLogService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/ulogin", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ApiOperation(value = "U盾登录接口")
|
||||
@ -153,12 +160,12 @@ public class ScUShieldController {
|
||||
}
|
||||
|
||||
//查询账户绑定U盾公钥
|
||||
ScUser user = userService.getById(userId);
|
||||
ScUser user = userService.getById(sysUser.getId());
|
||||
if (uname == null) {
|
||||
uname = user.getUsername();
|
||||
}
|
||||
//查询用户角色id集合
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(userId);
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(sysUser.getId());
|
||||
List<Long> roldIds = new ArrayList<>();
|
||||
if (null != roles && roles.size() > 0) {
|
||||
roldIds = roles.stream().map(ScRole::getId).collect(Collectors.toList());
|
||||
@ -273,7 +280,7 @@ public class ScUShieldController {
|
||||
}
|
||||
|
||||
//查询用户角色id集合
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(userId);
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(user.getId());
|
||||
|
||||
List<Long> roldIds = new ArrayList<>();
|
||||
if (null != roles && roles.size() > 0) {
|
||||
@ -329,7 +336,7 @@ public class ScUShieldController {
|
||||
}
|
||||
|
||||
//查询用户角色id集合
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(userId);
|
||||
List<ScRole> roles = iScUserRoleService.findByUserId(user.getId());
|
||||
|
||||
List<Long> roldIds = new ArrayList<>();
|
||||
if (null != roles && roles.size() > 0) {
|
||||
|
||||
@ -58,6 +58,7 @@ import java.util.HashSet;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -104,12 +105,22 @@ public class ScUserController {
|
||||
|
||||
@Autowired
|
||||
IScRoleService roleService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/info",method = RequestMethod.GET)
|
||||
public Result<ScUser> getUserInfo(){
|
||||
|
||||
ScUser u = securityUtil.getCurrUser();
|
||||
if (CollectionUtils.isNotEmpty(u.getRoles())) {
|
||||
long count = u.getRoles().stream().map(ScRole::getId)
|
||||
.filter(it -> Objects.equals(it, 1L))
|
||||
.count();
|
||||
if (count >= 1) {
|
||||
u.setId(1L);
|
||||
}
|
||||
}
|
||||
return new ResultUtil<ScUser>().setData(u);
|
||||
}
|
||||
|
||||
|
||||
@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
@ -37,6 +39,10 @@ public class ScUserRoleController {
|
||||
|
||||
@Autowired
|
||||
IScUserRoleService iScUserRoleService;
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/getById",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
|
||||
@ -62,7 +62,7 @@ public class ScUserServiceImpl extends ServiceImpl<ScUserMapper, ScUser> impleme
|
||||
List<ScUser> list=baseMapper.findByUsername(username);
|
||||
if(list!=null&&list.size()>0){
|
||||
ScUser user = list.get(0);
|
||||
if (username.contains("admin")) {
|
||||
if (username.contains("rootadmin")) {
|
||||
user.setId(1L);
|
||||
}
|
||||
if(CommonConstant.DEFAULT_USER_ROOT_ID.equals(user.getId())){
|
||||
|
||||
@ -5,7 +5,7 @@ import java.awt.*;
|
||||
import java.awt.image.BufferedImage;
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
import java.util.Random;
|
||||
import java.security.SecureRandom;
|
||||
|
||||
/**
|
||||
* 随机字符验证码生成工具类
|
||||
@ -38,7 +38,7 @@ public class CreateVerifyCode {
|
||||
*/
|
||||
private BufferedImage buffImg = null;
|
||||
|
||||
Random random = new Random();
|
||||
SecureRandom random = RandomUtils.getRandom();
|
||||
|
||||
public CreateVerifyCode() {
|
||||
creatImage();
|
||||
@ -194,7 +194,7 @@ public class CreateVerifyCode {
|
||||
int len = str1.length() - 1;
|
||||
double r;
|
||||
for (int i = 0; i < n; i++) {
|
||||
r = (Math.random()) * len;
|
||||
r = (random.nextDouble()) * len;
|
||||
str2 = str2 + str1.charAt((int) r);
|
||||
}
|
||||
return str2;
|
||||
@ -224,7 +224,7 @@ public class CreateVerifyCode {
|
||||
* 产生随机字体
|
||||
*/
|
||||
private Font getFont(int size) {
|
||||
Random random = new Random();
|
||||
SecureRandom random = RandomUtils.getRandom();
|
||||
Font[] font = new Font[5];
|
||||
font[0] = new Font("Ravie", Font.PLAIN, size);
|
||||
font[1] = new Font("Antique Olive Compact", Font.PLAIN, size);
|
||||
@ -305,7 +305,7 @@ public class CreateVerifyCode {
|
||||
*/
|
||||
public String getRandomNum() {
|
||||
|
||||
Random random = new Random();
|
||||
SecureRandom random = RandomUtils.getRandom();
|
||||
int num = random.nextInt(999999);
|
||||
//不足六位前面补0
|
||||
String str = String.format("%06d", num);
|
||||
|
||||
@ -1,187 +0,0 @@
|
||||
package com.sunyard.ssp.utils;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
/**
|
||||
* @author:tsz
|
||||
* @date:2020/3/6
|
||||
* @description:
|
||||
*/
|
||||
@Component
|
||||
@Slf4j
|
||||
public class FileUtil {
|
||||
|
||||
@Value("${file.path}")
|
||||
private String filePath;
|
||||
|
||||
/**
|
||||
* 文件路径上传完整路径
|
||||
*
|
||||
* @param file
|
||||
* @return
|
||||
*/
|
||||
public String localUpload(MultipartFile file) {
|
||||
|
||||
String key = CommonUtil.renamePic(file.getOriginalFilename());
|
||||
String day = DateUtil.format(DateUtil.date(), "yyyyMMdd");
|
||||
String path = filePath + "/" + day;
|
||||
File dir = new File(path);
|
||||
if (!dir.exists()) {
|
||||
dir.mkdirs();
|
||||
}
|
||||
File f = new File(path + "/" + key);
|
||||
if (f.exists()) {
|
||||
throw new RuntimeException("文件名已存在");
|
||||
}
|
||||
try {
|
||||
file.transferTo(f);
|
||||
return path + "/" + key;
|
||||
} catch (IOException e) {
|
||||
log.error(e.toString());
|
||||
throw new RuntimeException("上传文件出错");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 文件路径上传只返回文件名
|
||||
*
|
||||
* @param file
|
||||
* @return
|
||||
*/
|
||||
public String upload(MultipartFile file) throws IOException {
|
||||
try {
|
||||
//String key = Md5Util.md5HashCode(file.getInputStream()) +"_"+ file.getOriginalFilename();
|
||||
String key = file.getOriginalFilename();
|
||||
String s = Md5Util.little16MD5a(DigestUtils.md5Hex(file.getInputStream()));
|
||||
String path = filePath + "/" + s;
|
||||
File dir = new File(path);
|
||||
if (!dir.exists()) {
|
||||
dir.mkdirs();
|
||||
}
|
||||
File f = new File(path + "/" + key);
|
||||
//如果文件已经存在直接返回文件名证明快速上传了
|
||||
if (f.exists()) {
|
||||
return s + "/" +key;
|
||||
}
|
||||
file.transferTo(f);
|
||||
key = s + "/"+ key;
|
||||
return key;
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
log.error(e.toString());
|
||||
throw new RuntimeException("上传文件出错");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 读取文件
|
||||
*
|
||||
* @param url
|
||||
* @param response
|
||||
*/
|
||||
public void view(String url, HttpServletResponse response) {
|
||||
|
||||
File file = new File(url);
|
||||
FileInputStream i = null;
|
||||
OutputStream o = null;
|
||||
|
||||
try {
|
||||
i = new FileInputStream(file);
|
||||
o = response.getOutputStream();
|
||||
|
||||
byte[] buf = new byte[1024];
|
||||
int bytesRead;
|
||||
|
||||
while ((bytesRead = i.read(buf)) > 0) {
|
||||
o.write(buf, 0, bytesRead);
|
||||
o.flush();
|
||||
}
|
||||
|
||||
i.close();
|
||||
o.close();
|
||||
} catch (IOException e) {
|
||||
log.error(e.toString());
|
||||
throw new RuntimeException("读取文件出错");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 重命名
|
||||
*
|
||||
* @param url
|
||||
* @param toKey
|
||||
* @return
|
||||
*/
|
||||
public String renameFile(String url, String toKey) {
|
||||
|
||||
String result = copyFile(url, toKey);
|
||||
deleteFile(url);
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 复制文件
|
||||
*
|
||||
* @param url
|
||||
* @param toKey
|
||||
*/
|
||||
public String copyFile(String url, String toKey) {
|
||||
|
||||
File file = new File(url);
|
||||
FileInputStream i = null;
|
||||
FileOutputStream o = null;
|
||||
|
||||
try {
|
||||
i = new FileInputStream(file);
|
||||
o = new FileOutputStream(new File(file.getParentFile() + "/" + toKey));
|
||||
|
||||
byte[] buf = new byte[1024];
|
||||
int bytesRead;
|
||||
|
||||
while ((bytesRead = i.read(buf)) > 0) {
|
||||
o.write(buf, 0, bytesRead);
|
||||
}
|
||||
|
||||
i.close();
|
||||
o.close();
|
||||
return file.getParentFile() + "/" + toKey;
|
||||
} catch (IOException e) {
|
||||
log.error(e.toString());
|
||||
throw new RuntimeException("复制文件出错");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 删除文件
|
||||
*
|
||||
* @param url
|
||||
*/
|
||||
public void deleteFile(String url) {
|
||||
|
||||
File file = new File(url);
|
||||
file.delete();
|
||||
}
|
||||
|
||||
/**
|
||||
* 删除文件
|
||||
*
|
||||
* @param url
|
||||
*/
|
||||
public void deleteFileName(String url) {
|
||||
|
||||
File file = new File(filePath + "/" + url);
|
||||
file.delete();
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,23 @@
|
||||
package com.sunyard.ssp.utils;
|
||||
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.SecureRandom;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2025/1/14
|
||||
*/
|
||||
public abstract class RandomUtils {
|
||||
|
||||
|
||||
|
||||
public static SecureRandom getRandom() {
|
||||
try {
|
||||
return SecureRandom.getInstance("SHA1PRNG");
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new IllegalArgumentException(e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@ -1,12 +1,12 @@
|
||||
package com.sunyard.ssp.utils.regexp.model;
|
||||
|
||||
import com.sunyard.ssp.utils.RandomUtils;
|
||||
import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.UninitializedException;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Random;
|
||||
|
||||
public class OptionalRegexNode extends BaseRegexNode {
|
||||
|
||||
@ -50,6 +50,6 @@ public class OptionalRegexNode extends BaseRegexNode {
|
||||
@Override
|
||||
protected String random(String expression, List<String> expressionFragments)
|
||||
throws UninitializedException, RegexpIllegalException {
|
||||
return children.get(new Random().nextInt(children.size())).random();
|
||||
return children.get(RandomUtils.getRandom().nextInt(children.size())).random();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
package com.sunyard.ssp.utils.regexp.model;
|
||||
|
||||
import com.sunyard.ssp.utils.RandomUtils;
|
||||
import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.UninitializedException;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Random;
|
||||
|
||||
public class RepeatRegexNode extends BaseRegexNode {
|
||||
|
||||
@ -63,7 +63,7 @@ public class RepeatRegexNode extends BaseRegexNode {
|
||||
@Override
|
||||
protected String random(String expression, List<String> expressionFragments)
|
||||
throws RegexpIllegalException, UninitializedException {
|
||||
int repeat = new Random().nextInt(maxRepeat - minRepeat + 1) + minRepeat;
|
||||
int repeat = RandomUtils.getRandom().nextInt(maxRepeat - minRepeat + 1) + minRepeat;
|
||||
StringBuilder value = new StringBuilder();
|
||||
while (repeat-- > 0) {
|
||||
value.append(regexNode.random());
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
package com.sunyard.ssp.utils.regexp.model;
|
||||
|
||||
import com.sunyard.ssp.utils.RandomUtils;
|
||||
import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException;
|
||||
import com.sunyard.ssp.utils.regexp.exception.UninitializedException;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Random;
|
||||
|
||||
public class SingleRegexNode extends BaseRegexNode {
|
||||
|
||||
@ -114,7 +114,7 @@ public class SingleRegexNode extends BaseRegexNode {
|
||||
for (Interval interval : intervals) {
|
||||
count += interval.end + 1 - interval.start;
|
||||
}
|
||||
int randomValue = new Random().nextInt(count);
|
||||
int randomValue = RandomUtils.getRandom().nextInt(count);
|
||||
for (Interval interval : intervals) {
|
||||
if (randomValue < interval.end + 1 - interval.start) {
|
||||
return (char) (interval.start + randomValue);
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
server:
|
||||
port: 89
|
||||
port: 9880
|
||||
tomcat:
|
||||
uri-encoding: UTF-8
|
||||
threads:
|
||||
|
||||
8
chsm-web-server/Dockerfile
Normal file
8
chsm-web-server/Dockerfile
Normal file
@ -0,0 +1,8 @@
|
||||
FROM dragonwell8
|
||||
|
||||
WORKDIR /app
|
||||
COPY target/chsm-web-server.jar /app/app.jar
|
||||
ENV JVM_OPTS=""
|
||||
ENV ARGS_OPTS=""
|
||||
EXPOSE 9890
|
||||
ENTRYPOINT ["sh","-c","java $JVM_OPTS -jar app.jar $ARGS_OPTS"]
|
||||
18
chsm-web-server/build.cmd
Normal file
18
chsm-web-server/build.cmd
Normal file
@ -0,0 +1,18 @@
|
||||
@echo off
|
||||
SETLOCAL
|
||||
|
||||
chcp 65001
|
||||
|
||||
del /S *.log
|
||||
|
||||
call mvn clean -DskipTests=true package -f ../pom.xml
|
||||
|
||||
echo ">>>>>>>>>>>begin build docker image ...<<<<<<<<<<<<<"
|
||||
docker build -t chsm-web-server:latest .
|
||||
echo ">>>>>>>>>>>build docker image success<<<<<<<<<<<<<"
|
||||
|
||||
docker save -o chsm-web-server.tar chsm-web-server:latest
|
||||
echo ">>>>>>>>>>>build docker offline tar success<<<<<<<<<<<<<"
|
||||
|
||||
pause
|
||||
|
||||
@ -44,6 +44,7 @@
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<finalName>chsm-web-server</finalName>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
||||
@ -1,15 +1,22 @@
|
||||
package com.sunyard.chsm.auth;
|
||||
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.sunyard.chsm.enums.EnableStatus;
|
||||
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.model.entity.IpWhitelist;
|
||||
import com.sunyard.chsm.service.AppLoginService;
|
||||
import com.sunyard.chsm.utils.IpUtils;
|
||||
import com.sunyard.chsm.utils.JsonUtils;
|
||||
import io.jsonwebtoken.ExpiredJwtException;
|
||||
import io.jsonwebtoken.JwtException;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
@ -18,9 +25,11 @@ import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Enumeration;
|
||||
import java.util.*;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import java.util.concurrent.Executors;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static com.sunyard.chsm.constant.SecurityConstant.ATTRIBUTE_APP_USER;
|
||||
|
||||
@ -32,7 +41,9 @@ import static com.sunyard.chsm.constant.SecurityConstant.ATTRIBUTE_APP_USER;
|
||||
@Slf4j
|
||||
@Component
|
||||
@RequiredArgsConstructor
|
||||
public class AppTokenFilter extends OncePerRequestFilter {
|
||||
public class AppTokenFilter extends OncePerRequestFilter implements InitializingBean {
|
||||
|
||||
public static Map<Long, List<String>> WHITE_IP_MAP = new ConcurrentHashMap<>();
|
||||
|
||||
public static final Collection<String> WHITE_URL = Arrays.asList(
|
||||
"/appUser/getAppToken",
|
||||
@ -40,6 +51,7 @@ public class AppTokenFilter extends OncePerRequestFilter {
|
||||
);
|
||||
|
||||
private final AppLoginService appLoginService;
|
||||
private final IpWhitelisttMapper ipWhitelisttMapper;
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
@ -58,6 +70,16 @@ public class AppTokenFilter extends OncePerRequestFilter {
|
||||
|
||||
try {
|
||||
AppUser user = appLoginService.verifyToken(tokenValue);
|
||||
List<String> ips = WHITE_IP_MAP.getOrDefault(user.getAppId(), Collections.emptyList());
|
||||
String ip = IpUtils.getIpAddress(request);
|
||||
if (!CollectionUtils.isEmpty(ips) && !ips.contains(ip)) {
|
||||
logger.warn("forbidden for ip: " + ip);
|
||||
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||
response.setContentType(MediaType.TEXT_PLAIN_VALUE);
|
||||
response.getWriter().println("this ip is forbidden");
|
||||
response.getWriter().flush();
|
||||
return;
|
||||
}
|
||||
request.setAttribute(ATTRIBUTE_APP_USER, user);
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (ExpiredJwtException ex) {
|
||||
@ -110,4 +132,21 @@ public class AppTokenFilter extends OncePerRequestFilter {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws ServletException {
|
||||
super.afterPropertiesSet();
|
||||
|
||||
Executors.newSingleThreadScheduledExecutor()
|
||||
.scheduleWithFixedDelay(() -> {
|
||||
|
||||
List<IpWhitelist> list = ipWhitelisttMapper.selectList(
|
||||
new LambdaQueryWrapper<IpWhitelist>()
|
||||
.eq(IpWhitelist::getScope, "app")
|
||||
.eq(IpWhitelist::getStatus, EnableStatus.ENABLED.getCode())
|
||||
);
|
||||
WHITE_IP_MAP = list.stream().collect(Collectors.groupingBy(IpWhitelist::getAppId, Collectors.mapping(IpWhitelist::getIp, Collectors.toList())));
|
||||
}, 1L, 5L, TimeUnit.MINUTES);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -4,6 +4,8 @@ import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.param.AppTokenReq;
|
||||
import com.sunyard.chsm.param.AppTokenResp;
|
||||
import com.sunyard.chsm.service.AppLoginService;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -26,6 +28,10 @@ public class AppLoginController {
|
||||
@Resource
|
||||
private AppLoginService appLoginService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取应用Token接口
|
||||
|
||||
@ -3,9 +3,27 @@ package com.sunyard.chsm.controller;
|
||||
import com.sunyard.chsm.auth.AuthCode;
|
||||
import com.sunyard.chsm.constant.AuthCodeConst;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.param.*;
|
||||
import com.sunyard.chsm.param.AsymDecryptReq;
|
||||
import com.sunyard.chsm.param.AsymDecryptResp;
|
||||
import com.sunyard.chsm.param.AsymEncryptReq;
|
||||
import com.sunyard.chsm.param.AsymEncryptResp;
|
||||
import com.sunyard.chsm.param.AsymEnvelopeSealReq;
|
||||
import com.sunyard.chsm.param.AsymEnvelopeSealResp;
|
||||
import com.sunyard.chsm.param.AsymEnvelopeUnsealReq;
|
||||
import com.sunyard.chsm.param.AsymEnvelopeUnsealResp;
|
||||
import com.sunyard.chsm.param.AsymSignP7Req;
|
||||
import com.sunyard.chsm.param.AsymSignP7Resp;
|
||||
import com.sunyard.chsm.param.AsymSignRawReq;
|
||||
import com.sunyard.chsm.param.AsymSignRawResp;
|
||||
import com.sunyard.chsm.param.AsymVerifyP7Req;
|
||||
import com.sunyard.chsm.param.AsymVerifyRawReq;
|
||||
import com.sunyard.chsm.param.ExportPubKeyReq;
|
||||
import com.sunyard.chsm.param.ExportPubKeyResp;
|
||||
import com.sunyard.chsm.param.VerifyResp;
|
||||
import com.sunyard.chsm.service.AsymKeyService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -26,6 +44,11 @@ public class AsymKeyController {
|
||||
@Autowired
|
||||
private AsymKeyService asymKeyService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 导出非对称公钥
|
||||
*
|
||||
|
||||
@ -3,11 +3,23 @@ package com.sunyard.chsm.controller;
|
||||
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.model.dto.CertDTO;
|
||||
import com.sunyard.chsm.param.*;
|
||||
import com.sunyard.chsm.param.CertExinfoResp;
|
||||
import com.sunyard.chsm.param.CertInfoResp;
|
||||
import com.sunyard.chsm.param.ExportCertReq;
|
||||
import com.sunyard.chsm.param.ExportCertResp;
|
||||
import com.sunyard.chsm.param.ImportCertReq;
|
||||
import com.sunyard.chsm.service.AppCertService;
|
||||
import com.sunyard.chsm.service.CertService;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.validation.Valid;
|
||||
@ -27,6 +39,11 @@ public class CertController {
|
||||
@Resource
|
||||
private CertService certService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 导出证书
|
||||
*
|
||||
|
||||
@ -14,6 +14,8 @@ import com.sunyard.chsm.sdf.context.AlgId;
|
||||
import com.sunyard.chsm.sdf.model.EccPubKey;
|
||||
import com.sunyard.chsm.utils.CodecUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -40,6 +42,11 @@ public class HashController {
|
||||
@Resource
|
||||
private DeviceManager deviceManager;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 计算Hash
|
||||
*
|
||||
@ -118,7 +125,7 @@ public class HashController {
|
||||
SdfApiAdapter sdf = context.getSdfApiAdapter();
|
||||
sdf.hashUpdate(context.getSessionHandle(), bytes);
|
||||
HashResp resp = new HashResp();
|
||||
resp.setHandle(req.getHandle());
|
||||
// resp.setHandle(req.getHandle());
|
||||
return R.data(resp);
|
||||
}
|
||||
|
||||
@ -139,7 +146,7 @@ public class HashController {
|
||||
byte[] hash = sdf.hashFinish(context.getSessionHandle());
|
||||
sdf.closeSession(context.getSessionHandle());
|
||||
HashResp resp = new HashResp();
|
||||
resp.setHandle(req.getHandle());
|
||||
// resp.setHandle(req.getHandle());
|
||||
resp.setHash(CodecUtils.encodeBase64(hash));
|
||||
return R.data(resp);
|
||||
}
|
||||
|
||||
@ -11,6 +11,8 @@ import com.sunyard.chsm.param.KeyManageReq;
|
||||
import com.sunyard.chsm.param.KeyUpdateReq;
|
||||
import com.sunyard.chsm.service.KeyManageService;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -32,6 +34,11 @@ public class KeyManageController {
|
||||
@Resource
|
||||
private KeyManageService keyManageService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询密钥列表
|
||||
*
|
||||
|
||||
@ -7,6 +7,8 @@ import com.sunyard.chsm.param.GenRandomReq;
|
||||
import com.sunyard.chsm.param.GenRandomResp;
|
||||
import com.sunyard.chsm.sdf.SdfApiService;
|
||||
import com.sunyard.chsm.utils.CodecUtils;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -25,6 +27,11 @@ public class RandomController {
|
||||
@Resource
|
||||
private SdfApiService sdfApiService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取随机数
|
||||
*
|
||||
|
||||
@ -16,6 +16,8 @@ import com.sunyard.chsm.param.SymMacResp;
|
||||
import com.sunyard.chsm.param.VerifyResp;
|
||||
import com.sunyard.chsm.service.SymKeyService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -36,6 +38,11 @@ public class SymKeyController {
|
||||
@Autowired
|
||||
private SymKeyService symKeyService;
|
||||
|
||||
@InitBinder
|
||||
public void initBinder(WebDataBinder binder) {
|
||||
binder.setDisallowedFields("qwer");
|
||||
}
|
||||
|
||||
/**
|
||||
* 对称加密
|
||||
*
|
||||
|
||||
@ -77,6 +77,12 @@ public class DeviceManager implements InitializingBean {
|
||||
if (atomicInteger.get() > Integer.MAX_VALUE - 10000) {
|
||||
atomicInteger.set(1);
|
||||
}
|
||||
if (CollectionUtils.isEmpty(serviceDeviceMap)) {
|
||||
log.warn("系统内没有可以设备..service Device is empty");
|
||||
TMKContext soft = getSoftContext();
|
||||
Assert.notNull(soft, "应用: " + user.getName() + "没有可用的密码设备");
|
||||
return soft;
|
||||
}
|
||||
List<DeviceContext> contexts = serviceDeviceMap.entrySet().stream()
|
||||
.filter(it -> serviceIds.contains(it.getKey()))
|
||||
.map(Map.Entry::getValue)
|
||||
|
||||
@ -1,15 +1,19 @@
|
||||
package com.sunyard.chsm.service;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.sunyard.chsm.auth.AppUser;
|
||||
import com.sunyard.chsm.constant.SecurityConstant;
|
||||
import com.sunyard.chsm.enums.EnableStatus;
|
||||
import com.sunyard.chsm.mapper.AppServiceMapper;
|
||||
import com.sunyard.chsm.mapper.ApplicationMapper;
|
||||
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
||||
import com.sunyard.chsm.model.entity.AppService;
|
||||
import com.sunyard.chsm.model.entity.Application;
|
||||
import com.sunyard.chsm.model.entity.IpWhitelist;
|
||||
import com.sunyard.chsm.param.AppTokenReq;
|
||||
import com.sunyard.chsm.param.AppTokenResp;
|
||||
import com.sunyard.chsm.utils.CodecUtils;
|
||||
import com.sunyard.chsm.utils.IpUtils;
|
||||
import com.sunyard.chsm.utils.gm.BCSM3Utils;
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.Header;
|
||||
@ -19,8 +23,10 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -41,6 +47,10 @@ public class AppLoginService {
|
||||
private ApplicationMapper applicationMapper;
|
||||
@Resource
|
||||
private AppServiceMapper appServiceMapper;
|
||||
@Resource
|
||||
private HttpServletRequest request;
|
||||
@Resource
|
||||
private IpWhitelisttMapper ipWhitelisttMapper;
|
||||
|
||||
public AppTokenResp getAppToken(AppTokenReq req) {
|
||||
Long random = req.getTimestamp();
|
||||
@ -49,6 +59,19 @@ public class AppLoginService {
|
||||
String appKey = req.getAppKey();
|
||||
Application application = applicationMapper.selectByAppKey(appKey);
|
||||
Assert.isTrue(EnableStatus.ENABLED.getCode().equals(application.getStatus()), "此应用已停用");
|
||||
List<IpWhitelist> list = ipWhitelisttMapper.selectList(
|
||||
new LambdaQueryWrapper<IpWhitelist>().eq(IpWhitelist::getAppId, application.getId())
|
||||
);
|
||||
if (!CollectionUtils.isEmpty(list)) {
|
||||
String ip = IpUtils.getIpAddress(request);
|
||||
IpWhitelist whitelist = list.stream()
|
||||
.filter(it -> EnableStatus.ENABLED.getCode().equals(it.getStatus()))
|
||||
.filter(it -> Objects.equals(ip, it.getIp()))
|
||||
.findFirst()
|
||||
.orElse(null);
|
||||
Assert.notNull(whitelist, "IP:" + ip + "禁止访问!");
|
||||
}
|
||||
|
||||
String data = appKey + random + application.getAppSecret();
|
||||
byte[] hmac = BCSM3Utils.hmac(application.getAppSecret().getBytes(), data.getBytes());
|
||||
String serverHmac = CodecUtils.encodeBase64(hmac);
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
server:
|
||||
port: 8900
|
||||
port: 9890
|
||||
tomcat:
|
||||
uri-encoding: UTF-8
|
||||
threads:
|
||||
|
||||
@ -30,7 +30,7 @@ public abstract class BaseTest {
|
||||
protected static final String asymKeyTemplate = "asym-sm2-001";
|
||||
protected static final String ak = "216205d408130d83d13c5072305b8b65";
|
||||
protected static final String sk = "ae64515d1d5adec2cc6ae8726d0c1bbc";
|
||||
protected static final String server = "http://172.16.18.46:8900";
|
||||
protected static final String server = "http://172.16.18.42:9890";
|
||||
protected static final RestTemplate restTemplate;
|
||||
protected static final String token;
|
||||
|
||||
@ -49,7 +49,12 @@ public abstract class BaseTest {
|
||||
R<AppTokenResp> r = JsonUtils.objectMapper()
|
||||
.readValue(response.getBody(), new TypeReference<R<AppTokenResp>>() {
|
||||
});
|
||||
if (!r.isSuccess()) {
|
||||
log.warn(r.getMessage());
|
||||
throw new IllegalArgumentException(r.getMessage());
|
||||
}
|
||||
token = r.getResult().getToken();
|
||||
log.info("get token: {}", token);
|
||||
restTemplate = new RestTemplateBuilder()
|
||||
.rootUri(server)
|
||||
.defaultHeader("Authorization", "Bearer " + token)
|
||||
|
||||
@ -180,7 +180,7 @@ CREATE TABLE "SC_PERMISSION"(
|
||||
|
||||
|
||||
-- 初始化数据
|
||||
INSERT INTO SC_PARAM_CONF (ITEM, KEY, VALUE, TYPE, STATUS, MEMO) VALUES (0, 'ipWhitelistSwitch', 'true', 'OBJECT', 0, null);
|
||||
INSERT INTO SC_PARAM_CONF (ITEM, KEY, VALUE, TYPE, STATUS, MEMO) VALUES (0, 'ipWhitelistSwitch', 'false', 'OBJECT', 0, null);
|
||||
INSERT INTO SC_PARAM_CONF (ITEM, KEY, VALUE, TYPE, STATUS, MEMO) VALUES (1, 'communicateTimeOut', '30', 'OBJECT', 0, null);
|
||||
INSERT INTO SC_PARAM_CONF (ITEM, KEY, VALUE, TYPE, STATUS, MEMO) VALUES (1, 'heartDetectTime', '5', 'OBJECT', 0, null);
|
||||
INSERT INTO SC_PARAM_CONF (ITEM, KEY, VALUE, TYPE, STATUS, MEMO) VALUES (1, 'ftpUploadPath', '/app/upload', 'OBJECT', 0, null);
|
||||
@ -216,7 +216,7 @@ INSERT INTO SC_DICT (ID, TYPE, TITLE, SCOPE, SORT_ORDER, DESCRIPTION) VALUES (42
|
||||
INSERT INTO SC_DICT (ID, TYPE, TITLE, SCOPE, SORT_ORDER, DESCRIPTION) VALUES (76, 'Publickey_format', '公钥格式', 1, 0, null);
|
||||
INSERT INTO SC_DICT (ID, TYPE, TITLE, SCOPE, SORT_ORDER, DESCRIPTION) VALUES (81, 'version', '系统版本号', 1, 0, '');
|
||||
|
||||
SET IDENTITY_INSERT SC_DICT_DATA ON
|
||||
SET IDENTITY_INSERT SC_DICT_DATA ON;
|
||||
INSERT INTO SC_DICT_DATA (ID, DICT_ID, TITLE, VALUE, SORT_ORDER, STATUS, DESCRIPTION) VALUES (25, 76, 'DER', 'DER', 1, 0, null);
|
||||
INSERT INTO SC_DICT_DATA (ID, DICT_ID, TITLE, VALUE, SORT_ORDER, STATUS, DESCRIPTION) VALUES (26, 76, 'BASE64', 'BASE64', 2, 0, null);
|
||||
INSERT INTO SC_DICT_DATA (ID, DICT_ID, TITLE, VALUE, SORT_ORDER, STATUS, DESCRIPTION) VALUES (27, 38, '30秒', '30000', 1, 0, null);
|
||||
@ -289,13 +289,14 @@ INSERT INTO SC_ROLE (ID, NAME, DEFAULT_ROLE, DESCRIPTION, DATA_TYPE) VALUES (33,
|
||||
|
||||
INSERT INTO SC_USER_ROLE (ROLE_ID, USER_ID) VALUES (1, 1);
|
||||
|
||||
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (182, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (185, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (188, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (189, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (194, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (195, 33);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (20, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (216, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (212, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (213, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (214, 25);
|
||||
@ -303,6 +304,8 @@ INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (215, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (209, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (210, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (211, 25);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (20, 32);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (24, 32);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (207, 32);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (208, 32);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (205, 32);
|
||||
@ -317,27 +320,6 @@ INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (20, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (216, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (24, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (5, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (32, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (207, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (208, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (205, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (206, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (202, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (203, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (204, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (212, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (213, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (214, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (215, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (209, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (210, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (211, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (182, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (185, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (194, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (195, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (188, 1);
|
||||
INSERT INTO SC_ROLE_PERMISSION (PERMISSION_ID, ROLE_ID) VALUES (189, 1);
|
||||
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user