sign 阻截
sign 拦截
<beans profile="product,test_sce,test,local"> <context:component-scan base-package="cn.focus.dc.jiajing.interceptors"> <context:include-filter type="regex" expression=".*Interceptor" /> </context:component-scan> </beans>
package cn.focus.dc.jiajing.interceptors; import java.lang.reflect.Method; import java.util.HashMap; import java.util.Map; import java.util.TreeMap; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import cn.focus.dc.commons.controllers.CommonsController; import cn.focus.dc.config.MsgConstant; import net.paoding.rose.web.ControllerInterceptorAdapter; import net.paoding.rose.web.Invocation; /** * 拦截所有controller方法,对于sign不匹配的连接均拦截 */ public class SignInterceptor extends ControllerInterceptorAdapter { private static Logger logger = Logger.getLogger(SignInterceptor.class); public SignInterceptor(){ this.setPriority(200); } @Override protected boolean isForAction(Method actionMethod, Class<?> controllerClazz) { if (controllerClazz.equals(CommonsController.class)) { return Boolean.FALSE; } return super.isForAction(actionMethod, controllerClazz); } @Override public Object before(Invocation inv) throws Exception { String sign = inv.getRequest().getParameter("sign"); Map<String, String[]> params = inv.getRequest().getParameterMap(); String result = DigestUtils.md5Hex(getSignedParams(convertMap(params), MsgConstant.SIGN_MD5_KEY)); logger.info("result===" + result + "\n\t\tsign===" + sign); if (result.equals(sign)) { String accessToken = inv.getRequest().getParameter("access_token"); logger.debug("uri===" + result + "\n\t\taccess_token===" + accessToken); return Boolean.TRUE; } logger.info("result===:" + result + "\t\ttime:" + System.nanoTime()); return "@sign error!"; } private Map<String, String> convertMap(Map<String, String[]> params) { Map<String, String> map = new HashMap<String, String>(); if (params == null || params.size() == 0) { return map; } for (Map.Entry<String, String[]> entry : params.entrySet()) { if (entry.getValue() != null && entry.getValue().length > 0) { map.put(entry.getKey(), entry.getValue()[0]); } } return map; } private String getSignedParams(Map<String, String> params, String secretKey) { Map<String, String> ret = new TreeMap<String, String>(params); StringBuilder sb = new StringBuilder(); for (String key : ret.keySet()) { sb.append(key).append("=").append(params.get(key)); sb.append("&"); } return StringUtils.chomp(sb.toString(), "&") + secretKey; } }
String SIGN_MD5_TEST_KEY = new PropertiesUtil().getProperties("/config.properties", "sign.test"); public static String SIGN_MD5_ONLINE_KEY = new PropertiesUtil().getProperties("/config.properties", "sign.online");
sign.test=********** sign.online=*************************