You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 lines
3.1 KiB
Java
89 lines
3.1 KiB
Java
package com.ipsos.auth.handler;
|
|
|
|
import com.ipsos.auth.entity.ASKToken;
|
|
import com.ipsos.commons.utils.CodingUtil;
|
|
import com.ipsos.plugins.config.SpringContextUtil;
|
|
import com.ipsos.plugins.xpack.ukey.dto.request.XpackUkeyDto;
|
|
import com.ipsos.plugins.xpack.ukey.service.UkeyXpackService;
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import java.util.UUID;
|
|
|
|
public class ApiKeyHandler {
|
|
|
|
public static final String API_ACCESS_KEY = "accessKey";
|
|
|
|
public static final String API_SIGNATURE = "signature";
|
|
|
|
|
|
public static String random = UUID.randomUUID().toString() + UUID.randomUUID().toString();
|
|
|
|
public static Long getUser(HttpServletRequest request) {
|
|
if (request == null) {
|
|
return null;
|
|
}
|
|
return getUser(request.getHeader(API_ACCESS_KEY), request.getHeader(API_SIGNATURE));
|
|
}
|
|
|
|
public static ASKToken buildToken(HttpServletRequest request) {
|
|
if (request == null) {
|
|
return null;
|
|
}
|
|
String accessKey = request.getHeader(API_ACCESS_KEY);
|
|
String signature = request.getHeader(API_SIGNATURE);
|
|
ASKToken askToken = new ASKToken(accessKey, signature);
|
|
return askToken;
|
|
}
|
|
|
|
public static Boolean isApiKeyCall(HttpServletRequest request) {
|
|
if (request == null) {
|
|
return false;
|
|
}
|
|
if (StringUtils.isBlank(request.getHeader(API_ACCESS_KEY)) || StringUtils.isBlank(request.getHeader(API_SIGNATURE))) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public static XpackUkeyDto ukey(String accessKey) {
|
|
UkeyXpackService ukeyXpackService = SpringContextUtil.getBean(UkeyXpackService.class);
|
|
XpackUkeyDto userKey = ukeyXpackService.getUserKey(accessKey);
|
|
return userKey;
|
|
}
|
|
|
|
public static Long getUser(String accessKey, String signature) {
|
|
if (StringUtils.isBlank(accessKey) || StringUtils.isBlank(signature)) {
|
|
return null;
|
|
}
|
|
XpackUkeyDto userKey = ukey(accessKey);
|
|
if (userKey == null) {
|
|
throw new RuntimeException("invalid accessKey");
|
|
}
|
|
String signatureDecrypt;
|
|
try {
|
|
signatureDecrypt = CodingUtil.aesDecrypt(signature, userKey.getSecretKey(), accessKey);
|
|
} catch (Throwable t) {
|
|
throw new RuntimeException("invalid signature");
|
|
}
|
|
String[] signatureArray = StringUtils.split(StringUtils.trimToNull(signatureDecrypt), "|");
|
|
if (signatureArray.length < 2) {
|
|
throw new RuntimeException("invalid signature");
|
|
}
|
|
if (!StringUtils.equals(accessKey, signatureArray[0])) {
|
|
throw new RuntimeException("invalid signature");
|
|
}
|
|
long signatureTime = 0l;
|
|
try {
|
|
signatureTime = Long.valueOf(signatureArray[signatureArray.length - 1]).longValue();
|
|
} catch (Exception e) {
|
|
throw new RuntimeException(e);
|
|
}
|
|
if (Math.abs(System.currentTimeMillis() - signatureTime) > 1800000) {
|
|
//签名30分钟超时
|
|
throw new RuntimeException("expired signature");
|
|
}
|
|
return userKey.getUserId();
|
|
}
|
|
}
|