import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference;
import com.paic.vass.common.newentity.Invoice;
import com.paic.vass.common.newentity.PayOrderSp;
import com.paic.vass.mixedPayment.dto.newdto.InvoiceDTO;
import com.paic.vass.mixedPayment.utils.AESUtils;
import lombok.extern.slf4j.Slf4j;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.TreeMap;
@Slf4j
public class DecodeContentHttpServletRequestWrapper extends HttpServletRequestWrapper {
private static final String CHARSET_UTF8 = "UTF-8";
private byte[] body;
public DecodeContentHttpServletRequestWrapper(HttpServletRequest request, String reqAesData, PayOrderSp spInfo) throws IOException {
super(request);
String reqData = null;
if("AES128".equals(spInfo.getEncryptType())) {
reqData = AESUtils.dncode(spInfo.getPublicKey(), reqAesData);
}
TreeMap
new TypeReference
});
//String temp =AESUtils.encode(spInfo.getPublicKey(),"{\"currency_infos\":[{\"currency_count\":8,\"currency_no\":\"CNY\",\"currency_code\":\"KJHSIFUHEKJFH\",\"currency_unit\":\"元\"}],\"goods_infos\":[{\"product_code\":\"SDFSF\",\"child_trade_no\":\"Z19010210092383\",\"goods_type\":\"any\",\"number_type\":\"any\",\"depertment_code\":\"234234\",\"product_type\":\"any\",\"good_name\":\"现金_座椅清洁_积分6元_现金10\",\"good_no\":\"Z19010210092383\",\"product_big_type\":\"any\",\"price\":8,\"subsys_source\":\"PS19011\"}],\"merchant_id\":\"900000112139\",\"trade_no\":\"D19010210089270\",\"sp_uid\":\"123123123\",\"order_amount\":300,\"pay_type\":\"01\",\"front_url\":\"http://icore-vass-client-stg1.pingan.com/router/orderDetail/#id#D19010210089269\",\"cancel_url\":\"http://icore-vass-client-stg1.pingan.com/router/orderDetail?id=D19010210089269\",\"sp_notify_url\":\"http://icore-vass-client-stg1.pingan.com/router/orderDetail?id=D19010210089269\",\"extend_one\":\"wefsadfe\",\"extend_sec\":\"asdfasdf\",\"sp_ospf\":\"45345345\",\"version_no\":\"1.0\",\"order_desc\":\"实物/服务\",\"tellphone\":\"13122091760\"}");
// log.info("test aes str:={}",temp);
//String temp1 =AESUtils.encode(spInfo.getPublicKey(),"{\"merchant_id\": \"900000112139\",\"trade_no\": \"D19010210089269\"}");
//log.info("test1 aes str:={}",temp1);
// String invo = JSON.toJSONString(new InvoiceDTO().couBean());
String invo = "{\"type\":\"01\",\"commodity_merger_code\": \"923847234988\",\"ext1\": \"ext1\",\"ext2\": \"ext2\",\"free_shipping\": \"Y\",\"invoice_biz_type\": \"01\",\"invo_content\": \"测试发票内容\",\"invo_memo\": \"测试发票备注\",\"invo_type\": \"D\",\"mer_resrved\": \"\",\"opposite_addr\": \"测试\",\"opposite_acct\": \"ceshi\",\"opposite_bank_name\": \"china bank\",\"opposite_email\": \"[email protected]\",\"opposite_name\": \"ceshi\",\"opposite_code\": \"234234234234\",\"opposite_tel\": \"13122091760\",\"product_name\": \"ceshio\",\"invo_ppf\": \"P\",\"quantity\": \"12\",\"receive_addr\": \"china shanghai\",\"receive_name\": \"ceshi1\",\"receive_tel\": \"18670475003\",\"sp_id\": \"100001\",\"speci_model\": \"123\",\"taxation_mode\": \"01\",\"taxpayer_id\": \"234234\",\"trade_no\": \"D19030510210296\",\"unit\": \"千克\",\"unit_price\": 100,\"merchant_id\":\"900000112139\"}";
log.info("InvoiceDTO:={}",AESUtils.encode(spInfo.getPublicKey(),invo));
reqDataTreeMap.put("sp_id", spInfo.getSpId());
body = JSON.toJSONString(reqDataTreeMap).getBytes(CHARSET_UTF8);
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return bais.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
public void setRequestBody(String requestBody) throws Exception {
this.body = requestBody.getBytes(CHARSET_UTF8);
}
}
package com.paic.vass.mixedPayment.filter;
import com.paic.vass.mixedPayment.common.consts.ResultCode;
import com.paic.vass.mixedPayment.config.Authentication;
import com.paic.vass.mixedPayment.exception.LogicException;
import net.sf.json.JSONObject;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
/**
* 接口权限校验过滤器
* @author EX-LIUQING006
*
*/
public class AuthenticationInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
// 如果不是映射到方法直接通过
if (!(handler instanceof HandlerMethod)) {
return true;
}
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
// 判断接口是否有访问权限
/* Authentication methodAnnotation = method.getAnnotation(Authentication.class);
// 有 @Authentication 注解,需要认证 拦截器暂无业务处理,注释
if (methodAnnotation != null) {
String[] values = methodAnnotation.value();
String bodyStr = this.getBodyString(request);
JSONObject bodyObj = JSONObject.fromObject(bodyStr);
if(!bodyObj.containsKey("sourceCode") || !bodyObj.containsKey("sp_id")){
throw new LogicException(ResultCode.PERMISSION_DENIED);
}
//不能用PAP1990来验证了。支付来源码不固定,根据商家配置
*//*String sourceCode = bodyObj.getString("sourceCode");
for(String value:values){
if(StringUtils.equals(sourceCode, value)){
return true;
}
}
throw new LogicException(ResultCode.PERMISSION_DENIED);*//*
}*/
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
// TODO Auto-generated method stub
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
// TODO Auto-generated method stub
}
/**
* 获取请求Body
*
* @param request
* @return
*/
public String getBodyString(ServletRequest request) {
String bodyStr = "";
try {
byte[] bodyByties = IOUtils.toByteArray(request.getInputStream());
bodyStr = new String(bodyByties, "UTF-8");
} catch (Exception e) {
e.printStackTrace();
}
return bodyStr;
}
}
/**
*
*/
package com.paic.vass.mixedPayment.filter;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference;
import com.paic.vass.common.newentity.PayOrderSp;
import com.paic.vass.mixedPayment.common.consts.CheckSignResultCode;
import com.paic.vass.mixedPayment.common.consts.GatewayConstants;
import com.paic.vass.mixedPayment.common.consts.ResultCode;
import com.paic.vass.mixedPayment.exception.LogicException;
import com.paic.vass.mixedPayment.service.CheckSignService;
import com.paic.vass.mixedPayment.utils.KeyUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
/**
* 支付过滤器
* @author WEIFEI948
*
*/
@Component("payGatewayAuthFilter")
@Slf4j
public class PayGatewayAuthFilter implements Filter, InitializingBean {
private List
private List
private Map
private Map
@Autowired
private CheckSignService checkSignService;
@Value(value = "${pay.auth.do}")
private boolean doAuth;
//增值的
@Value(value = "${pay.secretKey.icoreVass}")
private String secretKeyIcoreVass;
@Value(value = "${pay.secretKey.icorePapProfit}")
private String secretKeyIcorePapProfit;
//权益的
@Value(value = "${pay.aesSecretKey.icoreVass}")
private String aesSecretKeyIcoreVass;
@Value(value = "${pay.aesSecretKey.icorePapProfit}")
private String aesSecretKeyIcorePapProfit;
/*
* (non-Javadoc)
*
* @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
*/
@Override
public void afterPropertiesSet() throws Exception {
appKeyList.add(GatewayConstants.APP_KEY_ICORE_VASS);
appKeyList.add(GatewayConstants.APP_KEY_ICORE_PAP_PROFIT);
for(String appKey:appKeyList){
if(StringUtils.equals(GatewayConstants.APP_KEY_ICORE_VASS, appKey)){
secretKeyMap.put(appKey, secretKeyIcoreVass);
aesSecretKeyMap.put(appKey, aesSecretKeyIcoreVass);
}
if(StringUtils.equals(GatewayConstants.APP_KEY_ICORE_PAP_PROFIT, appKey)){
secretKeyMap.put(appKey, secretKeyIcorePapProfit);
aesSecretKeyMap.put(appKey, aesSecretKeyIcorePapProfit);
}
}
KeyUtils.getInstance().put("secretKeyIcoreVass", secretKeyIcoreVass);
KeyUtils.getInstance().put("secretKeyIcorePapProfit", secretKeyIcorePapProfit);
KeyUtils.getInstance().put("aesSecretKeyIcoreVass", aesSecretKeyIcoreVass);
KeyUtils.getInstance().put("aesSecretKeyIcorePapProfit", aesSecretKeyIcorePapProfit);
ignoreParamNames.add("sign");
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
ignoreParamNames.add("sign");
//回调相关接口不用经过过滤器
String uri = request.getRequestURI();
log.info("payGatewayAuthFilter 访问 uri = {}", uri);
response.setContentType("application/json;charset=utf-8");
ServletRequest bodyRequest =
new BodyReaderHttpServletRequestWrapper((HttpServletRequest) req);
//doAuth = false 则直接跳过拦截器,不用做验签和解密
if (!doAuth) {
chain.doFilter(bodyRequest, res);
return;
}
String reqStr = this.getBodyString(bodyRequest);
TreeMap
new TypeReference
});
String spId = paramTreeMap.get("sp_id");
if(StringUtils.isBlank(spId)){
spId = paramTreeMap.get("app_key");
}
if(StringUtils.isBlank(spId)){
log.info("payGatewayAuthFilter lost must param");
checkSignService.tellCheckFail(request, response, CheckSignResultCode.CODE_PARAMS_ERROR);
return;
}
String reqAesData = paramTreeMap.get("data");
ServletRequest decodeContentRequest =null;
if(StringUtils.isNotBlank(paramTreeMap.get("sp_id"))) {
PayOrderSp spInfo = KeyUtils.spInfoMap.get(spId);
if(spInfo ==null || StringUtils.isBlank(spInfo.getSpId())){
log.info("payGatewayAuthFilter sp_id is validate fail:={}",spId);
checkSignService.tellCheckFail(request, response, CheckSignResultCode.CODE_PARAMS_SPID_ERROR);
return;
}
int checkRlt = checkSignService.checkSign(paramTreeMap, ignoreParamNames, spInfo);
if (CheckSignResultCode.CODE_SUCCESS != checkRlt) {
log.info("payGatewayAuthFilter checkSign not passed");
checkSignService.tellCheckFail(request, response, checkRlt);
return;
}
decodeContentRequest = new DecodeContentHttpServletRequestWrapper(
(HttpServletRequest) bodyRequest, reqAesData, spInfo);
}else{
String appKey = paramTreeMap.get("app_key");
reqAesData = paramTreeMap.get("data");
String secretKey = secretKeyMap.get(appKey);
String aesSecretKey = aesSecretKeyMap.get(appKey);
int checkRlt = checkSignService.checkSign(paramTreeMap, ignoreParamNames, secretKey,
aesSecretKey,appKey);
if (CheckSignResultCode.CODE_SUCCESS != checkRlt) {
log.info("payGatewayAuthFilter checkSign not passed");
checkSignService.tellCheckFail(request, response, checkRlt);
return;
}
log.info("payGatewayAuthFilter checkSign passed");
decodeContentRequest = new OldDecodeContentHttpServletRequestWrapper(
(HttpServletRequest) bodyRequest, reqAesData, aesSecretKey, appKey);
}
chain.doFilter(decodeContentRequest, response);
//log.info("过滤器执行结束");
}
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#destroy()
*/
@Override
public void destroy() {
}
/**
* 获取请求Body
*
* @param request
* @return
*/
private String getBodyString(ServletRequest request) {
String bodyStr = "";
try {
byte[] bodyByties = IOUtils.toByteArray(request.getInputStream());
bodyStr = new String(bodyByties, GatewayConstants.CHARSET);
} catch (Exception e) {
e.printStackTrace();
}
return bodyStr;
}
}
package com.paic.vass.mixedPayment.filter;
import org.apache.commons.io.IOUtils;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
/**
* @author
*/
public class BodyReaderHttpServletRequestWrapper extends HttpServletRequestWrapper {
private static final String CHARSET_UTF8 = "UTF-8";
private byte[] body;
public BodyReaderHttpServletRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
body = IOUtils.toByteArray(request.getInputStream());
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return bais.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
public void setRequestBody(String requestBody) throws Exception {
this.body = requestBody.getBytes(CHARSET_UTF8);
}
}