sign 拦截
<beans profile="product,test_sce,test,local"> <context:component-scan base-package="cn.focus.dc.jiajing.interceptors"> <context:include-filter type="regex" expression=".*Interceptor" /> </context:component-scan> </beans>
package cn.focus.dc.jiajing.interceptors;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import cn.focus.dc.commons.controllers.CommonsController;
import cn.focus.dc.config.MsgConstant;
import net.paoding.rose.web.ControllerInterceptorAdapter;
import net.paoding.rose.web.Invocation;
/**
* 拦截所有controller方法,对于sign不匹配的连接均拦截
*/
public class SignInterceptor extends ControllerInterceptorAdapter {
private static Logger logger = Logger.getLogger(SignInterceptor.class);
public SignInterceptor(){
this.setPriority(200);
}
@Override
protected boolean isForAction(Method actionMethod, Class<?> controllerClazz) {
if (controllerClazz.equals(CommonsController.class)) {
return Boolean.FALSE;
}
return super.isForAction(actionMethod, controllerClazz);
}
@Override
public Object before(Invocation inv) throws Exception {
String sign = inv.getRequest().getParameter("sign");
Map<String, String[]> params = inv.getRequest().getParameterMap();
String result = DigestUtils.md5Hex(getSignedParams(convertMap(params), MsgConstant.SIGN_MD5_KEY));
logger.info("result===" + result + "\n\t\tsign===" + sign);
if (result.equals(sign)) {
String accessToken = inv.getRequest().getParameter("access_token");
logger.debug("uri===" + result + "\n\t\taccess_token===" + accessToken);
return Boolean.TRUE;
}
logger.info("result===:" + result + "\t\ttime:" + System.nanoTime());
return "@sign error!";
}
private Map<String, String> convertMap(Map<String, String[]> params) {
Map<String, String> map = new HashMap<String, String>();
if (params == null || params.size() == 0) {
return map;
}
for (Map.Entry<String, String[]> entry : params.entrySet()) {
if (entry.getValue() != null && entry.getValue().length > 0) {
map.put(entry.getKey(), entry.getValue()[0]);
}
}
return map;
}
private String getSignedParams(Map<String, String> params, String secretKey) {
Map<String, String> ret = new TreeMap<String, String>(params);
StringBuilder sb = new StringBuilder();
for (String key : ret.keySet()) {
sb.append(key).append("=").append(params.get(key));
sb.append("&");
}
return StringUtils.chomp(sb.toString(), "&") + secretKey;
}
}
String SIGN_MD5_TEST_KEY = new PropertiesUtil().getProperties("/config.properties", "sign.test");
public static String SIGN_MD5_ONLINE_KEY = new PropertiesUtil().getProperties("/config.properties", "sign.online");
sign.test=********** sign.online=*************************
获取post相关参数
private String getPostData(Map<String, String[]> params) {
Map<String, String> map = convertMap(params);
Map<String, String> ret = new TreeMap<String, String>(map);
StringBuilder sb = new StringBuilder();
for (String key : ret.keySet()) {
sb.append(key).append("=").append(params.get(key));
sb.append("&");
}
return StringUtils.chomp(sb.toString(), "&");
}
private Map<String, String> convertMap(Map<String, String[]> params) {
Map<String, String> map = new HashMap<String, String>();
if (params == null || params.size() == 0) {
return map;
}
for (Map.Entry<String, String[]> entry : params.entrySet()) {
if (entry.getValue() != null && entry.getValue().length > 0) {
map.put(entry.getKey(), entry.getValue()[0]);
}
}
return map;
}