第一步:
首先是定义明文(key)和密钥(secret)
现在是保存在配置文件中,如util.properties
secret是由MD5(key+6位随机数)生成
- key=autoapp
- secret=0000c034de3026ca9b49c5f7652899b1
第二步:
签名工具(SignUtil)
- package com.appbox.util.business;
- import java.util.Map;
- import java.util.TreeMap;
- import java.util.Map.Entry;
- import com.appbox.util.encryption.MD5;
- public class SignUtil {
- //返回生成的签名,获得http请求的parameters的key+value组成
- public static String generatSign(Map<String, Object> parameters, String secret){
- Map<String, Object> sortedmap = getSortedData(parameters);
- StringBuffer bs = new StringBuffer();
- for(Entry<String, Object> o : sortedmap.entrySet()){
- if(!"sign".equals(o.getKey())){
- bs.append(o.getKey() + "=" + ((String[]) o.getValue())[0] + "&");
- }
- }
- String result = bs.deleteCharAt(bs.length() - 1).toString();
- System.out.println(result);
- return MD5.Md5(secret + result);
- }
- public static Map<String, Object> getSortedData(Map<String, Object> map){
- if(map == null){
- return null;
- }
- Map<String, Object> m = new TreeMap<String, Object>();
- for(Entry<String, Object>o : map.entrySet()){
- m.put(o.getKey(), o.getValue());
- }
- return m;
- }
- }
第三步:创建拦截器
- package com.appbox.util.interceptor;
- import java.io.UnsupportedEncodingException;
- import java.util.Map;
- import javax.servlet.http.HttpServletRequest;
- import org.apache.struts2.ServletActionContext;
- import com.alibaba.fastjson.JSONObject;
- import com.appbox.base.baseaction.BaseAction;
- import com.appbox.base.vo.HttpRequest;
- import com.appbox.util.business.SignUtil;
- import com.appbox.util.property.PropertiesUtil;
- import com.opensymphony.xwork2.ActionContext;
- import com.opensymphony.xwork2.ActionInvocation;
- import com.opensymphony.xwork2.interceptor.Interceptor;
- /**
- * 请求参数拦截器 用于包装和校验定制平台请求参数
- */
- @SuppressWarnings("serial")
- public class ParamsInterceptor extends BaseAction implements Interceptor {
- private static String msg;
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
- }
- public void init() {
- // TODO Auto-generated method stub
- }
- @Override
- public String intercept(ActionInvocation invocation) throws Exception {
- // TODO Auto-generated method stub
- ActionContext context = invocation.getInvocationContext();
- HttpServletRequest request = ServletActionContext.getRequest();
- request.setCharacterEncoding("UTF-8");
- System.out.println("request"+request);
- HttpRequest req = createHttpRequest(request);
- JSONObject json = new JSONObject();
- if(!checkProperties(req)){
- json.put("msg", msg);
- json.put("state", false);
- return ajaxJson(json.toJSONString());
- }
- if(!checksign(request,req )){
- json.put("msg", msg);
- json.put("state", false);
- return ajaxJson(json.toJSONString());
- }
- return invocation.invoke();
- }
- /**
- * 验证key/sign/secret
- * @param request
- * @param req
- * @return
- */
- private boolean checksign(HttpServletRequest request, HttpRequest req) {
- String key = request.getParameter("key");
- String key_ad = PropertiesUtil.getPropertyValue("key");
- if (key == null || !key_ad.equals(key)) {
- msg = "key不正确";
- return false;
- }
- //密钥是MD5(key+随机6位数)
- String secret = PropertiesUtil.getPropertyValue("secret");
- try {
- request.setCharacterEncoding("utf-8");
- } catch (UnsupportedEncodingException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- Map map = request.getParameterMap();
- System.out.println("提交的签名值:" + req.getSign());
- String sign = SignUtil.generatSign(map, secret);
- System.out.println("系统生成的签名值:" + sign);
- if (!sign.equalsIgnoreCase(req.getSign())) {
- msg = "签名不正确";
- return false;
- }
- return true;
- }
- /**
- * 验证请求参数非空
- * @param req
- * @return
- */
- private boolean checkProperties(HttpRequest req) {
- if (req.getKey() == null || req.getKey().isEmpty()) {
- msg = "key不为空";
- return false;
- }
- // if (req.getSign() == null || req.getSign().isEmpty()) {
- // msg = "签名不为空";
- // return false;
- // }
- if (req.getIconpath() == null || req.getIconpath().isEmpty()) {
- msg = "软件图标不为空";
- return false;
- }
- if (req.getApppath() == null || req.getApppath().isEmpty()){
- msg = "平台上已上传媒体路径不为空";
- return false;
- }
- if (req.getType() == null || req.getType().isEmpty()){
- msg = "媒体类型不为空";
- return false;
- }
- if (req.getCustomername() == null || req.getCustomername().isEmpty()){
- msg = "媒体主名称不为空";
- return false;
- }
- if (req.getMedianame() == null || req.getMedianame().isEmpty()){
- msg = "媒体名称不为空";
- return false;
- }
- if (req.getDesc() == null || req.getDesc().isEmpty()){
- msg = "媒体简介不为空";
- return false;
- }
- if (req.getIdcode() == null || req.getIdcode().isEmpty()){
- msg = "软件标识码不为空";
- return false;
- }
- return true;
- }
- /**
- * 获得请求
- * @param request
- * @return
- */
- private HttpRequest createHttpRequest(HttpServletRequest request) {
- HttpRequest req = new HttpRequest();
- req.setKey(request.getParameter("key"));
- req.setApppath(request.getParameter("apppath"));
- req.setDesc(request.getParameter("desc"));
- req.setEmail(request.getParameter("email"));
- req.setIconpath(request.getParameter("iconpath"));
- req.setIdcode(request.getParameter("idcode"));
- // req.setIpaddr(); //ip地址
- req.setCustomername(request.getParameter("customername"));
- req.setMedianame(request.getParameter("medianame"));
- req.setSign(request.getParameter("sign"));
- req.setType(request.getParameter("type"));
- return req;
- }
- }
第四步:配置总项目src下的struts.xml配置文件
- <!-- 平台对接 -->
- <package name="struts-paramsinterceptor" extends="json-default">
- <interceptors>
- <interceptor name="paramsInterceptor" class="com.appbox.util.interceptor.ParamsInterceptor"></interceptor>
- <interceptor-stack name="paramsStack">
- <interceptor-ref name="defaultStack" />
- <interceptor-ref name="paramsInterceptor" />
- </interceptor-stack>
- </interceptors>
- <default-interceptor-ref name="paramsStack"></default-interceptor-ref>
- </package>