展开全部
/**
* 对Controller进行安全和身份校验
*/
@Around("within(@org.springframework.stereotype.Controller *) && @annotation(is)")
public Object validIdentityAndSecure(ProceedingJoinPoint pjp, SecureValid is)
throws Exception {
Object[] args = pjp.getArgs();
//Controller中所有方法的参数,前两个分别为:Request,Response
HttpServletRequest request = (HttpServletRequest) args[0];
// HttpServletResponse response = (HttpServletResponse)args[1];
String appid = request.getParameter("appid");
int app_id = Integer.valueOf(appid);
String signature = request.getParameter("signature");
String clientSignature = request.getParameter("client_signature");
String uri = request.getRequestURI();
String provider = request.getParameter("provider");
if (StringUtils.isEmpty(provider)) {
provider = "passport";
}
// 对appid和signature进行校验
try {
appService.validateAppid(app_id);
boolean isValid = accountService.validSignature(app_id, signature, clientSignature);
if (!isValid) throw new ProblemException(ErrorUtil.ERR_CODE_COM_SING);
} catch (Exception e) {
return handleException(e, provider, uri);
}
// 继续执行接下来的62616964757a686964616fe78988e69d8331333361313266代码
Object retVal = null;
try {
retVal = pjp.proceed();
} catch (Throwable e) {
if (e instanceof Exception) { return handleException((Exception) e, provider, uri); }
}
// 目前的接口走不到这里
return retVal;
}
请采纳!