当前位置: 首页 > news >正文

顶级ppt欣赏seo关键词快速获得排名

顶级ppt欣赏,seo关键词快速获得排名,企业网站怎么做外链,网络运营专员上篇介绍了多种加解密的使用java加密使用 本篇主要介绍在gateway网关中使用对参数解密和返回数据进行加密的操作 原理 下面使用的是AES加密 SHA1withRSA加签 1-用户使用拿到的AES秘钥和RSA私钥。对数据进行加密和加签 2-进行验签和时间的检验 3-将解密的数据返回到具体的调用…

上篇介绍了多种加解密的使用java加密使用
本篇主要介绍在gateway网关中使用对参数解密和返回数据进行加密的操作

原理

下面使用的是AES加密 SHA1withRSA加签

1-用户使用拿到的AES秘钥和RSA私钥。对数据进行加密和加签
2-进行验签和时间的检验
3-将解密的数据返回到具体的调用方(通过特定的filter具体业务方是无感知加解密的)
4-将业务方数据加密返回给调用方

参数校验

@Slf4j
@Order(Ordered.HIGHEST_PRECEDENCE + 10)
@Component
public class SignatureValidationGatewayFilterFactory extends AbstractGatewayFilterFactory {private final EtrGatewayProperties etrGatewayProperties;@Autowiredpublic SignatureValidationGatewayFilterFactory(EtrGatewayProperties etrGatewayProperties) {this.etrGatewayProperties = etrGatewayProperties;}@Overridepublic GatewayFilter apply(Object config) {return (exchange, chain) -> {if (HttpMethod.GET.matches(exchange.getRequest().getMethodValue())|| HttpMethod.POST.matches(exchange.getRequest().getMethodValue())) {ModifyRequestBodyGatewayFilterFactory.Config modifyRequestConfig = new ModifyRequestBodyGatewayFilterFactory.Config().setContentType(ContentType.APPLICATION_JSON.getMimeType()).setRewriteFunction(String.class, String.class, (exchange1, originalRequestBody) -> {try {JSONObject jsonObject = JSONUtil.parseObj(originalRequestBody);String appId = jsonObject.getStr(SignatureConstants.SIGN_APPID);String sign = jsonObject.getStr(SignatureConstants.SIGN_KEY);String signType = jsonObject.getStr(SignatureConstants.SIGN_TYPE);String timeStamp = jsonObject.getStr(SignatureConstants.SIGN_TIME_STAMP);EtrGatewayProperties.SinatureConfig first = etrGatewayProperties.getSignatures().stream().filter(appConfig -> appConfig.getAppId().equalsIgnoreCase(appId)).findFirst().orElse(null);if (Objects.isNull(first)) {log.error("appId:{}不合法", appId);return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}if (StrUtil.isBlank(sign) || StrUtil.isBlank(signType) || !StrUtil.isNumeric(timeStamp)) {log.error("参数不合法:sign:{},signType:{},timestamp:{}", sign, signType, timeStamp);return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}// 验证时间戳if (!validateTimestamp(timeStamp, first)) {log.warn("Invalid timestamp for appId: {}", appId);return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}// 验证签名if (!validateSignature(jsonObject, appId, signType, sign, first)) {log.warn("Signature verification failed for appId: {}", appId);return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}String dataStr = decryptData(jsonObject.getStr(SignatureConstants.SIGN_DATA), first.getAesKey());if (StringUtils.isBlank(dataStr)) {return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}exchange1.getRequest().mutate().header(SignatureConstants.SIGN_APPID, appId);return Mono.just(dataStr);} catch (Exception e) {return Mono.error(e);}});return new ModifyRequestBodyGatewayFilterFactory().apply(modifyRequestConfig).filter(exchange, chain).onErrorResume(e -> handleFilterError(exchange, e));}return chain.filter(exchange);};}private boolean validateTimestamp(String timeStamp, EtrGatewayProperties.SinatureConfig appConfig) {Integer timestampExpire = Optional.ofNullable(appConfig.getTimeStampExpire()).orElse(300);DateTime time = DateUtil.parse(timeStamp, DateUtil.newSimpleFormat("yyyyMMddHHmmss"));long between = DateUtil.between(time, new Date(), DateUnit.SECOND);return Math.abs(between) <= timestampExpire;}private boolean validateSignature(JSONObject jsonObject, String appId, String signType, String sign, EtrGatewayProperties.SinatureConfig appConfig) {String publicKey = appConfig.getPublicKey();SignStrategy signStrategy = new DefaultSignStrategy();try {return signStrategy.verifyPost(jsonObject.getStr(SignatureConstants.SIGN_DATA), publicKey,CipherType.valueOf(signType.toUpperCase()), sign);} catch (Exception e) {log.error("Signature verification failed for appId: {}", appId, e);return false;}}private String decryptData(String data, String aesKey) {AES aes = SecureUtil.aes(aesKey.getBytes());return aes.decryptStr(data);}private Mono<Void> handleFilterError(ServerWebExchange exchange, Throwable e) {if (e instanceof BizException) {log.error("Filter error: {}", e.getMessage());return signatureError(exchange);}return Mono.error(e);}private Mono<Void> signatureError(ServerWebExchange exchange) {log.warn("Signature error: {}", exchange.getRequest().getURI().getPath());ApiResult<Object> result = ApiResult.fail(GatewayErrorCodeEnum.SIGNATURE_ERROR);ServerHttpResponse response = exchange.getResponse();response.setStatusCode(HttpStatus.UNAUTHORIZED);response.getHeaders().setContentType(MediaType.APPLICATION_JSON);DataBuffer buffer = response.bufferFactory().wrap(JSONUtil.toJsonStr(result).getBytes());return response.writeWith(Mono.just(buffer)).then(Mono.defer(response::setComplete));}
}

返回参数加密

@Order(Ordered.HIGHEST_PRECEDENCE + 20)
@Component
public class SignatureResGatewayFilterFactory extends ModifyResponseBodyGatewayFilterFactory {private final EtrGatewayProperties etrGatewayProperties;public SignatureResGatewayFilterFactory(ServerCodecConfigurer codecConfigurer, Set<MessageBodyDecoder> bodyDecoders,Set<MessageBodyEncoder> bodyEncoders, EtrGatewayProperties etrGatewayProperties) {super(codecConfigurer.getReaders(), bodyDecoders, bodyEncoders);this.etrGatewayProperties = etrGatewayProperties;}@Overridepublic GatewayFilter apply(Config config) {config.setRewriteFunction(String.class, String.class, (serverWebExchange, s) -> {JSONObject resJson = JSONUtil.parseObj(s);Integer code = resJson.getInt("code");if (200 == code) {String dataStr = resJson.getStr("data");if (StrUtil.isNotBlank(dataStr)) {String appId = serverWebExchange.getRequest().getHeaders().getFirst(SignatureConstants.SIGN_APPID);if (StrUtil.isBlank(appId)) {return Mono.error(BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR));}AES aes = SecureUtil.aes(getAesKey(appId).getBytes());resJson.set("data", aes.encryptBase64(dataStr));return Mono.just(resJson.toString());}}return Mono.just(s);});ModifyResponseGatewayFilter gatewayFilter = new ModifyResponseGatewayFilter(config);gatewayFilter.setFactory(this);return gatewayFilter;}private String getAesKey(String appId) {EtrGatewayProperties.SinatureConfig first = etrGatewayProperties.getSignatures().stream().filter(appConfig -> appConfig.getAppId().equalsIgnoreCase(appId)).findFirst().orElse(null);if (Objects.isNull(first)) {throw BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR);}String aesKey = first.getAesKey();if (StrUtil.isBlank(aesKey)) {throw BizException.of(GatewayErrorCodeEnum.SIGNATURE_ERROR);}return aesKey;}
}
http://www.rdtb.cn/news/1336.html

相关文章:

  • 河北农业网站建设公司人力资源管理师
  • 网站怎样设计网页百度广告运营
  • 衢州做网站站长推广工具
  • 网站建设基本知识外贸营销网站
  • 网站建设欣赏推广运营是做什么的
  • 有哪些建设网站公司吗sem推广是什么意思呢
  • 中国人民建设人行网站首页提高工作效率整改措施
  • 建立个人网站的目的百度app广告
  • 企业网站 价格0元免费做代理
  • 广州商城型网站360推广联盟
  • 东莞网络推广运营团队百度seo关键词优化排行
  • 一个人做公司管理网站网络营销推广价格
  • 怎么装wordpress优化网站搜索排名
  • 网站开发和c语言网站推广排名服务
  • 网店推广有哪些方法百度推广优化排名怎么收费
  • 鹤壁做网站推广企业网站推广策划
  • 做评测系统网站首先要干嘛seo文章是什么
  • 网站空间哪里的好搜索引擎优化的目的是
  • 27寸显示器网站建设微信公众号软文怎么写
  • 自己做网站视频教程黑帽seo是什么意思
  • 网站制作在哪里找网络营销方案策划案例
  • 做二手货车网站关键词优化怎么弄
  • 深圳罗湖网站制作公司最新营销模式
  • 商丘做网站哪家好公司网站如何seo
  • 做羞羞的事情的网站苏州网站制作
  • 纯div css网站哪些广告平台留号码
  • 做网站用什么格式的图片建网站怎么建
  • 设计本官方网站电脑版重庆森林经典台词梁朝伟
  • 大淘客官网做的网站打不开如何网络营销
  • 做伤残鉴约号网站投放广告的网站