接口加密

src/main/java/com/izouma/nineth/service/CollectionService.java

@@ -23,6 +23,7 @@ import org.apache.commons.lang3.Range;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.rocketmq.spring.core.RocketMQTemplate;
 import org.springframework.beans.BeanUtils;
+import org.springframework.core.env.Environment;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageImpl;
 import org.springframework.data.domain.PageRequest;
@@ -57,6 +58,7 @@ public class CollectionService {
     private RedisTemplate<String, Object> redisTemplate;
     private RocketMQTemplate              rocketMQTemplate;
     private GeneralProperties             generalProperties;
+    private Environment                   env;
 
     private final Map<Long, ScheduledFuture<?>> tasks = new HashMap<>();
 
@@ -66,6 +68,9 @@ public class CollectionService {
         for (Collection collection : collections) {
             onShelfTask(collection);
         }
+        if (Arrays.asList(env.getActiveProfiles()).contains("dev")) {
+            return;
+        }
         for (CollectionStockAndSale collection : collectionRepo.getStockAndSale()) {
             if (redisTemplate.opsForValue().get("collectionStock::" + collection.getId()) == null) {
                 redisTemplate.opsForValue().set("collectionStock::" + collection.getId(), collection.getStock());

src/main/java/com/izouma/nineth/service/OrderService.java

@@ -12,6 +12,7 @@ import com.github.binarywang.wxpay.bean.request.WxPayUnifiedOrderRequest;
 import com.github.binarywang.wxpay.constant.WxPayConstants;
 import com.github.binarywang.wxpay.exception.WxPayException;
 import com.github.binarywang.wxpay.service.WxPayService;
+import com.google.common.base.Splitter;
 import com.huifu.adapay.core.exception.BaseAdaPayException;
 import com.huifu.adapay.model.AdapayCommon;
 import com.huifu.adapay.model.Payment;
@@ -31,6 +32,7 @@ import com.izouma.nineth.exception.BusinessException;
 import com.izouma.nineth.repo.*;
 import com.izouma.nineth.security.Authority;
 import com.izouma.nineth.service.sms.SmsService;
+import com.izouma.nineth.utils.AESEncryptUtil;
 import com.izouma.nineth.utils.JpaUtils;
 import com.izouma.nineth.utils.SnowflakeIdWorker;
 import lombok.AllArgsConstructor;
@@ -88,7 +90,18 @@ public class OrderService {
         return orderRepo.findAll(JpaUtils.toSpecification(pageQuery, Order.class), JpaUtils.toPageRequest(pageQuery));
     }
 
-    public String mqCreate(Long userId, Long collectionId, int qty, Long addressId, Long userCouponId, Long invitor) {
+    public String mqCreate(Long userId, Long collectionId, int qty, Long addressId, Long userCouponId, Long invitor, String sign) {
+        String qs = null;
+        try {
+            qs = AESEncryptUtil.decrypt(sign);
+        } catch (Exception e) {
+            throw new BusinessException("签名错误");
+        }
+        final Map<String, String> map = Splitter.on('&').trimResults().withKeyValueSeparator('=').split(qs);
+        if (Math.abs(MapUtils.getLong(map, "ts") - System.currentTimeMillis()) > 90000) {
+            throw new BusinessException("签名已过期");
+        }
+
         Long id = snowflakeIdWorker.nextId();
         SendResult result = rocketMQTemplate.syncSend(generalProperties.getCreateOrderTopic(),
                 new CreateOrderEvent(id, userId, collectionId, qty, addressId, userCouponId, invitor), 100000);

src/main/java/com/izouma/nineth/utils/AESEncryptUtil.java

@@ -0,0 +1,61 @@
+package com.izouma.nineth.utils;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.SecureRandom;
+
+/**
+ * <p>AES加密处理工具类</p>
+ *
+ * @author licoy.cn
+ * @version 2018/9/5
+ */
+public class AESEncryptUtil {
+    private final static String password = "xRvGxVMeIbuQxICtstQCPjtyNuBluyyC";
+
+    /**
+     * AES加密
+     *
+     * @param content  字符串内容
+     */
+    public static String encrypt(String content) throws Exception {
+        return aes(content, Cipher.ENCRYPT_MODE);
+    }
+
+
+    /**
+     * AES解密
+     *
+     * @param content  字符串内容
+     */
+    public static String decrypt(String content) throws Exception {
+        return aes(content, Cipher.DECRYPT_MODE);
+    }
+
+    /**
+     * AES加密/解密 公共方法
+     *
+     * @param content  字符串
+     * @param type     加密：{@link Cipher#ENCRYPT_MODE}，解密：{@link Cipher#DECRYPT_MODE}
+     */
+    private static String aes(String content, int type) throws Exception {
+        KeyGenerator generator = KeyGenerator.getInstance("AES");
+        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+        random.setSeed(password.getBytes());
+        generator.init(128, random);
+        SecretKey secretKey = generator.generateKey();
+        byte[] enCodeFormat = secretKey.getEncoded();
+        SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
+        Cipher cipher = Cipher.getInstance("AES");
+        cipher.init(type, key);
+        if (type == Cipher.ENCRYPT_MODE) {
+            byte[] byteContent = content.getBytes("utf-8");
+            return Hex2Util.parseByte2HexStr(cipher.doFinal(byteContent));
+        } else {
+            byte[] byteContent = Hex2Util.parseHexStr2Byte(content);
+            return new String(cipher.doFinal(byteContent));
+        }
+    }
+}

src/main/java/com/izouma/nineth/utils/Hex2Util.java

@@ -0,0 +1,44 @@
+package com.izouma.nineth.utils;
+
+/**
+ * <p>二进制转换工具类</p>
+ * @author licoy.cn
+ * @version 2018/9/5
+ */
+public class Hex2Util {
+
+    /**
+     * 二进位组转十六进制字符串
+     * @param buf 二进位组
+     * @return 十六进制字符串
+     */
+    public static String parseByte2HexStr(byte buf[]) {
+        StringBuilder sb = new StringBuilder();
+        for (byte b : buf) {
+            String hex = Integer.toHexString(b & 0xFF);
+            if (hex.length() == 1) {
+                hex = '0' + hex;
+            }
+            sb.append(hex.toUpperCase());
+        }
+        return sb.toString();
+    }
+
+    /**
+     * 十六进制字符串转二进位组
+     * @param hexStr 十六进制字符串
+     * @return 二进位组
+     */
+    public static byte[] parseHexStr2Byte(String hexStr) {
+        if (hexStr.length() < 1) return null;
+        byte[] result = new byte[hexStr.length() / 2];
+
+        for (int i = 0; i < hexStr.length() / 2; i++) {
+            int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
+            int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
+            result[i] = (byte) (high * 16 + low);
+        }
+        return result;
+    }
+
+}

src/main/java/com/izouma/nineth/web/OrderController.java

@@ -106,10 +106,11 @@ public class OrderController extends BaseController {
     public HashMap<String, String> mqCreate(@RequestParam Long collectionId, @RequestParam int qty,
                                             @RequestParam(required = false) Long addressId,
                                             @RequestParam(required = false) Long couponId,
-                                            @RequestParam(required = false) Long invitor) {
+                                            @RequestParam(required = false) Long invitor,
+                                            @RequestParam String sign) {
         return new HashMap<>() {{
             put("id", orderService.mqCreate(SecurityUtils.getAuthenticatedUser().getId(),
-                    collectionId, qty, addressId, couponId, invitor));
+                    collectionId, qty, addressId, couponId, invitor, sign));
         }};
     }
 

src/test/java/com/izouma/nineth/CommonTest.java

@@ -1,10 +1,14 @@
 package com.izouma.nineth;
 
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.github.kevinsawicki.http.HttpRequest;
+import com.google.common.base.Splitter;
 import com.izouma.nineth.config.Constants;
 import com.izouma.nineth.domain.BaseEntity;
 import com.izouma.nineth.domain.BlindBoxItem;
 import com.izouma.nineth.domain.User;
+import com.izouma.nineth.utils.AESEncryptUtil;
 import com.izouma.nineth.utils.TokenUtils;
 import com.izouma.nineth.web.BaseController;
 import io.ipfs.api.IPFS;
@@ -23,6 +27,8 @@ import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.RandomUtils;
 import org.apache.commons.lang3.Range;
 import org.apache.commons.text.CaseUtils;
+import org.apache.http.NameValuePair;
+import org.apache.http.client.utils.URLEncodedUtils;
 import org.apache.poi.util.TempFile;
 import org.bouncycastle.util.encoders.Base64;
 import org.bytedeco.javacv.FFmpegFrameGrabber;
@@ -434,4 +440,16 @@ public class CommonTest {
         }
         Thread.sleep(20000);
     }
+
+    @Test
+    public void testaes() throws Exception {
+        String encrypted = "ccd97379f001d47895eb4293144b74f28de4fcf5b56daf4ce73d2db34f381984b2c2260f821593968e387dccdc11713a5b558a571b17aaae3e9e91a0b9dc576e";
+        String qs = AESEncryptUtil.decrypt(encrypted);
+        System.out.println(qs);
+        List<NameValuePair> list = URLEncodedUtils.parse(qs, StandardCharsets.UTF_8);
+        System.out.println(JSON.toJSONString(list, SerializerFeature.PrettyFormat));
+
+        final Map<String, String> map = Splitter.on('&').trimResults().withKeyValueSeparator('=').split(qs);
+        System.out.println(map);
+    }
 }