优化错误提示
This commit is contained in:
lin
@@ -138,7 +138,7 @@ public class SIPCommanderForPlatform implements ISIPCommanderForPlatform {
|
||||
|
||||
@Override
|
||||
public String keepalive(Platform parentPlatform, SipSubscribe.Event errorEvent , SipSubscribe.Event okEvent) throws SipException, InvalidArgumentException, ParseException {
|
||||
log.info("[国标级联] 发送心跳, 上级平台编号: {}", parentPlatform.getServerGBId());
|
||||
log.info("[国标级联] 发送心跳, 上级平台: {}/{}", parentPlatform.getName(), parentPlatform.getServerGBId());
|
||||
String characterSet = parentPlatform.getCharacterSet();
|
||||
StringBuffer keepaliveXml = new StringBuffer(200);
|
||||
keepaliveXml.append("<?xml version=\"1.0\" encoding=\"")
|
||||
|
||||
@@ -55,7 +55,11 @@ public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
|
||||
return "";
|
||||
}
|
||||
}
|
||||
cachedBodyString = new String(cachedBody, StandardCharsets.UTF_8);
|
||||
if (cachedBody != null) {
|
||||
cachedBodyString = new String(cachedBody, StandardCharsets.UTF_8);
|
||||
} else {
|
||||
cachedBodyString = "";
|
||||
}
|
||||
}
|
||||
return cachedBodyString;
|
||||
}
|
||||
@@ -72,7 +76,7 @@ public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
|
||||
return new byte[0];
|
||||
}
|
||||
}
|
||||
return cachedBody;
|
||||
return cachedBody != null ? cachedBody : new byte[0];
|
||||
}
|
||||
|
||||
private void cacheInputStream() throws IOException {
|
||||
@@ -86,6 +90,9 @@ public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
|
||||
}
|
||||
cachedBody = baos.toByteArray();
|
||||
log.debug("成功缓存请求体,长度: {}", cachedBody.length);
|
||||
} catch (Exception e) {
|
||||
log.error("缓存请求体时发生异常: ", e);
|
||||
cachedBody = new byte[0];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -96,7 +103,8 @@ public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
|
||||
private final ByteArrayInputStream inputStream;
|
||||
|
||||
public CachedBodyServletInputStream(byte[] body) {
|
||||
this.inputStream = new ByteArrayInputStream(body);
|
||||
// 处理null值情况
|
||||
this.inputStream = new ByteArrayInputStream(body != null ? body : new byte[0]);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -119,7 +127,4 @@ public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
|
||||
return inputStream.read();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
@@ -66,7 +66,9 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
if (SyTokenManager.INSTANCE.appMap.get(appKey) == null) {
|
||||
|
||||
// 添加空值检查
|
||||
if (SyTokenManager.INSTANCE.appMap == null || SyTokenManager.INSTANCE.appMap.get(appKey) == null) {
|
||||
log.info("[SY-接口验签] appKey {} 对应的 secret 不存在, 请求地址: {} ", appKey, requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
@@ -86,11 +88,16 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
if (paramKey.equals("sign")) {
|
||||
continue;
|
||||
}
|
||||
beforeSign.append(paramKey).append(parameterMap.get(paramKey)[0]);
|
||||
// 添加数组长度检查
|
||||
String[] values = parameterMap.get(paramKey);
|
||||
if (values != null && values.length > 0) {
|
||||
beforeSign.append(paramKey).append(values[0]);
|
||||
}
|
||||
}
|
||||
// 如果是post请求的json消息,拼接body字符串
|
||||
if (request.getContentLength() > 0
|
||||
&& request.getMethod().equalsIgnoreCase("POST")
|
||||
&& request.getContentType() != null
|
||||
&& request.getContentType().equalsIgnoreCase(MediaType.APPLICATION_JSON_VALUE)) {
|
||||
// 读取body内容 - 使用自定义缓存机制
|
||||
String requestBody = request.getCachedBody();
|
||||
@@ -101,7 +108,19 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
log.warn("[SY-接口验签] 请求体内容为空");
|
||||
}
|
||||
}
|
||||
beforeSign.append(SyTokenManager.INSTANCE.appMap.get(appKey));
|
||||
|
||||
// 添加空值检查
|
||||
String secret = SyTokenManager.INSTANCE.appMap.get(appKey);
|
||||
if (secret == null) {
|
||||
log.info("[SY-接口验签] 无法获取appKey {} 对应的 secret, 请求地址: {} ", appKey, requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
out.println(getErrorResult(1, "参数非法"));
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
|
||||
beforeSign.append(secret);
|
||||
// 生成签名
|
||||
String buildSign = SmUtil.sm3(beforeSign.toString());
|
||||
if (!buildSign.equals(sign)) {
|
||||
@@ -115,6 +134,15 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
// 验证请求时间戳
|
||||
long timestamp = Long.parseLong(timestampStr);
|
||||
long currentTimeMillis = System.currentTimeMillis();
|
||||
// 添加空值检查
|
||||
if (SyTokenManager.INSTANCE.expires == null) {
|
||||
log.info("[SY-接口验签] expires配置为空, 请求地址: {} ", requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
out.println(getErrorResult(2, "签名错误"));
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
if (currentTimeMillis > SyTokenManager.INSTANCE.expires * 60 * 1000 + timestamp ) {
|
||||
log.info("[SY-接口验签] 时间戳已经过期, 请求时间戳:{}, 当前时间: {}, 过期时间: {}, 请求地址: {} ", timestamp, currentTimeMillis, timestamp + SyTokenManager.INSTANCE.expires * 60 * 1000, requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
@@ -124,11 +152,29 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
return;
|
||||
}
|
||||
// accessToken校验
|
||||
// 添加空值检查
|
||||
if (SyTokenManager.INSTANCE.adminToken == null) {
|
||||
log.info("[SY-接口验签] adminToken配置为空, 请求地址: {} ", requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
out.println(getErrorResult(2, "签名错误"));
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
if (accessToken.equals(SyTokenManager.INSTANCE.adminToken)) {
|
||||
log.info("[SY-接口验签] adminToken已经默认放行, 请求地址: {} ", requestURI);
|
||||
chain.doFilter(request, response);
|
||||
return;
|
||||
}else {
|
||||
// 添加空值检查
|
||||
if (SyTokenManager.INSTANCE.sm4Key == null) {
|
||||
log.info("[SY-接口验签] sm4Key配置为空, 请求地址: {} ", requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
out.println(getErrorResult(2, "签名错误"));
|
||||
out.close();
|
||||
return;
|
||||
}
|
||||
// 对token进行解密
|
||||
SM4 sm4 = SmUtil.sm4(HexUtil.decodeHex(SyTokenManager.INSTANCE.sm4Key));
|
||||
String decryptStr = sm4.decryptStr(accessToken, CharsetUtil.CHARSET_UTF_8);
|
||||
@@ -142,7 +188,7 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
}
|
||||
JSONObject jsonObject = JSON.parseObject(decryptStr);
|
||||
Long expirationTime = jsonObject.getLong("expirationTime");
|
||||
if (expirationTime < System.currentTimeMillis()) {
|
||||
if (expirationTime == null || expirationTime < System.currentTimeMillis()) {
|
||||
log.info("[SY-接口验签] accessToken 已经过期, 请求地址: {} ", requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
PrintWriter out = response.getWriter();
|
||||
@@ -151,8 +197,17 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}catch (NumberFormatException e) {
|
||||
log.info("[SY-接口验签] 时间戳格式错误, 请求地址: {} ", requestURI);
|
||||
response.setStatus(Response.OK);
|
||||
if (!response.isCommitted()) {
|
||||
PrintWriter out = response.getWriter();
|
||||
out.println(getErrorResult(2, "签名错误"));
|
||||
out.close();
|
||||
}
|
||||
return;
|
||||
}catch (Exception e) {
|
||||
log.info("[SY-接口验签] 读取body失败, 请求地址: {} ", requestURI, e);
|
||||
log.info("[SY-接口验签] 读取body失败, 请求地址: {} ", requestURI, e);
|
||||
response.setStatus(Response.OK);
|
||||
if (!response.isCommitted()) {
|
||||
PrintWriter out = response.getWriter();
|
||||
@@ -171,4 +226,4 @@ public class SignAuthenticationFilter extends OncePerRequestFilter {
|
||||
return JSON.toJSONString(wvpResult);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user