1.提供给博协响应式公交数据接口

王通
1 parent 61b9d8ce
Showing 4 changed files with 250 additions and 219 deletions
src/main/java/com/bsth/CXFConfig.java
src/main/java/com/bsth/StartCommand.java
src/main/java/com/bsth/server_rs/AuthorizeInterceptor_IN.java
src/main/java/com/bsth/server_rs/exception/AesException.java
@@ -14,6 +14,7 @@ import com.bsth.server_rs.bigdata.BigscreenService;
 import com.bsth.server_rs.departure.DepartureRestService;
 import com.bsth.server_rs.destroy.DestroyDetailRestService;
 import com.bsth.server_rs.directive.DirectiveRestService;
+import com.bsth.server_rs.dks.BxRestService;
 import com.bsth.server_rs.dks.DksRestService;
 import com.bsth.server_rs.electric.ElectricService;
 import com.bsth.server_rs.exception.AesExceptionMapper;
@@ -139,6 +140,9 @@ public class CXFConfig {
     @Autowired
     private ManHoursRestService manHoursRestService;
+    @Autowired
+    private BxRestService bxRestService;
+
     @Bean
     public Server rsServer() {
         JAXRSServerFactoryBean endpoint = new JAXRSServerFactoryBean();
@@ -167,7 +171,8 @@ public class CXFConfig {
                 departureRestService,
                 dksRestService,
                 xxfbRestService,
-                manHoursRestService));
+                manHoursRestService,
+                bxRestService));
         endpoint.setProviders(Arrays.asList(new JacksonJsonProvider(), new AesExceptionMapper()));
         //endpoint.setFeatures(Arrays.asList(new Swagger2Feature()));
         endpoint.getInInterceptors().add(new AuthorizeInterceptor_IN());
@@ -7,6 +7,7 @@ import com.bsth.server_rs.man_hours.ManHoursRefreshScheduler;
 import com.bsth.server_rs.schedule.real.thread.ExecSchDataRefreshThread;
 import com.bsth.server_rs.schedule.real.thread.SchInOutDataRefreshThread;
 import com.bsth.server_rs.thread.RfidCardInfoPersistenceThread;
+import com.bsth.service.SystemParamService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.stereotype.Component;
@@ -37,6 +38,9 @@ public class StartCommand implements CommandLineRunner{
 	@Autowired
 	ManHoursRefreshScheduler manHoursRefreshScheduler;
+	@Autowired
+	SystemParamService systemParamService;
+
 	@Override
 	public void run(String... arg0){
@@ -53,6 +57,7 @@ public class StartCommand implements CommandLineRunner{
 			//定时刷新基础信息
 			Application.mainServices.scheduleWithFixedDelay(basicDataRefreshThread, 30, 30, TimeUnit.MINUTES);
 			manHoursRefreshScheduler.refresh();
+			systemParamService.refresh();
 		} catch (Exception e) {
 			e.printStackTrace();
 		}
-package com.bsth.server_rs;
-
-import com.bsth.server_rs.exception.AesException;
-import com.bsth.service.UserService;
-import org.apache.commons.lang3.StringEscapeUtils;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.AbstractPhaseInterceptor;
-import org.apache.cxf.phase.Phase;
-import org.eclipse.jetty.util.MultiMap;
-import org.eclipse.jetty.util.UrlEncoded;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.BeansException;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.springframework.stereotype.Component;
-
-import java.security.MessageDigest;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * rest 接口授权校验（IN 输入拦截）
- * Created by panzhao on 2017/3/28.
- */
-@Component
-public class AuthorizeInterceptor_IN extends AbstractPhaseInterceptor<Message> implements ApplicationContextAware {
-
-    private static final String SIGN = "sign";
-    private static final String TIMESTAMP = "timestamp";
-    private static final String NONCE = "nonce";
-    private static final String PASSWORD = "password";
-    private static final int MAX_TIME_DIFF = 1000 * 60 * 10;
-    private static Map<String, String> pwd2nonceMap;
-
-    static UserService userService;
-
-    static Logger logger = LoggerFactory.getLogger(AuthorizeInterceptor_IN.class);
-
-    public AuthorizeInterceptor_IN() {
-        super(Phase.RECEIVE);
-    }
-
-    static {
-        pwd2nonceMap = new HashMap<>();
-    }
-
-    @Override
-    public void handleMessage(Message message) throws Fault {
-
-        long t = System.currentTimeMillis();
-        if (message.get(Message.QUERY_STRING) == null) {
-            throw new AesException(AesException.MISS_SIGN);
-        }
-
-        //放行wadl
-        if(message.get(Message.QUERY_STRING).equals("_wadl")
-                && message.get(Message.PATH_INFO).equals("/webservice/rest")){
-            return ;
-        }
-
-        //获取参数，不包括 url 路径参数  只包括?号之后的
-        String queryString = StringEscapeUtils.unescapeHtml4(message.get(Message.QUERY_STRING).toString());
-        MultiMap<String> params = new MultiMap<>();
-        UrlEncoded.decodeTo(queryString, params, "utf-8");
-        Map<String, String> map = multi2One(params);
-
-        if (!map.containsKey(SIGN)) {
-            throw new AesException(AesException.MISS_SIGN);
-        }
-        if (!map.containsKey(TIMESTAMP)) {
-            throw new AesException(AesException.MISS_TIMESTAMP);
-        }
-
-        try{
-            long timestamp = Long.parseLong(map.get(TIMESTAMP));
-            if(Math.abs(t - timestamp) > MAX_TIME_DIFF){
-                throw new AesException(AesException.INVALID_TIMESTAMP);
-            }
-        }catch(Exception e){
-            throw new AesException(AesException.INVALID_TIMESTAMP);
-        }
-
-        if (!map.containsKey(NONCE)) {
-            throw new AesException(AesException.MISS_NONCE);
-        }
-        if (!map.containsKey(PASSWORD)) {
-            throw new AesException(AesException.MISS_PWD);
-        }
-
-        String prevNonce = pwd2nonceMap.get(map.get(PASSWORD));
-        if(prevNonce != null && prevNonce.equals(map.get(NONCE)))
-            throw new AesException(AesException.NO_RANDOM_NONCE);
-
-        if (userService.get(map.get(PASSWORD)) == null) {
-            throw new AesException(AesException.INVALID_PWD);
-        }
-
-        String sign = map.get(SIGN);
-        map.remove(SIGN);
-        String sh1 = "";
-        try {
-            sh1 = getSHA1(map);
-        } catch (Exception e) {
-            throw new AesException(AesException.SIGN_CHECK_ERROR);
-        }
-
-        if (!sign.equals(sh1)) {
-            throw new AesException(AesException.SIGN_CHECK_FAIL);
-        }
-    }
-
-    public static Map<String, String> multi2One(MultiMap<String> params) {
-        Map<String, String> map = new HashMap<>();
-        Set<String> ks = params.keySet();
-        for (String k : ks) {
-            map.put(k, params.getString(k));
-        }
-        return map;
-    }
-
-
-    public static String getSHA1(Map<String, String> map) throws Exception {
-
-        try {
-            String[] array = new String[map.size()];
-            map.values().toArray(array);
-            StringBuffer sb = new StringBuffer();
-
-            // 字符串排序
-            Arrays.sort(array);
-            for (int i = 0; i < array.length; i++) {
-                sb.append(array[i]);
-            }
-            String str = sb.toString();
-            // SHA1签名生成
-            MessageDigest md = MessageDigest.getInstance("SHA-1");
-            md.update(str.getBytes());
-            byte[] digest = md.digest();
-
-            StringBuffer hexstr = new StringBuffer();
-            String shaHex = "";
-            for (int i = 0; i < digest.length; i++) {
-                shaHex = Integer.toHexString(digest[i] & 0xFF);
-                if (shaHex.length() < 2) {
-                    hexstr.append(0);
-                }
-                hexstr.append(shaHex);
-            }
-            return hexstr.toString();
-        } catch (Exception e) {
-            logger.error("", e);
-            throw e;
-        }
-    }
-
-    @Override
-    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-        userService = applicationContext.getBean(UserService.class);
-    }
-}
+package com.bsth.server_rs;
+
+import com.bsth.common.SystemParamKeys;
+import com.bsth.server_rs.exception.AesException;
+import com.bsth.service.SystemParamService;
+import com.bsth.service.UserService;
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.eclipse.jetty.util.MultiMap;
+import org.eclipse.jetty.util.UrlEncoded;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.stereotype.Component;
+
+import java.security.MessageDigest;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * rest 接口授权校验（IN 输入拦截）
+ * Created by panzhao on 2017/3/28.
+ */
+@Component
+public class AuthorizeInterceptor_IN extends AbstractPhaseInterceptor<Message> implements ApplicationContextAware {
+
+    private static final String SIGN = "sign";
+    private static final String TIMESTAMP = "timestamp";
+    private static final String NONCE = "nonce";
+    private static final String PASSWORD = "password";
+    private static final int MAX_TIME_DIFF = 1000 * 60 * 10;
+    private static Map<String, String> pwd2nonceMap;
+
+    static UserService userService;
+
+    static SystemParamService systemParamService;
+
+    static Logger logger = LoggerFactory.getLogger(AuthorizeInterceptor_IN.class);
+
+    public AuthorizeInterceptor_IN() {
+        super(Phase.RECEIVE);
+    }
+
+    static {
+        pwd2nonceMap = new HashMap<>();
+    }
+
+    @Override
+    public void handleMessage(Message message) throws Fault {
+
+        long t = System.currentTimeMillis();
+        if (message.get(Message.QUERY_STRING) == null) {
+            throw new AesException(AesException.MISS_SIGN);
+        }
+
+        //放行wadl
+        if(message.get(Message.QUERY_STRING).equals("_wadl")
+                && message.get(Message.PATH_INFO).equals("/webservice/rest")){
+            return ;
+        }
+
+        //获取参数，不包括 url 路径参数  只包括?号之后的
+        String queryString = StringEscapeUtils.unescapeHtml4(message.get(Message.QUERY_STRING).toString());
+        MultiMap<String> params = new MultiMap<>();
+        UrlEncoded.decodeTo(queryString, params, "utf-8");
+        Map<String, String> map = multi2One(params);
+
+        if (!map.containsKey(SIGN)) {
+            throw new AesException(AesException.MISS_SIGN);
+        }
+        if (!map.containsKey(TIMESTAMP)) {
+            throw new AesException(AesException.MISS_TIMESTAMP);
+        }
+
+        try{
+            long timestamp = Long.parseLong(map.get(TIMESTAMP));
+            if(Math.abs(t - timestamp) > MAX_TIME_DIFF){
+                throw new AesException(AesException.INVALID_TIMESTAMP);
+            }
+        }catch(Exception e){
+            throw new AesException(AesException.INVALID_TIMESTAMP);
+        }
+
+        if (!map.containsKey(NONCE)) {
+            throw new AesException(AesException.MISS_NONCE);
+        }
+        if (!map.containsKey(PASSWORD)) {
+            throw new AesException(AesException.MISS_PWD);
+        }
+
+        String prevNonce = pwd2nonceMap.get(map.get(PASSWORD));
+        if(prevNonce != null && prevNonce.equals(map.get(NONCE)))
+            throw new AesException(AesException.NO_RANDOM_NONCE);
+
+        if (userService.get(map.get(PASSWORD)) == null) {
+            throw new AesException(AesException.INVALID_PWD);
+        }
+
+        String sign = map.get(SIGN);
+        map.remove(SIGN);
+        String sh1 = "";
+        try {
+            sh1 = getSHA1(map);
+        } catch (Exception e) {
+            throw new AesException(AesException.SIGN_CHECK_ERROR);
+        }
+
+        if (!sign.equals(sh1)) {
+            throw new AesException(AesException.SIGN_CHECK_FAIL);
+        }
+
+        validate(map, message);
+    }
+
+    private static void validate(Map<String, String> map, Message message) {
+        String limitPasswords = systemParamService.getValue(SystemParamKeys.LIMIT_PASSWORDS);
+        String limitUris = systemParamService.getValue(SystemParamKeys.LIMIT_URIS);
+        if (limitPasswords != null && limitPasswords.indexOf(String.format("%s,", map.get(PASSWORD))) > -1) {
+            if (limitUris != null && limitUris.indexOf(String.format("%s,", message.get(Message.REQUEST_URI))) == -1) {
+                throw new AesException(AesException.INVALID_URI);
+            }
+        }
+    }
+
+    public static Map<String, String> multi2One(MultiMap<String> params) {
+        Map<String, String> map = new HashMap<>();
+        Set<String> ks = params.keySet();
+        for (String k : ks) {
+            map.put(k, params.getString(k));
+        }
+        return map;
+    }
+
+
+    public static String getSHA1(Map<String, String> map) throws Exception {
+
+        try {
+            String[] array = new String[map.size()];
+            map.values().toArray(array);
+            StringBuffer sb = new StringBuffer();
+
+            // 字符串排序
+            Arrays.sort(array);
+            for (int i = 0; i < array.length; i++) {
+                sb.append(array[i]);
+            }
+            String str = sb.toString();
+            // SHA1签名生成
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            md.update(str.getBytes());
+            byte[] digest = md.digest();
+
+            StringBuffer hexstr = new StringBuffer();
+            String shaHex = "";
+            for (int i = 0; i < digest.length; i++) {
+                shaHex = Integer.toHexString(digest[i] & 0xFF);
+                if (shaHex.length() < 2) {
+                    hexstr.append(0);
+                }
+                hexstr.append(shaHex);
+            }
+            return hexstr.toString();
+        } catch (Exception e) {
+            logger.error("", e);
+            throw e;
+        }
+    }
+
+    @Override
+    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+        userService = applicationContext.getBean(UserService.class);
+        systemParamService = applicationContext.getBean(SystemParamService.class);
+    }
+}
-package com.bsth.server_rs.exception;
-
-/**
- * Created by panzhao on 2017/3/28.
- */
-public class AesException extends RuntimeException {
-
-    public final static int OK = 0;
-    public final static int MISS_SIGN = -30001;
-    public final static int MISS_TIMESTAMP = -30002;
-    public final static int MISS_NONCE = -30003;
-    public final static int NO_RANDOM_NONCE = -30005;
-    public final static int MISS_PWD = -30004;
-    public final static int SIGN_CHECK_ERROR = -40001;
-    public final static int SIGN_CHECK_FAIL = -40002;
-    public final static int INVALID_PWD = -40003;
-    public final static int INVALID_TIMESTAMP = -40004;
-
-    private int code;
-
-    private static String getMessage(int code) {
-        switch (code) {
-            case MISS_SIGN:
-                return "sign参数丢失";
-            case MISS_TIMESTAMP:
-                return "timestamp参数丢失";
-            case MISS_NONCE:
-                return "nonce参数丢失";
-            case NO_RANDOM_NONCE:
-                return "nonce参数异常";
-            case MISS_PWD:
-                return "密码参数丢失";
-            case INVALID_PWD:
-                return "无效的密码";
-            case SIGN_CHECK_ERROR:
-                return "签名校验时出现异常";
-            case SIGN_CHECK_FAIL:
-                return "无效的签名";
-            case INVALID_TIMESTAMP:
-                return "无效的时间戳";
-            default:
-                return null;
-        }
-    }
-
-    public int getCode() {
-        return code;
-    }
-
-    public AesException(int code) {
-        super(getMessage(code));
-        this.code = code;
-    }
-}
+package com.bsth.server_rs.exception;
+
+/**
+ * Created by panzhao on 2017/3/28.
+ */
+public class AesException extends RuntimeException {
+
+    public final static int OK = 0;
+    public final static int MISS_SIGN = -30001;
+    public final static int MISS_TIMESTAMP = -30002;
+    public final static int MISS_NONCE = -30003;
+    public final static int NO_RANDOM_NONCE = -30005;
+    public final static int MISS_PWD = -30004;
+    public final static int SIGN_CHECK_ERROR = -40001;
+    public final static int SIGN_CHECK_FAIL = -40002;
+    public final static int INVALID_PWD = -40003;
+    public final static int INVALID_TIMESTAMP = -40004;
+    public final static int INVALID_URI = -40005;
+
+    private int code;
+
+    private static String getMessage(int code) {
+        switch (code) {
+            case MISS_SIGN:
+                return "sign参数丢失";
+            case MISS_TIMESTAMP:
+                return "timestamp参数丢失";
+            case MISS_NONCE:
+                return "nonce参数丢失";
+            case NO_RANDOM_NONCE:
+                return "nonce参数异常";
+            case MISS_PWD:
+                return "密码参数丢失";
+            case INVALID_PWD:
+                return "无效的密码";
+            case SIGN_CHECK_ERROR:
+                return "签名校验时出现异常";
+            case SIGN_CHECK_FAIL:
+                return "无效的签名";
+            case INVALID_TIMESTAMP:
+                return "无效的时间戳";
+            case INVALID_URI:
+                return "无效的URI";
+            default:
+                return null;
+        }
+    }
+
+    public int getCode() {
+        return code;
+    }
+
+    public AesException(int code) {
+        super(getMessage(code));
+        this.code = code;
+    }
+}