猛哥 秘钥改造

sooka-auth/src/main/java/com/sooka/mapper/AuthCNMDMapper.java

@@ -0,0 +1,30 @@
+package com.sooka.mapper;
+
+
+import com.sooka.model.db.IntDetailed;
+import com.sooka.model.db.IntDetailed_SP;
+import org.apache.ibatis.annotations.Mapper;
+
+import java.util.List;
+
+/**
+ * TODO
+ *
+ * 中央必备映射器目录
+ * CentralNecessaryMappersDirectory
+ *
+ * @author wangzhe
+ * @date 2023-06-17 09:56:17
+ */
+
+@Mapper
+public interface AuthCNMDMapper {
+
+    /**
+     * 查询申请记录明细
+     *
+     * @param intDetailed 查询条件
+     * @return 申请明细集合
+     */
+    public List<IntDetailed_SP> selectIntDetailedList(IntDetailed_SP intDetailed);
+}

sooka-auth/src/main/java/com/sooka/model/db/IntDetailed_SP.java

@@ -0,0 +1,52 @@
+package com.sooka.model.db;
+
+//import com.sooka.common.core.domain.BaseEntity;
+import lombok.Data;
+
+/**
+ * 申请明细对象 int_detailed
+ *
+ * @author yhliang
+ * @date 2021-07-06
+ */
+@Data
+public class IntDetailed_SP // extends BaseEntity
+{
+    private static final long serialVersionUID = 1L;
+
+    /** 主键 */
+    private String id;
+
+    private String subId;
+
+    /** 记录表id */
+    private String recordId;
+
+    /** 接口表id */
+    private String intId;
+
+    /** 接口名称 */
+    private String interfaceName;
+
+    /** 接口地址 */
+    private String interfaceAddress;
+
+    /** 接口编码 */
+    private String code;
+
+    /** 接口编码 二期 */
+    private String codeSp;
+
+    /** secret_key */
+    private String secretKey;
+
+    /** secret_content */
+    private String secretContent;
+
+    /** 用途 */
+    private String purpose;
+
+    /** 附件 */
+    private String file;
+
+}

sooka-auth/src/main/java/com/sooka/service/impl/AuthServiceImpl.java

@@ -1,16 +1,18 @@
 package com.sooka.service.impl;
 
 import com.sooka.enums.ResultEnum;
+import com.sooka.mapper.AuthCNMDMapper;
 import com.sooka.model.ResultModel;
 import com.sooka.model.db.IntDetailed;
+import com.sooka.model.db.IntDetailed_SP;
 import com.sooka.service.AuthService;
 import com.sooka.mapper.AuthMapper;
-import com.sooka.utils.DateUtils;
 import com.sooka.utils.SecretKeyUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import tk.mybatis.mapper.entity.Example;
 
+import javax.annotation.Resource;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.List;
@@ -19,14 +21,16 @@ import java.util.Objects;
 @Service
 public class AuthServiceImpl implements AuthService {
 
-    @Autowired
-    private AuthMapper authMapper;
+    @Resource
+    private AuthCNMDMapper authCNMDMapper;
+//    @Autowired
+//    private AuthMapper authMapper;
 
     @Override
     public ResultModel auth(String secretKey, String intCode) {
-
-        Example userExample = new Example(IntDetailed.class);
-        Example.Criteria criteria = userExample.createCriteria();
+        System.out.println("进入 com.sooka.service.impl");
+//        Example userExample = new Example(IntDetailed.class);
+//        Example.Criteria criteria = userExample.createCriteria();
 
         // 小于等于
         // 原授权码到期验证
@@ -37,9 +41,16 @@ public class AuthServiceImpl implements AuthService {
         // criteria.andGreaterThanOrEqualTo("endAt", DateUtils.format(new Date(), DateUtils.DATE_TIME_PATTERN));
 
         // 等于
-        criteria.andEqualTo("secretKey", secretKey);
+//        criteria.andEqualTo("secretKey", secretKey);
+
+//        List<IntDetailed> list = authMapper.selectByExample(userExample);
+
+        IntDetailed_SP intDetailedParam = new IntDetailed_SP();
+        intDetailedParam.setSecretKey(secretKey);
+        System.out.println("start querying...");
+        List<IntDetailed_SP> list = authCNMDMapper.selectIntDetailedList(intDetailedParam);
+        System.out.println("query finished. list.size=" + list.size());
 
-        List<IntDetailed> list = authMapper.selectByExample(userExample);
 
         // 原授权码到期验证
         // if (list == null || list.size() != 1) {
@@ -49,12 +60,28 @@ public class AuthServiceImpl implements AuthService {
 
         // 新授权码到期验证
         boolean isAuthExpires;
-        IntDetailed intDetailed;
+        IntDetailed_SP intDetailed;
+        if(list == null){
+            System.out.println("无此密钥" + secretKey);
+        }else if(list.size() == 0){
+            System.out.println("存在0个密钥" + secretKey);
+        }else if(list.size() > 1){
+            System.out.println("存在多个异常密钥" + secretKey);
+        }else if(list.size() == 1){
+            System.out.println("存在1个密钥 secretKey=" + list.get(0).getSecretKey());
+        }
         if (list != null && list.size() == 1) {
             intDetailed = list.get(0);
             if(intDetailed.getRecordId() != null){ // 新接口解析密钥判断授权时效
                 // 解密后的明文是:123/政数局/2022-10-20 - 2022-10-29/b29c94d72ee74c6d94b573d90020ea59
-                String duration = SecretKeyUtil.AESDncode("3fc674da58", intDetailed.getSecretKey().split("/")[2]);
+//                String duration = SecretKeyUtil.AESDncode("3fc674da58", intDetailed.getSecretKey().split("/")[2]);
+                String secret_key = intDetailed.getSecretKey();
+                System.out.println("secret_key=" + secret_key);
+                String secret_content = SecretKeyUtil.AESDncode("3fc674da58", secret_key);
+                System.out.println("secret_content=" + secret_content);
+                String duration = secret_content.split("/")[2];
+//                String duration = intDetailed.getSecretContent().split("/")[2];
+                System.out.println("duration=" + duration);
                 // 2022-10-20 - 2022-10-29
                 String startTime = duration.split(" - ")[0];
                 String endTime = duration.split(" - ")[1];
@@ -71,6 +98,7 @@ public class AuthServiceImpl implements AuthService {
                 System.out.println("旧接口按照原密钥接收数据，授权长期有效");
             }
         }else { // 授权失效或无此密钥及存在多个异常密钥，提示授权码到期请重新申请
+            String a ="1HjlUwOjkNCuvi+E8+r+4oYWPV1lDMF6l8E7GovGe9h4GtK4nDBXQKirD57TTku+08MHkHsS04X8xpKGQTrNOxG5LfweCxtHbmoUczwF9Y8=";
             intDetailed = null;
             isAuthExpires = true;
             System.out.println("授权失效或无此密钥及存在多个异常密钥，提示授权码到期请重新申请");
@@ -79,7 +107,7 @@ public class AuthServiceImpl implements AuthService {
              return ResultModel.error(ResultEnum.ERROR_AUTH_EXPIRES);
          }
 
-        if (!Objects.equals(intCode, intDetailed.getIntCode())) {
+        if (!Objects.equals(intCode, intDetailed.getCode()) && !Objects.equals(intCode, intDetailed.getCodeSp())) {// 旧秘钥验证 && 新秘钥验证
             return ResultModel.error(ResultEnum.ERROR_INT_SECRET_KEY_MISMATCH);
         }
 

sooka-auth/src/main/java/com/sooka/utils/SecretKeyUtil.java

@@ -32,7 +32,10 @@ public class SecretKeyUtil {
             KeyGenerator aes = KeyGenerator.getInstance("AES");
             //2.根据ecnodeRules规则初始化**生成器
             //生成一个128位的随机源,根据传入的字节数组
-            aes.init(128, new SecureRandom(encodeRules.getBytes()));
+//            aes.init(128, new SecureRandom(encodeRules.getBytes()));
+            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
+            secureRandom.setSeed(encodeRules.getBytes());
+            aes.init(128, secureRandom);
             //3.产生原始对称**
             SecretKey original_key = aes.generateKey();
             //4.获得原始对称**的字节数组
@@ -74,7 +77,10 @@ public class SecretKeyUtil {
             KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
             //2.根据ecnodeRules规则初始化**生成器
             //生成一个128位的随机源,根据传入的字节数组
-            keyGenerator.init(128, new SecureRandom(encodeRules.getBytes()));
+//            keyGenerator.init(128, new SecureRandom(encodeRules.getBytes()));
+            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
+            secureRandom.setSeed(encodeRules.getBytes());
+            keyGenerator.init(128, secureRandom);
             //3.产生原始对称**
             SecretKey original_key = keyGenerator.generateKey();
             //4.获得原始对称**的字节数组
@@ -94,6 +100,7 @@ public class SecretKeyUtil {
             String AES_decode = new String(byte_decode, "utf-8");
             return AES_decode;
         } catch (Exception e) {
+            System.out.println(e.getMessage());
             e.printStackTrace();
         }
         //如果有错就返加nulll
@@ -104,12 +111,20 @@ public class SecretKeyUtil {
         /*
          * 加密
          */
-        String str = SecretKeyUtil.AESEncode("3fc674da58", "123/政数局/2022-10-20 - 2022-10-29/b29c94d72ee74c6d94b573d90020ea59");
+//        String str = SecretKeyUtil.AESEncode("3fc674da58", "123/政数局/2022-10-20 - 2022-10-29/b29c94d72ee74c6d94b573d90020ea59");
+        String str = "1HjlUwOjkNCuvi+E8+r+4oYWPV1lDMF6l8E7GovGe9h4GtK4nDBXQKirD57TTku+08MHkHsS04X8xpKGQTrNOxG5LfweCxtHbmoUczwF9Y8=";
         System.out.println("加密后的密文是:" + str);
 
         /*
          * 解密
          */
         System.out.println("解密后的明文是:" + SecretKeyUtil.AESDncode("3fc674da58", str));
+
+        /*
+         * 解密
+         */
+        System.out.println("解密后的明文是:" + SecretKeyUtil.AESDncode("3fc674da58", "fu0uwO5T2p9Dn3j9TvhpKbC2nCDoDli1TUONB6uZH7rzXgn6vAQK+h/yjYy5iWLY/l/67wygmv825wvKmpjoxTtc3ANl4VhVxhkosEsv5Lc="));
+        System.out.println("解密后的明文是:" + SecretKeyUtil.AESDncode("3fc674da58", "1HjlUwOjkNCuvi+E8+r+4oYWPV1lDMF6l8E7GovGe9h4GtK4nDBXQKirD57TTku+08MHkHsS04X8\n" +
+                "xpKGQTrNOxG5LfweCxtHbmoUczwF9Y8="));
     }
 }

sooka-auth/src/main/resources/mapper/AuthCNMDMapper.xml

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.sooka.mapper.AuthCNMDMapper" >
+
+
+    <resultMap type="com.sooka.model.db.IntDetailed_SP" id="IntDetailedResult">
+        <result property="subId"    column="sub_id"    />
+        <result property="recordId"    column="record_id"    />
+        <result property="intId"    column="int_id"    />
+        <result property="secretKey"    column="secret_key"    />
+        <result property="secretContent"    column="secret_content"    />
+        <result property="purpose"    column="purpose"    />
+        <result property="file"    column="file"    />
+        <result property="interfaceName"    column="interface_name"    />
+        <result property="interfaceAddress"    column="interface_address"    />
+        <result property="code"    column="int_code"    />
+        <result property="codeSp"    column="code_sp"    />
+    </resultMap>
+    <select id="selectIntDetailedList" parameterType="com.sooka.model.db.IntDetailed_SP" resultMap="IntDetailedResult">
+        SELECT
+            id,
+            record_id,
+            int_id,
+            secret_key,
+            secret_content,
+            purpose,
+            file,
+            int_code,
+            (select code from t_u_interfaceinfo where id = int_id) as code_sp
+        FROM
+            int_detailed
+        WHERE
+            replace(replace(secret_key, CHAR(10), ''), CHAR(13), '') = #{secretKey}
+    </select>
+
+</mapper>