Skip to content

P
pica-cloud-account
提交 6972ad6d 编写于 作者: Chongwen.jiang's avatar Chongwen.jiang
浏览文件
操作

IP获取测试代码添加,,,. 

发送验证码请求体添加device_token(设备id)
上级 1562927c
隐藏空白字符变更
内嵌 并排
正在显示 包含 277 行增加149 行删除
server/pom.xml
浏览文件 @ 6972ad6d
......@@ -164,6 +164,18 @@
<version>1.0.1</version>
</dependency>
<!-- apple identifyToken校验 -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>jwks-rsa</artifactId>
<version>0.9.0</version>
</dependency>
</dependencies>
......
server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
浏览文件 @ 6972ad6d
......@@ -14,10 +14,7 @@ import com.pica.cloud.account.account.server.resp.UnifiedVerificationResp;
import com.pica.cloud.account.account.server.service.AccountService;
import com.pica.cloud.account.account.server.service.AccountUnionService;
import com.pica.cloud.account.account.server.service.CaptchaService;
import com.pica.cloud.account.account.server.util.AESUtil;
import com.pica.cloud.account.account.server.util.AccountUtils;
import com.pica.cloud.account.account.server.util.CryptoUtil;
import com.pica.cloud.account.account.server.util.RegisterCodeKeyUtils;
import com.pica.cloud.account.account.server.util.*;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResponse;
import com.pica.cloud.foundation.entity.PicaResultCode;
......@@ -29,10 +26,12 @@ import com.pica.cloud.riskcontrol.riskcontrol.common.req.CheckcodeRiskReq;
import com.pica.cloud.riskcontrol.riskcontrol.common.resp.CheckcodeRiskResp;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.catalina.servlet4preview.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
......@@ -64,23 +63,33 @@ public class AutoCodeController extends AccountBaseController {
@Autowired
private CheckCodeClient rcClient;
@GetMapping("/ip")
public PicaResponse getIp(HttpServletRequest request){
return PicaResponse.toResponse(IPUtil.getIpAdrress(request));
}
@ApiOperation("获取短信验证码,无需图形验证码,如app端")
@PostMapping(value = "/authCode")
public PicaResponse getAuthCode(@RequestBody EncryptEntity entity) throws Exception {
public PicaResponse getAuthCode(@RequestBody EncryptEntity entity, HttpServletRequest req) throws Exception {
// 验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
// 4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
// 4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
AccountUtils.checkMobilePhone(request.getMobile());
if(request.getBizType() != null && request.getBizType().equals(1)){
// TODO 调用风控接口
UnifiedVerificationResp rcResp = rcValidate(request.getMobile(), request.getFlag());
if(rcResp == null){
if (request.getBizType() != null && request.getBizType().equals(1)) {
// 调用风控接口
UnifiedVerificationResp rcResp = this.rcValidate(
request.getMobile(),
request.getFlag(),
IPUtil.getIpAdrress(req),
super.getDeviceInfo(),
request.getDevice_token());
if (rcResp == null) {
// 风控接口调用异常也继续后面的逻辑
processSysCode(request.getMobile(), request.getFlag());
return PicaResponse.toResponse();
} else {
if(null == rcResp.getBizCode()){
if (null == rcResp.getBizCode()) {
// 风控校验后允许发送短信验证码
processSysCode(request.getMobile(), request.getFlag());
return PicaResponse.toResponse();
......@@ -220,67 +229,79 @@ public class AutoCodeController extends AccountBaseController {
* @Params [mobile]
* @Return com.pica.cloud.account.account.server.resp.UnifiedVerificationResp
*/
private UnifiedVerificationResp rcValidate(String mobile, Integer flag) {
private UnifiedVerificationResp rcValidate(String mobile,
Integer flag,
String publicIp,
String deviceInfoStr,
String deviceToken) {
// 调用风控接口
try {
logger.info("rcValidate-publicIp:{}, deviceToken:{}, deviceInfoStr:{}",
publicIp, deviceToken, deviceInfoStr);
CheckcodeRiskReq rcReq = new CheckcodeRiskReq();
rcReq.setMobile(mobile);
/*rcReq.setDeviceId();
rcReq.setIp();
rcReq.setDeviceIp();*/
logger.info("rc-req:{}", JSON.toJSONString(rcReq));
rcReq.setIp(publicIp);
PICAPDeviceInfo deviceInfo = JSON.parseObject(deviceInfoStr, PICAPDeviceInfo.class);
rcReq.setDeviceIp(deviceInfo.getDevice_ip());
rcReq.setDeviceId(deviceToken);
logger.info("rc-checkcodeRisk-req:{}", JSON.toJSONString(rcReq));
PicaResponse picaResponse = rcClient.checkcodeRisk(rcReq);
logger.info("rc-resp:{}", JSON.toJSONString(picaResponse));
logger.info("rc-checkcodeRisk-resp:{}", JSON.toJSONString(picaResponse));
if (picaResponse != null &&
PicaResultCode.SUCCESS.code().equals(picaResponse.getCode())) {
Object data = picaResponse.getData();
if (Objects.nonNull(data)) {
JSONObject respData = JSON.parseObject(
JSON.toJSONString(data), JSONObject.class);
if (StringUtils.isNotEmpty(respData.getString("processCode"))) {
Integer processCode = Integer.valueOf(respData.getString("processCode"));
if (null != processCode) {
if (processCode.equals(BizTypeRespEnum.RC_SEND_FAIL.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_SEND_FAIL.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_SEND_FAIL.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_TRIGGER.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_TRIGGER.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_TRIGGER.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_BLACKLIST.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_BLACKLIST.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_BLACKLIST.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_DAY_LIMIT.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_DAY_LIMIT.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_DAY_LIMIT.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode());
// 获取剩余秒数
Long time = cacheClient.get(this.getAuthCodeKey(mobile, flag.toString()) + "-secure", Long.class);
int remainTime = 59 - (int) (System.currentTimeMillis() - time) / 1000;
if (remainTime > 0) {
resp.setBizMsg(BizTypeRespEnum.RC_60_SECOND_LIMIT.getMsg()
.replace("{remainTime}", String.valueOf(remainTime)));
}
return resp;
}
}
if (Objects.isNull(data)) {
return null;
}
CheckcodeRiskResp respData = JSON.parseObject(
JSON.toJSONString(data), CheckcodeRiskResp.class);
if(StringUtils.isEmpty(respData.getProcessCode())){
// 请求返回异常
return null;
}
Integer processCode = Integer.valueOf(respData.getProcessCode());
if(null == processCode){
// 请求返回的processCode异常
return null;
}
// 请求返回正常
if (processCode.equals(BizTypeRespEnum.RC_SEND_FAIL.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_SEND_FAIL.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_SEND_FAIL.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_TRIGGER.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_TRIGGER.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_TRIGGER.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_BLACKLIST.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_BLACKLIST.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_BLACKLIST.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_DAY_LIMIT.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_DAY_LIMIT.getCode());
resp.setBizMsg(BizTypeRespEnum.RC_DAY_LIMIT.getMsg());
return resp;
} else if (processCode.equals(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode())) {
UnifiedVerificationResp resp = new UnifiedVerificationResp();
resp.setBizCode(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode());
// 获取剩余秒数
Long time = cacheClient.get(this.getAuthCodeKey(mobile, flag.toString()) + "-secure", Long.class);
int remainTime = 59 - (int) (System.currentTimeMillis() - time) / 1000;
if (remainTime > 0) {
resp.setBizMsg(BizTypeRespEnum.RC_60_SECOND_LIMIT.getMsg()
.replace("{remainTime}", String.valueOf(remainTime)));
}
return resp;
} else {
// processCode=1(允许发送短信验证码)
return new UnifiedVerificationResp();
}
// processCode=1(允许发送短信验证码)
return new UnifiedVerificationResp();
} else {
return null;
}
return null;
} catch (Exception e) {
logger.error("风控接口调用异常", e);
return null;
......
server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
浏览文件 @ 6972ad6d
......@@ -216,12 +216,11 @@ public class LoginController extends AccountBaseController {
@ApiOperation(value = "苹果授权登录")
@GetMapping("/login/apple")
public PicaResponse appleAuth(HttpServletRequest req) throws Exception{
//@RequestBody EncryptEntity entity
BaseRequest request = new BaseRequest();//CryptoUtil.decrypt(entity, BaseRequest.class);
//request.setProductType(super.getProductType());
//request.setSourceType(super.getSourceType());
return PicaResponse.toResponse(loginService.loginByApple(req, request));
public PicaResponse appleAuth(@RequestBody EncryptEntity entity) throws Exception{
BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
request.setProductType(super.getProductType());
request.setSourceType(super.getSourceType());
return PicaResponse.toResponse(loginService.loginByApple(request));
}
@ApiOperation(value = "苹果登录绑定手机号")
......
server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
浏览文件 @ 6972ad6d
......@@ -36,6 +36,8 @@ public class BaseRequest {
private String captchaAnswer;
@ApiModelProperty("业务类型,1-新老业务区分标识,2-手机号格式校验业务,3-密码登录校验业务")
private Integer bizType;
@ApiModelProperty("设备id")
private String device_token;
@ApiModelProperty("苹果身份token")
private String identifyToken;
@ApiModelProperty("苹果用户id")
......@@ -196,4 +198,12 @@ public class BaseRequest {
public void setInfo(String info) {
this.info = info;
}
public String getDevice_token() {
return device_token;
}
public void setDevice_token(String device_token) {
this.device_token = device_token;
}
}
server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
浏览文件 @ 6972ad6d
......@@ -76,7 +76,7 @@ public interface LoginService {
* @Params [baseRequest]
* @Return com.pica.cloud.account.account.server.entity.LoginResult
*/
LoginResult loginByApple(HttpServletRequest req, BaseRequest baseRequest);
LoginResult loginByApple(BaseRequest baseRequest);
/**
* @Description 苹果登录绑定手机号
......
server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
浏览文件 @ 6972ad6d
package com.pica.cloud.account.account.server.service.impl;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.auth0.jwk.Jwk;
import com.pica.cloud.account.account.server.constants.Constants;
import com.pica.cloud.account.account.server.entity.*;
import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
......@@ -22,7 +26,10 @@ import com.pica.cloud.foundation.encryption.common.constants.EncryptConstants;
import com.pica.cloud.foundation.encryption.util.EncryptUtils;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.redis.ICacheClient;
import com.pica.cloud.foundation.utils.utils.HttpClientUtil;
import com.pica.cloud.foundation.utils.utils.ValidateUtils;
import io.jsonwebtoken.*;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -31,12 +38,7 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.servlet.http.HttpServletRequest;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.PublicKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
......@@ -270,7 +272,9 @@ public class LoginServiceImpl implements LoginService {
@Override
@Transactional
public LoginResult loginByWeChat(BaseRequest request) {
logger.info("loginByWeChat-request:{}", JSON.toJSONString(request));
WeChatEntity weChatEntity = null;
logger.info("loginByWeChat-bizType:{}", request.getBizType());
if (null != request.getBizType() &&
request.getBizType().equals(1)) {
// h5微信登录
......@@ -279,17 +283,20 @@ public class LoginServiceImpl implements LoginService {
// 原生微信登录
weChatEntity = WeChatUtils.getAuthorizationInfo(appId, appSecret, request.getWeChatCode());
}
logger.info("loginByWeChat-weChatEntity:{}", JSON.toJSONString(weChatEntity));
if (weChatEntity == null || StringUtils.isEmpty(weChatEntity.getOpenid()) || StringUtils.isEmpty(weChatEntity.getAccess_token())) {
throw new PicaException(AccountExceptionEnum.PICA_WECHAT_CODE_ERROR.getCode(), AccountExceptionEnum.PICA_WECHAT_CODE_ERROR.getMessage());
}
//todo:微信登录获取个人信息
// 微信登录获取个人信息
Map map = new HashMap();
map.put("access_token", weChatEntity.getAccess_token());
map.put("openid", weChatEntity.getOpenid());
Map weChatUserInfo = WeChatUtils.getWeChatUserInfo(map, weChatURL);
logger.info("loginByWeChat-weChatUserInfo:{}", JSON.toJSONString(weChatUserInfo));
WeChatUserInfoEntity weChatUserInfoEntity = WeChatUtils.mergeWechatUserInfo(weChatUserInfo, weChatEntity.getOpenid());
String unionId = weChatUserInfoEntity.getUnionid();
AccountUnionEntity accountUnionEntity = accountUnionMapper.selectByUnionId(unionId);
logger.info("loginByWeChat-accountUnionEntity:{}", JSON.toJSONString(accountUnionEntity));
//是否绑定逻辑的判断
if (accountUnionEntity != null) {
Long acctId = accountUnionEntity.getAcctId();
......@@ -301,7 +308,9 @@ public class LoginServiceImpl implements LoginService {
//account.setMobilePhone(request.getMobile());
account.setMobilePhone("");
account.setRegisterSource(request.getSourceType());
logger.info("loginByWeChat-newToken...start");
String newToken = tokenUtils.generateToken(account);
logger.info("loginByWeChat-newToken...end");
LoginResult result = new LoginResult();
result.setToken(newToken);
result.setUserId(userId);
......@@ -315,6 +324,7 @@ public class LoginServiceImpl implements LoginService {
return result;
} else {
AccountWeChatInfoEntity entity = accountWeChatInfoMapper.selectByUnionId(unionId);
logger.info("loginByWeChat-数据是否存在...entity:{}", (entity==null));
//如果微信信息表数据不存在,就把用户信息存储到微信信息表中。
if (entity == null) {
processWeChatInfoUser(weChatUserInfoEntity, request.getWeChatLoginType());
......@@ -534,26 +544,30 @@ public class LoginServiceImpl implements LoginService {
return resp;
}
/**
* @Description 苹果登录授权
* @Author Chongwen.jiang
* @Date 2020/2/24 19:21
* @ModifyDate 2020/2/24 19:21
* @Params [request]
* @Return com.pica.cloud.account.account.server.entity.LoginResult
*/
@Transactional
@Override
public LoginResult loginByApple(HttpServletRequest req, BaseRequest request) {
LoginResult a= new LoginResult();
a.setDoctorId(getIpAddr2(req));
a.setMobile(getPublicIp());
return a;
/*// 入参非空判断
public LoginResult loginByApple(BaseRequest request) {
// 入参非空判断
if (StringUtils.isEmpty(request.getIdentifyToken()) ||
StringUtils.isEmpty(request.getAppleUserId()) ||
StringUtils.isEmpty(request.getAppleId())) {
throw new PicaException(AccountExceptionEnum.PICA_PARAMS_ERROR.getCode(),
AccountExceptionEnum.PICA_PARAMS_ERROR.getMessage());
}
// TODO identifyToken校验
//throw new PicaException(AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getCode(),
//AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getMessage());
// identifyToken校验
if(!checkIdentifyToken(request.getIdentifyToken())){
throw new PicaException(
AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getCode(),
AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getMessage());
}
// apple授权登录用户信息入库
AccountUnionEntity accountUnion = accountUnionMapper.selectByUnionId(request.getAppleUserId());
//是否绑定逻辑的判断
......@@ -564,7 +578,6 @@ public class LoginServiceImpl implements LoginService {
account.setId(userId);
account.setAcctId(acctId.intValue());
account.setCreatTime(new Date());
//account.setMobilePhone(request.getMobile());
account.setMobilePhone("");
account.setRegisterSource(request.getSourceType());
String newToken = tokenUtils.generateToken(account);
......@@ -589,79 +602,79 @@ public class LoginServiceImpl implements LoginService {
result.setUnionId(request.getAppleUserId());
result.setBindFlag(AccountTypeEnum.BIND_STATUS_FAILURE.getCode() + "");
return result;
}*/
}
}
/**
* @Description 获取公网ip
* @Description apple登录--identifyToken校验
* @Author Chongwen.jiang
* @Date 2020/2/24 16:54
* @ModifyDate 2020/2/24 16:54
* @Params []
* @Return java.lang.String
* @Date 2020/2/24 19:28
* @ModifyDate 2020/2/24 19:28
* @Params [identifyToekn]
* @Return boolean false:未通过token校验,true:通过校验
*/
private String getPublicIp() {
private boolean checkIdentifyToken(String identifyToken) {
logger.info("checkIdentifyToken-identifyToken:{}", identifyToken);
// 向苹果后台获取公钥参数
String appleResp = null;
try {
String path = "https://2020.ip138.com/";
URL url = new URL(path);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("contentType", "GBK");
conn.setConnectTimeout(5 * 1000);
conn.setRequestMethod("GET");
InputStream inStream = conn.getInputStream();
BufferedReader in = new BufferedReader(new InputStreamReader(
inStream, "GBK"));
StringBuffer buffer = new StringBuffer();
String line = "";
// 读取获取到内容的最后一行,写入
while ((line = in.readLine()) != null) {
buffer.append(line);
}
String str = buffer.toString();
String ipString1 = str.substring(str.indexOf("["));
// 您的iP地址是:[223.112.202.205] 来自:江苏省常州市 移动
String ipsString2 = ipString1.substring(ipString1.indexOf("[") + 1,
ipString1.lastIndexOf("]"));
//获取当前IP地址所在地址
/*String ipsString3=ipString1.substring(ipString1.indexOf(": "),ipString1.lastIndexOf("</center>"));
System.err.println(ipsString3);*/
return ipsString2;
appleResp = HttpClientUtil.getHttpExecute("https://appleid.apple.com/auth/keys");
logger.info("checkIdentifyToken-appleResp:{}", appleResp);
} catch (Exception e) {
logger.error("获取公网IP连接超时-getPublicIp");
return "连接超时";
throw new PicaException("获取公钥失败", e.getMessage());
}
JSONObject jsonObject = JSONObject.parseObject(appleResp);
String keys = jsonObject.getString("keys");
JSONArray arr = JSONObject.parseArray(keys);
JSONObject jsonObject1 = JSONObject.parseObject(arr.getString(0));
logger.info("checkIdentifyToken-jsonObject1:{}", jsonObject1);
// 通过架包生成publicKey
PublicKey publicKey;
try {
Jwk jwa = Jwk.fromValues(jsonObject1);
publicKey = jwa.getPublicKey();
} catch (Exception e) {
throw new PicaException("生成publicKey失败", e.getMessage());
}
// 分割前台传过来的identifyToken(jwt格式的token)用base64解码使用
if (identifyToken.split("\\.").length > 1) {
String claim = new String(Base64.decodeBase64(identifyToken.split("\\.")[1]));
logger.info("checkIdentifyToken-claim:{}", claim);
String aud = JSONObject.parseObject(claim).get("aud").toString();
String sub = JSONObject.parseObject(claim).get("sub").toString();
return this.verify(publicKey, identifyToken, aud, sub);
}
return false;
}
/**
* @Description 获取内网ip
* @Description 验证苹果公钥
* @Author Chongwen.jiang
* @Date 2020/2/24 16:54
* @ModifyDate 2020/2/24 16:54
* @Params [request]
* @Return java.lang.String
* @Date 2020/2/24 19:49
* @ModifyDate 2020/2/24 19:49
* @Params [key, jwt, audience, subject]
* @Return boolean
*/
private String getIpAddr2(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (org.apache.commons.lang.StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (org.apache.commons.lang.StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (org.apache.commons.lang.StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
if ("0:0:0:0:0:0:0:1".equals(ip)) {
ip = "127.0.0.1";
}
if (ip.split(",").length > 1) {
if(!ip.split(",")[0].equalsIgnoreCase("unknown")){
ip = ip.split(",")[0];
private boolean verify(PublicKey key, String jwt, String audience, String subject) {
JwtParser jwtParser = Jwts.parser().setSigningKey(key);
jwtParser.requireIssuer("https://appleid.apple.com");
jwtParser.requireAudience(audience);
jwtParser.requireSubject(subject);
try {
Jws<Claims> claim = jwtParser.parseClaimsJws(jwt);
logger.info("apple-verify-claim:{}", JSON.toJSONString(claim));
logger.info("apple-verify-claim.getBody:{}",
JSON.toJSONString(claim.getBody()));
if (claim != null && claim.getBody().containsKey("auth_time")) {
return true;
}
return false;
} catch (ExpiredJwtException e) {
throw new PicaException("苹果token过期", e.getMessage());
} catch (Exception e) {
throw new PicaException("苹果token非法", e.getMessage());
}
return ip;
}
/**
......@@ -707,7 +720,8 @@ public class LoginServiceImpl implements LoginService {
if (accountInfoDb == null) {
result = registerService.register(request);
} else {
result = processLogin(request, accountInfoDb.getId(), AccountTypeEnum.LOGIN_APPLE.getCode());
result = processLogin(request, accountInfoDb.getId(),
AccountTypeEnum.LOGIN_APPLE.getCode());
}
result.setMobile(request.getMobile());
AccountInfoEntity accountInfo = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(request.getMobile()));
......@@ -728,12 +742,14 @@ public class LoginServiceImpl implements LoginService {
private void processAccountUnionApple(Integer acctId, String appleUserId) {
AccountUnionEntity accountUnion = accountUnionMapper.selectByUnionId(appleUserId);
if (accountUnion != null) {
throw new PicaException(AccountExceptionEnum.PICA_APPLE_BIND_OTHER.getCode(),
throw new PicaException(
AccountExceptionEnum.PICA_APPLE_BIND_OTHER.getCode(),
AccountExceptionEnum.PICA_APPLE_BIND_OTHER.getMessage());
}
AccountUnionEntity accountUnionEntityAccount = accountUnionMapper.selectByAcctId(acctId);
if (accountUnionEntityAccount != null) {
throw new PicaException(AccountExceptionEnum.PICA_MOBILE_BIND_OTHER.getCode(),
throw new PicaException(
AccountExceptionEnum.PICA_MOBILE_BIND_OTHER.getCode(),
AccountExceptionEnum.PICA_MOBILE_BIND_OTHER.getMessage());
}
AccountUnionEntity accountUnionEntity = new AccountUnionEntity();
......
server/src/main/java/com/pica/cloud/account/account/server/util/IPUtil.java 0 → 100644
浏览文件 @ 6972ad6d
package com.pica.cloud.account.account.server.util;
import javax.servlet.http.HttpServletRequest;
import java.util.Enumeration;
public class IPUtil {
/**
* @Description 获取请求的外网ip
* @Author Chongwen.jiang
* @Date 2020/2/25 9:34
* @ModifyDate 2020/2/25 9:34
* @Params [request]
* @Return java.lang.String
*/
public static String getIpAdrress(HttpServletRequest request) {
String ip = null;
//X-Forwarded-For:Squid 服务代理
String ipAddresses = request.getHeader("X-Forwarded-For");
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
//打印所有头信息
String s = headerNames.nextElement();
String header = request.getHeader(s);
// System.out.println(s+"::::"+header);
}
// System.out.println("headerNames:"+ JSON.toJSONString(headerNames));
// System.out.println("RemoteHost:"+request.getRemoteHost());
// System.out.println("RemoteAddr:"+request.getRemoteAddr());
String unknown = "unknown";
if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
//Proxy-Client-IP:apache 服务代理
ipAddresses = request.getHeader("Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
//WL-Proxy-Client-IP:weblogic 服务代理
ipAddresses = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
//HTTP_CLIENT_IP:有些代理服务器
ipAddresses = request.getHeader("HTTP_CLIENT_IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
//X-Real-IP:nginx服务代理
ipAddresses = request.getHeader("X-Real-IP");
}
//有些网络通过多层代理,那么获取到的ip就会有多个,一般都是通过逗号(,)分割开来,并且第一个ip为客户端的真实IP
if (ipAddresses != null && ipAddresses.length() != 0) {
ip = ipAddresses.split(",")[0];
}
//还是不能获取到,最后再通过request.getRemoteAddr();获取
if (ip == null || ip.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
ip = request.getRemoteAddr();
}
if("0:0:0:0:0:0:0:1".equalsIgnoreCase(ip)){
ip = "127.0.0.1";
}
return ip;
}
}
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册