před 3 roky · 3d457523ed
--- a/railway-admin/src/main/java/com/railway/RailwayApplication.java
+++ b/railway-admin/src/main/java/com/railway/RailwayApplication.java
@@ -1,5 +1,6 @@
 
				 package com.railway;
			
 
				 
			
 
				+import com.railway.framework.web.service.INeedSignCheck;
			
 
				 import org.springframework.boot.SpringApplication;
			
 
				 import org.springframework.boot.autoconfigure.SpringBootApplication;
			
 
				 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
			
@@ -19,5 +20,8 @@ public class RailwayApplication {
 
				   public static void main(String[] args) {
			
 
				     SpringApplication.run(RailwayApplication.class, args);
			
 
				     System.out.println("启动成功");
			
 
				+    INeedSignCheck.SIGN_IGNORE_URLS.add("monitor");
			
 
				+    INeedSignCheck.SIGN_IGNORE_URLS.add("common");
			
 
				+    INeedSignCheck.SIGN_IGNORE_URLS.add("captchaImage");
			
 
				   }
			
 
				 }
			
--- a/railway-framework/src/main/java/com/railway/framework/interceptor/SignatureInterceptor.java
+++ b/railway-framework/src/main/java/com/railway/framework/interceptor/SignatureInterceptor.java
@@ -7,9 +7,7 @@ import com.railway.common.utils.JsonUtil;
 
				 import com.railway.common.utils.sign.SignatureUtil;
			
 
				 import com.railway.framework.web.service.INeedSignCheck;
			
 
				 import java.io.UnsupportedEncodingException;
			
 
				-import java.util.ArrayList;
			
 
				 import java.util.HashMap;
			
 
				-import java.util.List;
			
 
				 import java.util.Map;
			
 
				 import java.util.UUID;
			
 
				 import javax.annotation.Nonnull;
			
@@ -37,14 +35,6 @@ public class SignatureInterceptor extends HandlerInterceptorAdapter {
 
				 
			
 
				   private final INeedSignCheck iNeedSignCheck;
			
 
				 
			
 
				-  private static final List<String> SIGNNEED_URLS = new ArrayList<>();
			
 
				-
			
 
				-  static {
			
 
				-    SIGNNEED_URLS.add("/monitor");
			
 
				-    SIGNNEED_URLS.add("/common");
			
 
				-    SIGNNEED_URLS.add("/captchaImage");
			
 
				-  }
			
 
				-
			
 
				   public SignatureInterceptor(INeedSignCheck iNeedSignCheck) {
			
 
				     this.iNeedSignCheck = iNeedSignCheck;
			
 
				   }
			
@@ -64,7 +54,7 @@ public class SignatureInterceptor extends HandlerInterceptorAdapter {
 
				     }
			
 
				     // 过滤接口
			
 
				     String servletPath = request.getServletPath();
			
 
				-    if (SIGNNEED_URLS.contains(servletPath)) {
			
 
				+    if (INeedSignCheck.SIGN_IGNORE_URLS.contains(servletPath)) {
			
 
				       return true;
			
 
				     }
			
 
				     response.setCharacterEncoding("UTF-8");
			
--- a/railway-framework/src/main/java/com/railway/framework/security/advice/SecretRequestAdvice.java
+++ b/railway-framework/src/main/java/com/railway/framework/security/advice/SecretRequestAdvice.java
@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSONObject;
 
				 import com.railway.common.core.domain.AjaxResult;
			
 
				 import com.railway.common.exception.sign.SignException;
			
 
				 import com.railway.common.utils.JsonUtil;
			
 
				+import com.railway.common.utils.StringUtils;
			
 
				 import com.railway.common.utils.sign.SignatureUtil;
			
 
				 import com.railway.framework.web.service.INeedSignCheck;
			
 
				 import java.io.ByteArrayInputStream;
			
@@ -23,6 +24,7 @@ import org.springframework.http.HttpInputMessage;
 
				 import org.springframework.http.converter.HttpMessageConverter;
			
 
				 import org.springframework.lang.NonNull;
			
 
				 import org.springframework.util.StreamUtils;
			
 
				+import org.springframework.web.bind.annotation.RequestMapping;
			
 
				 import org.springframework.web.bind.annotation.RestControllerAdvice;
			
 
				 import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAdapter;
			
 
				 
			
@@ -47,7 +49,10 @@ public class SecretRequestAdvice extends RequestBodyAdviceAdapter {
 
				   @Override
			
 
				   public boolean supports(@NonNull MethodParameter methodParameter, @NonNull Type targetType,
			
 
				       @NonNull Class<? extends HttpMessageConverter<?>> converterType) {
			
 
				-    return true;
			
 
				+    String[] servletPath = methodParameter.getContainingClass().getAnnotation(RequestMapping.class)
			
 
				+        .value();
			
 
				+    return !StringUtils.isNotEmpty(servletPath)
			
 
				+        || !INeedSignCheck.SIGN_IGNORE_URLS.contains(servletPath[0]);
			
 
				   }
			
 
				 
			
 
				   @Override
			
@@ -109,7 +114,7 @@ public class SecretRequestAdvice extends RequestBodyAdviceAdapter {
 
				     Map<String, String> requestMap = JsonUtil.json2Map(json);
			
 
				     String requestId = UUID.randomUUID().toString();
			
 
				     AjaxResult ajaxResult = SignatureUtil.checkTimestamp(requestId, userTimestamp);
			
 
				-    if(!ajaxResult.isSuccess()){
			
 
				+    if (!ajaxResult.isSuccess()) {
			
 
				       return false;
			
 
				     }
			
 
				 
			
--- a/railway-framework/src/main/java/com/railway/framework/web/service/INeedSignCheck.java
+++ b/railway-framework/src/main/java/com/railway/framework/web/service/INeedSignCheck.java
@@ -1,10 +1,15 @@
 
				 package com.railway.framework.web.service;
			
 
				 
			
 
				+import java.util.ArrayList;
			
 
				+import java.util.List;
			
 
				+
			
 
				 /**
			
 
				  * @author zhaomn
			
 
				  */
			
 
				 public interface INeedSignCheck {
			
 
				 
			
 
				+  List<String> SIGN_IGNORE_URLS = new ArrayList<>();
			
 
				+
			
 
				   boolean needCheckSignature(String unSign);
			
 
				 
			
 
				 }