1.0.2 新增SignValidation注解，用于拦截需要进行签名的请求

Author: WeiziPlus

springboot/demo-common/src/main/java/com/weiziplus/common/util/Md5Utils.java

@@ -39,4 +39,14 @@ public static String encode16(String str) {
         return encode.substring(8, 24);
     }
 
+    /**
+     * 32位没有加密盐
+     *
+     * @param str
+     * @return
+     */
+    public static String encodeNotSalt(String str) {
+        return DigestUtils.md5DigestAsHex(str.getBytes(StandardCharsets.UTF_8)).toUpperCase();
+    }
+
 }

springboot/demo-pc/src/main/java/com/weiziplus/pc/common/interceptor/AuthorizationInterceptor.java

@@ -3,10 +3,7 @@
 import com.alibaba.fastjson.JSON;
 import com.weiziplus.common.async.LogAsync;
 import com.weiziplus.common.async.UserAsync;
-import com.weiziplus.common.util.HttpRequestUtils;
-import com.weiziplus.common.util.ResultUtils;
-import com.weiziplus.common.util.ToolUtils;
-import com.weiziplus.common.util.UserAgentUtils;
+import com.weiziplus.common.util.*;
 import com.weiziplus.common.util.redis.StringRedisUtils;
 import com.weiziplus.common.util.token.AdminTokenUtils;
 import com.weiziplus.common.util.token.JwtTokenUtils;
@@ -22,6 +19,7 @@
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.Console;
 import java.lang.reflect.Method;
 import java.util.*;
 
@@ -185,7 +183,12 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
             handleResponse(response, ResultUtils.errorToken("token不存在"));
             return false;
         }
-        return handleAdminToken(request, response, object);
+        //保存用户操作，校验用户权限等
+        if (!handleAdminToken(request, response, object)) {
+            return false;
+        }
+        //校验签名
+        return handleSign(request, response, object);
     }
 
     /**
@@ -279,6 +282,46 @@ private boolean handleAdminToken(HttpServletRequest request, HttpServletResponse
         return false;
     }
 
+    /**
+     * 是否需要签名处理
+     * 所有请求参数（排除__sign）需要按照ascii排序，然后进行MD5加密
+     *
+     * @param request
+     * @param response
+     * @param object
+     * @return
+     */
+    private boolean handleSign(HttpServletRequest request, HttpServletResponse response, Object object) {
+        HandlerMethod handlerMethod = (HandlerMethod) object;
+        Method method = handlerMethod.getMethod();
+        //如果没有签名注解直接返回
+        if (null == handlerMethod.getBeanType().getAnnotation(SignValidation.class)
+                && null == method.getAnnotation(SignValidation.class)) {
+            return true;
+        }
+        TreeMap<String, String[]> stringTreeMap = new TreeMap<>(request.getParameterMap());
+        Set<String> keySet = stringTreeMap.keySet();
+        String signParam = "__sign";
+        if (!keySet.contains(signParam)) {
+            handleResponse(response, ResultUtils.error("签名错误"));
+            return false;
+        }
+        StringBuilder stringBuilder = new StringBuilder();
+        for (String key : keySet) {
+            //跳过__sign参数
+            if (signParam.equals(key)) {
+                continue;
+            }
+            stringBuilder.append(key).append("=").append(stringTreeMap.get(key)[0]).append("&");
+        }
+        String s = Md5Utils.encodeNotSalt(stringBuilder.substring(0, stringBuilder.length() - 1));
+        if (stringTreeMap.get(signParam)[0].equals(s)) {
+            return true;
+        }
+        handleResponse(response, ResultUtils.error("签名错误"));
+        return false;
+    }
+
     /**
      * 将token出错信息输入到前端页面
      *

springboot/demo-pc/src/main/java/com/weiziplus/pc/common/interceptor/SignValidation.java

@@ -0,0 +1,17 @@
+package com.weiziplus.pc.common.interceptor;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 方法或类需要sign签名验证
+ *
+ * @author wanglongwei
+ * @date 2020/06/04 09/17
+ */
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface SignValidation {
+}

springboot/demo-web/src/main/java/com/weiziplus/web/common/interceptor/AuthorizationInterceptor.java

@@ -3,10 +3,7 @@
 import com.alibaba.fastjson.JSON;
 import com.weiziplus.common.async.LogAsync;
 import com.weiziplus.common.async.UserAsync;
-import com.weiziplus.common.util.HttpRequestUtils;
-import com.weiziplus.common.util.ResultUtils;
-import com.weiziplus.common.util.ToolUtils;
-import com.weiziplus.common.util.UserAgentUtils;
+import com.weiziplus.common.util.*;
 import com.weiziplus.common.util.redis.StringRedisUtils;
 import com.weiziplus.common.util.token.JwtTokenUtils;
 import com.weiziplus.common.util.token.WebTokenUtils;
@@ -181,7 +178,12 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
             handleResponse(response, ResultUtils.errorToken("token不存在"));
             return false;
         }
-        return handleWebToken(request, response, object);
+        //保存用户日志
+        if (!handleWebToken(request, response, object)) {
+            return false;
+        }
+        //校验签名
+        return handleSign(request, response, object);
     }
 
     /**
@@ -241,6 +243,45 @@ private boolean handleWebToken(HttpServletRequest request, HttpServletResponse r
         return true;
     }
 
+    /**
+     * 是否需要签名处理
+     *
+     * @param request
+     * @param response
+     * @param object
+     * @return
+     */
+    private boolean handleSign(HttpServletRequest request, HttpServletResponse response, Object object) {
+        HandlerMethod handlerMethod = (HandlerMethod) object;
+        Method method = handlerMethod.getMethod();
+        //如果没有签名注解直接返回
+        if (null == handlerMethod.getBeanType().getAnnotation(SignValidation.class)
+                && null == method.getAnnotation(SignValidation.class)) {
+            return true;
+        }
+        TreeMap<String, String[]> stringTreeMap = new TreeMap<>(request.getParameterMap());
+        Set<String> keySet = stringTreeMap.keySet();
+        String signParam = "__sign";
+        if (!keySet.contains(signParam)) {
+            handleResponse(response, ResultUtils.error("签名错误"));
+            return false;
+        }
+        StringBuilder stringBuilder = new StringBuilder();
+        for (String key : keySet) {
+            //跳过__sign参数
+            if (signParam.equals(key)) {
+                continue;
+            }
+            stringBuilder.append(key).append("=").append(stringTreeMap.get(key)[0]).append("&");
+        }
+        String s = Md5Utils.encodeNotSalt(stringBuilder.substring(0, stringBuilder.length() - 1));
+        if (stringTreeMap.get(signParam)[0].equals(s)) {
+            return true;
+        }
+        handleResponse(response, ResultUtils.error("签名错误"));
+        return false;
+    }
+
     /**
      * 将token出错信息输入到前端页面
      *

springboot/demo-web/src/main/java/com/weiziplus/web/common/interceptor/SignValidation.java

@@ -0,0 +1,17 @@
+package com.weiziplus.web.common.interceptor;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 方法或类需要sign签名验证
+ *
+ * @author wanglongwei
+ * @date 2020/06/04 09/17
+ */
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface SignValidation {
+}

vue/src/components/table/Complex.vue

@@ -613,7 +613,12 @@
         }
 
         /*表格树形结构，箭头错位*/
-        .el-table table tbody tr td.tree .cell.el-tooltip {
+        .el-table table tbody tr td:nth-child(3) .cell.el-tooltip {
+            display: flex;
+        }
+
+        /*表格树形结构，箭头错位*/
+        .el-table table tbody tr td:nth-child(2) .cell.el-tooltip {
             display: flex;
         }
 

vue/src/utils/axios.js

@@ -21,11 +21,30 @@ axios.interceptors.request.use(
     }
 );
 
+/**
+ * 获取url中参数的map
+ * @param url
+ */
+function getUrlParamMap(url) {
+    let split = url.split("?");
+    if (1 >= split.length) {
+        return {};
+    }
+    let params = split[1].split("&") || [];
+    let obj = {};
+    params.forEach(value => {
+        let param = value.split('=');
+        obj[param[0]] = param[1];
+    });
+    return obj;
+}
+
 /**
  * 封装axios请求
  *
  * @param allUrl 请求的url为完整url
  * @param allSuccess 返回所有成功回调,不包含status不是200的出错请求
+ * @param isSign 是否需要计算签名
  * @param url 请求地址
  * @param method 请求方式
  * @param headers 请求头
@@ -41,6 +60,7 @@ export function weiAxios(
     {
         allUrl = false,
         allSuccess = false,
+        isSign = false,
         url = '',
         method = 'get',
         header = 'application/x-www-form-urlencoded; charset=UTF-8',
@@ -82,6 +102,18 @@ export function weiAxios(
         }
         /**axios请求参数添加随机字符串*/
         data['__t'] = (new Date()).getTime();
+        //如果需要计算签名
+        if (isSign) {
+            let urlParamMap = getUrlParamMap(url);
+            for (let key in urlParamMap) {
+                if (!urlParamMap.hasOwnProperty(key)) {
+                    return;
+                }
+                data[key] = urlParamMap[key];
+            }
+            let asciiStr = that.$globalFun.sortAscii(data);
+            data['__sign'] = that.$globalFun.md5NoSalt(asciiStr);
+        }
         /**axios请求处理不同请求方式时的参数*/
         method = method.toUpperCase();
         if (method === 'GET') {
@@ -147,6 +179,7 @@ export function weiAxios(
  * @param url
  * @param method
  * @param data
+ * @param isSign 是否需要计算签名
  * @param filename 文件名字
  * @param timeShowLoadAnimation 多长时间之后显示加载中动画，单位毫秒
  * @param success
@@ -158,6 +191,7 @@ export function weiAxiosDown(
         url = '',
         method = 'post',
         data = {},
+        isSign = false,
         filename = '新建文件',
         timeShowLoadAnimation = 555,
         success = function () {
@@ -189,6 +223,18 @@ export function weiAxiosDown(
         _axios['headers'][that.$global.GLOBAL.token] = that.$globalFun.getSessionStorage(`token`) || '';
         /**axios请求参数添加随机字符串*/
         data['__t'] = (new Date()).getTime();
+        //如果需要计算签名
+        if (isSign) {
+            let urlParamMap = getUrlParamMap(url);
+            for (let key in urlParamMap) {
+                if (!urlParamMap.hasOwnProperty(key)) {
+                    return;
+                }
+                data[key] = urlParamMap[key];
+            }
+            let asciiStr = that.$globalFun.sortAscii(data);
+            data['__sign'] = that.$globalFun.md5NoSalt(asciiStr);
+        }
         /**axios请求处理不同请求方式时的参数*/
         method = method.toUpperCase();
         if (method === 'GET') {

vue/src/utils/global_function.js

@@ -340,6 +340,18 @@ function md5(str) {
     return CryptoJs.MD5(str).toString().toUpperCase();
 }
 
+/**
+ * md5加密没有加密盐
+ * @param str
+ * @returns {*}
+ */
+function md5NoSalt(str) {
+    if (null == str) {
+        return null;
+    }
+    return CryptoJs.MD5(str).toString().toUpperCase();
+}
+
 /**
  * 获取session存储的数据
  * @param key
@@ -392,6 +404,28 @@ function setLocationStorage(key, value = '') {
     localStorage.setItem(key, JSON.stringify(value));
 }
 
+/**
+ * 对象进行ascii排序
+ * @param obj
+ * @returns {*}
+ */
+function sortAscii(obj) {
+    if (null == obj) {
+        return null;
+    }
+    let arr = [];
+    let index = 0;
+    for (let key in obj) {
+        arr[index] = key;
+        index++;
+    }
+    let str = '';
+    arr.sort().forEach(value => {
+        str += `${value}=${('' + obj[value]).replace(/(^\s*)|(\s*$)/g, "")}&`;
+    });
+    return str.substr(0, str.length - 1);
+}
+
 /**
  * 将方法暴露出去
  */
@@ -412,8 +446,10 @@ export default {
     base64Encrypt,
     base64Decrypt,
     md5,
+    md5NoSalt,
     getSessionStorage,
     setSessionStorage,
     getLocationStorage,
-    setLocationStorage
+    setLocationStorage,
+    sortAscii
 };