zgty/zt-dsc
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1. 修复 databus 在多层嵌套的 json 报文,签名存在异常的 bug

Browse Source
This commit is contained in:
chenbowen
2025-12-16 21:34:58 +08:00
parent 13403ea027
commit 12157d5dcb
2 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/util/security/CryptoSignatureUtils.java
View File

@@ -1,6 +1,7 @@
package com.zt.plat.framework.common.util.security; package com.zt.plat.framework.common.util.security;
import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.SecureUtil;
import com.zt.plat.framework.common.util.json.JsonUtils;
import javax.crypto.Cipher; import javax.crypto.Cipher;
import javax.crypto.KeyGenerator; import javax.crypto.KeyGenerator;
@@ -126,7 +127,11 @@ public final class CryptoSignatureUtils {
continue; continue;
} }
sb.append(key).append('='); sb.append(key).append('=');
sb.append(value); if (value instanceof String || value instanceof Number || value instanceof Boolean) {
sb.append(value);
} else {
sb.append(JsonUtils.toJsonString(value));
}
sb.append('&'); sb.append('&');
} }
if (sb.length() > 0) { if (sb.length() > 0) {

3
zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
View File

@@ -286,8 +286,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
try { try {
boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType); boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType);
if (!valid) { if (!valid) {
log.error("[API-PORTAL] 签名校验失败"); throw new SecurityValidationException(HttpStatus.UNAUTHORIZED, "签名校验失败");
return;
} }
} catch (IllegalArgumentException ex) { } catch (IllegalArgumentException ex) {
throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常"); throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常");