Merge branch 'dev' into test
This commit is contained in:
chenbowen
@@ -1,6 +1,7 @@
|
||||
package com.zt.plat.framework.common.util.security;
|
||||
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
import com.zt.plat.framework.common.util.json.JsonUtils;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.KeyGenerator;
|
||||
@@ -126,7 +127,11 @@ public final class CryptoSignatureUtils {
|
||||
continue;
|
||||
}
|
||||
sb.append(key).append('=');
|
||||
sb.append(value);
|
||||
if (value instanceof String || value instanceof Number || value instanceof Boolean) {
|
||||
sb.append(value);
|
||||
} else {
|
||||
sb.append(JsonUtils.toJsonString(value));
|
||||
}
|
||||
sb.append('&');
|
||||
}
|
||||
if (sb.length() > 0) {
|
||||
|
||||
@@ -286,8 +286,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
|
||||
try {
|
||||
boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType);
|
||||
if (!valid) {
|
||||
log.error("[API-PORTAL] 签名校验失败");
|
||||
return;
|
||||
throw new SecurityValidationException(HttpStatus.UNAUTHORIZED, "签名校验失败");
|
||||
}
|
||||
} catch (IllegalArgumentException ex) {
|
||||
throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常");
|
||||
|
||||
@@ -15,6 +15,9 @@ import org.springframework.stereotype.Component;
|
||||
* 用户-部门关系变更消息 Producer
|
||||
* <p>
|
||||
* 负责发送用户与部门的关联关系变更事件
|
||||
* <p>
|
||||
* 注意:客户端系统(分公司)应该禁用此功能,避免形成消息循环
|
||||
* 配置项:zt.databus.change.producer.enabled=false
|
||||
*
|
||||
* @author ZT
|
||||
*/
|
||||
@@ -25,6 +28,16 @@ public class DatabusUserDeptChangeProducer {
|
||||
@Resource
|
||||
private RocketMQTemplate rocketMQTemplate;
|
||||
|
||||
/**
|
||||
* 是否启用变更消息发送
|
||||
* <p>
|
||||
* 默认值:false(安全优先,避免未配置时导致消息循环)
|
||||
* 集团侧(数据源):必须显式设置为 true,发送变更消息
|
||||
* 分公司侧(客户端):保持 false 或不配置,禁用变更消息,避免循环
|
||||
*/
|
||||
@Value("${zt.databus.change.producer.enabled:false}")
|
||||
private boolean enabled;
|
||||
|
||||
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
||||
private String topicPrefix;
|
||||
|
||||
@@ -98,6 +111,12 @@ public class DatabusUserDeptChangeProducer {
|
||||
* 发送消息到 MQ
|
||||
*/
|
||||
private void sendMessage(DatabusEventType eventType, DatabusUserDeptData data) {
|
||||
if (!enabled) {
|
||||
log.debug("[Databus] 变更消息发送已禁用, 跳过用户-部门关系变更消息, eventType={}, userId={}, deptId={}",
|
||||
eventType, data.getUserId(), data.getDeptId());
|
||||
return;
|
||||
}
|
||||
|
||||
DatabusMessage<DatabusUserDeptData> message = new DatabusMessage<>();
|
||||
message.setEventType(eventType);
|
||||
message.setData(data);
|
||||
|
||||
@@ -15,6 +15,9 @@ import org.springframework.stereotype.Component;
|
||||
* 用户-岗位关系变更消息 Producer
|
||||
* <p>
|
||||
* 负责发送用户与岗位的关联关系变更事件
|
||||
* <p>
|
||||
* 注意:客户端系统(分公司)应该禁用此功能,避免形成消息循环
|
||||
* 配置项:zt.databus.change.producer.enabled=false
|
||||
*
|
||||
* @author ZT
|
||||
*/
|
||||
@@ -25,6 +28,16 @@ public class DatabusUserPostChangeProducer {
|
||||
@Resource
|
||||
private RocketMQTemplate rocketMQTemplate;
|
||||
|
||||
/**
|
||||
* 是否启用变更消息发送
|
||||
* <p>
|
||||
* 默认值:false(安全优先,避免未配置时导致消息循环)
|
||||
* 集团侧(数据源):必须显式设置为 true,发送变更消息
|
||||
* 分公司侧(客户端):保持 false 或不配置,禁用变更消息,避免循环
|
||||
*/
|
||||
@Value("${zt.databus.change.producer.enabled:false}")
|
||||
private boolean enabled;
|
||||
|
||||
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
||||
private String topicPrefix;
|
||||
|
||||
@@ -96,6 +109,12 @@ public class DatabusUserPostChangeProducer {
|
||||
* 发送消息到 MQ
|
||||
*/
|
||||
private void sendMessage(DatabusEventType eventType, DatabusUserPostData data) {
|
||||
if (!enabled) {
|
||||
log.debug("[Databus] 变更消息发送已禁用, 跳过用户-岗位关系变更消息, eventType={}, userId={}, postId={}",
|
||||
eventType, data.getUserId(), data.getPostId());
|
||||
return;
|
||||
}
|
||||
|
||||
DatabusMessage<DatabusUserPostData> message = new DatabusMessage<>();
|
||||
message.setEventType(eventType);
|
||||
message.setData(data);
|
||||
|
||||
Reference in New Issue
Block a user