Merge branch 'dev' into test
This commit is contained in:
chenbowen
@@ -1,6 +1,7 @@
|
|||||||
package com.zt.plat.framework.common.util.security;
|
package com.zt.plat.framework.common.util.security;
|
||||||
|
|
||||||
import cn.hutool.crypto.SecureUtil;
|
import cn.hutool.crypto.SecureUtil;
|
||||||
|
import com.zt.plat.framework.common.util.json.JsonUtils;
|
||||||
|
|
||||||
import javax.crypto.Cipher;
|
import javax.crypto.Cipher;
|
||||||
import javax.crypto.KeyGenerator;
|
import javax.crypto.KeyGenerator;
|
||||||
@@ -126,7 +127,11 @@ public final class CryptoSignatureUtils {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
sb.append(key).append('=');
|
sb.append(key).append('=');
|
||||||
sb.append(value);
|
if (value instanceof String || value instanceof Number || value instanceof Boolean) {
|
||||||
|
sb.append(value);
|
||||||
|
} else {
|
||||||
|
sb.append(JsonUtils.toJsonString(value));
|
||||||
|
}
|
||||||
sb.append('&');
|
sb.append('&');
|
||||||
}
|
}
|
||||||
if (sb.length() > 0) {
|
if (sb.length() > 0) {
|
||||||
|
|||||||
@@ -286,8 +286,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
|
|||||||
try {
|
try {
|
||||||
boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType);
|
boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType);
|
||||||
if (!valid) {
|
if (!valid) {
|
||||||
log.error("[API-PORTAL] 签名校验失败");
|
throw new SecurityValidationException(HttpStatus.UNAUTHORIZED, "签名校验失败");
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
} catch (IllegalArgumentException ex) {
|
} catch (IllegalArgumentException ex) {
|
||||||
throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常");
|
throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常");
|
||||||
|
|||||||
@@ -15,6 +15,9 @@ import org.springframework.stereotype.Component;
|
|||||||
* 用户-部门关系变更消息 Producer
|
* 用户-部门关系变更消息 Producer
|
||||||
* <p>
|
* <p>
|
||||||
* 负责发送用户与部门的关联关系变更事件
|
* 负责发送用户与部门的关联关系变更事件
|
||||||
|
* <p>
|
||||||
|
* 注意:客户端系统(分公司)应该禁用此功能,避免形成消息循环
|
||||||
|
* 配置项:zt.databus.change.producer.enabled=false
|
||||||
*
|
*
|
||||||
* @author ZT
|
* @author ZT
|
||||||
*/
|
*/
|
||||||
@@ -25,6 +28,16 @@ public class DatabusUserDeptChangeProducer {
|
|||||||
@Resource
|
@Resource
|
||||||
private RocketMQTemplate rocketMQTemplate;
|
private RocketMQTemplate rocketMQTemplate;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 是否启用变更消息发送
|
||||||
|
* <p>
|
||||||
|
* 默认值:false(安全优先,避免未配置时导致消息循环)
|
||||||
|
* 集团侧(数据源):必须显式设置为 true,发送变更消息
|
||||||
|
* 分公司侧(客户端):保持 false 或不配置,禁用变更消息,避免循环
|
||||||
|
*/
|
||||||
|
@Value("${zt.databus.change.producer.enabled:false}")
|
||||||
|
private boolean enabled;
|
||||||
|
|
||||||
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
||||||
private String topicPrefix;
|
private String topicPrefix;
|
||||||
|
|
||||||
@@ -98,6 +111,12 @@ public class DatabusUserDeptChangeProducer {
|
|||||||
* 发送消息到 MQ
|
* 发送消息到 MQ
|
||||||
*/
|
*/
|
||||||
private void sendMessage(DatabusEventType eventType, DatabusUserDeptData data) {
|
private void sendMessage(DatabusEventType eventType, DatabusUserDeptData data) {
|
||||||
|
if (!enabled) {
|
||||||
|
log.debug("[Databus] 变更消息发送已禁用, 跳过用户-部门关系变更消息, eventType={}, userId={}, deptId={}",
|
||||||
|
eventType, data.getUserId(), data.getDeptId());
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
DatabusMessage<DatabusUserDeptData> message = new DatabusMessage<>();
|
DatabusMessage<DatabusUserDeptData> message = new DatabusMessage<>();
|
||||||
message.setEventType(eventType);
|
message.setEventType(eventType);
|
||||||
message.setData(data);
|
message.setData(data);
|
||||||
|
|||||||
@@ -15,6 +15,9 @@ import org.springframework.stereotype.Component;
|
|||||||
* 用户-岗位关系变更消息 Producer
|
* 用户-岗位关系变更消息 Producer
|
||||||
* <p>
|
* <p>
|
||||||
* 负责发送用户与岗位的关联关系变更事件
|
* 负责发送用户与岗位的关联关系变更事件
|
||||||
|
* <p>
|
||||||
|
* 注意:客户端系统(分公司)应该禁用此功能,避免形成消息循环
|
||||||
|
* 配置项:zt.databus.change.producer.enabled=false
|
||||||
*
|
*
|
||||||
* @author ZT
|
* @author ZT
|
||||||
*/
|
*/
|
||||||
@@ -25,6 +28,16 @@ public class DatabusUserPostChangeProducer {
|
|||||||
@Resource
|
@Resource
|
||||||
private RocketMQTemplate rocketMQTemplate;
|
private RocketMQTemplate rocketMQTemplate;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 是否启用变更消息发送
|
||||||
|
* <p>
|
||||||
|
* 默认值:false(安全优先,避免未配置时导致消息循环)
|
||||||
|
* 集团侧(数据源):必须显式设置为 true,发送变更消息
|
||||||
|
* 分公司侧(客户端):保持 false 或不配置,禁用变更消息,避免循环
|
||||||
|
*/
|
||||||
|
@Value("${zt.databus.change.producer.enabled:false}")
|
||||||
|
private boolean enabled;
|
||||||
|
|
||||||
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
@Value("${zt.databus.change.topic-prefix:databus-change}")
|
||||||
private String topicPrefix;
|
private String topicPrefix;
|
||||||
|
|
||||||
@@ -96,6 +109,12 @@ public class DatabusUserPostChangeProducer {
|
|||||||
* 发送消息到 MQ
|
* 发送消息到 MQ
|
||||||
*/
|
*/
|
||||||
private void sendMessage(DatabusEventType eventType, DatabusUserPostData data) {
|
private void sendMessage(DatabusEventType eventType, DatabusUserPostData data) {
|
||||||
|
if (!enabled) {
|
||||||
|
log.debug("[Databus] 变更消息发送已禁用, 跳过用户-岗位关系变更消息, eventType={}, userId={}, postId={}",
|
||||||
|
eventType, data.getUserId(), data.getPostId());
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
DatabusMessage<DatabusUserPostData> message = new DatabusMessage<>();
|
DatabusMessage<DatabusUserPostData> message = new DatabusMessage<>();
|
||||||
message.setEventType(eventType);
|
message.setEventType(eventType);
|
||||||
message.setData(data);
|
message.setData(data);
|
||||||
|
|||||||
Reference in New Issue
Block a user