1. 修复 get 请求时，转义后的字符串解析签名会存在问题

2025-12-23 16:36:06 +08:00
parent ca87ed3c52
commit 7b1991cc1c
2 changed files with 42 additions and 22 deletions
--- a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
+++ b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
@@ -33,6 +33,7 @@ import org.springframework.web.util.ContentCachingResponseWrapper;
 import org.springframework.web.util.UriComponentsBuilder;
 import java.io.IOException;
 import java.net.URLDecoder;
 import java.net.URLEncoder;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
@@ -304,15 +305,28 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
                    .build()
                    .getQueryParams();
            params.forEach((key, values) -> {
-                if (!StringUtils.hasText(key) || "signature".equalsIgnoreCase(key)) {
+                String decodedKey = URLDecoder.decode(key, StandardCharsets.UTF_8);
                if (!StringUtils.hasText(decodedKey) || "signature".equalsIgnoreCase(decodedKey)) {
                    return;
                }
                if (CollectionUtils.isEmpty(values)) {
-                    target.put(key, "");
+                    target.put(decodedKey, "");
-                } else if (values.size() == 1) {
+                    return;
-                    target.put(key, values.get(0));
+                }
                // 对每一个 value 做 URL 解码，确保与客户端原文签名一致
                List<String> decodedValues = values.stream()
                        .map(val -> URLDecoder.decode(val, StandardCharsets.UTF_8))
                        .toList();
                boolean allNullLiteral = decodedValues.stream()
                        .allMatch(v -> "null".equals(v));
                if (allNullLiteral) {
                    // 过滤掉仅包含字符串 "null" 的参数
                    return;
                }
                if (decodedValues.size() == 1) {
                    target.put(decodedKey, decodedValues.get(0));
                } else {
-                    target.put(key, String.join(",", values));
+                    target.put(decodedKey, String.join(",", decodedValues));
                }
            });
        } catch (IllegalArgumentException ex) {
--- a/zt-module-databus/zt-module-databus-server/src/test/java/com/zt/plat/module/databus/framework/integration/gateway/sample/DatabusApiInvocationExample.java
+++ b/zt-module-databus/zt-module-databus-server/src/test/java/com/zt/plat/module/databus/framework/integration/gateway/sample/DatabusApiInvocationExample.java