签名校验，模板名称格式限制

7b5c8a80 · qinxunjia · c97c7204 · 7b5c8a80 · 7b5c8a80 · 7b5c8a80
Commit 7b5c8a80 authored Jun 19, 2020 by qinxunjia
10 changed files
--- a/src/main/java/com/bgy/sms/channel/api/DmHubApi.java
+++ b/src/main/java/com/bgy/sms/channel/api/DmHubApi.java
 package com.bgy.sms.channel.api;
 import com.alibaba.fastjson.JSONObject;
+import com.bgy.sms.channel.dmHub.config.DmHubConfig;
 import com.bgy.sms.channel.dto.*;
 import com.bgy.sms.config.ResponseCode;
 import com.bgy.sms.service.MessageService;
+import com.bgy.util.Md5Util;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletRequest;
 @SuppressWarnings("Duplicates")
 @RestController
 @RequestMapping()
@@ -25,10 +29,14 @@ public class DmHubApi {
     * @return
     */
    @PostMapping("/sms/template")
-    public DmHubResponse template(@RequestBody DmHubTemplateRequest params) {
+    public DmHubResponse template(@RequestBody DmHubTemplateRequest params, String appId, String timestamp, String signature) {
-        log.info("**********创建模板接口入参*******：{}", JSONObject.toJSONString(params));
+        log.info("**********创建模板接口入参*******：{},\r\n appId:{},timestamp:{},signature:{}", JSONObject.toJSONString(params), appId, timestamp, signature);
        DmHubResponse response;
        try {
+            boolean checkResult = this.checkSignature(timestamp, signature);
+            if (!checkResult) {
+                return new DmHubResponse("555", "签名校验不通过");
+            }
            response = messageService.createTemplate(params);
        } catch (Exception e) {
            log.error("创建模板短信异常", e);
@@ -44,10 +52,14 @@ public class DmHubApi {
     * @return
     */
    @PostMapping("/sms/verifyCode")
-    public DmHubResponse verifyCode(@RequestBody DmHubCodeRequest params) {
+    public DmHubResponse verifyCode(@RequestBody DmHubCodeRequest params, String appId, String timestamp, String signature) {
-        log.info("**********发送短信验证码*******：{}", JSONObject.toJSONString(params));
+        log.info("**********发送短信验证码*******：{},\r\n appId:{},timestamp:{},signature:{}", JSONObject.toJSONString(params), appId, timestamp, signature);
        DmHubResponse response;
        try {
+            boolean checkResult = this.checkSignature(timestamp, signature);
+            if (!checkResult) {
+                return new DmHubResponse("555", "签名校验不通过");
+            }
            response = messageService.sendCode(params);
        } catch (Exception e) {
            log.error("发送验证码短信异常", e);
@@ -64,10 +76,14 @@ public class DmHubApi {
     * @return
     */
    @PostMapping("/sms/batch")
-    public DmHubResponse batch(@RequestBody DmHubBatchSendRequest request) {
+    public DmHubResponse batch(@RequestBody DmHubBatchSendRequest request, String appId, String timestamp, String signature) {
-        log.info("**********批量发送入参*******：{}", JSONObject.toJSONString(request));
+        log.info("**********批量发送入参*******：{},\r\n appId:{},timestamp:{},signature:{}", JSONObject.toJSONString(request), appId, timestamp, signature);
        DmHubResponse response;
        try {
+            boolean checkResult = this.checkSignature(timestamp, signature);
+            if (!checkResult) {
+                return new DmHubResponse("555", "签名校验不通过");
+            }
            response = messageService.batchSendOneByOne(request);
        } catch (Exception e) {
            log.error("发送批量短信异常", e);
@@ -77,16 +93,29 @@ public class DmHubApi {
        return response;
    }
+    public boolean checkSignature(String timestamp, String signature) {
+        String encrypt = Md5Util.encrypt(DmHubConfig.appId + DmHubConfig.appSecret + timestamp);
+        if (!encrypt.equals(signature)) {
+            return false;
+        }
+        return true;
+    }
    /**
     * 发送单条（通知或营销类）
     *
     * @return
     */
    @RequestMapping("/sms/send")
-    public DmHubResponse send(@RequestBody DmHubSendRequest request) {
+    public DmHubResponse send(@RequestBody DmHubSendRequest request, String appId, String timestamp, String signature) {
-        log.info("**********单条发送入参*******：{}", JSONObject.toJSONString(request));
+        log.info("**********单条发送入参*******：{},\r\n appId:{},timestamp:{},signature:{}", JSONObject.toJSONString(request), appId, timestamp, signature);
        DmHubResponse response;
        try {
+            boolean checkResult = this.checkSignature(timestamp, signature);
+            if (!checkResult) {
+                return new DmHubResponse("555", "签名校验不通过");
+            }
            response = messageService.send(request);
        } catch (Exception e) {
            log.error("发送单条短信异常", e);

--- a/src/main/java/com/bgy/sms/channel/bgy/service/BgySmsService.java
+++ b/src/main/java/com/bgy/sms/channel/bgy/service/BgySmsService.java
@@ -5,8 +5,7 @@ import com.bgy.sms.channel.bgy.dto.CLBizResponse;
 public interface BgySmsService {
+    CLBizResponse sendSms(String mobile, String content, String areaId) throws Exception;
-    CLBizResponse sendSms(String mobile, String content) throws Exception;
 }
--- a/src/main/java/com/bgy/sms/channel/bgy/service/impl/BgySmsServiceImpl.java
+++ b/src/main/java/com/bgy/sms/channel/bgy/service/impl/BgySmsServiceImpl.java
@@ -39,10 +39,10 @@ public class BgySmsServiceImpl implements BgySmsService {
    private DmHubService dmHubService;
    @Override
-    public CLBizResponse sendSms(String mobile, String content) throws Exception {
+    public CLBizResponse sendSms(String mobile, String content, String areaId) throws Exception {
        log.info("进入碧桂园短信发送接口");
        String appId = BgySMSConfig.appId;
-        String areaId = BgySMSConfig.areaId;
+//        String areaId = BgySMSConfig.areaId;
        String securityCode = BgySMSConfig.securityCode;
        String url = BgySMSConfig.url;
        String api = BgySMSConfig.api;

--- a/src/main/java/com/bgy/sms/channel/dmHub/config/DmHubConfig.java
+++ b/src/main/java/com/bgy/sms/channel/dmHub/config/DmHubConfig.java
@@ -13,14 +13,14 @@ public class DmHubConfig {
    public static String applicationKey;
    public static String tokenUrl;
    public static String report;
+    public static String appId;
+    public static String appSecret;
    @Value("${system.config.dmHub.applicationId}")
    public void setApplicationId(String applicationId) {
        DmHubConfig.applicationId = applicationId;
    }
    @Value("{system.config.dmHub.applicationKey}")
    public void setApplicationKey(String applicationKey) {
        DmHubConfig.applicationKey = applicationKey;
@@ -36,5 +36,15 @@ public class DmHubConfig {
        DmHubConfig.report = report;
    }
+    @Value("{system.config.dmHub.appId}")
+    public void setAppId(String appId) {
+        DmHubConfig.appId = appId;
+    }
+    @Value("{system.config.dmHub.appSecret}")
+    public void setAppSecret(String appSecret) {
+        DmHubConfig.appSecret = appSecret;
+    }
 }
--- a/src/main/java/com/bgy/sms/channel/dmHub/service/impl/DmHubServiceImpl.java
+++ b/src/main/java/com/bgy/sms/channel/dmHub/service/impl/DmHubServiceImpl.java
@@ -63,7 +63,6 @@ public class DmHubServiceImpl implements DmHubService {
                    redisTemplate.opsForValue().set(TOKEN_KEY, accessToken, exTime, TimeUnit.SECONDS);
                    return accessToken;
                } else {
-                    // TODO 系统告警，获取API接口TOKEN失败。
                    return null;
                }
            }

--- a/src/main/java/com/bgy/sms/service/MessageService.java
+++ b/src/main/java/com/bgy/sms/service/MessageService.java
@@ -20,14 +20,6 @@ public interface MessageService {
     */
    DmHubResponse send(DmHubSendRequest requestDTO);
-    /**
-     * DM hub批量发送短信接口
-     *
-     * @param requestDTO
-     * @return
-     */
-    DmHubResponse batchSend(DmHubBatchSendRequest requestDTO);
    /**
     * DM hub批量发送短信接口
     *

--- a/src/main/java/com/bgy/sms/service/impl/MessageServiceImpl.java
+++ b/src/main/java/com/bgy/sms/service/impl/MessageServiceImpl.java
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -40,6 +40,8 @@ system:
      applicationKey: 4017078e9dfd593b2d9a0ede58eff589644fbe50
      tokenUrl: https://api.convertlab.com/security/accesstoken
      report: https://api.convertlab.com/v1/sms/report
+      appId: 1smsdemo
+      appSecret: ac031765c3a8c9acc4747808e4fe5918
 logging:
  level: debug

--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@@ -41,6 +41,8 @@ system:
      applicationKey: 4017078e9dfd593b2d9a0ede58eff589644fbe50
      tokenUrl: https://api.convertlab.com/security/accesstoken
      report: https://api.convertlab.com/v1/sms/report
+      appId: 1smsdemo
+      appSecret: ac031765c3a8c9acc4747808e4fe5918
 logging:
  level: error

--- a/src/main/resources/application-test.yml
+++ b/src/main/resources/application-test.yml
@@ -40,6 +40,8 @@ system:
      applicationKey: 4017078e9dfd593b2d9a0ede58eff589644fbe50
      tokenUrl: https://api.convertlab.com/security/accesstoken
      report: https://api.convertlab.com/v1/sms/report
+      appId: 1smsdemo
+      appSecret: ac031765c3a8c9acc4747808e4fe5918
 logging:
  level: debug