hace 1 año · 22bc6c6cbd
--- a/src/main/java/com/smppw/analysis/infrastructure/components/ApiSignInterceptor.java
+++ b/src/main/java/com/smppw/analysis/infrastructure/components/ApiSignInterceptor.java
@@ -68,6 +68,7 @@ public class ApiSignInterceptor implements HandlerInterceptor {
 
				         }
			
 
				         String appSecret = appSign.getAppSecret();
			
 
				         Map<String, String[]> parameterMap = request.getParameterMap();
			
 
				+        parameterMap.entrySet().removeIf(next -> "appKey".equalsIgnoreCase(next.getKey()));
			
 
				         String paramsSign = SignUtil.signParamsMd5(parameterMap, appSecret, timestamp);
			
 
				         if (!sign.equalsIgnoreCase(paramsSign)) {
			
 
				             this.writeFailJson(response, "签名验证失败");
			
--- a/src/main/java/com/smppw/analysis/infrastructure/utils/CommonUtils.java
+++ b/src/main/java/com/smppw/analysis/infrastructure/utils/CommonUtils.java
@@ -2,11 +2,14 @@ package com.smppw.analysis.infrastructure.utils;
 
				 
			
 
				 import cn.hutool.core.collection.ListUtil;
			
 
				 import cn.hutool.core.util.StrUtil;
			
 
				+import cn.hutool.crypto.SignUtil;
			
 
				 import cn.hutool.json.JSONUtil;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
 
				 
			
 
				+import java.util.HashMap;
			
 
				 import java.util.List;
			
 
				+import java.util.Map;
			
 
				 
			
 
				 public class CommonUtils {
			
 
				     private static final Logger logger = LoggerFactory.getLogger(CommonUtils.class);
			
@@ -44,4 +47,14 @@ public class CommonUtils {
 
				         }
			
 
				         return null;
			
 
				     }
			
 
				+
			
 
				+    public static void main(String[] args) {
			
 
				+        String appSecret = "abcdef";
			
 
				+        String timestamp = "1691991341095";
			
 
				+        Map<String, Object> params = new HashMap<>();
			
 
				+        params.put("secId", "MF00005JMD");
			
 
				+        params.put("indexIds", ListUtil.of("IN00000008", "IN0000000M"));
			
 
				+        String sign = SignUtil.signParamsMd5(params, appSecret, timestamp);
			
 
				+        System.out.println(sign);
			
 
				+    }
			
 
				 }
			
--- a/src/main/resources/application-toc.yaml
+++ b/src/main/resources/application-toc.yaml
@@ -69,7 +69,7 @@ smppw:
 
				       cache-type: redis # 缓存类型，支持redis和memory；如果是redis必须配置redis
			
 
				       app-signs:
			
 
				         - app-key: ppw-toc
			
 
				-          app-secret: xxxxxx
			
 
				+          app-secret: abcdef
			
 
				           enabled: true
			
 
				         - app-key: ppw-tob
			
 
				       enable-sign: false
			
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -73,7 +73,7 @@ smppw:
 
				       enable-sign: false
			
 
				       app-signs:
			
 
				         - app-key: ppw-toc
			
 
				-          app-secret: xxxxxx
			
 
				+          app-secret: abcdef
			
 
				           enabled: true
			
 
				           timeout: 360000 # 6分钟
			
 
				         - app-key: ppw-tob