Skip to content

X
xyqb-user2
Commit 8e6d1e2c authored by 贷前—徐菲's avatar 贷前—徐菲
Browse files
Options

Service不要依赖Servlet参数(Request) 

将geetest的配置参数加到apollo
parent 977ac720
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 513 additions and 505 deletions
src/main/java/cn/quantgroup/xyqb/Constants.java
View file @ 8e6d1e2c
......@@ -94,10 +94,6 @@ public interface Constants {
String AES_KEY = "ScnmRBhuQpo9kBdn";
String GEETEST_ID = "002bc30ff1eef93e912f45814945e752";
String GEETEST_KEY = "4193a0e3247b82a26f563d595c447b1a";
boolean NEW_FAIL_BACK = true;
String GT_SERVER_STATUS_SESSION_KEY = "gt_server_status";
String GT_SERVER_STATUS_USABLE = "1";
Long GT_SERVER_STATUS_EXIST_REDIS = 2L;
}
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
View file @ 8e6d1e2c
......@@ -3,6 +3,7 @@ package cn.quantgroup.xyqb.aspect.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import com.octo.captcha.service.CaptchaServiceException;
......@@ -45,7 +46,6 @@ public class CaptchaNewValidateAdvisor {
@Qualifier("customCaptchaService")
private AbstractManageableImageCaptchaService imageCaptchaService;
/**
* 自动化测试忽略验证码
*/
......@@ -66,32 +66,34 @@ public class CaptchaNewValidateAdvisor {
* @param pjp pjp
* @return
* @throws Throwable
* @return
*/
@Around("needCaptchaValidate()")
private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
//测试环境使用QG图形验证码
if(autoTestCaptchaEnabled){
quantgroupCaptchaValidate(pjp,request);
if (autoTestCaptchaEnabled) {
return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
}
String phoneNo = Optional.ofNullable(request.getParameter("phoneNo")).orElse("");
String captchaKey = Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo;
if (stringRedisTemplate.hasKey(captchaKey) && Constants.GT_SERVER_STATUS_USABLE.equals(stringRedisTemplate.opsForValue().get(captchaKey))) {
geetestCaptchaService.verifyLogin(phoneNo, request);
log.info("使用极验验证码,phoneNo:{}",phoneNo);
String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
geetestCaptchaService.verifyLogin(phoneNo, IPUtil.getRemoteIP(request), challenge, validate, seccode);
log.info("使用极验验证码,phoneNo:{}", phoneNo);
return pjp.proceed();
} else {
return quantgroupCaptchaValidate(pjp,request);
return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
}
}
private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp,HttpServletRequest request) throws Throwable {
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp, String registerFrom, String captchaId, String captchaValue, String remoteIp) throws Throwable {
if (isSkipCaptchaValidate(captchaId, captchaValue)) {
log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, remoteIp);
return pjp.proceed();
}
return verifyCaptchaOnline(pjp, captchaId, captchaValue);
......
src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java
View file @ 8e6d1e2c
......@@ -7,6 +7,7 @@ import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.service.captcha.qg.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.ValidationUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RequestMapping;
......@@ -38,12 +39,12 @@ public class NewCaptchaController {
log.info("[newCaptcha]获取验证码,phoneNo:{}", phoneNo);
GeetestLib gtSdk = geetestCaptchaService.getGeetestSdk();
if (geetestCaptchaService.getGeetestServerStatus(phoneNo, request, gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
if (geetestCaptchaService.getGeetestServerStatus(phoneNo, IPUtil.getRemoteIP(request), gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo);
return JsonResult.buildSuccessResult("", geetestCaptchaService.startCaptcha(gtSdk));
} else {
try {
return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request));
return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request.getLocale()));
} catch (Exception e) {
log.error("获取验证码失败e:{}", e);
return JsonResult.buildErrorStateResult("", "fail");
......@@ -57,4 +58,5 @@ public class NewCaptchaController {
return JsonResult.buildSuccessResult("", null);
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/GeetestCaptchaServiceImpl.java
View file @ 8e6d1e2c
......@@ -2,14 +2,13 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.PasswordUtil;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;
......@@ -23,43 +22,55 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
@Qualifier("stringRedisTemplate")
private RedisTemplate<String, String> stringRedisTemplate;
@Value("${gt.server.status.exist.time}")
private long gtServerStatusExistTime;
@Value("${geetest.captcha.id}")
private String captchaId;
@Value("${geetest.private.key}")
private String privateKey;
@Value("${geetest.new.fail.back}")
private boolean newFailback;
@Value("${geetest.api.url}")
private String apiUrl;
@Override
public GeetestLib getGeetestSdk() {
return new GeetestLib(Constants.GEETEST_ID, Constants.GEETEST_KEY, Constants.NEW_FAIL_BACK);
return new GeetestLib(captchaId, privateKey, newFailback,apiUrl);
}
@Override
public int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk) {
HashMap<String, String> param = getParam(phoneNo, request);
public int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk) {
HashMap<String, String> param = getParam(phoneNo, remoteIp);
int gtServerStatus = gtSdk.preProcess(param);
stringRedisTemplate.opsForValue().set(Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo,
Integer.toString(gtServerStatus), Constants.GT_SERVER_STATUS_EXIST_REDIS, TimeUnit.MINUTES);
Integer.toString(gtServerStatus), gtServerStatusExistTime, TimeUnit.MINUTES);
//进行验证预处理
return gtServerStatus;
}
private HashMap<String, String> getParam(String phoneNo, HttpServletRequest request) {
private HashMap<String, String> getParam(String phoneNo, String remoteIp) {
HashMap<String, String> param = new HashMap<>();
param.put("user_id", PasswordUtil.MD5(phoneNo));
param.put("client_type", "H5");
param.put("ip_address", IPUtil.getRemoteIP(request));
param.put("ip_address", remoteIp);
return param;
}
@Override
public String startCaptcha(GeetestLib gtSdk) {
return gtSdk.getResponseStr();
}
@Override
public int verifyLogin(String phoneNo, HttpServletRequest request) {
HashMap<String, String> param = getParam(phoneNo, request);
String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
public int verifyLogin(String phoneNo, String remoteIp, String challenge, String validate, String seccode) {
HashMap<String, String> param = getParam(phoneNo, remoteIp);
return getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param);
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/IGeetestCaptchaService.java
View file @ 8e6d1e2c
......@@ -2,8 +2,6 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import javax.servlet.http.HttpServletRequest;
/**
* @author xufei on 2018/1/30.
*/
......@@ -20,11 +18,11 @@ public interface IGeetestCaptchaService {
* 获取geetest服务器可用的状态
*
* @param phoneNo 用户的手机号
* @param request rq
* @param remoteIp ip
* @param gtSdk sdk
* @return 成功返回1, 失败返回0
*/
int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk);
int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk);
/**
* 获取geetest的验证码
......@@ -38,9 +36,11 @@ public interface IGeetestCaptchaService {
* 二次验证
*
* @param phoneNo 参数
* @param request rq
* @param seccode
* @param validate
* @param challenge
* @return 验证结果, 1表示验证成功0表示验证失败
*/
int verifyLogin(String phoneNo, HttpServletRequest request);
int verifyLogin(String phoneNo, String remoteIp,String challenge,String validate,String seccode);
}
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/IQuantgroupCaptchaService.java
View file @ 8e6d1e2c
package cn.quantgroup.xyqb.service.captcha.qg;
import javax.servlet.http.HttpServletRequest;
import java.util.Locale;
import java.util.Map;
/**
......@@ -10,9 +10,9 @@ public interface IQuantgroupCaptchaService {
/**
* QG获取验证码
*
* @param request rq
* @param locale
* @return map
* @throws Exception EX
*/
Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception;
Map<String, String> fetchCaptcha(Locale locale) throws Exception;
}
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/QuantgroupCaptchaServiceImpl.java
View file @ 8e6d1e2c
......@@ -9,10 +9,10 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
......@@ -20,7 +20,7 @@ import java.util.UUID;
* @author xufei on 2018/1/30.
*/
@Service
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
private static final String IMAGE_FORMAT_PNG = "png";
private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
......@@ -35,9 +35,9 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{
private AbstractManageableImageCaptchaService imageCaptchaService;
@Override
public Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception{
public Map<String, String> fetchCaptcha(Locale locale) throws Exception {
String imageId = UUID.randomUUID().toString();
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale());
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, locale);
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment