Skip to content

X
xyqb-user2
Commit 8e6d1e2c authored by 贷前—徐菲's avatar 贷前—徐菲
Browse files
Options

Service不要依赖Servlet参数(Request) 

将geetest的配置参数加到apollo
parent 977ac720
Show whitespace changes
Inline Side-by-side
Showing with 513 additions and 505 deletions
src/main/java/cn/quantgroup/xyqb/Constants.java
View file @ 8e6d1e2c
......@@ -94,10 +94,6 @@ public interface Constants {
String AES_KEY = "ScnmRBhuQpo9kBdn";
String GEETEST_ID = "002bc30ff1eef93e912f45814945e752";
String GEETEST_KEY = "4193a0e3247b82a26f563d595c447b1a";
boolean NEW_FAIL_BACK = true;
String GT_SERVER_STATUS_SESSION_KEY = "gt_server_status";
String GT_SERVER_STATUS_USABLE = "1";
Long GT_SERVER_STATUS_EXIST_REDIS = 2L;
}
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
View file @ 8e6d1e2c
......@@ -3,6 +3,7 @@ package cn.quantgroup.xyqb.aspect.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import com.octo.captcha.service.CaptchaServiceException;
......@@ -45,7 +46,6 @@ public class CaptchaNewValidateAdvisor {
@Qualifier("customCaptchaService")
private AbstractManageableImageCaptchaService imageCaptchaService;
/**
* 自动化测试忽略验证码
*/
......@@ -66,32 +66,34 @@ public class CaptchaNewValidateAdvisor {
* @param pjp pjp
* @return
* @throws Throwable
* @return
*/
@Around("needCaptchaValidate()")
private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
//测试环境使用QG图形验证码
if(autoTestCaptchaEnabled){
quantgroupCaptchaValidate(pjp,request);
if (autoTestCaptchaEnabled) {
return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
}
String phoneNo = Optional.ofNullable(request.getParameter("phoneNo")).orElse("");
String captchaKey = Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo;
if (stringRedisTemplate.hasKey(captchaKey) && Constants.GT_SERVER_STATUS_USABLE.equals(stringRedisTemplate.opsForValue().get(captchaKey))) {
geetestCaptchaService.verifyLogin(phoneNo, request);
log.info("使用极验验证码,phoneNo:{}",phoneNo);
String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
geetestCaptchaService.verifyLogin(phoneNo, IPUtil.getRemoteIP(request), challenge, validate, seccode);
log.info("使用极验验证码,phoneNo:{}", phoneNo);
return pjp.proceed();
} else {
return quantgroupCaptchaValidate(pjp,request);
return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
}
}
private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp,HttpServletRequest request) throws Throwable {
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp, String registerFrom, String captchaId, String captchaValue, String remoteIp) throws Throwable {
if (isSkipCaptchaValidate(captchaId, captchaValue)) {
log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, remoteIp);
return pjp.proceed();
}
return verifyCaptchaOnline(pjp, captchaId, captchaValue);
......
src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java
View file @ 8e6d1e2c
......@@ -7,6 +7,7 @@ import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.service.captcha.qg.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.ValidationUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RequestMapping;
......@@ -38,12 +39,12 @@ public class NewCaptchaController {
log.info("[newCaptcha]获取验证码,phoneNo:{}", phoneNo);
GeetestLib gtSdk = geetestCaptchaService.getGeetestSdk();
if (geetestCaptchaService.getGeetestServerStatus(phoneNo, request, gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
if (geetestCaptchaService.getGeetestServerStatus(phoneNo, IPUtil.getRemoteIP(request), gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo);
return JsonResult.buildSuccessResult("", geetestCaptchaService.startCaptcha(gtSdk));
} else {
try {
return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request));
return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request.getLocale()));
} catch (Exception e) {
log.error("获取验证码失败e:{}", e);
return JsonResult.buildErrorStateResult("", "fail");
......@@ -57,4 +58,5 @@ public class NewCaptchaController {
return JsonResult.buildSuccessResult("", null);
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/GeetestCaptchaServiceImpl.java
View file @ 8e6d1e2c
......@@ -2,14 +2,13 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.PasswordUtil;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;
......@@ -23,43 +22,55 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
@Qualifier("stringRedisTemplate")
private RedisTemplate<String, String> stringRedisTemplate;
@Value("${gt.server.status.exist.time}")
private long gtServerStatusExistTime;
@Value("${geetest.captcha.id}")
private String captchaId;
@Value("${geetest.private.key}")
private String privateKey;
@Value("${geetest.new.fail.back}")
private boolean newFailback;
@Value("${geetest.api.url}")
private String apiUrl;
@Override
public GeetestLib getGeetestSdk() {
return new GeetestLib(Constants.GEETEST_ID, Constants.GEETEST_KEY, Constants.NEW_FAIL_BACK);
return new GeetestLib(captchaId, privateKey, newFailback,apiUrl);
}
@Override
public int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk) {
HashMap<String, String> param = getParam(phoneNo, request);
public int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk) {
HashMap<String, String> param = getParam(phoneNo, remoteIp);
int gtServerStatus = gtSdk.preProcess(param);
stringRedisTemplate.opsForValue().set(Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo,
Integer.toString(gtServerStatus), Constants.GT_SERVER_STATUS_EXIST_REDIS, TimeUnit.MINUTES);
Integer.toString(gtServerStatus), gtServerStatusExistTime, TimeUnit.MINUTES);
//进行验证预处理
return gtServerStatus;
}
private HashMap<String, String> getParam(String phoneNo, HttpServletRequest request) {
private HashMap<String, String> getParam(String phoneNo, String remoteIp) {
HashMap<String, String> param = new HashMap<>();
param.put("user_id", PasswordUtil.MD5(phoneNo));
param.put("client_type", "H5");
param.put("ip_address", IPUtil.getRemoteIP(request));
param.put("ip_address", remoteIp);
return param;
}
@Override
public String startCaptcha(GeetestLib gtSdk) {
return gtSdk.getResponseStr();
}
@Override
public int verifyLogin(String phoneNo, HttpServletRequest request) {
HashMap<String, String> param = getParam(phoneNo, request);
String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
public int verifyLogin(String phoneNo, String remoteIp, String challenge, String validate, String seccode) {
HashMap<String, String> param = getParam(phoneNo, remoteIp);
return getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param);
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/IGeetestCaptchaService.java
View file @ 8e6d1e2c
......@@ -2,8 +2,6 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import javax.servlet.http.HttpServletRequest;
/**
* @author xufei on 2018/1/30.
*/
......@@ -20,11 +18,11 @@ public interface IGeetestCaptchaService {
* 获取geetest服务器可用的状态
*
* @param phoneNo 用户的手机号
* @param request rq
* @param remoteIp ip
* @param gtSdk sdk
* @return 成功返回1, 失败返回0
*/
int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk);
int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk);
/**
* 获取geetest的验证码
......@@ -38,9 +36,11 @@ public interface IGeetestCaptchaService {
* 二次验证
*
* @param phoneNo 参数
* @param request rq
* @param seccode
* @param validate
* @param challenge
* @return 验证结果, 1表示验证成功0表示验证失败
*/
int verifyLogin(String phoneNo, HttpServletRequest request);
int verifyLogin(String phoneNo, String remoteIp,String challenge,String validate,String seccode);
}
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/sdk/GeetestLib.java
View file @ 8e6d1e2c
......@@ -21,7 +21,7 @@ public class GeetestLib {
protected final String verName = "4.0";
protected final String sdkLang = "java";
protected final String apiUrl = "http://api.geetest.com";
private String apiUrl;
protected final String registerUrl = "/register.php";
protected final String validateUrl = "/validate.php";
......@@ -46,12 +46,12 @@ public class GeetestLib {
/**
* 公钥
*/
private String captchaId = "727ec78533a733f77f79e3d9b0d563a7";
private String captchaId;
/**
* 私钥
*/
private String privateKey = "302375ff36a227e81632b42d023f9944";
private String privateKey;
/**
* 是否开启新的failback
......@@ -79,11 +79,12 @@ public class GeetestLib {
* @param captchaId
* @param privateKey
*/
public GeetestLib(String captchaId, String privateKey, boolean newFailback) {
public GeetestLib(String captchaId, String privateKey, boolean newFailback,String apiUrl) {
this.captchaId = captchaId;
this.privateKey = privateKey;
this.newFailback = newFailback;
this.apiUrl = apiUrl;
}
/**
......@@ -136,7 +137,6 @@ public class GeetestLib {
/**
* 预处理成功后的标准串
*
*/
private String getSuccessPreProcessRes(String challenge) {
......@@ -182,7 +182,7 @@ public class GeetestLib {
*
* @return 1表示注册成功,0表示注册失败
*/
private int registerChallenge(HashMap<String, String>data) {
private int registerChallenge(HashMap<String, String> data) {
try {
String userId = data.get("user_id");
......@@ -192,19 +192,19 @@ public class GeetestLib {
String getUrl = apiUrl + registerUrl + "?";
String param = "gt=" + this.captchaId + "&json_format=" + this.json_format;
if (userId != null){
if (userId != null) {
param = param + "&user_id=" + userId;
}
if (clientType != null){
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null){
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
gtlog("GET_URL:" + getUrl + param);
String result_str = readContentFromGet(getUrl + param);
if (result_str == "fail"){
if (result_str == "fail") {
gtlog("gtServer register challenge failed");
return 0;
......@@ -223,8 +223,7 @@ public class GeetestLib {
return 1;
}
else {
} else {
gtlog("gtServer register challenge error");
......@@ -301,7 +300,7 @@ public class GeetestLib {
* @param challenge
* @param validate
* @param seccode
* @return 验证结果,1表示验证成功0表示验证失败
* @return 验证结果, 1表示验证成功0表示验证失败
*/
public int enhencedValidateRequest(String challenge, String validate, String seccode, HashMap<String, String> data) {
......@@ -321,13 +320,13 @@ public class GeetestLib {
String param = String.format("challenge=%s&validate=%s&seccode=%s&json_format=%s",
challenge, validate, seccode, this.json_format);
if (userId != null){
if (userId != null) {
param = param + "&user_id=" + userId;
}
if (clientType != null){
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null){
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
......@@ -394,7 +393,7 @@ public class GeetestLib {
* @param challenge
* @param validate
* @param seccode
* @return 验证结果,1表示验证成功0表示验证失败
* @return 验证结果, 1表示验证成功0表示验证失败
*/
public int failbackValidateRequest(String challenge, String validate, String seccode) {
......@@ -450,15 +449,14 @@ public class GeetestLib {
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1;) {
for (int n; (n = inStream.read(buf)) != -1; ) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
}
else {
} else {
return "fail";
}
......@@ -501,15 +499,14 @@ public class GeetestLib {
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1;) {
for (int n; (n = inStream.read(buf)) != -1; ) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
}
else {
} else {
return "fail";
}
......@@ -518,9 +515,9 @@ public class GeetestLib {
/**
* md5 加密
*
* @time 2014年7月10日 下午3:30:01
* @param plainText
* @return
* @time 2014年7月10日 下午3:30:01
*/
private String md5Encode(String plainText) {
String re_md5 = new String();
......@@ -532,10 +529,10 @@ public class GeetestLib {
StringBuffer buf = new StringBuffer("");
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0){
if (i < 0) {
i += 256;
}
if (i < 16){
if (i < 16) {
buf.append("0");
}
buf.append(Integer.toHexString(i));
......
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/IQuantgroupCaptchaService.java
View file @ 8e6d1e2c
package cn.quantgroup.xyqb.service.captcha.qg;
import javax.servlet.http.HttpServletRequest;
import java.util.Locale;
import java.util.Map;
/**
......@@ -10,9 +10,9 @@ public interface IQuantgroupCaptchaService {
/**
* QG获取验证码
*
* @param request rq
* @param locale
* @return map
* @throws Exception EX
*/
Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception;
Map<String, String> fetchCaptcha(Locale locale) throws Exception;
}
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/QuantgroupCaptchaServiceImpl.java
View file @ 8e6d1e2c
......@@ -9,10 +9,10 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
......@@ -20,7 +20,7 @@ import java.util.UUID;
* @author xufei on 2018/1/30.
*/
@Service
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
private static final String IMAGE_FORMAT_PNG = "png";
private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
......@@ -35,9 +35,9 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{
private AbstractManageableImageCaptchaService imageCaptchaService;
@Override
public Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception{
public Map<String, String> fetchCaptcha(Locale locale) throws Exception {
String imageId = UUID.randomUUID().toString();
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale());
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, locale);
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment