Skip to content

X
xyqb-user2
Commit 8e6d1e2c authored by 贷前—徐菲's avatar 贷前—徐菲
Browse files
Options

Service不要依赖Servlet参数(Request) 

将geetest的配置参数加到apollo
parent 977ac720
Hide whitespace changes
Inline Side-by-side
Showing with 513 additions and 505 deletions
src/main/java/cn/quantgroup/xyqb/Constants.java
View file @ 8e6d1e2c
...@@ -94,10 +94,6 @@ public interface Constants { ...@@ -94,10 +94,6 @@ public interface Constants {
String AES_KEY = "ScnmRBhuQpo9kBdn"; String AES_KEY = "ScnmRBhuQpo9kBdn";
String GEETEST_ID = "002bc30ff1eef93e912f45814945e752";
String GEETEST_KEY = "4193a0e3247b82a26f563d595c447b1a";
boolean NEW_FAIL_BACK = true;
String GT_SERVER_STATUS_SESSION_KEY = "gt_server_status"; String GT_SERVER_STATUS_SESSION_KEY = "gt_server_status";
String GT_SERVER_STATUS_USABLE = "1"; String GT_SERVER_STATUS_USABLE = "1";
Long GT_SERVER_STATUS_EXIST_REDIS = 2L;
} }
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
View file @ 8e6d1e2c
...@@ -3,6 +3,7 @@ package cn.quantgroup.xyqb.aspect.captcha; ...@@ -3,6 +3,7 @@ package cn.quantgroup.xyqb.aspect.captcha;
import cn.quantgroup.xyqb.Constants; import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.JsonResult; import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService; import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService; import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil; import cn.quantgroup.xyqb.util.IPUtil;
import com.octo.captcha.service.CaptchaServiceException; import com.octo.captcha.service.CaptchaServiceException;
...@@ -45,7 +46,6 @@ public class CaptchaNewValidateAdvisor { ...@@ -45,7 +46,6 @@ public class CaptchaNewValidateAdvisor {
@Qualifier("customCaptchaService") @Qualifier("customCaptchaService")
private AbstractManageableImageCaptchaService imageCaptchaService; private AbstractManageableImageCaptchaService imageCaptchaService;
/** /**
* 自动化测试忽略验证码 * 自动化测试忽略验证码
*/ */
...@@ -66,32 +66,34 @@ public class CaptchaNewValidateAdvisor { ...@@ -66,32 +66,34 @@ public class CaptchaNewValidateAdvisor {
* @param pjp pjp * @param pjp pjp
* @return * @return
* @throws Throwable * @throws Throwable
* @return
*/ */
@Around("needCaptchaValidate()") @Around("needCaptchaValidate()")
private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable { private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
//测试环境使用QG图形验证码 //测试环境使用QG图形验证码
if(autoTestCaptchaEnabled){ if (autoTestCaptchaEnabled) {
quantgroupCaptchaValidate(pjp,request); return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
} }
String phoneNo = Optional.ofNullable(request.getParameter("phoneNo")).orElse(""); String phoneNo = Optional.ofNullable(request.getParameter("phoneNo")).orElse("");
String captchaKey = Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo; String captchaKey = Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo;
if (stringRedisTemplate.hasKey(captchaKey) && Constants.GT_SERVER_STATUS_USABLE.equals(stringRedisTemplate.opsForValue().get(captchaKey))) { if (stringRedisTemplate.hasKey(captchaKey) && Constants.GT_SERVER_STATUS_USABLE.equals(stringRedisTemplate.opsForValue().get(captchaKey))) {
geetestCaptchaService.verifyLogin(phoneNo, request); String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
log.info("使用极验验证码,phoneNo:{}",phoneNo); String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
geetestCaptchaService.verifyLogin(phoneNo, IPUtil.getRemoteIP(request), challenge, validate, seccode);
log.info("使用极验验证码,phoneNo:{}", phoneNo);
return pjp.proceed(); return pjp.proceed();
} else { } else {
return quantgroupCaptchaValidate(pjp,request); return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
} }
} }
private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp,HttpServletRequest request) throws Throwable { private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp, String registerFrom, String captchaId, String captchaValue, String remoteIp) throws Throwable {
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
if (isSkipCaptchaValidate(captchaId, captchaValue)) { if (isSkipCaptchaValidate(captchaId, captchaValue)) {
log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request)); log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, remoteIp);
return pjp.proceed(); return pjp.proceed();
} }
return verifyCaptchaOnline(pjp, captchaId, captchaValue); return verifyCaptchaOnline(pjp, captchaId, captchaValue);
......
src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java
View file @ 8e6d1e2c
...@@ -7,6 +7,7 @@ import cn.quantgroup.xyqb.model.JsonResult; ...@@ -7,6 +7,7 @@ import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService; import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib; import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.service.captcha.qg.IQuantgroupCaptchaService; import cn.quantgroup.xyqb.service.captcha.qg.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.ValidationUtil; import cn.quantgroup.xyqb.util.ValidationUtil;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
...@@ -38,12 +39,12 @@ public class NewCaptchaController { ...@@ -38,12 +39,12 @@ public class NewCaptchaController {
log.info("[newCaptcha]获取验证码,phoneNo:{}", phoneNo); log.info("[newCaptcha]获取验证码,phoneNo:{}", phoneNo);
GeetestLib gtSdk = geetestCaptchaService.getGeetestSdk(); GeetestLib gtSdk = geetestCaptchaService.getGeetestSdk();
if (geetestCaptchaService.getGeetestServerStatus(phoneNo, request, gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) { if (geetestCaptchaService.getGeetestServerStatus(phoneNo, IPUtil.getRemoteIP(request), gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo); log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo);
return JsonResult.buildSuccessResult("", geetestCaptchaService.startCaptcha(gtSdk)); return JsonResult.buildSuccessResult("", geetestCaptchaService.startCaptcha(gtSdk));
} else { } else {
try { try {
return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request)); return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request.getLocale()));
} catch (Exception e) { } catch (Exception e) {
log.error("获取验证码失败e:{}", e); log.error("获取验证码失败e:{}", e);
return JsonResult.buildErrorStateResult("", "fail"); return JsonResult.buildErrorStateResult("", "fail");
...@@ -57,4 +58,5 @@ public class NewCaptchaController { ...@@ -57,4 +58,5 @@ public class NewCaptchaController {
return JsonResult.buildSuccessResult("", null); return JsonResult.buildSuccessResult("", null);
} }
} }
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/GeetestCaptchaServiceImpl.java
View file @ 8e6d1e2c
...@@ -2,14 +2,13 @@ package cn.quantgroup.xyqb.service.captcha.geetest; ...@@ -2,14 +2,13 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.Constants; import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib; import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.PasswordUtil; import cn.quantgroup.xyqb.util.PasswordUtil;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import javax.annotation.Resource; import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap; import java.util.HashMap;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
...@@ -23,43 +22,55 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService { ...@@ -23,43 +22,55 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
@Qualifier("stringRedisTemplate") @Qualifier("stringRedisTemplate")
private RedisTemplate<String, String> stringRedisTemplate; private RedisTemplate<String, String> stringRedisTemplate;
@Value("${gt.server.status.exist.time}")
private long gtServerStatusExistTime;
@Value("${geetest.captcha.id}")
private String captchaId;
@Value("${geetest.private.key}")
private String privateKey;
@Value("${geetest.new.fail.back}")
private boolean newFailback;
@Value("${geetest.api.url}")
private String apiUrl;
@Override @Override
public GeetestLib getGeetestSdk() { public GeetestLib getGeetestSdk() {
return new GeetestLib(Constants.GEETEST_ID, Constants.GEETEST_KEY, Constants.NEW_FAIL_BACK); return new GeetestLib(captchaId, privateKey, newFailback,apiUrl);
} }
@Override @Override
public int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk) { public int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk) {
HashMap<String, String> param = getParam(phoneNo, request); HashMap<String, String> param = getParam(phoneNo, remoteIp);
int gtServerStatus = gtSdk.preProcess(param); int gtServerStatus = gtSdk.preProcess(param);
stringRedisTemplate.opsForValue().set(Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo, stringRedisTemplate.opsForValue().set(Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo,
Integer.toString(gtServerStatus), Constants.GT_SERVER_STATUS_EXIST_REDIS, TimeUnit.MINUTES); Integer.toString(gtServerStatus), gtServerStatusExistTime, TimeUnit.MINUTES);
//进行验证预处理 //进行验证预处理
return gtServerStatus; return gtServerStatus;
} }
private HashMap<String, String> getParam(String phoneNo, HttpServletRequest request) { private HashMap<String, String> getParam(String phoneNo, String remoteIp) {
HashMap<String, String> param = new HashMap<>(); HashMap<String, String> param = new HashMap<>();
param.put("user_id", PasswordUtil.MD5(phoneNo)); param.put("user_id", PasswordUtil.MD5(phoneNo));
param.put("client_type", "H5"); param.put("client_type", "H5");
param.put("ip_address", IPUtil.getRemoteIP(request)); param.put("ip_address", remoteIp);
return param; return param;
} }
@Override @Override
public String startCaptcha(GeetestLib gtSdk) { public String startCaptcha(GeetestLib gtSdk) {
return gtSdk.getResponseStr(); return gtSdk.getResponseStr();
} }
@Override @Override
public int verifyLogin(String phoneNo, HttpServletRequest request) { public int verifyLogin(String phoneNo, String remoteIp, String challenge, String validate, String seccode) {
HashMap<String, String> param = getParam(phoneNo, request); HashMap<String, String> param = getParam(phoneNo, remoteIp);
String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
String validate = request.getParameter(GeetestLib.fn_geetest_validate);
String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
return getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param); return getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param);
} }
} }
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/IGeetestCaptchaService.java
View file @ 8e6d1e2c
...@@ -2,8 +2,6 @@ package cn.quantgroup.xyqb.service.captcha.geetest; ...@@ -2,8 +2,6 @@ package cn.quantgroup.xyqb.service.captcha.geetest;
import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib; import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
import javax.servlet.http.HttpServletRequest;
/** /**
* @author xufei on 2018/1/30. * @author xufei on 2018/1/30.
*/ */
...@@ -20,11 +18,11 @@ public interface IGeetestCaptchaService { ...@@ -20,11 +18,11 @@ public interface IGeetestCaptchaService {
* 获取geetest服务器可用的状态 * 获取geetest服务器可用的状态
* *
* @param phoneNo 用户的手机号 * @param phoneNo 用户的手机号
* @param request rq * @param remoteIp ip
* @param gtSdk sdk * @param gtSdk sdk
* @return 成功返回1, 失败返回0 * @return 成功返回1, 失败返回0
*/ */
int getGeetestServerStatus(String phoneNo, HttpServletRequest request, GeetestLib gtSdk); int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk);
/** /**
* 获取geetest的验证码 * 获取geetest的验证码
...@@ -38,9 +36,11 @@ public interface IGeetestCaptchaService { ...@@ -38,9 +36,11 @@ public interface IGeetestCaptchaService {
* 二次验证 * 二次验证
* *
* @param phoneNo 参数 * @param phoneNo 参数
* @param request rq * @param seccode
* @param validate
* @param challenge
* @return 验证结果, 1表示验证成功0表示验证失败 * @return 验证结果, 1表示验证成功0表示验证失败
*/ */
int verifyLogin(String phoneNo, HttpServletRequest request); int verifyLogin(String phoneNo, String remoteIp,String challenge,String validate,String seccode);
} }
src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/sdk/GeetestLib.java
View file @ 8e6d1e2c
...@@ -18,535 +18,532 @@ import java.util.HashMap; ...@@ -18,535 +18,532 @@ import java.util.HashMap;
*/ */
public class GeetestLib { public class GeetestLib {
protected final String verName = "4.0"; protected final String verName = "4.0";
protected final String sdkLang = "java"; protected final String sdkLang = "java";
protected final String apiUrl = "http://api.geetest.com"; private String apiUrl;
protected final String registerUrl = "/register.php"; protected final String registerUrl = "/register.php";
protected final String validateUrl = "/validate.php"; protected final String validateUrl = "/validate.php";
protected final String json_format = "1"; protected final String json_format = "1";
/**
* 极验验证二次验证表单数据 chllenge
*/
public static final String fn_geetest_challenge = "geetest_challenge";
/** /**
* 极验验证二次验证表单数据 chllenge * 极验验证二次验证表单数据 validate
*/ */
public static final String fn_geetest_challenge = "geetest_challenge"; public static final String fn_geetest_validate = "geetest_validate";
/** /**
* 极验验证二次验证表单数据 validate * 极验验证二次验证表单数据 seccode
*/ */
public static final String fn_geetest_validate = "geetest_validate"; public static final String fn_geetest_seccode = "geetest_seccode";
/** /**
* 极验验证二次验证表单数据 seccode * 公钥
*/ */
public static final String fn_geetest_seccode = "geetest_seccode"; private String captchaId;
/** /**
* 公 * 私
*/ */
private String captchaId = "727ec78533a733f77f79e3d9b0d563a7"; private String privateKey;
/** /**
* 私钥 * 是否开启新的failback
*/ */
private String privateKey = "302375ff36a227e81632b42d023f9944"; private boolean newFailback = false;
/** /**
* 是否开启新的failback * 返回字符串
*/ */
private boolean newFailback = false; private String responseStr = "";
/** /**
* 返回字符串 * 调试开关,是否输出调试日志
*/ */
private String responseStr = ""; public boolean debugCode = true;
/** /**
* 调试开关,是否输出调试日志 * 极验验证API服务状态Session Key
*/ */
public boolean debugCode = true; public String gtServerStatusSessionKey = "gt_server_status";
/** /**
* 极验验证API服务状态Session Key * 带参数构造函数
*/ *
public String gtServerStatusSessionKey = "gt_server_status"; * @param captchaId
* @param privateKey
*/
public GeetestLib(String captchaId, String privateKey, boolean newFailback,String apiUrl) {
/** this.captchaId = captchaId;
* 带参数构造函数 this.privateKey = privateKey;
* this.newFailback = newFailback;
* @param captchaId this.apiUrl = apiUrl;
* @param privateKey }
*/
public GeetestLib(String captchaId, String privateKey, boolean newFailback) {
this.captchaId = captchaId; /**
this.privateKey = privateKey; * 获取本次验证初始化返回字符串
this.newFailback = newFailback; *
} * @return 初始化结果
*/
public String getResponseStr() {
/** return responseStr;
* 获取本次验证初始化返回字符串
*
* @return 初始化结果
*/
public String getResponseStr() {
return responseStr; }
} public String getVersionInfo() {
public String getVersionInfo() { return verName;
return verName; }
} /**
* 预处理失败后的返回格式串
*
* @return
*/
private String getFailPreProcessRes() {
/** Long rnd1 = Math.round(Math.random() * 100);
* 预处理失败后的返回格式串 Long rnd2 = Math.round(Math.random() * 100);
* String md5Str1 = md5Encode(rnd1 + "");
* @return String md5Str2 = md5Encode(rnd2 + "");
*/ String challenge = md5Str1 + md5Str2.substring(0, 2);
private String getFailPreProcessRes() {
Long rnd1 = Math.round(Math.random() * 100); JSONObject jsonObject = new JSONObject();
Long rnd2 = Math.round(Math.random() * 100); try {
String md5Str1 = md5Encode(rnd1 + "");
String md5Str2 = md5Encode(rnd2 + "");
String challenge = md5Str1 + md5Str2.substring(0, 2);
JSONObject jsonObject = new JSONObject(); jsonObject.put("success", 0);
try { jsonObject.put("gt", this.captchaId);
jsonObject.put("challenge", challenge);
jsonObject.put("new_captcha", this.newFailback);
jsonObject.put("success", 0); } catch (JSONException e) {
jsonObject.put("gt", this.captchaId);
jsonObject.put("challenge", challenge);
jsonObject.put("new_captcha", this.newFailback);
} catch (JSONException e) { gtlog("json dumps error");
gtlog("json dumps error"); }
} return jsonObject.toString();
return jsonObject.toString(); }
} /**
* 预处理成功后的标准串
*/
private String getSuccessPreProcessRes(String challenge) {
/** gtlog("challenge:" + challenge);
* 预处理成功后的标准串
*
*/
private String getSuccessPreProcessRes(String challenge) {
gtlog("challenge:" + challenge); JSONObject jsonObject = new JSONObject();
try {
JSONObject jsonObject = new JSONObject(); jsonObject.put("success", 1);
try { jsonObject.put("gt", this.captchaId);
jsonObject.put("challenge", challenge);
jsonObject.put("success", 1); } catch (JSONException e) {
jsonObject.put("gt", this.captchaId);
jsonObject.put("challenge", challenge);
} catch (JSONException e) { gtlog("json dumps error");
gtlog("json dumps error"); }
} return jsonObject.toString();
return jsonObject.toString(); }
} /**
* 验证初始化预处理
*
* @return 1表示初始化成功,0表示初始化失败
*/
public int preProcess(HashMap<String, String> data) {
/** if (registerChallenge(data) != 1) {
* 验证初始化预处理
*
* @return 1表示初始化成功,0表示初始化失败
*/
public int preProcess(HashMap<String, String> data) {
if (registerChallenge(data) != 1) { this.responseStr = this.getFailPreProcessRes();
return 0;
this.responseStr = this.getFailPreProcessRes(); }
return 0;
} return 1;
return 1; }
} /**
* 用captchaID进行注册,更新challenge
*
* @return 1表示注册成功,0表示注册失败
*/
private int registerChallenge(HashMap<String, String> data) {
/** try {
* 用captchaID进行注册,更新challenge String userId = data.get("user_id");
* String clientType = data.get("client_type");
* @return 1表示注册成功,0表示注册失败 String ipAddress = data.get("ip_address");
*/
private int registerChallenge(HashMap<String, String>data) {
try { String getUrl = apiUrl + registerUrl + "?";
String userId = data.get("user_id"); String param = "gt=" + this.captchaId + "&json_format=" + this.json_format;
String clientType = data.get("client_type");
String ipAddress = data.get("ip_address");
String getUrl = apiUrl + registerUrl + "?"; if (userId != null) {
String param = "gt=" + this.captchaId + "&json_format=" + this.json_format; param = param + "&user_id=" + userId;
}
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
if (userId != null){ gtlog("GET_URL:" + getUrl + param);
param = param + "&user_id=" + userId; String result_str = readContentFromGet(getUrl + param);
} if (result_str == "fail") {
if (clientType != null){
param = param + "&client_type=" + clientType;
}
if (ipAddress != null){
param = param + "&ip_address=" + ipAddress;
}
gtlog("GET_URL:" + getUrl + param); gtlog("gtServer register challenge failed");
String result_str = readContentFromGet(getUrl + param); return 0;
if (result_str == "fail"){
gtlog("gtServer register challenge failed"); }
return 0;
} gtlog("result:" + result_str);
JSONObject jsonObject = new JSONObject(result_str);
String return_challenge = jsonObject.getString("challenge");
gtlog("result:" + result_str); gtlog("return_challenge:" + return_challenge);
JSONObject jsonObject = new JSONObject(result_str);
String return_challenge = jsonObject.getString("challenge");
gtlog("return_challenge:" + return_challenge); if (return_challenge.length() == 32) {
if (return_challenge.length() == 32) { this.responseStr = this.getSuccessPreProcessRes(this.md5Encode(return_challenge + this.privateKey));
this.responseStr = this.getSuccessPreProcessRes(this.md5Encode(return_challenge + this.privateKey)); return 1;
return 1; } else {
} gtlog("gtServer register challenge error");
else {
gtlog("gtServer register challenge error"); return 0;
return 0; }
} catch (Exception e) {
} gtlog(e.toString());
} catch (Exception e) { gtlog("exception:register api");
gtlog(e.toString()); }
gtlog("exception:register api"); return 0;
}
} /**
return 0; * 判断一个表单对象值是否为空
} *
* @param gtObj
* @return
*/
protected boolean objIsEmpty(Object gtObj) {
/** if (gtObj == null) {
* 判断一个表单对象值是否为空
*
* @param gtObj
* @return
*/
protected boolean objIsEmpty(Object gtObj) {
if (gtObj == null) { return true;
return true; }
} if (gtObj.toString().trim().length() == 0) {
if (gtObj.toString().trim().length() == 0) { return true;
return true; }
} return false;
}
return false; /**
} * 检查客户端的请求是否合法,三个只要有一个为空,则判断不合法
*
* @param challenge
* @param validate
* @param seccode
* @return
*/
private boolean resquestIsLegal(String challenge, String validate, String seccode) {
if (objIsEmpty(challenge)) {
return false;
}
if (objIsEmpty(validate)) {
return false;
}
if (objIsEmpty(seccode)) {
return false;
}
return true;
}
/**
* 服务正常的情况下使用的验证方式,向gt-server进行二次验证,获取验证结果
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果, 1表示验证成功0表示验证失败
*/
public int enhencedValidateRequest(String challenge, String validate, String seccode, HashMap<String, String> data) {
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
String userId = data.get("user_id");
String clientType = data.get("client_type");
String ipAddress = data.get("ip_address");
String postUrl = this.apiUrl + this.validateUrl;
String param = String.format("challenge=%s&validate=%s&seccode=%s&json_format=%s",
challenge, validate, seccode, this.json_format);
if (userId != null) {
param = param + "&user_id=" + userId;
}
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
gtlog("param:" + param);
String response = "";
try {
if (validate.length() <= 0) {
return 0;
}
if (!checkResultByPrivate(challenge, validate)) {
return 0;
}
gtlog("checkResultByPrivate");
response = readContentFromPost(postUrl, param);
gtlog("response: " + response);
} catch (Exception e) {
e.printStackTrace();
}
String return_seccode = "";
try {
JSONObject return_map = new JSONObject(response);
return_seccode = return_map.getString("seccode");
gtlog("md5: " + md5Encode(return_seccode));
if (return_seccode.equals(md5Encode(seccode))) {
return 1;
} else {
return 0;
}
} catch (JSONException e) {
gtlog("json load error");
return 0;
}
}
/** /**
* 检查客户端的请求是否合法,三个只要有一个为空,则判断不合法 * failback使用的验证方式
* *
* @param challenge * @param challenge
* @param validate * @param validate
* @param seccode * @param seccode
* @return * @return 验证结果, 1表示验证成功0表示验证失败
*/ */
private boolean resquestIsLegal(String challenge, String validate, String seccode) { public int failbackValidateRequest(String challenge, String validate, String seccode) {
if (objIsEmpty(challenge)) { gtlog("in failback validate");
return false; if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
} }
gtlog("request legitimate");
if (objIsEmpty(validate)) {
return 1;
return false; }
} /**
* 输出debug信息,需要开启debugCode
if (objIsEmpty(seccode)) { *
* @param message
return false; */
public void gtlog(String message) {
} if (debugCode) {
System.out.println("gtlog: " + message);
return true; }
} }
protected boolean checkResultByPrivate(String challenge, String validate) {
/** String encodeStr = md5Encode(privateKey + "captcha" + challenge);
* 服务正常的情况下使用的验证方式,向gt-server进行二次验证,获取验证结果 return validate.equals(encodeStr);
* }
* @param challenge
* @param validate /**
* @param seccode * 发送GET请求,获取服务器返回结果
* @return 验证结果,1表示验证成功0表示验证失败 *
*/ * @param URL
public int enhencedValidateRequest(String challenge, String validate, String seccode, HashMap<String, String> data) { * @return 服务器返回结果
* @throws IOException
if (!resquestIsLegal(challenge, validate, seccode)) { */
private String readContentFromGet(String URL) throws IOException {
return 0;
URL getUrl = new URL(URL);
} HttpURLConnection connection = (HttpURLConnection) getUrl
.openConnection();
gtlog("request legitimate");
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
String userId = data.get("user_id"); connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
String clientType = data.get("client_type");
String ipAddress = data.get("ip_address"); // 建立与服务器的连接,并未发送数据
connection.connect();
String postUrl = this.apiUrl + this.validateUrl;
String param = String.format("challenge=%s&validate=%s&seccode=%s&json_format=%s", if (connection.getResponseCode() == 200) {
challenge, validate, seccode, this.json_format); // 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer();
if (userId != null){
param = param + "&user_id=" + userId; InputStream inStream = null;
} byte[] buf = new byte[1024];
if (clientType != null){ inStream = connection.getInputStream();
param = param + "&client_type=" + clientType; for (int n; (n = inStream.read(buf)) != -1; ) {
} sBuffer.append(new String(buf, 0, n, "UTF-8"));
if (ipAddress != null){ }
param = param + "&ip_address=" + ipAddress; inStream.close();
} connection.disconnect();// 断开连接
gtlog("param:" + param); return sBuffer.toString();
} else {
String response = "";
try { return "fail";
}
if (validate.length() <= 0) { }
return 0; /**
* 发送POST请求,获取服务器返回结果
} *
* @param URL
if (!checkResultByPrivate(challenge, validate)) {
return 0;
}
gtlog("checkResultByPrivate");
response = readContentFromPost(postUrl, param);
gtlog("response: " + response);
} catch (Exception e) {
e.printStackTrace();
}
String return_seccode = "";
try {
JSONObject return_map = new JSONObject(response);
return_seccode = return_map.getString("seccode");
gtlog("md5: " + md5Encode(return_seccode));
if (return_seccode.equals(md5Encode(seccode))) {
return 1;
} else {
return 0;
}
} catch (JSONException e) {
gtlog("json load error");
return 0;
}
}
/**
* failback使用的验证方式
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果,1表示验证成功0表示验证失败
*/
public int failbackValidateRequest(String challenge, String validate, String seccode) {
gtlog("in failback validate");
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
return 1;
}
/**
* 输出debug信息,需要开启debugCode
*
* @param message
*/
public void gtlog(String message) {
if (debugCode) {
System.out.println("gtlog: " + message);
}
}
protected boolean checkResultByPrivate(String challenge, String validate) {
String encodeStr = md5Encode(privateKey + "captcha" + challenge);
return validate.equals(encodeStr);
}
/**
* 发送GET请求,获取服务器返回结果
*
* @param URL
* @return 服务器返回结果
* @throws IOException
*/
private String readContentFromGet(String URL) throws IOException {
URL getUrl = new URL(URL);
HttpURLConnection connection = (HttpURLConnection) getUrl
.openConnection();
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
// 建立与服务器的连接,并未发送数据
connection.connect();
if (connection.getResponseCode() == 200) {
// 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer();
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1;) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
}
else {
return "fail";
}
}
/**
* 发送POST请求,获取服务器返回结果
*
* @param URL
* @param data * @param data
* @return 服务器返回结果 * @return 服务器返回结果
* @throws IOException * @throws IOException
*/ */
private String readContentFromPost(String URL, String data) throws IOException { private String readContentFromPost(String URL, String data) throws IOException {
gtlog(data); gtlog(data);
URL postUrl = new URL(URL); URL postUrl = new URL(URL);
HttpURLConnection connection = (HttpURLConnection) postUrl HttpURLConnection connection = (HttpURLConnection) postUrl
.openConnection(); .openConnection();
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒) connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒) connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
connection.setRequestMethod("POST"); connection.setRequestMethod("POST");
connection.setDoInput(true); connection.setDoInput(true);
connection.setDoOutput(true); connection.setDoOutput(true);
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
// 建立与服务器的连接,并未发送数据 // 建立与服务器的连接,并未发送数据
connection.connect(); connection.connect();
OutputStreamWriter outputStreamWriter = new OutputStreamWriter(connection.getOutputStream(), "utf-8"); OutputStreamWriter outputStreamWriter = new OutputStreamWriter(connection.getOutputStream(), "utf-8");
outputStreamWriter.write(data); outputStreamWriter.write(data);
outputStreamWriter.flush(); outputStreamWriter.flush();
outputStreamWriter.close(); outputStreamWriter.close();
if (connection.getResponseCode() == 200) { if (connection.getResponseCode() == 200) {
// 发送数据到服务器并使用Reader读取返回的数据 // 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer(); StringBuffer sBuffer = new StringBuffer();
InputStream inStream = null; InputStream inStream = null;
byte[] buf = new byte[1024]; byte[] buf = new byte[1024];
inStream = connection.getInputStream(); inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1;) { for (int n; (n = inStream.read(buf)) != -1; ) {
sBuffer.append(new String(buf, 0, n, "UTF-8")); sBuffer.append(new String(buf, 0, n, "UTF-8"));
} }
inStream.close(); inStream.close();
connection.disconnect();// 断开连接 connection.disconnect();// 断开连接
return sBuffer.toString(); return sBuffer.toString();
} } else {
else {
return "fail";
return "fail"; }
} }
}
/**
/** * md5 加密
* md5 加密 *
* * @param plainText
* @time 2014年7月10日 下午3:30:01 * @return
* @param plainText * @time 2014年7月10日 下午3:30:01
* @return */
*/ private String md5Encode(String plainText) {
private String md5Encode(String plainText) { String re_md5 = new String();
String re_md5 = new String(); try {
try { MessageDigest md = MessageDigest.getInstance("MD5");
MessageDigest md = MessageDigest.getInstance("MD5"); md.update(plainText.getBytes());
md.update(plainText.getBytes()); byte b[] = md.digest();
byte b[] = md.digest(); int i;
int i; StringBuffer buf = new StringBuffer("");
StringBuffer buf = new StringBuffer(""); for (int offset = 0; offset < b.length; offset++) {
for (int offset = 0; offset < b.length; offset++) { i = b[offset];
i = b[offset]; if (i < 0) {
if (i < 0){ i += 256;
i += 256; }
} if (i < 16) {
if (i < 16){ buf.append("0");
buf.append("0"); }
} buf.append(Integer.toHexString(i));
buf.append(Integer.toHexString(i)); }
}
re_md5 = buf.toString();
re_md5 = buf.toString();
} catch (NoSuchAlgorithmException e) {
} catch (NoSuchAlgorithmException e) { e.printStackTrace();
e.printStackTrace(); }
} return re_md5;
return re_md5; }
}
} }
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/IQuantgroupCaptchaService.java
View file @ 8e6d1e2c
package cn.quantgroup.xyqb.service.captcha.qg; package cn.quantgroup.xyqb.service.captcha.qg;
import javax.servlet.http.HttpServletRequest; import java.util.Locale;
import java.util.Map; import java.util.Map;
/** /**
...@@ -10,9 +10,9 @@ public interface IQuantgroupCaptchaService { ...@@ -10,9 +10,9 @@ public interface IQuantgroupCaptchaService {
/** /**
* QG获取验证码 * QG获取验证码
* *
* @param request rq * @param locale
* @return map * @return map
* @throws Exception EX * @throws Exception EX
*/ */
Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception; Map<String, String> fetchCaptcha(Locale locale) throws Exception;
} }
src/main/java/cn/quantgroup/xyqb/service/captcha/qg/QuantgroupCaptchaServiceImpl.java
View file @ 8e6d1e2c
...@@ -9,10 +9,10 @@ import org.springframework.beans.factory.annotation.Value; ...@@ -9,10 +9,10 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import javax.imageio.ImageIO; import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import java.awt.image.BufferedImage; import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.util.HashMap; import java.util.HashMap;
import java.util.Locale;
import java.util.Map; import java.util.Map;
import java.util.UUID; import java.util.UUID;
...@@ -20,7 +20,7 @@ import java.util.UUID; ...@@ -20,7 +20,7 @@ import java.util.UUID;
* @author xufei on 2018/1/30. * @author xufei on 2018/1/30.
*/ */
@Service @Service
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
private static final String IMAGE_FORMAT_PNG = "png"; private static final String IMAGE_FORMAT_PNG = "png";
private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s"; private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
...@@ -35,9 +35,9 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{ ...@@ -35,9 +35,9 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService{
private AbstractManageableImageCaptchaService imageCaptchaService; private AbstractManageableImageCaptchaService imageCaptchaService;
@Override @Override
public Map<String, String> fetchCaptcha(HttpServletRequest request) throws Exception{ public Map<String, String> fetchCaptcha(Locale locale) throws Exception {
String imageId = UUID.randomUUID().toString(); String imageId = UUID.randomUUID().toString();
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale()); BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, locale);
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream(); ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream); ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment