review代码

src/main/java/cn/quantgroup/xyqb/Constants.java

@@ -94,6 +94,9 @@ public interface Constants {
 
   String AES_KEY = "ScnmRBhuQpo9kBdn";
 
-  String GT_SERVER_STATUS_SESSION_KEY = "gt_server_status";
-  String GT_SERVER_STATUS_USABLE = "1";
+  String GT_CAPTCHA_UNUSER = "0";
+  String FN_GEETEST_CHALLENGE = "geetest_challenge";
+  String FN_GEETEST_VALIDATE = "geetest_validate";
+  String FN_GEETEST_SECCODE = "geetest_seccode";
+  String GEETEST_CAPTCHA_STATUS = "success";
 }

src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java

@@ -3,18 +3,18 @@ package cn.quantgroup.xyqb.aspect.captcha;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
-import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
 import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.PasswordUtil;
 import com.octo.captcha.service.CaptchaServiceException;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Pointcut;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -38,10 +38,6 @@ public class CaptchaNewValidateAdvisor {
     @Resource
     private IGeetestCaptchaService geetestCaptchaService;
 
-    @Resource
-    @Qualifier("stringRedisTemplate")
-    private RedisTemplate<String, String> stringRedisTemplate;
-
     @Resource
     @Qualifier("customCaptchaService")
     private AbstractManageableImageCaptchaService imageCaptchaService;
@@ -70,58 +66,53 @@ public class CaptchaNewValidateAdvisor {
     @Around("needCaptchaValidate()")
     private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
-        String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
-        String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
-        String captchaValue = request.getParameter("captchaValue");
-        //测试环境使用QG图形验证码
-        if (autoTestCaptchaEnabled) {
-            return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
-        }
-        String phoneNo = Optional.ofNullable(request.getParameter("phoneNo")).orElse("");
-        String captchaKey = Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo;
-        if (stringRedisTemplate.hasKey(captchaKey) && Constants.GT_SERVER_STATUS_USABLE.equals(stringRedisTemplate.opsForValue().get(captchaKey))) {
-            String challenge = request.getParameter(GeetestLib.fn_geetest_challenge);
-            String validate = request.getParameter(GeetestLib.fn_geetest_validate);
-            String seccode = request.getParameter(GeetestLib.fn_geetest_seccode);
-            geetestCaptchaService.verifyLogin(phoneNo, IPUtil.getRemoteIP(request), challenge, validate, seccode);
-            log.info("使用极验验证码,phoneNo:{}", phoneNo);
-            return pjp.proceed();
+
+        if (Constants.GT_CAPTCHA_UNUSER.equals(request.getParameter(Constants.GEETEST_CAPTCHA_STATUS))) {
+            //极验不可用，用QG
+            if (isQuantgroupCaptchaValidateSuccess(request)) {
+                return pjp.proceed();
+            } else {
+                return JsonResult.buildErrorStateResult("图形验证码有误", "");
+            }
         } else {
-            return quantgroupCaptchaValidate(pjp, registerFrom, captchaId, captchaValue, IPUtil.getRemoteIP(request));
+            String challenge = request.getParameter(Constants.FN_GEETEST_CHALLENGE);
+            String validate = request.getParameter(Constants.FN_GEETEST_VALIDATE);
+            String seccode = request.getParameter(Constants.FN_GEETEST_SECCODE);
+            String phoneNo = request.getParameter("phoneNo");
+            String clientType = request.getParameter("clientType");
+            geetestCaptchaService.captchaValidate(clientType, PasswordUtil.MD5(phoneNo), IPUtil.getRemoteIP(request), challenge, validate, seccode);
+            log.info("使用极验二次验证,phoneNo:{}", phoneNo);
         }
+        return pjp.proceed();
     }
 
-    private Object quantgroupCaptchaValidate(ProceedingJoinPoint pjp, String registerFrom, String captchaId, String captchaValue, String remoteIp) throws Throwable {
+    private Boolean isQuantgroupCaptchaValidateSuccess(HttpServletRequest request) throws Throwable {
+        String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
+        String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
+        String captchaValue = request.getParameter("captchaValue");
         if (isSkipCaptchaValidate(captchaId, captchaValue)) {
-            log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, remoteIp);
-            return pjp.proceed();
+            log.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
+            return Boolean.TRUE;
         }
-        return verifyCaptchaOnline(pjp, captchaId, captchaValue);
-    }
 
-    private Object verifyCaptchaOnline(ProceedingJoinPoint pjp, String captchaId, String captchaValue) throws Throwable {
-        JsonResult result = JsonResult.buildSuccessResult("图形验证码不正确", "");
-        result.setBusinessCode("0002");
-        if (org.apache.commons.lang3.StringUtils.isNotBlank(captchaValue)) {
+        Boolean validCaptcha = false;
+        if (StringUtils.isNotBlank(captchaValue)) {
             // 忽略用户输入的大小写
-            String captcha = org.apache.commons.lang3.StringUtils.lowerCase(captchaValue);
+            String captcha = StringUtils.lowerCase(captchaValue);
             // 验证码校验
-            Boolean validCaptcha = false;
             try {
                 validCaptcha = imageCaptchaService.validateResponseForID(Constants.IMAGE_CAPTCHA_KEY + captchaId, captcha);
             } catch (CaptchaServiceException ex) {
                 log.error("验证码校验异常, {}, {}", ex.getMessage(), ex);
             }
-            if (validCaptcha) {
-                return pjp.proceed();
-            }
         }
-        return result;
+        return validCaptcha;
     }
 
     private boolean isSkipCaptchaValidate(String captchaId, Object captchaValue) {
         // 如果启用了超级验证码功能, 检查超级验证码, 超级验证码区分大小写
-        return autoTestCaptchaEnabled || org.apache.commons.lang3.StringUtils.equals(SUPER_CAPTCHA_ID, String.valueOf(captchaId)) && org.apache.commons.lang3.StringUtils.equals(SUPER_CAPTCHA, String.valueOf(captchaValue));
+        return autoTestCaptchaEnabled || org.apache.commons.lang3.StringUtils.equals(SUPER_CAPTCHA_ID, String.valueOf(captchaId))
+                && org.apache.commons.lang3.StringUtils.equals(SUPER_CAPTCHA, String.valueOf(captchaValue));
     }
 
 }

src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java

@@ -5,9 +5,9 @@ import cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator;
 import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.service.captcha.geetest.IGeetestCaptchaService;
-import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
 import cn.quantgroup.xyqb.service.captcha.qg.IQuantgroupCaptchaService;
 import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.PasswordUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -38,18 +38,20 @@ public class NewCaptchaController {
         }
 
         log.info("[newCaptcha]获取验证码,phoneNo:{}", phoneNo);
-        GeetestLib gtSdk = geetestCaptchaService.getGeetestSdk();
-        if (geetestCaptchaService.getGeetestServerStatus(phoneNo, IPUtil.getRemoteIP(request), gtSdk) == Integer.parseInt(Constants.GT_SERVER_STATUS_USABLE)) {
-            log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo);
-            return JsonResult.buildSuccessResult("", geetestCaptchaService.startCaptcha(gtSdk));
-        } else {
+        String geetestCaptcha = geetestCaptchaService.fetchGeetestCaptcha(PasswordUtil.MD5(phoneNo),
+                IPUtil.getRemoteIP(request), request.getParameter("clientType"));
+        if (Constants.GT_CAPTCHA_UNUSER.equals(geetestCaptcha)) {
             try {
                 return JsonResult.buildSuccessResult("", quantgroupCaptchaService.fetchCaptcha(request.getLocale()));
             } catch (Exception e) {
                 log.error("获取验证码失败e:{}", e);
                 return JsonResult.buildErrorStateResult("", "fail");
             }
+        } else {
+            log.info("[newCaptcha]极验可用,phoneNo:{}", phoneNo);
+            return JsonResult.buildSuccessResult("", geetestCaptcha);
         }
+
     }
 
     @CaptchaNewValidator

src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/GeetestCaptchaServiceImpl.java

 package cn.quantgroup.xyqb.service.captcha.geetest;
 
-import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
-import cn.quantgroup.xyqb.util.PasswordUtil;
+import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -10,7 +9,6 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 import java.util.HashMap;
-import java.util.concurrent.TimeUnit;
 
 /**
  * @author xufei on 2018/1/30.
@@ -37,40 +35,32 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
     @Value("${geetest.api.url}")
     private String apiUrl;
 
-    @Override
-    public GeetestLib getGeetestSdk() {
-        return new GeetestLib(captchaId, privateKey, newFailback,apiUrl);
+    private GeetestLib getGeetestSdk() {
+        return new GeetestLib(captchaId, privateKey, newFailback, apiUrl);
     }
 
     @Override
-    public int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk) {
-        HashMap<String, String> param = getParam(phoneNo, remoteIp);
-        int gtServerStatus = gtSdk.preProcess(param);
-
-        stringRedisTemplate.opsForValue().set(Constants.GT_SERVER_STATUS_SESSION_KEY + phoneNo,
-                Integer.toString(gtServerStatus), gtServerStatusExistTime, TimeUnit.MINUTES);
+    public String fetchGeetestCaptcha(String markStr, String remoteIp, String clientType) {
+        GeetestLib gtSdk = new GeetestLib(captchaId, privateKey, newFailback, apiUrl);
+        HashMap<String, String> param = getParam(markStr, remoteIp, clientType);
 
-        //进行验证预处理
-        return gtServerStatus;
+        return gtSdk.getResponseStr(param);
     }
 
-    private HashMap<String, String> getParam(String phoneNo, String remoteIp) {
+    private HashMap<String, String> getParam(String markStr, String remoteIp, String clientType) {
         HashMap<String, String> param = new HashMap<>();
-        param.put("user_id", PasswordUtil.MD5(phoneNo));
-        param.put("client_type", "H5");
+        param.put("user_id", markStr);
+        if (StringUtils.isBlank(clientType)) {
+            param.put("client_type", "APP");
+        }
+        param.put("client_type", clientType);
         param.put("ip_address", remoteIp);
         return param;
     }
 
-
-    @Override
-    public String startCaptcha(GeetestLib gtSdk) {
-        return gtSdk.getResponseStr();
-    }
-
     @Override
-    public int verifyLogin(String phoneNo, String remoteIp, String challenge, String validate, String seccode) {
-        HashMap<String, String> param = getParam(phoneNo, remoteIp);
+    public int captchaValidate(String clientType, String markStr, String remoteIp, String challenge, String validate, String seccode) {
+        HashMap<String, String> param = getParam(markStr, remoteIp, clientType);
         return getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param);
     }
 }

src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/IGeetestCaptchaService.java

 package cn.quantgroup.xyqb.service.captcha.geetest;
 
-import cn.quantgroup.xyqb.service.captcha.geetest.sdk.GeetestLib;
-
 /**
  * @author xufei on 2018/1/30.
  */
 public interface IGeetestCaptchaService {
 
     /**
-     * 获取极验的sdk
-     *
-     * @return
-     */
-    GeetestLib getGeetestSdk();
-
-    /**
-     * 获取geetest服务器可用的状态
+     * 获取极验验证码
      *
-     * @param phoneNo 用户的手机号
-     * @param remoteIp ip
-     * @param gtSdk   sdk
-     * @return 成功返回1, 失败返回0
+     * @param markStr    标示
+     * @param remoteIp
+     * @param clientType
+     * @return 获取失败返回"0"服务不可用，成功返回验证码
      */
-    int getGeetestServerStatus(String phoneNo, String remoteIp, GeetestLib gtSdk);
+    String fetchGeetestCaptcha(String markStr, String remoteIp, String clientType);
 
-    /**
-     * 获取geetest的验证码
-     *
-     * @param gtSdk sdk
-     * @return
-     */
-    String startCaptcha(GeetestLib gtSdk);
 
     /**
      * 二次验证
      *
+     * @param clientType
      * @param phoneNo   参数
      * @param seccode
      * @param validate
      * @param challenge
      * @return 验证结果, 1表示验证成功0表示验证失败
      */
-    int verifyLogin(String phoneNo, String remoteIp,String challenge,String validate,String seccode);
+    int captchaValidate(String clientType, String phoneNo, String remoteIp, String challenge, String validate, String seccode);
 
 }

src/main/java/cn/quantgroup/xyqb/service/captcha/geetest/sdk/GeetestLib.java

 package cn.quantgroup.xyqb.service.captcha.geetest.sdk;
 
+import cn.quantgroup.xyqb.Constants;
 import org.json.JSONException;
 import org.json.JSONObject;
 
@@ -19,7 +20,6 @@ import java.util.HashMap;
 public class GeetestLib {
 
     protected final String verName = "4.0";
-    protected final String sdkLang = "java";
 
     private String apiUrl;
 
@@ -28,21 +28,6 @@ public class GeetestLib {
 
     protected final String json_format = "1";
 
-    /**
-     * 极验验证二次验证表单数据 chllenge
-     */
-    public static final String fn_geetest_challenge = "geetest_challenge";
-
-    /**
-     * 极验验证二次验证表单数据 validate
-     */
-    public static final String fn_geetest_validate = "geetest_validate";
-
-    /**
-     * 极验验证二次验证表单数据 seccode
-     */
-    public static final String fn_geetest_seccode = "geetest_seccode";
-
     /**
      * 公钥
      */
@@ -68,10 +53,6 @@ public class GeetestLib {
      */
     public boolean debugCode = true;
 
-    /**
-     * 极验验证API服务状态Session Key
-     */
-    public String gtServerStatusSessionKey = "gt_server_status";
 
     /**
      * 带参数构造函数
@@ -92,17 +73,11 @@ public class GeetestLib {
      *
      * @return 初始化结果
      */
-    public String getResponseStr() {
-
+    public String getResponseStr(HashMap<String, String> param) {
+        preProcess(param);
         return responseStr;
-
     }
 
-    public String getVersionInfo() {
-
-        return verName;
-
-    }
 
     /**
      * 预处理失败后的返回格式串
@@ -110,29 +85,7 @@ public class GeetestLib {
      * @return
      */
     private String getFailPreProcessRes() {
-
-        Long rnd1 = Math.round(Math.random() * 100);
-        Long rnd2 = Math.round(Math.random() * 100);
-        String md5Str1 = md5Encode(rnd1 + "");
-        String md5Str2 = md5Encode(rnd2 + "");
-        String challenge = md5Str1 + md5Str2.substring(0, 2);
-
-        JSONObject jsonObject = new JSONObject();
-        try {
-
-            jsonObject.put("success", 0);
-            jsonObject.put("gt", this.captchaId);
-            jsonObject.put("challenge", challenge);
-            jsonObject.put("new_captcha", this.newFailback);
-
-        } catch (JSONException e) {
-
-            gtlog("json dumps error");
-
-        }
-
-        return jsonObject.toString();
-
+        return Constants.GT_CAPTCHA_UNUSER;
     }
 
     /**

src/main/java/cn/quantgroup/xyqb/service/captcha/qg/IQuantgroupCaptchaService.java

 package cn.quantgroup.xyqb.service.captcha.qg;
 
 import java.util.Locale;
-import java.util.Map;
 
 /**
  * @author xufei on 2018/1/30.
@@ -11,8 +10,8 @@ public interface IQuantgroupCaptchaService {
      * QG获取验证码
      *
      * @param locale
-     * @return map
+     * @return
      * @throws Exception EX
      */
-    Map<String, String> fetchCaptcha(Locale locale) throws Exception;
+    String fetchCaptcha(Locale locale) throws Exception;
 }

src/main/java/cn/quantgroup/xyqb/service/captcha/qg/QuantgroupCaptchaServiceImpl.java

@@ -3,6 +3,7 @@ package cn.quantgroup.xyqb.service.captcha.qg;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
 import org.apache.commons.codec.binary.Base64;
+import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
@@ -11,9 +12,7 @@ import org.springframework.stereotype.Service;
 import javax.imageio.ImageIO;
 import java.awt.image.BufferedImage;
 import java.io.ByteArrayOutputStream;
-import java.util.HashMap;
 import java.util.Locale;
-import java.util.Map;
 import java.util.UUID;
 
 /**
@@ -35,7 +34,7 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
     private AbstractManageableImageCaptchaService imageCaptchaService;
 
     @Override
-    public Map<String, String> fetchCaptcha(Locale locale) throws Exception {
+    public String fetchCaptcha(Locale locale) throws Exception {
         String imageId = UUID.randomUUID().toString();
         BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, locale);
         ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
@@ -43,9 +42,10 @@ public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
 
         String imageBase64 = Base64.encodeBase64String(jpegOutputStream.toByteArray());
 
-        Map<String, String> data = new HashMap<>();
-        data.put("imageId", imageId);
-        data.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));
-        return data;
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("success","0");
+        jsonObject.put("imageId", imageId);
+        jsonObject.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));
+        return jsonObject.toString();
     }
 }