漏洞修复一波

c78d2e93 · 技术部-任文超 · 9671a3b6 · c78d2e93 · c78d2e93 · c78d2e93
Commit c78d2e93 authored Oct 30, 2019 by 技术部-任文超
17 changed files
--- a/src/main/java/cn/quantgroup/user/enums/MaritalStatus.java
+++ b/src/main/java/cn/quantgroup/user/enums/MaritalStatus.java
@@ -6,26 +6,26 @@ package cn.quantgroup.user.enums;
 public enum MaritalStatus {
    UNKNOWN("未知"),
-    SINGLE("未婚"), // 1
+    SINGLE("未婚"),
-    MARRIED("已婚"), // 2
+    MARRIED("已婚"),
-    DIVORCED("离异"), // 3
+    DIVORCED("离异"),
-    WINDOWED("丧偶"), // 4
+    WINDOWED("丧偶"),
    OTHER("其他");
-    String description;
+    private String desc;
    MaritalStatus(String desc) {
-        description = desc;
+        this.desc = desc;
    }
-    public String getDescription() {
+    public String getDesc() {
-        return description;
+        return desc;
    }
    @Override
    public String toString() {
-        String sb = "MaritalStatus{" + "description='" + description + '\'' +
+        String sb = "MaritalStatus{" + "desc='" + desc + '\'' +
                '}';
        return sb;
    }

--- a/src/main/java/cn/quantgroup/user/enums/Relation.java
+++ b/src/main/java/cn/quantgroup/user/enums/Relation.java
@@ -15,19 +15,19 @@ public enum Relation {
    SELF("本人"),
    OTHER("其他");
-    String description;
+    private String desc;
    Relation(String desc) {
-        description = desc;
+        this.desc = desc;
    }
-    public String getDescription() {
+    public String getDesc() {
-        return description;
+        return desc;
    }
    @Override
    public String toString() {
-        String sb = "Relation{" + "description='" + description + '\'' +
+        String sb = "Relation{" + "desc='" + desc + '\'' +
                '}';
        return sb;
    }

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/WeChatController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/WeChatController.java
@@ -20,8 +20,6 @@ import com.google.common.collect.ImmutableList;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -48,10 +46,8 @@ import java.util.*;
 @RequestMapping("/wechat")
 public class WeChatController implements IBaseController {
-    private static final Logger LOGGER = LoggerFactory.getLogger(WeChatController.class);
    // todo: 配置文件
-    private static final String TOKEN = "5YihkluEo5QuWAWpFwzvA";
+    private static final String WECHAT_DEVELOPOR_TOKEN = "5YihkluEo5QuWAWpFwzvA";
    @Autowired
    private IWechatService wechatService;
@@ -111,7 +107,7 @@ public class WeChatController implements IBaseController {
        String signature = request.getParameter("signature");
        String timestamp = request.getParameter("timestamp");
        String nonce = request.getParameter("nonce");
-        String[] arrs = new String[]{TOKEN, timestamp, nonce};
+        String[] arrs = new String[]{WECHAT_DEVELOPOR_TOKEN, timestamp, nonce};
        Arrays.sort(arrs);
        String joinStr = joinArray(arrs);
        joinStr = sha1(joinStr);
@@ -182,21 +178,21 @@ public class WeChatController implements IBaseController {
            receiveCodeWithDefault(code, systemKey, schema, registerFrom, redirect, response);
            return;
        }
-        LOGGER.info("从微信extdata版本接口进入：{}, extData:{}", schema, extData);
+        log.info("从微信extdata版本接口进入：{}, extData:{}", schema, extData);
        HashMap<String, Object> extDataObj;
        try {
            extDataObj = JSON.parseObject(extData, new TypeReference<HashMap<String, Object>>() {
            });
        } catch (Exception ex) {
-            LOGGER.error("解析extData发生错误", ex);
+            log.error("解析extData发生错误", ex);
            receiveCodeWithDefault(code, systemKey, schema, registerFrom, redirect, response);
            return;
        }
        schema = extDataObj.getOrDefault("protocol", Constants.PROTOCOL_HEAD_HTTP).toString();
-        LOGGER.info("从微信登录extData中获得协议信息,protocol:{}", schema);
+        log.info("从微信登录extData中获得协议信息,protocol:{}", schema);
        registerFrom = Long.valueOf(extDataObj.getOrDefault("registerFrom", "1").toString());
        redirect = (String) extDataObj.getOrDefault("redirect", "redirect");
-        LOGGER.info("从微信登录,registerFrom:{}, redirect:{}", registerFrom, redirect);
+        log.info("从微信登录,registerFrom:{}, redirect:{}", registerFrom, redirect);
        receiveCodeWithDefault(code, systemKey, schema, registerFrom, redirect, response);
    }
@@ -213,7 +209,7 @@ public class WeChatController implements IBaseController {
    private void receiveCodeWithDefault(String code, String systemKey, String schema, Long registerFrom, String redirect, HttpServletResponse response) {
        // 微信跳转请求入参监控
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
-        LOGGER.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：code:{},systemKey:{},schema:{},registerFrom:{},redirect:{},request:{}", code, systemKey, schema, registerFrom, redirect, JSON.toJSONString(getRequestHeaderMap(request)));
+        log.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：code:{},systemKey:{},schema:{},registerFrom:{},redirect:{},request:{}", code, systemKey, schema, registerFrom, redirect, JSON.toJSONString(getRequestHeaderMap(request)));
        /*
         * 预处理（容错）
         */
@@ -227,7 +223,7 @@ public class WeChatController implements IBaseController {
        // 从code获取token
        Merchant merchant = merchantService.findMerchantByName(systemKey);
        AccessTokenResponse token = wechatService.getToken(code);
-        LOGGER.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：merchant:{},token:{}", merchant, token);
+        log.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：merchant:{},token:{}", merchant, token);
        if (Objects.isNull(token) || StringUtils.isBlank(token.getOpenId())) {
            // 让用户登录，不关联微信, 构造不关联微信的url
            redirectNormalUrl(response, merchant, registerFrom, domain);
@@ -235,11 +231,11 @@ public class WeChatController implements IBaseController {
        }
        // 获取已授权信息 - db
        WechatUserInfo userInfoInDb = wechatService.findWechatUserInfoFromDb(token.getOpenId());
-        LOGGER.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：WechatUserInfo - from DB:{}", userInfoInDb);
+        log.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：WechatUserInfo - from DB:{}", userInfoInDb);
        // welcome 首次登录
        if (Objects.isNull(userInfoInDb)) {
            WechatUserInfo userInfo = wechatService.getWechatUserInfoFromWechatServer(token.getAccessToken(), token.getOpenId());
-            LOGGER.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：WechatUserInfo - from wechat api:{}", userInfo);
+            log.info("[WeChatController][receiveCodeWithDefault]微信授权及跳转：WechatUserInfo - from wechat api:{}", userInfo);
            if (Objects.isNull(userInfo) || StringUtils.isBlank(userInfo.getOpenId())) {
                // 让用户登录，不关联微信, 构造不关联微信的url
                redirectNormalUrl(response, merchant, registerFrom, domain);
@@ -248,7 +244,7 @@ public class WeChatController implements IBaseController {
            try {
                userInfo = wechatService.saveWechatUserInfo(userInfo);
            } catch (Exception e) {
-                LOGGER.warn("微信用户首次登陆，保存userInfo异常，执行操作：Nick置为*并重新保存.", e);
+                log.warn("微信用户首次登陆，保存userInfo异常，执行操作：Nick置为*并重新保存.", e);
                userInfo.setNickName(EmojiUtil.BYTE_4_REPLACE_TEMPLATE);
                userInfo = wechatService.saveWechatUserInfo(userInfo);
            }
@@ -322,10 +318,10 @@ public class WeChatController implements IBaseController {
    }
    private String createUserSession(User user, Merchant merchant, String redirect, String domain, Long registerFrom) {
-        LOGGER.info("[WeChatController][createUserSession]微信授权及跳转：user:{},merchant:{},redirect:{},domain:{},registerFrom:{}", user, merchant, redirect, domain, registerFrom);
+        log.info("[WeChatController][createUserSession]微信授权及跳转：user:{},merchant:{},redirect:{},domain:{},registerFrom:{}", user, merchant, redirect, domain, registerFrom);
        LoginProperties loginProperties = new LoginProperties("", 4, Constants.Channel.WECHAT, registerFrom, String.valueOf(Constants.Channel.WECHAT), merchant.getId(), merchant.getName());
        if (StringUtils.isEmpty(redirect) || "redirect".equals(redirect)) {
-            LOGGER.info("微信登录:redirect为null,走正常流程.");
+            log.info("微信登录:redirect为null,走正常流程.");
            if ("baitiao".equals(merchant.getName())) {
                return loginInWechatWithSessionCreated(user, merchant, "cashTarget5", Constants.Channel.BAITIAO, domain, Constants.Channel.WECHAT);
            } else if ("wechat-pay".equals(merchant.getName())) {
@@ -335,9 +331,9 @@ public class WeChatController implements IBaseController {
                return loginInWechatWithSessionCreated(user, merchant, "cashTarget4", 1L, domain, registerFrom);
            }
        } else if ("local".equals(redirect)) {
-            LOGGER.info("微信登录:redirect不为null,创建session跳到指定前端页面.");
+            log.info("微信登录:redirect不为null,创建session跳到指定前端页面.");
            AuthBean authBean = sessionService.createSession(user, loginProperties);
-            LOGGER.info("微信登录:跳转地址{}", domain + "/weixin/callback?phoneNo=" + user.getPhoneNo() + "&token=" + authBean.getToken());
+            log.info("微信登录:跳转地址{}", domain + "/weixin/callback?phoneNo=" + user.getPhoneNo() + "&token=" + authBean.getToken());
            Long channelId = "baitiao".equals(merchant.getName()) ? Constants.Channel.BAITIAO : 1L;
            String target = "baitiao".equals(merchant.getName()) ? "cashTarget5" : "cashTarget4";
            return domain + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom +
@@ -349,20 +345,20 @@ public class WeChatController implements IBaseController {
    private String loginInWechatWithSessionCreated(User user, Merchant merchant, String target, Long channelId, String domain, Long registerFrom) {
        LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, String.valueOf(Constants.Channel.WECHAT), merchant.getId(), merchant.getName());
        AuthBean authBean = sessionService.createSession(user, loginProperties);
-        LOGGER.info("[WeChatController][loginInWechatWithSessionCreated]微信授权及跳转：user:{},merchant:{},target:{},channelId:{},domain:{},registerFrom:{}", user, merchant, target, channelId, domain, registerFrom);
+        log.info("[WeChatController][loginInWechatWithSessionCreated]微信授权及跳转：user:{},merchant:{},target:{},channelId:{},domain:{},registerFrom:{}", user, merchant, target, channelId, domain, registerFrom);
        return domain + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom + "&channelId=" + channelId + "&key=" + merchant.getName() + "&target=" + target;
    }
    private void redirectWechatLoginUrlWithoutLogin(HttpServletResponse response, Merchant merchant, WechatUserInfo userInfo, Long registerFrom, String domain) {
        String redirectUrl = assembleWechatRedirectUrl(merchant, userInfo, registerFrom, domain);
-        LOGGER.info("[WeChatController][redirectWechatLoginUrlWithoutLogin]微信授权及跳转：redirectUrl:[{}]", redirectUrl);
+        log.info("[WeChatController][redirectWechatLoginUrlWithoutLogin]微信授权及跳转：redirectUrl:[{}]", redirectUrl);
        response.setHeader("Location", redirectUrl);
        response.setStatus(301);
    }
    private void redirectNormalUrl(HttpServletResponse response, Merchant merchant, Long registerFrom, String domain) {
        String redirectUrl = assembleNormalRedirectUrl(merchant, registerFrom, domain);
-        LOGGER.info("[WeChatController][redirectNormalUrl]微信授权及跳转： redirectUrl:[{}]", redirectUrl);
+        log.info("[WeChatController][redirectNormalUrl]微信授权及跳转： redirectUrl:[{}]", redirectUrl);
        response.setHeader("Location", redirectUrl);
        response.setStatus(301);
    }

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
@@ -6,6 +6,7 @@ import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -28,9 +29,10 @@ import java.util.UUID;
 * @author 李宁
 * @version 1.0.0 创建时间：15/11/17 11:49 修改人： 修改时间：15/11/17 11:49 修改备注：
 */
+@Api(value = "/api", description = "叫Api, 实际上是图形验证码. 你说神奇不神奇...")
+@Slf4j
 @RestController
 @RequestMapping("/api")
-@Api(value = "/api", description = "叫Api, 实际上是图形验证码. 你说神奇不神奇...")
 public class ImageCaptchaController {
    private static final String IMAGE_FORMAT_PNG = "png";
@@ -51,14 +53,12 @@ public class ImageCaptchaController {
        BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale());
        ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
        try {
-            boolean write = ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
+            ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
        } catch (IOException e) {
-            e.printStackTrace();
+            log.error("图形验证码图片流返回失败", e);
            return JsonResult.buildErrorStateResult("", Constants.CHECK_FAIL);
        }
        String imageBase64 = Base64.encodeBase64String(jpegOutputStream.toByteArray());
        Map<String, String> data = new HashMap<>();
        data.put("imageId", imageId);
        data.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
@@ -2,14 +2,15 @@ package cn.quantgroup.xyqb.controller.internal.user;
 import cn.quantgroup.tech.db.DSType;
 import cn.quantgroup.tech.db.TargetDataSource;
-import cn.quantgroup.user.enums.Relation;
+import cn.quantgroup.user.enums.*;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.*;
-import cn.quantgroup.xyqb.entity.enumerate.*;
 import cn.quantgroup.xyqb.exception.UserNotExistException;
 import cn.quantgroup.xyqb.model.*;
+import cn.quantgroup.xyqb.model.Gender;
+import cn.quantgroup.xyqb.model.IdType;
 import cn.quantgroup.xyqb.service.api.IUserApiService;
 import cn.quantgroup.xyqb.service.auth.IIdCardService;
 import cn.quantgroup.xyqb.service.merchant.IMerchantService;
@@ -755,7 +756,7 @@ public class InnerController implements IBaseController {
        UserExtInfo extInfo = userExtInfoService.findByUserId(user.getId());
        if (Objects.nonNull(extInfo)) {
            // 婚姻状态
-            bean.setMarryStatus(Optional.ofNullable(extInfo.getMarryStatus()).orElse(cn.quantgroup.user.enums.MaritalStatus.UNKNOWN).getDescription());
+            bean.setMarryStatus(Optional.ofNullable(extInfo.getMarryStatus()).orElse(cn.quantgroup.user.enums.MaritalStatus.UNKNOWN).getDesc());
            // 受教育程度
            bean.setEducationEnum(Optional.ofNullable(extInfo.getEducationEnum()).orElse(cn.quantgroup.user.enums.EducationEnum.UNKNOWN).getName());
            // 职业
@@ -856,9 +857,9 @@ public class InnerController implements IBaseController {
                    bean.setOccupationEnum(extInfo.getOccupationEnum().getName());
                }
                if (null == extInfo.getMarryStatus()) {
-                    bean.setMarryStatus(cn.quantgroup.user.enums.MaritalStatus.UNKNOWN.getDescription());
+                    bean.setMarryStatus(cn.quantgroup.user.enums.MaritalStatus.UNKNOWN.getDesc());
                } else {
-                    bean.setMarryStatus(extInfo.getMarryStatus().getDescription());
+                    bean.setMarryStatus(extInfo.getMarryStatus().getDesc());
                }
            }
            if (org.apache.commons.collections.CollectionUtils.isNotEmpty(contacts)) {
@@ -878,7 +879,7 @@ public class InnerController implements IBaseController {
        ret.setUserId(c.getUserId());
        ret.setName(c.getName());
        ret.setPhoneNo(c.getPhoneNo());
-        ret.setRelation(c.getRelation().getDescription());
+        ret.setRelation(c.getRelation().getDesc());
        return ret;
    }

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserExtInfo.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserExtInfo.java
@@ -8,8 +8,6 @@ import javax.persistence.*;
 import java.io.Serializable;
 import java.sql.Timestamp;
-//import cn.quantgroup.xyqb.entity.enumerate.*;
 /**
 * Created by 11 on 2016/12/30.
 */

--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/EducationEnum.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/EducationEnum.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by 11 on 2016/12/30.
- */
-public enum EducationEnum {
-    UNKNOWN("暂无"),
-    MASTER("硕士及以上"),
-    UNDER_GRADUATE("本科"),
-    JUNIOR_COLLEGE("大专"),
-    TECHNICAL_SECONDARY_SCHOOL("中专"),
-    TECHNICAL_SCHOOL("技校"),
-    HIGH_SCHOOL("高中"),
-    MIDDLE_SCHOOL("初中"),
-    PRIMARY_SCHOOL("小学"),
-    OTHER("其他");
-    private String name;
-    EducationEnum(String name) {
-        this.name = name;
-    }
-    public String getName() {
-        return name;
-    }
-    @Override
-    public String toString() {
-        return name;
-    }
-}
--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeEnum.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeEnum.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by 11 on 2016/12/30.
- */
-public enum IncomeEnum {
-    UNKNOWN("未知"),
-    CASH("现金计算"),
-    PAY_CARD("工资卡"),
-    CASH_AND_PAY_CARD("混合");
-    private String desc;
-    IncomeEnum(String desc) {
-        this.desc = desc;
-    }
-}
\ No newline at end of file
--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeRangeEnum.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeRangeEnum.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by 11 on 2016/12/30.
- */
-public enum IncomeRangeEnum {
-    UNKNOWN("暂无"),
-    BELOW_1000("小于1000元"),
-    BELOW_3000("1000至3000元"),
-    BELOW_5000("3000至5000元"),
-    BELOW_8000("5000至8000元"),
-    BELOW_10000("8000至10000元"),
-    BELOW_15000("10000至15000元"),
-    BELOW_20000("15000至20000元"),
-    ABOVE_20000("大于20000元");
-    private String desc;
-    IncomeRangeEnum(String desc) {
-        this.desc = desc;
-    }
-}
--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/MaritalStatus.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/MaritalStatus.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by sunnan on 2016-11-24.
- */
-public enum MaritalStatus {
-    UNKNOWN("未知"),
-    SINGLE("未婚"), // 1
-    MARRIED("已婚"), // 2
-    DIVORCED("离异"), // 3
-    WINDOWED("丧偶"), // 4
-    OTHER("其他");
-    String description;
-    MaritalStatus(String desc) {
-        description = desc;
-    }
-    public String getDescription() {
-        return description;
-    }
-    @Override
-    public String toString() {
-        String sb = "MaritalStatus{" + "description='" + description + '\'' +
-                '}';
-        return sb;
-    }
-}
--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/OccupationEnum.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/OccupationEnum.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by 11 on 2016/12/30.
- */
-public enum OccupationEnum {
-    UNKNOWN("暂未填写"),
-    WORKER("工人"),
-    TEACHER("教师"),
-    WHITE_COLLAR("白领"),
-    STUDENT("学生"),
-    CAREER_BUILDER("创业者"),
-    SELF_EMPLOYER("个体户"),
-    EMPLOYEE("公司职员"),
-    BISUNESS_ENTITY("企业法人"),
-    ONLINE_STORE_OWNER("网店店主"),
-    UNEMPLOYED("暂无职业"),
-    OTHER("其他");
-    private String name;
-    OccupationEnum(String name) {
-        this.name = name;
-    }
-    public String getName() {
-        return name;
-    }
-    @Override
-    public String toString() {
-        return name;
-    }
-}
--- a/src/main/java/cn/quantgroup/xyqb/entity/enumerate/Relation.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/enumerate/Relation.java
-package cn.quantgroup.xyqb.entity.enumerate;
-/**
- * Created by Miraculous on 2017/1/3.
- */
-public enum Relation {
-    PARENT("父母"),
-    CHILDREN("子女"),
-    BROTHER("兄弟姐妹"),
-    COLLEAGUE("同事"),
-    CLASSMATE("同学"),
-    FRIEND("朋友"),
-    SPOUSE("夫妻"),
-    SELF("本人"),
-    OTHER("其他");
-    String description;
-    Relation(String desc) {
-        description = desc;
-    }
-    public String getDescription() {
-        return description;
-    }
-    @Override
-    public String toString() {
-        String sb = "Relation{" + "description='" + description + '\'' +
-                '}';
-        return sb;
-    }
-}
--- a/src/main/java/cn/quantgroup/xyqb/model/ApiResponse.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/ApiResponse.java
@@ -26,9 +26,9 @@ public class ApiResponse {
  public static final int OK = 4;
  public static final int TOO_BUSY = 5;
-  int code;
+  private int code;
-  String type;
+  private String type;
-  String message;
+  private String message;
  public ApiResponse(){}

--- a/src/main/java/cn/quantgroup/xyqb/model/ContactModel.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/ContactModel.java
@@ -32,7 +32,7 @@ public class ContactModel implements Serializable {
        ContactModel model = new ContactModel();
        model.setName(entity.getName());
        model.setPhoneNo(entity.getPhoneNo());
-        model.setRelationName(Optional.ofNullable(entity.getRelation()).orElse(Relation.OTHER).getDescription());
+        model.setRelationName(Optional.ofNullable(entity.getRelation()).orElse(Relation.OTHER).getDesc());
        model.setRelation(entity.getRelation().name());
        return model;
    }

--- a/src/main/java/cn/quantgroup/xyqb/service/captcha/GeetestLib.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/captcha/GeetestLib.java
 package cn.quantgroup.xyqb.service.captcha;
 import cn.quantgroup.xyqb.Constants;
+import cn.quantgroup.xyqb.util.encrypt.Md5Util;
 import lombok.extern.slf4j.Slf4j;
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -10,8 +11,6 @@ import java.io.InputStream;
 import java.io.OutputStreamWriter;
 import java.net.HttpURLConnection;
 import java.net.URL;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
@@ -162,7 +161,7 @@ public class GeetestLib {
            if (return_challenge.length() == Constants.MD5_LENGTH) {
-                this.responseStr = this.getSuccessPreProcessRes(this.md5Encode(return_challenge + this.privateKey));
+                this.responseStr = this.getSuccessPreProcessRes(Md5Util.build(return_challenge + this.privateKey));
                return 1;
@@ -278,14 +277,14 @@ public class GeetestLib {
            response = readContentFromPost(postUrl, param);
            gtlog("response: " + response);
        } catch (Exception e) {
-            e.printStackTrace();
+            log.error("向gt-server进行二次验证", e);
        }
        String return_seccode = "";
        try {
            JSONObject return_map = new JSONObject(response);
            return_seccode = return_map.getString("seccode");
-            gtlog("md5: " + md5Encode(return_seccode));
+            gtlog("md5: " + Md5Util.build(return_seccode));
-            if (return_seccode.equals(md5Encode(seccode))) {
+            if (return_seccode.equals(Md5Util.build(seccode))) {
                return 1;
            } else {
                return 0;
@@ -328,7 +327,7 @@ public class GeetestLib {
    }
    protected boolean checkResultByPrivate(String challenge, String validate) {
-        String encodeStr = md5Encode(privateKey + "geetest" + challenge);
+        String encodeStr = Md5Util.build(privateKey + "geetest" + challenge);
        return validate.equals(encodeStr);
    }
@@ -344,9 +343,10 @@ public class GeetestLib {
        URL getUrl = new URL(URL);
        HttpURLConnection connection = (HttpURLConnection) getUrl
                .openConnection();
+        // 设置连接主机超时（单位：毫秒）
-        connection.setConnectTimeout(2000);// 设置连接主机超时（单位：毫秒）
+        connection.setConnectTimeout(2000);
-        connection.setReadTimeout(2000);// 设置从主机读取数据超时（单位：毫秒）
+        // 设置从主机读取数据超时（单位：毫秒）
+        connection.setReadTimeout(2000);
        // 建立与服务器的连接，并未发送数据
        connection.connect();
@@ -362,11 +362,11 @@ public class GeetestLib {
                sBuffer.append(new String(buf, 0, n, "UTF-8"));
            }
            inStream.close();
-            connection.disconnect();// 断开连接
+            // 断开连接
+            connection.disconnect();
            return sBuffer.toString();
        } else {
            return Constants.CHECK_FAIL;
        }
    }
@@ -385,9 +385,10 @@ public class GeetestLib {
        URL postUrl = new URL(URL);
        HttpURLConnection connection = (HttpURLConnection) postUrl
                .openConnection();
+        // 设置连接主机超时（单位：毫秒）
-        connection.setConnectTimeout(2000);// 设置连接主机超时（单位：毫秒）
+        connection.setConnectTimeout(2000);
-        connection.setReadTimeout(2000);// 设置从主机读取数据超时（单位：毫秒）
+        // 设置从主机读取数据超时（单位：毫秒）
+        connection.setReadTimeout(2000);
        connection.setRequestMethod("POST");
        connection.setDoInput(true);
        connection.setDoOutput(true);
@@ -412,7 +413,8 @@ public class GeetestLib {
                sBuffer.append(new String(buf, 0, n, "UTF-8"));
            }
            inStream.close();
-            connection.disconnect();// 断开连接
+            // 断开连接
+            connection.disconnect();
            return sBuffer.toString();
        } else {
@@ -421,38 +423,4 @@ public class GeetestLib {
        }
    }
-    /**
-     * md5 加密
-     *
-     * @param plainText
-     * @return
-     * @time 2014年7月10日 下午3:30:01
-     */
-    private String md5Encode(String plainText) {
-        String re_md5 = "";
-        try {
-            MessageDigest md = MessageDigest.getInstance("MD5");
-            md.update(plainText.getBytes());
-            byte b[] = md.digest();
-            int i;
-            StringBuilder buf = new StringBuilder();
-            for (int offset = 0; offset < b.length; offset++) {
-                i = b[offset];
-                if (i < 0) {
-                    i += 256;
-                }
-                if (i < 16) {
-                    buf.append("0");
-                }
-                buf.append(Integer.toHexString(i));
-            }
-            re_md5 = buf.toString();
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        }
-        return re_md5;
-    }
 }
--- a/src/main/java/cn/quantgroup/xyqb/util/encrypt/Md5Util.java
+++ b/src/main/java/cn/quantgroup/xyqb/util/encrypt/Md5Util.java
 package cn.quantgroup.xyqb.util.encrypt;
+import lombok.extern.slf4j.Slf4j;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -9,16 +10,15 @@ import java.security.NoSuchAlgorithmException;
 /**
 * Created by tums on 2015/11/30.
 */
+@Slf4j
 public final class Md5Util {
-    private static final Logger LOGGER = LoggerFactory.getLogger(Md5Util.class);
    public static String build(String content) {
        MessageDigest messageDigest;
        try {
-            messageDigest = MessageDigest
+            messageDigest = MessageDigest.getInstance("md5");
-                    .getInstance("md5");
        } catch (NoSuchAlgorithmException e) {
-            LOGGER.error(e.getMessage(), e);
+            log.error("MessageDigest获取实例失败", e);
            return null;
        }
        messageDigest.update(content.getBytes());

--- a/src/test/java/common/Md5Test.java
+++ b/src/test/java/common/Md5Test.java
+package common;
+import cn.quantgroup.xyqb.service.captcha.GeetestLib;
+import cn.quantgroup.xyqb.util.encrypt.Md5Util;
+import lombok.extern.slf4j.Slf4j;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+@Slf4j
+@RunWith(JUnit4.class)
+public class Md5Test {
+    final static String PWD = "123456";
+    @Test
+    public void test() {
+        log.info("pwd:{},Md5Util:{},Geetest:{}", PWD, Md5Util.build(PWD), GeetestLib.md5Encode(PWD));
+    }
+}