补充

db6c31d5 · 技术部-任文超 · dd883009 · db6c31d5 · db6c31d5 · db6c31d5
Commit db6c31d5 authored Feb 06, 2018 by 技术部-任文超
6 changed files
--- a/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
+++ b/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
@@ -73,12 +73,12 @@ public class CaptchaNewValidateAdvisor {
     * @throws Throwable
     */
    private boolean gtValid(HttpServletRequest request) {
+        String phoneNo = request.getParameter("phoneNo");
+        String clientType = request.getParameter("clientType");
        String challenge = request.getParameter(Constants.FN_GEETEST_CHALLENGE);
        String validate = request.getParameter(Constants.FN_GEETEST_VALIDATE);
        String seccode = request.getParameter(Constants.FN_GEETEST_SECCODE);
-        String phoneNo = request.getParameter("phoneNo");
+        log.info("Geetest - 极验二次校验, phoneNo:{}, clientType:{}, ip:{}, challenge:{}, validate:{}, seccode:{}", phoneNo, clientType, IPUtil.getRemoteIP(request), challenge, validate, seccode);
-        String clientType = request.getParameter("clientType");
-        log.info("使用极验二次验证,phoneNo:{}, clientType:{}, challenge:{}, validate:{}, seccode:{}", phoneNo, clientType, challenge, validate, seccode);
        return geetestCaptchaService.validGeetestCaptcha(PasswordUtil.MD5(phoneNo), IPUtil.getRemoteIP(request), ClientType.valueByName(clientType), challenge, validate, seccode);
    }
@@ -89,8 +89,10 @@ public class CaptchaNewValidateAdvisor {
     * @throws Throwable
     */
    private boolean qgValid(HttpServletRequest request) {
+        String phoneNo = request.getParameter("phoneNo");
        String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
        String captchaValue = request.getParameter("captchaValue");
+        log.info("Quantgroup - 图形验证码校验, phoneNo:{}, ip:{}, captchaId:{}, captchaValue:{}", phoneNo, IPUtil.getRemoteIP(request), captchaId, captchaValue);
        return quantgroupCaptchaService.validQuantgroupCaptcha(captchaId, captchaValue);
    }

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
 package cn.quantgroup.xyqb.controller.external.captcha;
 import cn.quantgroup.xyqb.Constants;
-import cn.quantgroup.xyqb.aspect.captcha.CaptchaValidator;
-import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
-import com.octo.captcha.service.CaptchaServiceException;
+import java.util.*;
-import java.nio.charset.Charset;
-import java.util.Optional;
-import java.util.concurrent.TimeUnit;
 import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import javax.imageio.ImageIO;
@@ -27,9 +16,6 @@ import javax.servlet.http.HttpServletRequest;
 import java.awt.image.BufferedImage;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
 /**
 * 类名称：ImgCaptchaController
@@ -40,41 +26,21 @@ import java.util.UUID;
 */
 @RestController
 @RequestMapping("/api")
-public class ImageCaptchaController implements IBaseController {
+public class ImageCaptchaController {
-  private static final Logger LOGGER = LoggerFactory.getLogger(ImageCaptchaController.class);
-  private static final String SUPER_CAPTCHA_ID = UUID.nameUUIDFromBytes("__QG_APPCLIENT_AGENT__".getBytes(Charset.forName("UTF-8"))).toString();
-  private static final String SUPER_CAPTCHA = "__SUPERQG__";
  private static final String IMAGE_FORMAT_PNG = "png";
  private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
-  private static final String IMAGE_IP_COUNT = "image:ip";
-  private static final String IMAGE_PHONE_COUNT = "image:phone";
-  private static final Long  FIVE_MIN = 24 * 5L;
  @Autowired
  @Qualifier("customCaptchaService")
  private AbstractManageableImageCaptchaService imageCaptchaService;
-  @Autowired
-  @Qualifier("stringRedisTemplate")
-  private RedisTemplate<String, String> redisTemplate;
-  @ModelAttribute("clientIp")
-  public String initClientIp() {
-    return getIp();
-  }
-  /**
-   * 自动化测试忽略验证码
-   */
-  @Value("${xyqb.auth.captcha.autotest.enable:false}")
-  private boolean autoTestCaptchaEnabled;
  /**
   * 获取验证码
   * 默认匹配 GET /captcha, 提供4位数字和字母混合图片验证码
   */
  @RequestMapping(value = "/captcha")
-  public JsonResult fetchCaptcha(HttpServletRequest request, @ModelAttribute("clientIp") String clientIp) {
+  public JsonResult fetchCaptcha(HttpServletRequest request) {
    String imageId = UUID.randomUUID().toString();
    BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale());
    ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
@@ -92,12 +58,5 @@ public class ImageCaptchaController implements IBaseController {
    data.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));
    return JsonResult.buildSuccessResult("", data);
  }
-  /**
-   * 图片验证码验证
-   */
-  @CaptchaValidator
-  @RequestMapping("/verification_image_code")
-  public JsonResult verificationImageCode() {
-    return JsonResult.buildSuccessResult("", null);
-  }
 }
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java
@@ -36,14 +36,15 @@ public class NewCaptchaController {
    @LogHttpCaller
    @RequestMapping(value = "/captcha/new")
    public JsonResult getCaptcha(String phoneNo, String clientType, HttpServletRequest request) {
+        String remoteIp = IPUtil.getRemoteIP(request);
+        log.info("获取验证码, phoneNo:{}, clientType:{}, ip:{}", phoneNo, clientType, remoteIp);
        if (!ValidationUtil.validatePhoneNo(phoneNo)) {
-            log.info("获取验证码失败，phoneNo:{}, clientType:{}", phoneNo, clientType);
            return JsonResult.buildErrorStateResult("手机号格式错误", null);
        }
        // 数据容器
        Map<String, String> data = new HashMap<String, String>();
        // 优先获取极验
-        Map<String, String> imgMap = geetestCaptchaService.fetchGeetestCaptcha(PasswordUtil.MD5(phoneNo), IPUtil.getRemoteIP(request), ClientType.valueByName(clientType));
+        Map<String, String> imgMap = geetestCaptchaService.fetchGeetestCaptcha(PasswordUtil.MD5(phoneNo), remoteIp, ClientType.valueByName(clientType));
        data.put(Constants.VERIFY_PARAM, Constants.VERIFY_TYPE_GT);
        // 备选方案：量化派图形验证码
        if(Objects.isNull(imgMap) || imgMap.isEmpty()){
@@ -59,10 +60,4 @@ public class NewCaptchaController {
        return JsonResult.buildSuccessResult("", data);
    }
-    @CaptchaNewValidator
-    @RequestMapping("/new_verification_image_code")
-    public JsonResult verificationImageCode() {
-        return JsonResult.buildSuccessResult("", null);
-    }
 }
--- a/src/main/java/cn/quantgroup/xyqb/model/ClientType.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/ClientType.java
@@ -8,12 +8,21 @@ import java.util.Optional;
 * @date 2018-02-02
 */
 public enum ClientType {
-  WEB, APP, H5;
+  APP("native"), H5("h5"), WEB("web");
+  ClientType(String alias){
+    this.alias = alias;
+  }
+  private String alias;
+  public String getAlias(){
+    return this.alias;
+  }
  public final static ClientType valueByName(String name) {
    name = Optional.ofNullable(name).orElse("").toLowerCase();
    switch (name){
      case "app":
+      case "native":
        return APP;
      case "h5":
        return H5;

--- a/src/main/java/cn/quantgroup/xyqb/service/captcha/impl/GeetestCaptchaServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/captcha/impl/GeetestCaptchaServiceImpl.java
@@ -60,9 +60,9 @@ public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
        HashMap<String, String> param = new HashMap<>();
        param.put("user_id", markId);
        if (Objects.isNull(clientType)) {
-            param.put("client_type", ClientType.APP.name().toLowerCase());
+            param.put("client_type", ClientType.APP.getAlias());
        }else{
-            param.put("client_type", clientType.name().toLowerCase());
+            param.put("client_type", clientType.getAlias());
        }
        param.put("ip_address", remoteIp);
        return param;

--- a/src/test/java/service/GeetestCaptchaServiceTest.java
+++ b/src/test/java/service/GeetestCaptchaServiceTest.java
@@ -38,9 +38,9 @@ public class GeetestCaptchaServiceTest {
    @Test
    public void testValidGeetestCaptcha(){
-        String challenge = "c5372e93d6496f7bl096b7cl4fd6732c76";
+        String challenge = "86664ca9f3feba52c1d070343a9d10c6";
-        String validate = "ba4df3e99129cal4893accb29b46bf8e";
+        String validate = "9b80dd76a43e2608e54da9b865733b8c";
-        String seccode = "ba4df3e99129cal4893accb29b46bf8e|jordan";
+        String seccode = "9b80dd76a43e2608e54da9b865733b8c|jordan";
        Assert.assertTrue(geetestCaptchaService.validGeetestCaptcha(PasswordUtil.MD5(phoneNo), remoteIp, clientType, challenge, validate, seccode));
    }
 }