cn.bestwu.api.sign.ApiSignAspect Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of api-sign Show documentation

api-sign

There is a newer version: 1.2.4

package cn.bestwu.api.sign;

import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;

import javax.servlet.http.HttpServletRequest;

@Slf4j
@Aspect
public class ApiSignAspect {

	@Autowired(required = false)
	private HttpServletRequest request;
	@Autowired
	private ApiSignAdpter apiSignAdpter;

	private boolean skipAdmin = true;
	private SignMode signMode = SignMode.REQUEST_HEADER;
	private String signParameter = "sign";

	public void setSignParameter(String signParameter) {
		this.signParameter = signParameter;
	}

	public void setSignMode(SignMode signMode) {
		this.signMode = signMode;
	}

	public void setSkipAdmin(boolean skipAdmin) {
		this.skipAdmin = skipAdmin;
	}

	@Before(value = "(!@annotation(cn.bestwu.api.sign.NoApiSign)&&!@within(cn.bestwu.api.sign.NoApiSign))&&(@annotation(cn.bestwu.api.sign.ApiSign)||@within(cn.bestwu.api.sign.ApiSign))&&@annotation(org.springframework.web.bind.annotation.RequestMapping)")
	public void verify() {
		String sign = null;
		switch (signMode) {
		case REQUEST_HEADER:
			sign = request.getHeader(this.signParameter);
			break;
		case REQUEST_BODY:
			sign = request.getParameter(this.signParameter);
			break;
		}

		if (!apiSignAdpter.isSign(request.getParameterMap(), sign, skipAdmin)) {
			throw new InvalidRequestException("invalid_request");
		} else if (log.isDebugEnabled()) {
			log.debug("sign check pass");
		}
	}

	public enum SignMode {
		REQUEST_HEADER, REQUEST_BODY
	}
}