From 3dae9f31e457ac55d451c4602eb0b8ce9762668f Mon Sep 17 00:00:00 2001 From: liuyingfang <1357764963@qq.com> Date: Mon, 12 Jun 2023 16:13:52 +0800 Subject: [PATCH] =?UTF-8?q?pos=E7=9B=B8=E5=85=B3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../MerchantBaseInfoController.java | 4 ++ .../controller/MerchantOrderController.java | 40 +++++++++++++++++-- .../cn/pluss/platform/util/TokenUtil.java | 14 +++++-- .../controller/home/LoginController.java | 10 ++--- .../src/main/resources/application.yml | 2 +- .../pluss/platform/dto/MerChantOrderDTO.java | 4 ++ .../deviceStock/DeviceStockService.java | 1 + .../impl/DeviceStockServiceImpl.java | 10 +++++ 8 files changed, 72 insertions(+), 13 deletions(-) diff --git a/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantBaseInfoController.java b/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantBaseInfoController.java index e7afab4..93c5fcd 100644 --- a/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantBaseInfoController.java +++ b/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantBaseInfoController.java @@ -12,6 +12,7 @@ import cn.pluss.platform.dto.BusinessLicenseDTO; import cn.pluss.platform.dto.ImgDTO; import cn.pluss.platform.dto.MerchantBaseInfoDTO; import cn.pluss.platform.entity.*; +import cn.pluss.platform.exception.MsgException; import cn.pluss.platform.mapper.MerchantImageMapper; import cn.pluss.platform.mapper.MerchantRateMapper; import cn.pluss.platform.merchant.MerchantBaseInfoService; @@ -172,6 +173,9 @@ public class MerchantBaseInfoController { @ApiImplicitParams({ @ApiImplicitParam(name = "MerchantBaseInfoDTO", value = "MerchantBaseInfoDTO实例", paramType = "body", dataType = "MerchantBaseInfoDTO", required = true)}) public Result saveMerchantBaseInfoV2(@RequestBody MerchantBaseInfoDTO merchantBaseInfoDTO) { + if (merchantBaseInfoDTO.getAlias().length() < 4 || merchantBaseInfoDTO.getAlias().length() > 18){ + MsgException.check(true,"请输入4-18位商户简称"); + } try { merchantBaseInfoService.saveMerchantBaseInfo(merchantBaseInfoDTO); return ResultGenerator.genSuccessResult("保存成功"); diff --git a/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantOrderController.java b/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantOrderController.java index 6c76d6b..b3f0c5e 100644 --- a/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantOrderController.java +++ b/pluss-api-page/src/main/java/cn/pluss/platform/controller/MerchantOrderController.java @@ -444,11 +444,20 @@ public class MerchantOrderController { * @return */ @PostMapping("/posScanPay") - public Result posScanPay(HttpServletRequest request,@RequestBody MerChantOrderDTO merchantOrderDTO) { + public Result posScanPay(HttpServletRequest request,@RequestBody MerChantOrderDTO merchantOrderDTO)throws Exception{ //首先验签 - verify(merchantOrderDTO.getTimestamp(), merchantOrderDTO.getRequestId(), merchantOrderDTO.getAppId(), merchantOrderDTO.getToken()); + verify(merchantOrderDTO.getTimestamp(), merchantOrderDTO.getRequestId(), merchantOrderDTO.getAppId(), merchantOrderDTO.getToken(), + merchantOrderDTO.getReqData()); + //拆分参数 + JSONObject jsonParam = JSONObject.parseObject(merchantOrderDTO.getReqData()); + Object sn = jsonParam.get("sn"); + Object authCode = jsonParam.get("authCode"); + Object consumeFee = jsonParam.get("consumeFee"); + Object type = jsonParam.get("type"); + Object mercOrderNo = jsonParam.get("mercOrderNo"); + Object remark = jsonParam.get("remark"); //通过后查询商户信息 - DeviceStock deviceStock = deviceStockService.checkBind(merchantOrderDTO.getSn()); + DeviceStock deviceStock = deviceStockService.checkBind(sn.toString()); MerchantBaseInfo merchantBaseInfoById = merchantBaseInfoService.getMerchantBaseInfoById(Integer.valueOf(deviceStock.getActMercId())); MsgException.checkNull(merchantBaseInfoById, "找不到商户"); merchantOrderDTO.setMerchantCode(merchantBaseInfoById.getMerchantCode()); @@ -1354,6 +1363,31 @@ public class MerchantOrderController { return ResultGenerator.genSuccessResult(couponList); } + /** + * 加上参数的签名 + * @param timestamp + * @param requestId + * @param appId + * @param token + * @param reqData + * @throws Exception + */ + public void verify(String timestamp, String requestId, String appId, + String token, String reqData)throws Exception{ + //首先验证签 + Map tokenMap = TokenUtil.getToken(timestamp, requestId, appId, reqData); + boolean sign = tokenMap.get("TOKEN").equals(token); + System.out.println(token); + MsgException.check(!sign,"签名错误"); + } + + /** + * 不加参数的签名 + * @param timestamp + * @param requestId + * @param appId + * @param token + */ public void verify(String timestamp, String requestId, String appId, String token){ //首先验证签 diff --git a/pluss-common-bundle/src/main/java/cn/pluss/platform/util/TokenUtil.java b/pluss-common-bundle/src/main/java/cn/pluss/platform/util/TokenUtil.java index 35702db..7de2dcc 100644 --- a/pluss-common-bundle/src/main/java/cn/pluss/platform/util/TokenUtil.java +++ b/pluss-common-bundle/src/main/java/cn/pluss/platform/util/TokenUtil.java @@ -58,11 +58,10 @@ public class TokenUtil { finalMap.put("TOKEN", MD5Util.md5(token + APP_SECRET).toUpperCase()); return finalMap; } + // public static Map getToken(String timestamp, String requestId, String appId, String reqData)throws Exception { String token = ""; String encode = ""; - System.out.println(timestamp); - System.out.println(requestId); System.out.println(appId); System.out.println(reqData); SortedMap map = new TreeMap(); @@ -81,7 +80,7 @@ public class TokenUtil { System.out.println(token); Map finalMap = new HashMap<>(); finalMap.put("ENCODE",encode); - finalMap.put("TOKEN", RSASignature.sign(encode, RSAUtil.CERT)); + finalMap.put("TOKEN", MD5Util.md5(token + APP_SECRET).toUpperCase()); return finalMap; } @@ -92,7 +91,14 @@ public class TokenUtil { System.out.println(s); String s1 = UUID.randomUUID().toString(); System.out.println(s1); - String param = "{\"date\":null,\"sn\":\"ZF544CG02S00001\",\"type\":null,\"page\":1,\"size\":10}"; + String param = "{\n" + + " \"type\": \"4\",\n" + + " \"consumeFee\": \"0.01\",\n" + + " \"authCode\": \"283907976309543222\",\n" + + " \"sn\": \"BSJQG01YJ0001\",\n" + + " \"mercOrderNo\": \" \",\n" + + " \"remark\": \"测试\"\n" + + " }"; Map token = getToken(s, s1, APP_ID,param); System.out.println(token); diff --git a/pluss-manage-page/src/main/java/cn/pluss/platform/controller/home/LoginController.java b/pluss-manage-page/src/main/java/cn/pluss/platform/controller/home/LoginController.java index 802f016..094b6a8 100644 --- a/pluss-manage-page/src/main/java/cn/pluss/platform/controller/home/LoginController.java +++ b/pluss-manage-page/src/main/java/cn/pluss/platform/controller/home/LoginController.java @@ -42,11 +42,11 @@ public class LoginController { public Result jwtTest(HttpServletRequest request) { String token = request.getHeader("token"); String userId = request.getHeader("userId"); - - if (!Objects.equals("244", userId)) { - // 此处不能返回401, 不然会形成死循环 - throw new MsgException("未授权"); - } +// +// if (!Objects.equals("244", userId)) { +// // 此处不能返回401, 不然会形成死循环 +// throw new MsgException("未授权"); +// } Object tokenUserId = JwtUtils.get("uid", token); if (!Objects.equals(userId, tokenUserId.toString())) { diff --git a/pluss-manage-page/src/main/resources/application.yml b/pluss-manage-page/src/main/resources/application.yml index 53390e5..547cbc3 100644 --- a/pluss-manage-page/src/main/resources/application.yml +++ b/pluss-manage-page/src/main/resources/application.yml @@ -1,7 +1,7 @@ spring: profiles: include: common, ryx, ys - active: prod + active: dev servlet: multipart: max-file-size: 100MB diff --git a/pluss-model-bundle/src/main/java/cn/pluss/platform/dto/MerChantOrderDTO.java b/pluss-model-bundle/src/main/java/cn/pluss/platform/dto/MerChantOrderDTO.java index d9427bf..7f6c299 100644 --- a/pluss-model-bundle/src/main/java/cn/pluss/platform/dto/MerChantOrderDTO.java +++ b/pluss-model-bundle/src/main/java/cn/pluss/platform/dto/MerChantOrderDTO.java @@ -76,6 +76,10 @@ public class MerChantOrderDTO { * 设备号 */ private String sn; + /** + * 业务参数 + */ + private String reqData; /** * @description: diff --git a/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/DeviceStockService.java b/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/DeviceStockService.java index d235178..ce4a130 100644 --- a/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/DeviceStockService.java +++ b/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/DeviceStockService.java @@ -101,6 +101,7 @@ public interface DeviceStockService extends IService { void bindDevcieV2(DeviceStockDTO dto); DeviceStock checkBind(String sn); + DeviceStock checkSN(String sn); DeviceStock getDeviceBySnNo(String sn); } diff --git a/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/impl/DeviceStockServiceImpl.java b/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/impl/DeviceStockServiceImpl.java index 95e0b44..655b255 100644 --- a/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/impl/DeviceStockServiceImpl.java +++ b/pluss-service-bundle/src/main/java/cn/pluss/platform/deviceStock/impl/DeviceStockServiceImpl.java @@ -398,6 +398,16 @@ public class DeviceStockServiceImpl extends ServiceImpl