消息融合

csgyoho
Commit 749ae377910780b13020dafa028352501cefad31 1 parent 99a96753
Showing 1 changed file with 44 additions and 1 deletions
common/src/main/java/com/yohoufo/common/interceptor/SignatureVerifyInterceptor.java
--- a/common/src/main/java/com/yohoufo/common/interceptor/SignatureVerifyInterceptor.java
View file @749ae37
+++ b/common/src/main/java/com/yohoufo/common/interceptor/SignatureVerifyInterceptor.java
View file @749ae37
@@ -24,6 +24,8 @@ import javax.crypto.spec.SecretKeySpec;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;
+ import java.net.InetAddress;
+ import java.net.UnknownHostException;
 import java.util.*;
 
 public class SignatureVerifyInterceptor implements HandlerInterceptor, ApplicationEventPublisherAware {
@@ -160,7 +162,11 @@ public class SignatureVerifyInterceptor implements HandlerInterceptor, Applicati
      * @return
      */
     private boolean validateReqParams(HttpServletRequest request, Map<String, String> params){
- 
+         //内网访问的pc/h5不作校验
+         String clientType = params.get("client_type");
+         if(("web".equals(clientType) || "h5".equals(clientType) || "wechat".equals(clientType)) && isInnerIp(request)){
+             return true;
+         }
         //是否校验全部接口，开关-true：校验全部接口（除含@IgnoreSignature注解接口） 开关-false:只校验核心接口
         boolean isVerifyAllMethod = configReader.getBoolean("gateway.signature.isVerifyAllMethod", false);
         if(!isVerifyAllMethod){
@@ -176,6 +182,43 @@ public class SignatureVerifyInterceptor implements HandlerInterceptor, Applicati
         return false;
     }
 
+     /**
+      * 是否内网ip
+      * @param request
+      * @return
+      */
+     public boolean isInnerIp(HttpServletRequest request){
+         String ip = getRemoteIP( request );
+         String[] ipArr = ip.split( "," );
+         InetAddress inetAddress = null;
+         try {
+             inetAddress = InetAddress.getByName( ipArr[ ipArr.length - 1 ].trim() );
+         } catch (UnknownHostException e) {
+             logger.warn("isInnerIp error is {}", e);
+         }
+         if ( inetAddress.isSiteLocalAddress() ) {
+             // 是内网IP
+             return true;
+         } else {
+             // 不是内网接口
+             logger.info( "handler inner api interceptor, {} can not run inner api.", ip );
+             return false;
+         }
+     }
+ 
+     /**
+      * 获取用户IP
+      *
+      * @param httpServletRequest 1） x-forwarded-for 2）.getRemoteAddr()
+      * @return 用户IP
+      */
+     private String getRemoteIP(final HttpServletRequest httpServletRequest) {
+         String ip = httpServletRequest.getHeader("X-Forwarded-For");
+         if (StringUtils.isEmpty(ip)) {
+             ip = httpServletRequest.getRemoteAddr();
+         }
+         return ip;
+     }
 
     /**
      * 获取请求信息： requestParam