package com.fdkankan.scene.Interceptor; import cn.hutool.http.HttpUtil; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.fdkankan.common.exception.BusinessException; import com.fdkankan.common.util.ThreeDESUtil; import com.fdkankan.common.util.UserAgentUtils; import com.fdkankan.common.util.WebUtil; import com.fdkankan.feign.TietaFeignClient; import com.fdkankan.feign.WS4AServiceClient; import com.fdkankan.scene.entity.SceneViewLog; import com.fdkankan.scene.service.SceneViewLogService; import lombok.extern.log4j.Log4j2; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.aspectj.lang.annotation.Pointcut; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.util.Date; import java.util.HashMap; import java.util.Map; @Log4j2 @Aspect @Component @Order(101) public class CheckTokenAspect { @Value("${spring.cloud.nacos.discovery.access-key}") private String accessKey; @Value("${tieta.checkToken.syscode}") private String syscode; @Value("${gateway.key:6#dPz>3F}") private String gatewayKey; @Value("${gateway.url}") private String gatewayUrl; @Resource private TietaFeignClient tietaFeignClient; @Autowired private WS4AServiceClient ws4AServiceClient; @Autowired private SceneViewLogService sceneViewLogService; @Pointcut("@annotation(com.fdkankan.scene.annotation.CheckToken)") public void CheckToken() { } /** * 前置通知 用于判断用户协作场景是否有协作权限 * * @param joinPoint * 切点 * @throws IOException */ @Before("CheckToken()") public void doBefore(JoinPoint joinPoint) throws Exception { HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); //请求4a接口获取用户信息 Map parameter = WebUtil.getParameter(joinPoint, request); String acctId = (String) parameter.get("acctId"); String token = (String) parameter.get("token"); String num = (String) parameter.get("num"); //token校验 JSONObject checkProwadaTokenParam = new JSONObject(); JSONObject params = new JSONObject(); params.put("SYSCODE", syscode); params.put("ACCTID", acctId); params.put("TOKEN", token); String encode = ThreeDESUtil.encode(JSON.toJSONString(params), gatewayKey); checkProwadaTokenParam.put("args", encode); JSONObject result = ws4AServiceClient.checkProwadaToken(checkProwadaTokenParam); log.info("场景:{},4A校验token结果:{}", num, result); if(!"SUCCESS".equals(result.getString("resultStat"))){ throw new BusinessException(4000, "4A鉴权失败"); } String data = result.getString("data"); JSONObject dataObj = JSONObject.parseObject(data); if(!"0".equals(dataObj.getString("RSP"))){ throw new BusinessException(4000, "4A鉴权失败:" + dataObj.getString("ERRDESC")); } } }