public class FaceDTO implements Serializable {
@NotEmpty(message = "appid不能为空")
@Length(min = 1,max = 8,message = "长度不符")
private String app_id;
@NotEmpty(message = "timestamp不能为空")
private String timestamp;
@NotEmpty(message = "random不能为空")
private String random;
@NotEmpty(message = "idno不能为空")
private String id_no;
@NotEmpty(message = "faceimage不能为空")
private String face_image;
@NotEmpty(message = "sign不能为空")
private String sign;
}
* 验证签名
*
* @param faceVerifyRequestDTO
* @return true 签名验证成功 false 签名验证失败
*/
private boolean verifySign(FaceVerifyRequestDTO faceVerifyRequestDTO, String appkey) {
String idno = faceVerifyRequestDTO.getId_no();
String random = faceVerifyRequestDTO.getRandom();
String timestamp = faceVerifyRequestDTO.getTimestamp();
String appid = faceVerifyRequestDTO.getApp_id();
String md5Value = idno + random + timestamp + appid;
String md5 = MD5.md5(md5Value, appkey);
log.info("appkey={}",appkey);
log.info("参数sign={}",faceVerifyRequestDTO.getSign());
log.info("sign={}",md5);
if (StringUtils.upperCase(faceVerifyRequestDTO.getSign()).equals(StringUtils.upperCase(md5))) {
return true;
}
return false;
}
```java
app_id 是 String 应用id
timestamp 是 String 时间戳(毫秒值)例如:1533266925000
random 是 String 随机数(3位)
id_no 是 String 加密后的身份证加密串3DES(身份证+appkey(秘钥))
face_image 是 Base64 人脸图片
sign 是 String 数字签名
MD5(id_no(加密后的身份证串)+random+timestamp+app_id(明文)和appkey(秘钥))
切面验签
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RUNTIME)
@Documented
public @interface SignatureVerify {
}
import com.alibaba.fastjson.JSON;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
@Component
@Aspect
@Order(1)
public class SignatureInterceptor {
private static final Log LOGGER = LogFactory.getLog(SignatureInterceptor.class);
@Pointcut("@annotation(com.xxx.annotation.SignatureVerify)")
public void pointCut(){}
/**
* 切面验签
* @param joinPoint
*/
@Around("pointCut()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
String methodName = joinPoint.getSignature().getName();
LOGGER.info("***************执行"+methodName+"开始******************");
RequestAttributes ra = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes sra = (ServletRequestAttributes) ra;
HttpServletRequest request = sra.getRequest();
String signature = request.getHeader(Consts.SIGNATURE);
Object[] args = joinPoint.getArgs();
//签名参数
String params = "";
if(args.length>0){
params = args[0].toString();
}
LOGGER.info("签名参数:"+ params+",Signature:"+signature);
if(StringUtils.isBlank(params)){
LOGGER.info("签名参数不能为空");
}
//验证签名
if (!SignatureUtil.verifySignature(signature, params)) {
LOGGER.info("验签失败:"+ params);
}
Object[] obj = new Object[1];
String response = "";
//解密
if(!StringUtils.isBlank(params)) {
String originParams = params;
params = AESUtil.aesDecrypt(params);
if(params == null) {
LOGGER.info("解密失败:"+ originParams);
}
else {
String requestBody = params;
LOGGER.info("请求参数:"+params);
obj[0] = requestBody;
Object responseResult = joinPoint.proceed(obj);
}
}
LOGGER.info("***************执行"+methodName+"结束******************");
return response;
}
}
版权声明:本文为qq_30909079原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。