KprProxyCenter/src/main/java/com/shkpr/service/proxycenter/components/GeoServerProxyServlet.java

package com.shkpr.service.proxycenter.components;

import com.global.base.tools.AESUtil;
import com.global.base.tools.CastUtil;
import com.global.base.tools.EncryptionUtil;
import com.shkpr.service.proxycenter.commtools.TimeTool;
import com.shkpr.service.proxycenter.constants.ApiURI;
import com.shkpr.service.proxycenter.controllerfilter.TokenAuthenticationService;
import com.shkpr.service.proxycenter.dto.ResponseCode;
import com.shkpr.service.proxycenter.globalcache.GlobalData;
import org.springframework.util.StringUtils;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Base64;

public class GeoServerProxyServlet extends AbstractProxyServlet {
    public GeoServerProxyServlet(String proxyUri, String proxyId, String proxyAddress, String proxyTK) {
        super(proxyUri, proxyId, proxyAddress, proxyTK);
    }

    @Override
    protected void service(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws ServletException, IOException {
        super.service(servletRequest, servletResponse);
    }

    @Override
    protected ResponseCode checkHeader(HttpServletRequest servletRequest, HttpServletResponse servletResponse) {
        //ResponseCode code = super.checkHeader(servletRequest, servletResponse);
        //if (code != ResponseCode.RESULT_NORMAL)
        //    return code;
        String strKprServerToken = servletRequest.getHeader(ApiURI.HEADER_AUTH_VERIFY);
        if (GlobalData.getInstance().getInternalCallPassword().equalsIgnoreCase(strKprServerToken))
            return ResponseCode.RESULT_NORMAL;

        String strSign = servletRequest.getHeader(ApiURI.HEADER_SIGNATURE);
        String strTime = servletRequest.getHeader(ApiURI.HEADER_TIMESTAMP);
        if (StringUtils.isEmpty(strSign) || StringUtils.isEmpty(strTime))
            return ResponseCode.RESULT_ERROR_SIGN;
        
        long reqUTC = CastUtil.castUTCLong(strTime, 0L);
        if (!(TimeTool.isMsUTC(reqUTC) && Math.abs(System.currentTimeMillis()-reqUTC) <= 5*TimeTool.MS_ONE_MIN)){
            return ResponseCode.RESULT_REQUEST_TIMEOUT;
        }

        String srcContent = "";
        try {
            srcContent = new String(Base64.getEncoder().encode(strTime.getBytes()), "UTF-8");
        }catch (Exception e){}
        String ascKey = EncryptionUtil.MD5Hash(TokenAuthenticationService.SECRET+strTime).substring(8,24).toLowerCase();
        String signDecode = AESUtil.AESDecrypt(AESUtil.Mode.CBC, AESUtil.Padding.PKCS5_PADDING, ascKey, strSign);
        if (StringUtils.isEmpty(signDecode) || !signDecode.equals(srcContent))
            return ResponseCode.RESULT_ERROR_SIGN;
        return ResponseCode.RESULT_NORMAL;
    }
}