diff --git a/jsowell-admin/src/main/java/com/jsowell/web/controller/thirdparty/qinghai/QingHaiController.java b/jsowell-admin/src/main/java/com/jsowell/web/controller/thirdparty/qinghai/QingHaiController.java index d6481672e..e3b13f9ff 100644 --- a/jsowell-admin/src/main/java/com/jsowell/web/controller/thirdparty/qinghai/QingHaiController.java +++ b/jsowell-admin/src/main/java/com/jsowell/web/controller/thirdparty/qinghai/QingHaiController.java @@ -32,7 +32,7 @@ import java.util.Map; */ @Anonymous @RestController -@RequestMapping("/qinghai") +@RequestMapping("/qinghai/evcs") public class QingHaiController extends BaseController { @Autowired @@ -74,6 +74,7 @@ public class QingHaiController extends BaseController { // 校验失败 return CommonResult.failed("令牌校验错误"); } + // 查询配置信息 ThirdPartyPlatformConfig platformConfig = thirdPartyPlatformConfigService.getInfoByOperatorId(dto.getOperatorID()); String operatorSecret = platformConfig.getOperatorSecret(); @@ -81,6 +82,12 @@ public class QingHaiController extends BaseController { String dataSecret = platformConfig.getDataSecret(); String dataSecretIV = platformConfig.getDataSecretIv(); + // 校验签名 + boolean verifyResult = qingHaiPlatformServiceImpl.verifySignature(dto, platformConfig.getSignSecret()); + if (!verifyResult) { + // 验签失败 + return CommonResult.failed("签名错误"); + } // 解密data byte[] plainText = Cryptos.aesDecrypt(Encodes.decodeBase64(dataString), dataSecret.getBytes(), dataSecretIV.getBytes()); String dataStr = new String(plainText, StandardCharsets.UTF_8); @@ -116,6 +123,12 @@ public class QingHaiController extends BaseController { String dataSecret = platformConfig.getDataSecret(); String dataSecretIV = platformConfig.getDataSecretIv(); + // 校验签名 + boolean verifyResult = qingHaiPlatformServiceImpl.verifySignature(dto, platformConfig.getSignSecret()); + if (!verifyResult) { + // 验签失败 + return CommonResult.failed("签名错误"); + } // 解密data byte[] plainText = Cryptos.aesDecrypt(Encodes.decodeBase64(dataString), dataSecret.getBytes(), dataSecretIV.getBytes()); String dataStr = new String(plainText, StandardCharsets.UTF_8); diff --git a/jsowell-common/src/main/java/com/jsowell/common/enums/thirdparty/ThirdPlatformTypeEnum.java b/jsowell-common/src/main/java/com/jsowell/common/enums/thirdparty/ThirdPlatformTypeEnum.java index 64c7c7d5c..8c53690ad 100644 --- a/jsowell-common/src/main/java/com/jsowell/common/enums/thirdparty/ThirdPlatformTypeEnum.java +++ b/jsowell-common/src/main/java/com/jsowell/common/enums/thirdparty/ThirdPlatformTypeEnum.java @@ -19,7 +19,7 @@ public enum ThirdPlatformTypeEnum { HAI_NAN_2_PLATFORM("8", "海南一张网(充电平台)", "MAA9A0PP1"), HUA_WEI("9", "华为平台", "MA5GTQ528"), NEI_MENG_GU_PLATFORM("10", "内蒙古平台", ""), - QING_HAI_PLATFORM("11", "青海平台", ""), + QING_HAI_PLATFORM("11", "青海平台", "630000000"), ; private String typeCode; diff --git a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/lianlian/service/impl/LianLianServiceImpl.java b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/lianlian/service/impl/LianLianServiceImpl.java index 773412f33..971c0b48f 100644 --- a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/lianlian/service/impl/LianLianServiceImpl.java +++ b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/lianlian/service/impl/LianLianServiceImpl.java @@ -255,8 +255,8 @@ public class LianLianServiceImpl implements LianLianService { String dataSecret = "YPFVz1OvAS4nSwLW"; // SPBNJ1Z5EQNmpK08 VTAEKDPVN9CUS7WO huawei: zd4NrLWJ38XCTaqP E6gnWuz0QzBW75CR 正式:NHsBDtTanA60vTIu pJahbxk8wG79CMDB String dataSecretIV = "5tLoP60aR9QUB5Mx"; // peRoTcb2C7zqKeII 83UZFFRRZDYNF5CR huawei: RJJecvNTJ48SGMG7 SXejaSUx5yud8UHm 正式:2uyE2Cgu4nVf6egc y259VRq7h8RyFXmT String signSecret = "sRjCDeokckFGpYpA"; // sRjCDeokckFGpYpA - String dataString = "5TCGlD23wkxgJDWft077y212tE2U5XyR6iMpVesNoIiNiPG6n1sRKSDss\n" + - "QcezP+Zfzl1GnHbyTu7tm3IRvYoOg=="; + String dataString = "XGsQOWT30eM0JPCGRkT6DQrmXQyvH+0klPcXN+kQ2vK5/7m5dTELoDjiT7AY9h8dCrjcRf7kx07\n" + + "5MitXO8CzoHerSke1nYGjtvGcL/zUMbs="; // 解密data byte[] plainText = Cryptos.aesDecrypt(Encodes.decodeBase64(dataString), dataSecret.getBytes(), dataSecretIV.getBytes()); diff --git a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/ThirdPartyPlatformService.java b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/ThirdPartyPlatformService.java index 97d70908d..d98d8c3fc 100644 --- a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/ThirdPartyPlatformService.java +++ b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/ThirdPartyPlatformService.java @@ -485,16 +485,16 @@ public interface ThirdPartyPlatformService extends InitializingBean { * @param signSecret 签名密钥 * @return 校验结果 */ - default boolean verifySignature(String operatorID, String data, String timeStamp, String seq, String sig, String signSecret) { + default boolean verifySignature(CommonParamsDTO dto, String signSecret) { Map map = Maps.newLinkedHashMap(); - map.put("OperatorID", operatorID); - map.put("Data", data); - map.put("TimeStamp", timeStamp); - map.put("Seq", seq); + map.put("OperatorID", dto.getOperatorID()); + map.put("Data", dto.getData()); + map.put("TimeStamp", dto.getTimeStamp()); + map.put("Seq", dto.getSeq()); String sign = GBSignUtils.sign(map, signSecret); // 验证签名 得到请求方传过来的签名sig->自己拿到请求体后,再按双方约定的协议生成一个sig->对比两个sig是否一致 - return StringUtils.equals(sig, sign); + return StringUtils.equals(dto.getSig(), sign); } diff --git a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/qinghai/service/QingHaiPlatformServiceImpl.java b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/qinghai/service/QingHaiPlatformServiceImpl.java index 62063bef8..a60a16067 100644 --- a/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/qinghai/service/QingHaiPlatformServiceImpl.java +++ b/jsowell-thirdparty/src/main/java/com/jsowell/thirdparty/platform/qinghai/service/QingHaiPlatformServiceImpl.java @@ -12,6 +12,7 @@ import com.jsowell.common.enums.ykc.OrderStatusEnum; import com.jsowell.common.enums.ykc.ReturnCodeEnum; import com.jsowell.common.exception.BusinessException; import com.jsowell.common.util.DateUtils; +import com.jsowell.common.util.JWTUtils; import com.jsowell.common.util.PageUtils; import com.jsowell.common.util.StringUtils; import com.jsowell.pile.domain.*; @@ -20,6 +21,7 @@ import com.jsowell.pile.dto.QueryConnectorListDTO; import com.jsowell.pile.dto.QueryStartChargeDTO; import com.jsowell.pile.dto.QueryStationInfoDTO; import com.jsowell.pile.service.*; +import com.jsowell.pile.thirdparty.CommonParamsDTO; import com.jsowell.pile.thirdparty.ZDLEquipmentInfo; import com.jsowell.pile.thirdparty.ZDLStationInfo; import com.jsowell.pile.vo.base.ThirdPartyStationInfoVO; @@ -30,6 +32,7 @@ import com.jsowell.pile.vo.web.PileConnectorInfoVO; import com.jsowell.pile.vo.web.PileMerchantInfoVO; import com.jsowell.pile.vo.zdl.EquipBusinessPolicyVO; import com.jsowell.thirdparty.lianlian.domain.ConnectorStatusInfo; +import com.jsowell.thirdparty.lianlian.vo.AccessTokenVO; import com.jsowell.thirdparty.platform.ThirdPartyPlatformService; import com.jsowell.thirdparty.platform.common.ChargeOrderInfo; import com.jsowell.thirdparty.platform.common.ConnectorChargeStatusInfo; @@ -100,6 +103,60 @@ public class QingHaiPlatformServiceImpl implements ThirdPartyPlatformService { System.out.println("当前类名:" + this.getClass().getSimpleName()); } + /** + * 请求令牌 query_token + * @param dto + * @return + */ + @Override + public Map queryToken(CommonParamsDTO dto) { + String operatorId = dto.getOperatorID(); + // 通过operatorId 查出 operatorSecret + ThirdPartyPlatformConfig platformConfig = thirdPartyPlatformConfigService.getInfoByOperatorId(operatorId); + if (platformConfig == null) { + throw new BusinessException("1", "无此对接平台"); + } + + String operatorSecret = platformConfig.getOperatorSecret(); + String dataSecret = platformConfig.getDataSecret(); + String dataSecretIv = platformConfig.getDataSecretIv(); + String signSecret = platformConfig.getSignSecret(); + + // 解密data 获取参数中的OperatorSecret + try { + String decrypt = Cryptos.decrypt(dto.getData(), dataSecret, dataSecretIv); + String inputOperatorSecret = null; + if (StringUtils.isNotBlank(decrypt)) { + inputOperatorSecret = JSON.parseObject(decrypt).getString("OperatorSecret"); + } + if (!StringUtils.equals(operatorSecret, inputOperatorSecret)) { + throw new RuntimeException("密钥不一致"); + } + } catch (RuntimeException e) { + throw new BusinessException("2", "密钥错误"); + } + + // 生成token + String token = JWTUtils.createToken(operatorId, operatorSecret, JWTUtils.ttlMillis); + + // 组装返回参数 + AccessTokenVO vo = new AccessTokenVO(); + vo.setAccessToken(token); + vo.setOperatorID(operatorId); + vo.setTokenAvailableTime((int) (JWTUtils.ttlMillis / 1000)); + vo.setFailReason(0); + vo.setSuccStat(0); + + Map resultMap = Maps.newLinkedHashMap(); + // 加密数据 + String encryptData = Cryptos.aesEncrypt(JSON.toJSONString(vo), dataSecret, dataSecretIv); + resultMap.put("Data", encryptData); + // 生成sig + String resultSign = GBSignUtils.sign(resultMap, signSecret); + resultMap.put("Sig", resultSign); + return resultMap; + } + /** * 查询站点信息 query_stations_info * @param dto 查询站点信息dto