From 7149e5597b3429bab2d7df22fe2bc68e88894a9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BB=84=E6=98=95?= Date: Mon, 25 Mar 2024 16:35:07 +0800 Subject: [PATCH] =?UTF-8?q?1.=20=E5=A2=9E=E5=8A=A0=E5=85=A8=E5=B1=80?= =?UTF-8?q?=E5=BC=82=E5=B8=B8=E6=8B=A6=E6=88=AA=E5=92=8C=E5=A4=84=E7=90=86?= =?UTF-8?q?=202.=20=E8=AE=A4=E8=AF=81key=E5=BC=82=E5=B8=B8=E6=94=AF?= =?UTF-8?q?=E6=8C=81=E5=9B=BD=E9=99=85=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cf/cs/authentication/misc/JwtUtils.java | 10 +- .../i18n/errorMessage_en_US.properties | 4 + .../i18n/errorMessage_zh_CN.properties | 6 +- .../exception/ControllerExceptionHandler.java | 98 +++++++++++++++++++ 4 files changed, 113 insertions(+), 5 deletions(-) create mode 100644 cs-restful/src/main/java/com/cf/cs/restful/exception/ControllerExceptionHandler.java diff --git a/cs-authentication/src/main/java/com/cf/cs/authentication/misc/JwtUtils.java b/cs-authentication/src/main/java/com/cf/cs/authentication/misc/JwtUtils.java index 10470fa..176d76a 100644 --- a/cs-authentication/src/main/java/com/cf/cs/authentication/misc/JwtUtils.java +++ b/cs-authentication/src/main/java/com/cf/cs/authentication/misc/JwtUtils.java @@ -5,6 +5,8 @@ import com.cf.cs.authentication.exception.CommonAuthException; import com.cf.cs.base.common.ConstValue; import com.cf.cs.base.common.ErrorCode; import com.cf.cs.base.config.JwtConfigure; +import com.cf.cs.base.misc.ApiContextUtils; +import com.cf.cs.base.misc.MessageUtil; import com.cf.cs.crypto.arithmetic.CryptoHelper; import com.cf.cs.database.pojo.entity.User; import com.cf.cs.database.service.UserDataBaseService; @@ -108,13 +110,13 @@ public class JwtUtils { return user; } catch (MalformedJwtException e) { - throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, "密钥算法或者密钥转换错误"); + throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, MessageUtil.get("err.auth.key.convert", ApiContextUtils.getLanguare())); } catch (MissingClaimException e) { - throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, "密钥缺少校验数据"); + throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, MessageUtil.get("err.auth.key.verify", ApiContextUtils.getLanguare())); } catch (ExpiredJwtException e) { - throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, "密钥已过期"); + throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, MessageUtil.get("err.auth.key.timeout", ApiContextUtils.getLanguare())); } catch (JwtException e) { - throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, "密钥解析错误"); + throw new CommonAuthException(ErrorCode.ERR_TOKEN_KEY, MessageUtil.get("err.auth.key.prase", ApiContextUtils.getLanguare())); } } diff --git a/cs-base/src/main/resources/i18n/errorMessage_en_US.properties b/cs-base/src/main/resources/i18n/errorMessage_en_US.properties index c1aad9a..a491f86 100644 --- a/cs-base/src/main/resources/i18n/errorMessage_en_US.properties +++ b/cs-base/src/main/resources/i18n/errorMessage_en_US.properties @@ -52,3 +52,7 @@ ERR_DECRYPT_AES256=AES256 decryption failure ERR_CRYPTO_KEY=Wrong secret key ERR_USER_ROLE_NOTEXISTS=The user role does not exist ERR_RESOURCE_USED=Resource used +err.auth.key.convert=Key algorithm or key conversion error +err.auth.key.verify=Key missing verification data +err.auth.key.timeout=Key expired +err.auth.key.prase=Key resolution error \ No newline at end of file diff --git a/cs-base/src/main/resources/i18n/errorMessage_zh_CN.properties b/cs-base/src/main/resources/i18n/errorMessage_zh_CN.properties index b4f8c27..c895483 100644 --- a/cs-base/src/main/resources/i18n/errorMessage_zh_CN.properties +++ b/cs-base/src/main/resources/i18n/errorMessage_zh_CN.properties @@ -52,4 +52,8 @@ ERR_ENCRYPT_AES256=AES256\u52A0\u5BC6\u5931\u8D25 ERR_DECRYPT_AES256=AES256\u89E3\u5BC6\u5931\u8D25 ERR_CRYPTO_KEY=\u9519\u8BEF\u7684\u79D8\u94A5 ERR_USER_ROLE_NOTEXISTS=\u7528\u6237\u89D2\u8272\u4E0D\u5B58\u5728 -ERR_RESOURCE_USED=\u8D44\u6E90\u88AB\u5360\u7528 \ No newline at end of file +ERR_RESOURCE_USED=\u8D44\u6E90\u88AB\u5360\u7528 +err.auth.key.convert=\u5BC6\u94A5\u7B97\u6CD5\u6216\u8005\u5BC6\u94A5\u8F6C\u6362\u9519\u8BEF +err.auth.key.verify=\u5BC6\u94A5\u7F3A\u5C11\u6821\u9A8C\u6570\u636E +err.auth.key.timeout=\u5BC6\u94A5\u5DF2\u8FC7\u671F +err.auth.key.prase=\u5BC6\u94A5\u89E3\u6790\u9519\u8BEF \ No newline at end of file diff --git a/cs-restful/src/main/java/com/cf/cs/restful/exception/ControllerExceptionHandler.java b/cs-restful/src/main/java/com/cf/cs/restful/exception/ControllerExceptionHandler.java new file mode 100644 index 0000000..7c93fbf --- /dev/null +++ b/cs-restful/src/main/java/com/cf/cs/restful/exception/ControllerExceptionHandler.java @@ -0,0 +1,98 @@ +package com.cf.cs.restful.exception; + + +import com.cf.cs.base.common.ConstValue; +import com.cf.cs.base.common.ErrorCode; +import com.cf.cs.base.exception.CommonErrorCodeException; +import com.cf.cs.base.misc.HelperUtils; +import com.cf.cs.protocol.exception.SecurityProtocolException; +import com.cf.cs.protocol.pojo.po.BaseRespStatus; +import com.cf.cs.protocol.pojo.vo.ProtocolResp; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.MethodArgumentNotValidException; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ResponseBody; +import org.springframework.web.bind.annotation.ResponseStatus; +import org.springframework.web.servlet.NoHandlerFoundException; + +import java.util.ArrayList; +import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; + +@ControllerAdvice +@Slf4j +public class ControllerExceptionHandler { + @ExceptionHandler(NoHandlerFoundException.class) + @ResponseStatus(HttpStatus.NOT_FOUND) + @ResponseBody + public ProtocolResp controllerNotFound(NoHandlerFoundException e) { + List errMsg = new ArrayList<>(); + errMsg.add(e.getMessage()); + + return ProtocolResp.result(ErrorCode.ERR_NOSUCHITEM, + HttpStatus.NOT_FOUND.value(), + errMsg.toArray(new String[0])); + } + + @ExceptionHandler({MethodArgumentNotValidException.class}) + @ResponseBody + public ProtocolResp controllerGlobalException(MethodArgumentNotValidException e) { + AtomicInteger idx = new AtomicInteger(); + List errMsg = e.getBindingResult() + .getFieldErrors() + .stream() + .map(v -> idx.getAndIncrement() + ": " + v.getDefaultMessage()) + .toList(); + return ProtocolResp.result(ErrorCode.ERR_PARAMEXCEPTION, + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + errMsg.toArray(new String[0])); + } + + @ExceptionHandler({CommonErrorCodeException.class}) + @ResponseBody + public ProtocolResp commonErrorException(Exception ex) { + return ProtocolResp.result(ErrorCode.ERR_PARAMEXCEPTION, + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + new String[] {ex.getMessage()}); + } + + @ExceptionHandler(SecurityProtocolException.class) + @ResponseBody + public ProtocolResp handleException(HttpServletResponse rsp, + HttpServletRequest req, + SecurityProtocolException ex) { + try { + String reqType = req.getMethod(); + String reqPath = req.getRequestURI(); + String reqIp = req.getRemoteAddr(); + String reqToken = req.getHeader("Authorization"); + + if (reqToken != null && !reqToken.isEmpty()) { + reqToken = reqToken.replace(ConstValue.STRING_HTTP_AUTH_HEAD, ""); + } + log.error(""" + Interface [{}] request <{}> from {}, token = <{}> + +++ Request: {} + --- Exception information: {}""", + reqType, reqPath, reqIp, reqToken, HelperUtils.inputStream2String(req.getInputStream()), + ex.getMessage()); + } catch (Exception ignored) { + // Do nothing... + } + + List errMeg = new ArrayList<>(); + rsp.setStatus(ErrorCode.ERR_PARAMEXCEPTION.getHttpCode()); + + if (ex.getMessage() != null && !ex.getMessage().isEmpty()) { + errMeg.add(ex.getErr().getStringValue() + ": " + ex.getDescription()); + } + + return ProtocolResp.result(ErrorCode.ERR_PARAMEXCEPTION, + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + errMeg.toArray(new String[0])); + } +}