From 39c2bd9ac3d591f894a8449b75dd9b115ec35df9 Mon Sep 17 00:00:00 2001 From: HuangXin Date: Sat, 12 Sep 2020 10:55:30 +0800 Subject: [PATCH] =?UTF-8?q?OCT=20REM:=201.=20=E6=9B=B4=E6=96=B0=E9=94=99?= =?UTF-8?q?=E8=AF=AF=E7=A0=81=E8=BD=ACHTTP=E5=93=8D=E5=BA=94=E7=A0=81?= =?UTF-8?q?=E6=96=B9=E6=B3=95=202.=20=E5=A2=9E=E5=8A=A0=E6=B3=A8=E9=94=80?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=AF=B7=E6=B1=82=E6=8B=A6=E6=88=AA=E5=99=A8?= =?UTF-8?q?=203.=20=E7=A7=BB=E9=99=A4=E6=97=A0=E7=94=A8=E7=9A=84MyConfig?= =?UTF-8?q?=E4=BB=A3=E7=A0=81=204.=20=E7=BB=9F=E4=B8=80=E5=BC=82=E5=B8=B8?= =?UTF-8?q?=E7=B1=BB=E8=BF=94=E5=9B=9E=E7=9A=84HTTP=20Code=205.=20?= =?UTF-8?q?=E7=BB=9F=E4=B8=80=E6=8E=A7=E5=88=B6=E5=99=A8=E9=98=B2=E6=8A=A4?= =?UTF-8?q?=E7=9A=84HTTP=20Code?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/dispose/common/ErrorCode.java | 28 ++++++++++++++--- .../com/dispose/config/AuthConfigure.java | 1 + .../java/com/dispose/config/MyConfig.java | 31 ------------------- .../exception/GlobalExceptionHandler.java | 23 +++++++++----- .../interceptor/ResponseProtocolSecurity.java | 10 +++++- .../dispose/interceptor/TokenInterceptor.java | 10 +++--- .../interceptor/TrustHostInterceptor.java | 2 +- 7 files changed, 56 insertions(+), 49 deletions(-) delete mode 100644 src/main/java/com/dispose/config/MyConfig.java diff --git a/src/main/java/com/dispose/common/ErrorCode.java b/src/main/java/com/dispose/common/ErrorCode.java index 4cf51783..1d558ffa 100644 --- a/src/main/java/com/dispose/common/ErrorCode.java +++ b/src/main/java/com/dispose/common/ErrorCode.java @@ -1,5 +1,7 @@ package com.dispose.common; +import javax.servlet.http.HttpServletResponse; + /** * The enum Error code. * @@ -240,10 +242,28 @@ public enum ErrorCode { * @return the http code */ public int getHttpCode() { - if (this.errno == 0) { - return 200; - } else { - return 500 + this.errno; + switch(this) { + case ERR_OK: + return HttpServletResponse.SC_OK; + case ERR_SYSTEMEXCEPTION: + case ERR_PARAMEXCEPTION: + return HttpServletResponse.SC_EXPECTATION_FAILED; + case ERR_TOKENTIMEOUT: + case ERR_REQTIMEOUT: + return HttpServletResponse.SC_REQUEST_TIMEOUT; + case ERR_UNTRUSTTOKEN: + case ERR_UNTRUSTHOST: + case ERR_LOGOUT: + return HttpServletResponse.SC_UNAUTHORIZED; + case ERR_MISSAUTHHEAD: + case ERR_PARAMS: + case ERR_INPUTFORMAT: + case ERR_INPUTMISS: + return HttpServletResponse.SC_BAD_REQUEST; + case ERR_UNSUPPORT: + return HttpServletResponse.SC_METHOD_NOT_ALLOWED; + default: + return HttpServletResponse.SC_INTERNAL_SERVER_ERROR; } } diff --git a/src/main/java/com/dispose/config/AuthConfigure.java b/src/main/java/com/dispose/config/AuthConfigure.java index b56ec343..d8547f20 100644 --- a/src/main/java/com/dispose/config/AuthConfigure.java +++ b/src/main/java/com/dispose/config/AuthConfigure.java @@ -63,6 +63,7 @@ public class AuthConfigure implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { // 注册需要检查token的控制器接口 + registry.addInterceptor(initAuthInterceptor()).addPathPatterns("/auth/logout"); registry.addInterceptor(initAuthInterceptor()).addPathPatterns("/manager/**"); registry.addInterceptor(initAuthInterceptor()).addPathPatterns("/task/**"); registry.addInterceptor(initAuthInterceptor()).addPathPatterns("/info/**"); diff --git a/src/main/java/com/dispose/config/MyConfig.java b/src/main/java/com/dispose/config/MyConfig.java deleted file mode 100644 index d79f7bef..00000000 --- a/src/main/java/com/dispose/config/MyConfig.java +++ /dev/null @@ -1,31 +0,0 @@ -package com.dispose.config; - -import lombok.Getter; -import lombok.Setter; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; - -/** - * The type My config. - * - * @author - */ -@Getter -@Setter -@Component -@ConfigurationProperties(prefix = "phoenix") -public class MyConfig { - - private String systemName; - private String swaggerSwitch; - private String redisServer; - private String requestDecSwitch; - private String responseEncSwitch; - private String aesKey; - private String redisRedissonSentinelMasterName; - private String redisRedissonPwd; - private String threatInfoKey; - private String threatInfoVersionUrl; - private String threatInfoDownload; - -} diff --git a/src/main/java/com/dispose/exception/GlobalExceptionHandler.java b/src/main/java/com/dispose/exception/GlobalExceptionHandler.java index 6f700a7b..1abd0140 100644 --- a/src/main/java/com/dispose/exception/GlobalExceptionHandler.java +++ b/src/main/java/com/dispose/exception/GlobalExceptionHandler.java @@ -4,13 +4,13 @@ import com.dispose.common.ErrorCode; import com.dispose.pojo.dto.protocol.base.BaseRespStatus; import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO; import com.security.exception.SecurityProtocolException; -import jodd.net.HttpStatus; import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; +import javax.servlet.http.HttpServletResponse; import java.util.ArrayList; import java.util.List; import java.util.concurrent.atomic.AtomicInteger; @@ -32,7 +32,8 @@ public class GlobalExceptionHandler { */ @ExceptionHandler(MethodArgumentNotValidException.class) @ResponseBody - public ProtocolRespDTO handleException(MethodArgumentNotValidException ex) { + public ProtocolRespDTO handleException(HttpServletResponse rsp, + MethodArgumentNotValidException ex) { log.debug("Argument Exception: ", ex); List exMsg = new ArrayList<>(); @@ -42,22 +43,28 @@ public class GlobalExceptionHandler { .getAllErrors() .forEach(v -> exMsg.add(idx.getAndIncrement() + ": " + v.getDefaultMessage())); + rsp.setStatus(ErrorCode.ERR_PARAMEXCEPTION.getHttpCode()); + return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION, - HttpStatus.error400().status(), - exMsg.toArray(new String[0])); + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + exMsg.toArray(new String[0])); } @ExceptionHandler(Throwable.class) @ResponseBody - public ProtocolRespDTO handleException(Throwable ex) { + public ProtocolRespDTO handleException(HttpServletResponse rsp, Throwable ex) { log.debug("Throwable Exception: ", ex); + rsp.setStatus(ErrorCode.ERR_PARAMEXCEPTION.getHttpCode()); + if (ex instanceof SecurityProtocolException) { - return ProtocolRespDTO.result(((SecurityProtocolException) ex).getErr(), - HttpStatus.error400().status(), new String[]{((SecurityProtocolException) ex).getErr().getMsg()}); + return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION, + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + new String[]{((SecurityProtocolException) ex).getErr().getMsg()}); } else { return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION, - HttpStatus.error400().status(), new String[]{ErrorCode.ERR_PARAMEXCEPTION.getMsg()}); + ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), + new String[]{ErrorCode.ERR_PARAMEXCEPTION.getMsg()}); } } } diff --git a/src/main/java/com/dispose/interceptor/ResponseProtocolSecurity.java b/src/main/java/com/dispose/interceptor/ResponseProtocolSecurity.java index a6103997..37623d43 100644 --- a/src/main/java/com/dispose/interceptor/ResponseProtocolSecurity.java +++ b/src/main/java/com/dispose/interceptor/ResponseProtocolSecurity.java @@ -2,6 +2,7 @@ package com.dispose.interceptor; import com.dispose.common.ProtoCryptoType; import com.dispose.common.SecurityConfigValue; +import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO; import com.dispose.service.ProtocolSecurityService; import com.security.annotation.Encryption; import lombok.extern.slf4j.Slf4j; @@ -65,9 +66,16 @@ public class ResponseProtocolSecurity implements ResponseBodyAdvice { @NotNull ServerHttpRequest serverHttpRequest, @NotNull ServerHttpResponse serverHttpResponse) { if (SecurityConfigValue.SECURITY_PROTOCOL_TYPE == ProtoCryptoType.CRYPTO_NONE.getCode()) { + if (o instanceof ProtocolRespDTO) { + serverHttpResponse.setStatusCode(org.springframework.http.HttpStatus.valueOf(((ProtocolRespDTO) o).getCode())); + } + return o; } else { - return protocolSecurityService.encryptProtocol(o, SecurityConfigValue.SECURITY_PROTOCOL_TYPE); + ProtocolRespDTO rspInfo = protocolSecurityService.encryptProtocol(o, + SecurityConfigValue.SECURITY_PROTOCOL_TYPE); + serverHttpResponse.setStatusCode(org.springframework.http.HttpStatus.valueOf(rspInfo.getCode())); + return rspInfo; } } diff --git a/src/main/java/com/dispose/interceptor/TokenInterceptor.java b/src/main/java/com/dispose/interceptor/TokenInterceptor.java index f1b91680..78e197f0 100644 --- a/src/main/java/com/dispose/interceptor/TokenInterceptor.java +++ b/src/main/java/com/dispose/interceptor/TokenInterceptor.java @@ -41,6 +41,7 @@ public class TokenInterceptor implements HandlerInterceptor { public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) throws Exception { + ErrorCode err; // 配置为不需要认证 if (!AuthConfigValue.VERIFY_REQUEST_TOKEN) { return true; @@ -61,22 +62,23 @@ public class TokenInterceptor implements HandlerInterceptor { return true; } - ErrorCode err = userAccountService.authTokenCheck(token); + err = userAccountService.authTokenCheck(token); // 判断token是否合法 if (err != ErrorCode.ERR_OK) { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json;charset=UTF-8"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.setStatus(err.getHttpCode()); response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(err))); log.error("Http request token [{}] is error: {}", token, err); return false; } } else { // 缺少必要的认证头部 + err = ErrorCode.ERR_MISSAUTHHEAD; response.setCharacterEncoding("UTF-8"); response.setContentType("application/json;charset=UTF-8"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); - response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(ErrorCode.ERR_MISSAUTHHEAD))); + response.setStatus(err.getHttpCode()); + response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(err))); log.error("Http request head miss \"Authorization\" item"); return false; } diff --git a/src/main/java/com/dispose/interceptor/TrustHostInterceptor.java b/src/main/java/com/dispose/interceptor/TrustHostInterceptor.java index 2d8540d6..068fa387 100644 --- a/src/main/java/com/dispose/interceptor/TrustHostInterceptor.java +++ b/src/main/java/com/dispose/interceptor/TrustHostInterceptor.java @@ -66,7 +66,7 @@ public class TrustHostInterceptor implements HandlerInterceptor { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json;charset=UTF-8"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.setStatus(err.getHttpCode()); response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(err))); return false;