From c0754981d14fd3ab8b96d18df2fe105a09d6c6ac Mon Sep 17 00:00:00 2001
From: HuangXin <huangxin@cmhi.chinamobile.com>
Date: Tue, 20 Oct 2020 09:15:28 +0800
Subject: [PATCH] =?UTF-8?q?OCT=20REM:=201.=20=E5=A2=9E=E5=8A=A0=E5=88=A4?=
 =?UTF-8?q?=E6=96=AD=E6=8E=A5=E5=8F=A3=E8=AF=B7=E6=B1=82=E6=98=AF=E5=90=A6?=
 =?UTF-8?q?=E8=B6=85=E6=97=B6=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/dispose/config/DisposeConfigure.java  |  2 +-
 .../ControllerRequestTimeoutException.java    | 45 ++++++++++++
 .../exception/GlobalExceptionHandler.java     | 73 ++++++++++++++++---
 .../impl/ProtocolSecurityServiceImpl.java     | 18 +++++
 4 files changed, 127 insertions(+), 11 deletions(-)
 create mode 100644 src/main/java/com/dispose/exception/ControllerRequestTimeoutException.java

diff --git a/src/main/java/com/dispose/config/DisposeConfigure.java b/src/main/java/com/dispose/config/DisposeConfigure.java
index e6d38ad1..bd79e1af 100644
--- a/src/main/java/com/dispose/config/DisposeConfigure.java
+++ b/src/main/java/com/dispose/config/DisposeConfigure.java
@@ -61,7 +61,7 @@ public class DisposeConfigure {
      */
     @PostConstruct
     private void initGlobalValue() {
-        DisposeConfigValue.REQUEST_TIMEOUT_MS = Optional.ofNullable(requestTimeoutSecond).orElse((long) 5 * 1000);
+        DisposeConfigValue.REQUEST_TIMEOUT_MS = Optional.ofNullable(requestTimeoutSecond).orElse((long) 5) * 1000;
         DisposeConfigValue.CHECK_PROTO_REQUEST_TIMEOUT = Optional.ofNullable(checkProtocolTimeout).orElse(true);
         DisposeConfigValue.USED_PRIVACY_PROTECT = Optional.ofNullable(usedPrivacyProtect).orElse(true);
         DisposeConfigValue.CALL_ERROR_RETRY_TIMES = Optional.ofNullable(callErrorRetryTimes).orElse(5);
diff --git a/src/main/java/com/dispose/exception/ControllerRequestTimeoutException.java b/src/main/java/com/dispose/exception/ControllerRequestTimeoutException.java
new file mode 100644
index 00000000..6bebadd5
--- /dev/null
+++ b/src/main/java/com/dispose/exception/ControllerRequestTimeoutException.java
@@ -0,0 +1,45 @@
+package com.dispose.exception;
+
+import com.dispose.common.ErrorCode;
+import lombok.Getter;
+import lombok.Setter;
+
+/**
+ * The type Controller request timeout exception.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+@Getter
+@Setter
+public class ControllerRequestTimeoutException extends RuntimeException {
+    /**
+     * The Err.
+     */
+    private ErrorCode err;
+
+    /**
+     * The Message.
+     */
+    private String message;
+
+    /**
+     * Instantiates a new Controller request timeout exception.
+     *
+     * @param err the err
+     * @param msg the msg
+     */
+    public ControllerRequestTimeoutException(ErrorCode err, String msg) {
+        super();
+        this.err = err;
+        this.message = err.getMsg() + ", " + msg;
+    }
+
+    /**
+     * Gets exception message.
+     *
+     * @return the exception message
+     */
+    public String getExceptionMessage() {
+        return this.message;
+    }
+}
diff --git a/src/main/java/com/dispose/exception/GlobalExceptionHandler.java b/src/main/java/com/dispose/exception/GlobalExceptionHandler.java
index dfc64af4..706ede29 100644
--- a/src/main/java/com/dispose/exception/GlobalExceptionHandler.java
+++ b/src/main/java/com/dispose/exception/GlobalExceptionHandler.java
@@ -7,6 +7,7 @@ import com.dispose.pojo.dto.protocol.base.BaseRespStatus;
 import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
 import com.dispose.security.exception.SecurityProtocolException;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.validation.ObjectError;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -47,11 +48,29 @@ public class GlobalExceptionHandler {
             if (reqToken != null && reqToken.length() > 0) {
                 reqToken = reqToken.replace(ConstValue.STRING_HTTP_AUTH_HEAD, "");
             }
-            log.info("Interface [{}] request <{}> from {}, token = <{}>\n" +
-                             "+++ Request: {}\n" +
-                             "--- Verify params failed: {}",
-                     reqType, reqPath, reqIp, reqToken, Helper.inputStream2String(req.getInputStream()),
-                     ex.getMessage());
+
+            StringBuilder sb = new StringBuilder("[");
+
+            List<ObjectError> errList = ex.getBindingResult().getAllErrors();
+
+            for (int i = 0; i < errList.size(); i++) {
+                log.debug("Verify params error {}: {}", i, errList.get(i));
+                sb.append("\"")
+                        .append(i)
+                        .append(": ")
+                        .append(errList.get(i).getDefaultMessage())
+                        .append("\"");
+                if (i < errList.size() - 1) {
+                    sb.append(", ");
+                }
+            }
+            sb.append("]");
+
+            log.error("Interface [{}] request <{}> from {}, token = <{}>\n" +
+                              "+++ Request: {}\n" +
+                              "--- Verify params failed: {}",
+                      reqType, reqPath, reqIp, reqToken, Helper.inputStream2String(req.getInputStream()),
+                      sb.toString());
         } catch (Exception ignored) {
         }
 
@@ -93,13 +112,14 @@ public class GlobalExceptionHandler {
             if (reqToken != null && reqToken.length() > 0) {
                 reqToken = reqToken.replace(ConstValue.STRING_HTTP_AUTH_HEAD, "");
             }
-            log.info("Interface [{}] request <{}> from {}, token = <{}>\n" +
-                             "+++ Request: {}\n" +
-                             "--- Verify params failed: {}",
-                     reqType, reqPath, reqIp, reqToken, Helper.inputStream2String(req.getInputStream()),
-                     ex.getDescription() != null ? ex.getDescription() : ex.getMessage());
+            log.error("Interface [{}] request <{}> from {}, token = <{}>\n" +
+                              "+++ Request: {}\n" +
+                              "--- Verify params failed: {}",
+                      reqType, reqPath, reqIp, reqToken, Helper.inputStream2String(req.getInputStream()),
+                      ex.getMessage() == null ? ex.getDescription() : ex.getMessage());
         } catch (Exception ignored) {
         }
+
         log.debug("SecurityProtocolException Exception: ", ex);
 
         List<String> errMeg = new ArrayList<>();
@@ -120,6 +140,39 @@ public class GlobalExceptionHandler {
                                       errMeg.toArray(new String[0]));
     }
 
+    @ExceptionHandler(ControllerRequestTimeoutException.class)
+    @ResponseBody
+    public ProtocolRespDTO<BaseRespStatus> handleException(HttpServletResponse rsp,
+                                                           HttpServletRequest req,
+                                                           ControllerRequestTimeoutException ex) {
+        try {
+            String reqType = req.getMethod();
+            String reqPath = req.getRequestURI();
+            String reqIp = req.getRemoteAddr();
+            String reqToken = req.getHeader("Authorization");
+            if (reqToken != null && reqToken.length() > 0) {
+                reqToken = reqToken.replace(ConstValue.STRING_HTTP_AUTH_HEAD, "");
+            }
+            log.error("Interface [{}] request <{}> from {}, token = <{}>\n" +
+                              "+++ Request: {}\n" +
+                              "--- Verify params failed: {}",
+                      reqType, reqPath, reqIp, reqToken, Helper.inputStream2String(req.getInputStream()),
+                      ex.getMessage());
+        } catch (Exception ignored) {
+        }
+
+        List<String> errMeg = new ArrayList<>();
+        rsp.setStatus(ErrorCode.ERR_PARAMEXCEPTION.getHttpCode());
+
+        if (ex.getMessage() != null && ex.getMessage().length() > 0) {
+            errMeg.add(ex.getMessage());
+        }
+
+        return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION,
+                                      ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(),
+                                      errMeg.toArray(new String[0]));
+    }
+
     /**
      * Handle exception protocol resp dto.
      *
diff --git a/src/main/java/com/dispose/service/impl/ProtocolSecurityServiceImpl.java b/src/main/java/com/dispose/service/impl/ProtocolSecurityServiceImpl.java
index bae6afea..97ce1df1 100644
--- a/src/main/java/com/dispose/service/impl/ProtocolSecurityServiceImpl.java
+++ b/src/main/java/com/dispose/service/impl/ProtocolSecurityServiceImpl.java
@@ -1,9 +1,11 @@
 package com.dispose.service.impl;
 
 import com.dispose.common.ConstValue;
+import com.dispose.common.DisposeConfigValue;
 import com.dispose.common.ErrorCode;
 import com.dispose.common.ProtoCryptoType;
 import com.dispose.common.SecurityConfigValue;
+import com.dispose.exception.ControllerRequestTimeoutException;
 import com.dispose.pojo.dto.protocol.base.ProtocolReqDTO;
 import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
 import com.dispose.security.arithmetic.CryptoHelper;
@@ -49,6 +51,22 @@ public class ProtocolSecurityServiceImpl implements ProtocolSecurityService {
     public String decryptProtocol(String ciphertext) throws JsonProcessingException {
         JsonNode objRoot = objectMapper.readTree(ciphertext);
 
+        // 判断协议请求是否超时
+        if(DisposeConfigValue.CHECK_PROTO_REQUEST_TIMEOUT) {
+            long timeStamp = objRoot.path("timeStamp").asLong();
+            long current = System.currentTimeMillis();
+            long diff = current - timeStamp;
+
+            if(diff > DisposeConfigValue.REQUEST_TIMEOUT_MS) {
+                String errMsg = String.format("Request times %d, current times %d, timeout configure %d ms, timeout %d",
+                                              timeStamp, current, DisposeConfigValue.REQUEST_TIMEOUT_MS, diff);
+
+                throw new ControllerRequestTimeoutException(ErrorCode.ERR_REQTIMEOUT, errMsg);
+            }
+        }
+
+
+
         int cryptoType = objRoot.path("cryptoType").asInt();
 
         // 协议未加密