<%--
Document : getSiteInfoFromWebplus
Created on : 2020-11-20, 17:18:06
Author : sudy402
--%>
<%@page import="java.security.MessageDigest"%>
<%@page import="java.nio.charset.Charset"%>
<%@page import="com.sudytech.system.DateTime"%>
<%@page import="java.util.Arrays"%>
<%@page import="com.sudytech.util.base.Base64"%>
<%@page import="com.sudytech.util.base.StringUtil"%>
<%@page import="java.io.PrintWriter"%>
<%@page import="com.sudytech.data.DataTable"%>
<%@page import="com.sudytech.system.env.CoreplusEnv"%>
<%@page import="com.sudytech.data.IDBSession"%>
<%@page import="com.alibaba.fastjson.JSONObject"%>
<%@page contentType="text/html" pageEncoding="UTF-8" errorPage="/error.jsp"%>
<%
try{
//String token = request.getParameter("secureToken");
//JSONObject jsonToken = parseSecurityTokenToJson(token);
//String appName = jsonToken.getString("appName");
//String privateKey = getPrivateKey(appName);
//validateSecurityToken(jsonToken, privateKey, 10);
}catch(Exception ex){
ex.printStackTrace();
throw ex;
}
String info = getSiteInfo();
response.setContentType("application/json");
PrintWriter writer = response.getWriter();
writer.write(info);
writer.close();
%>
<%!
static boolean checkDtIsNull(DataTable dt) {
int dtCount = dt.rows().count();
return dtCount <= 0;
}
String getPrivateKey(String appName) {
IDBSession dbSession = null;
try {
dbSession = CoreplusEnv.getDBSessionFactory().getDBSession();
String sql = "SELECT PrivateKey FROM T_APPLICATION WHERE AppId=?";
DataTable dt = dbSession.query(sql, new Object[]{appName});
boolean isNull = checkDtIsNull(dt);
if (!isNull) {
String sumSiteVisit = dt.rows().item(0).get("PrivateKey").toString();
return sumSiteVisit;
}
} catch (Exception ex) {
ex.printStackTrace();
} finally {
try {
if (dbSession != null) {
dbSession.Close();
}
} catch (Exception ex) {
}
}
return "";
}
String getSiteInfo(){
IDBSession dbSession = null;
try {
dbSession = CoreplusEnv.getDBSessionFactory().getDBSession();
String sql = "SELECT INFO FROM T_NB_SITEINFO WHERE Id=1";
DataTable dt = dbSession.query(sql);
boolean isNull = checkDtIsNull(dt);
if (!isNull) {
String sumSiteVisit = dt.rows().item(0).get("INFO").toString();
return sumSiteVisit;
}
} catch (Exception ex) {
ex.printStackTrace();
} finally {
try {
if (dbSession != null) {
dbSession.Close();
}
} catch (Exception ex) {
}
}
return "";
}
JSONObject parseSecurityTokenToJson(String securityToken) throws Exception {
if (StringUtil.isEmpty(securityToken)) {
throw new RuntimeException("无效的令牌");
} else {
securityToken = base64Decode(securityToken);
JSONObject json = JSONObject.parseObject(securityToken);
return json;
}
}
String base64Decode(String baseStr) throws Exception {
byte[] token = Base64.decode(baseStr.getBytes("UTF-8"));
String decodeTokenStr = new String(token, "UTF-8");
return decodeTokenStr;
}
void validateSecurityToken(JSONObject tokenJson, String privateKey, int validMinute) throws Exception {
long timeStamp = tokenJson.getLongValue("timeStamp");
validateSignature(tokenJson, privateKey);
validateTime(timeStamp, validMinute);
}
void validateSignature(JSONObject tokenJson, String privateKey) throws Exception {
String signType = tokenJson.getString("signType");
String appName = tokenJson.getString("appName");
long timeStamp = tokenJson.getLongValue("timeStamp");
String nonce = tokenJson.getString("nonce");
String signature = tokenJson.getString("signature");
String sign = sign(nonce, String.valueOf(timeStamp), appName, privateKey, signType);
if (!sign.equals(signature)) {
throw new RuntimeException("令牌不正确");
}
}
String sign(String nonceStr, String timeStamp, String appName, String privateKey, String signType) {
Object[] signParams = new Object[]{nonceStr, timeStamp, appName, privateKey};
Arrays.sort(signParams);
String tempStr = "" + signParams[0] + signParams[1] + signParams[2] + signParams[3];
String signature;
if ("MD5".equalsIgnoreCase(signType)) {
signature = encodeByMD5(tempStr);
} else {
signature = encodeBySHA1(tempStr);
}
return signature;
}
String encodeByMD5(String str) {
return encode("MD5", str.getBytes(Charset.forName("UTF-8")));
}
String encodeBySHA1(String str) {
return encode("SHA1", str.getBytes(Charset.forName("UTF-8")));
}
String encode(String algorithm, byte[] bytes) {
if (bytes == null) {
return null;
} else {
try {
MessageDigest messageDigest = MessageDigest.getInstance(algorithm);
messageDigest.update(bytes);
return getFormattedText(messageDigest.digest());
} catch (Exception var3) {
throw new RuntimeException(var3);
}
}
}
String getFormattedText(byte[] bytes) {
char[] HEX_DIGITS = new char[]{'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
int len = bytes.length;
StringBuilder buf = new StringBuilder(len * 2);
for(int j = 0; j < len; ++j) {
buf.append(HEX_DIGITS[bytes[j] >> 4 & 15]);
buf.append(HEX_DIGITS[bytes[j] & 15]);
}
return buf.toString();
}
void validateTime(long timeStamp, int validMinute) throws RuntimeException {
long currentTime = DateTime.now().getTimeInMillis();
long validTime = (long)(validMinute * 60 * 1000);
if (currentTime - timeStamp > validTime) {
throw new RuntimeException("令牌已失效");
}
}
%>
JSP Page
<%=info%>