fix：对接第三方平台区分不同平台

server-api/src/main/java/com/makeit/api/external/filter/SignAuthFilter.java

 package com.makeit.api.external.filter;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.makeit.api.external.util.RSAUtils;
+import com.makeit.module.system.entity.SysApiSecret;
+import com.makeit.module.system.service.SysApiSecretService;
 import com.makeit.utils.old.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
@@ -18,7 +22,8 @@ public class SignAuthFilter implements Filter {
 
 	private static Logger logger = LoggerFactory.getLogger(SignAuthFilter.class);
 
-
+	@Autowired
+	private SysApiSecretService sysApiSecretService;
 
 	@Override
 	public void init(FilterConfig filterConfig) {
@@ -30,22 +35,30 @@ public class SignAuthFilter implements Filter {
 		HttpServletRequest request = (HttpServletRequest) req;
 		HttpServletResponse response = (HttpServletResponse) res;
 		try {
+			String platform = request.getHeader("platform");
+			if (StringUtils.isEmpty(platform)) {
+				response.sendError(500, "未指定platform");
+				return;
+			}
 			String sign = request.getHeader("token");
 			if (StringUtils.isEmpty(sign)) {
-				response.sendError(403, "Forbidden");
+				response.sendError(403, "token为空");
 				return;
 			}
 			logger.info("getted Authorization is ---> " + sign);
 
-			// 获取客户端ip
-/*			String ip = IpUtil.getIpAddr(request);
-			logger.info("getted ip is ---> " + ip);*/
+			SysApiSecret sysApiSecret = sysApiSecretService.getOne(new QueryWrapper<SysApiSecret>()
+					.lambda().eq(SysApiSecret::getPlatform,platform));
+			if (sysApiSecret == null) {
+				response.sendError(500, "请配置接入方密钥信息");
+				return;
+			}
 
 			MyRequestWrapper requestWrapper = new MyRequestWrapper(request);
 			String bodyString = new String(requestWrapper.getBody(), StandardCharsets.UTF_8);
 			logger.info("getted requestbody data is ---> " + bodyString);
 
-			String decryptJson = RSAUtils.privateDecrypt(sign, RSAUtils.getPrivateKey(RSAUtils.PRIVATE_KEY), "UTF-8");
+			String decryptJson = RSAUtils.privateDecrypt(sign, RSAUtils.getPrivateKey(sysApiSecret.getPrivateKey()), "UTF-8");
 
 			boolean couldPass = decryptJson.replaceAll("\n","").replaceAll(" ","").trim()
 					.equals(bodyString.replaceAll(" ","").trim());

server-api/src/main/java/com/makeit/api/external/util/RSAUtils.java

@@ -35,15 +35,16 @@ public class RSAUtils {
 
     public static void main(String[] args) throws Exception {
         Map<String, String> keys = createKeys(2048);
-        System.out.println(keys);
+        System.out.println("privateKey:" + keys.get("privateKey"));
+        System.out.println("publicKey:" + keys.get("publicKey"));
 
-        RSAPublicKey publicKey = getPublicKey(keys.get("publicKey"));
+        RSAPublicKey publicKey = getPublicKey(PUBLIC_KEY);
 
         String encrypt = publicEncrypt("{\"page\":1,\"limit\":10,\"data\":{}}", publicKey, "UTF-8");
         System.out.println(encrypt);
 
 
-        RSAPrivateKey privateKey = getPrivateKey(keys.get("privateKey"));
+        RSAPrivateKey privateKey = getPrivateKey(PRIVATE_KEY);
         String decrypt = privateDecrypt(encrypt, privateKey, "UTF-8");
 
         System.out.println(decrypt);

server-common/src/main/java/com/makeit/module/system/entity/SysApiSecret.java

+package com.makeit.module.system.entity;
+
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.makeit.common.entity.BaseBusEntity;
+import com.makeit.common.entity.BaseEntity;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * 第三方平台api
+ *
+ * @author lzy
+ * @email
+ * @date 2021-08-15 08:24:09
+ */
+@Data
+@ApiModel("第三方平台api")
+@TableName(value = "sys_api_secret")
+public class SysApiSecret extends BaseEntity {
+
+    @ApiModelProperty("平台")
+    private String platform;
+    @ApiModelProperty("公钥")
+    private String publicKey;
+    @ApiModelProperty("私钥")
+    private String privateKey;
+    @ApiModelProperty("机构id")
+    private String orgId;
+    @ApiModelProperty("描述")
+    private String description;
+
+
+}

server-common/src/main/java/com/makeit/module/system/mapper/SysApiSecretMapper.java

+package com.makeit.module.system.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.makeit.module.system.entity.Country;
+import com.makeit.module.system.entity.SysApiSecret;
+
+/**
+ * <p>
+ * 第三方api Mapper 接口
+ * </p>
+ *
+ * @author ywc
+ * @since 2021-06-09
+ */
+public interface SysApiSecretMapper extends BaseMapper<SysApiSecret> {
+
+}

server-common/src/main/java/com/makeit/module/system/service/SysApiSecretService.java

+package com.makeit.module.system.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.makeit.module.system.entity.SysApiSecret;
+
+public interface SysApiSecretService  extends IService<SysApiSecret> {
+}

server-common/src/main/java/com/makeit/module/system/service/impl/SysApiSecretServiceImpl.java

+package com.makeit.module.system.service.impl;
+
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.makeit.module.system.entity.SysApiSecret;
+import com.makeit.module.system.mapper.SysApiSecretMapper;
+import com.makeit.module.system.service.SysApiSecretService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class SysApiSecretServiceImpl extends ServiceImpl<SysApiSecretMapper, SysApiSecret> implements SysApiSecretService {
+}

server-web/src/main/resources/application.yml

@@ -149,6 +149,7 @@ tenant:
       - plat_menu
       - plat_day_duration_record
       - plat_elder_children_info
+      - sys_api_secret
 
 
 rsa: