|
|
@@ -66,12 +66,10 @@ public class RequestHandler implements Filter {
|
|
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
|
|
// 开放接口请求过滤
|
|
|
String path = request.getServletPath();
|
|
|
- log.info("加密解析===》" + path);
|
|
|
if (path.startsWith("/openapi/v1/")) {
|
|
|
chain.doFilter(request, response);
|
|
|
return;
|
|
|
}
|
|
|
- log.info("加密解析过滤");
|
|
|
byte[] results = _getErrorBytes();
|
|
|
// 头攻击检测 过滤主机名(非白名单中的直接返回 403)
|
|
|
String serverName = request.getServerName();
|
|
|
@@ -109,7 +107,7 @@ public class RequestHandler implements Filter {
|
|
|
JSONObject json = JSONObject.parseObject(data);
|
|
|
// 验证签名
|
|
|
if (!SecurityUtil.verifySign(json.getString("encryptData"), json.getString("identifying"))) {
|
|
|
- log.error("加密解析===》签名有误!");
|
|
|
+ log.error("加密解析===》base签名有误!");
|
|
|
servletResponse.setContentType("application/json; charset=UTF-8");
|
|
|
servletResponse.getOutputStream().write(results);
|
|
|
return;
|
|
|
@@ -137,12 +135,8 @@ public class RequestHandler implements Filter {
|
|
|
return;
|
|
|
}
|
|
|
// 比对时间
|
|
|
- LocalDateTime currTime = LocalDateTime.now();
|
|
|
- LocalDateTime targetTime = LocalDateTimeUtil.parse(basicJson.getString("timeStamp"), DatePattern.PURE_DATETIME_PATTERN);
|
|
|
- Duration between = LocalDateTimeUtil.between(currTime, targetTime);
|
|
|
- long minutes = between.toMinutes();
|
|
|
- if (minutes > 5L) {
|
|
|
- log.error("加密解析===》更新当前设备时间为北京时间!");
|
|
|
+ if (System.currentTimeMillis() - basicJson.getLong("timeStamp") > 300000) {
|
|
|
+ log.error("加密解析===》更新当前设备时间为UTC标准时间!");
|
|
|
servletResponse.setContentType("application/json; charset=UTF-8");
|
|
|
servletResponse.getOutputStream().write(results);
|
|
|
return;
|
