修复腾讯企业邮无法回调的bug

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/ExmailJaxrsFilter.java

@@ -2,9 +2,9 @@ package com.x.organization.assemble.personal.jaxrs;
 
 import javax.servlet.annotation.WebFilter;
 
-import com.x.base.core.project.jaxrs.CipherManagerUserJaxrsFilter;
+import com.x.base.core.project.jaxrs.AnonymousCipherManagerUserJaxrsFilter;
 
 @WebFilter(urlPatterns = "/jaxrs/exmail/*", asyncSupported = true)
-public class ExmailJaxrsFilter extends CipherManagerUserJaxrsFilter {
+public class ExmailJaxrsFilter extends AnonymousCipherManagerUserJaxrsFilter {
 
 }

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionPost.java → o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionCallback.java

@@ -10,19 +10,23 @@ import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
 import com.x.organization.assemble.personal.ThisApplication;
 
-class ActionPost extends BaseAction {
+/**
+ * 
+ * @author ray
+ *
+ */
+class ActionCallback extends BaseAction {
 
-	private static Logger logger = LoggerFactory.getLogger(ActionPost.class);
+	private static Logger logger = LoggerFactory.getLogger(ActionCallback.class);
 
 	ActionResult<Wo> execute(EffectivePerson effectivePerson, String msgSignature, String timestamp, String nonce,
 			String body) throws Exception {
 		ActionResult<Wo> result = new ActionResult<>();
-		if (BooleanUtils.isNotTrue(Config.exmail().getEnable())) {
-			throw new ExceptionExmailDisable();
-		}
-		String msg = decrypt(msgSignature, timestamp, nonce, body);
 
-		ThisApplication.queueUpdateExmail.send(msg);
+		if (BooleanUtils.isTrue(Config.exmail().getEnable())) {
+			String msg = decrypt(msgSignature, timestamp, nonce, body);
+			ThisApplication.queueUpdateExmail.send(msg);
+		}
 
 		Wo wo = new Wo();
 		wo.setValue(true);

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionGet.java

@@ -8,10 +8,9 @@ import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
 
 /**
- * 专门用于腾讯企业邮第一次开通API接口时用于认证.
- * 开通的认证端口必须是80,443或者8080,腾讯不会访问其他端口.
+ * 专门用于腾讯企业邮第一次开通API接口时用于认证. 开通的认证端口必须是80,443或者8080,腾讯不会访问其他端口.
  * 
- * @author zhour
+ * @author ray
  *
  */
 class ActionGet extends BaseAction {
@@ -20,11 +19,10 @@ class ActionGet extends BaseAction {
 
 	ActionResult<Wo> execute(EffectivePerson effectivePerson, String msg_signature, String timestamp, String nonce,
 			String echostr) throws Exception {
+
 		logger.debug("腾讯企业邮收到,msg_signature:{}, timestamp:{}, nonce:{}, echostr:{}.", msg_signature, timestamp, nonce,
 				echostr);
-		if (!Config.exmail().getEnable()) {
-			throw new ExceptionExmailDisable();
-		}
+
 		ActionResult<Wo> result = new ActionResult<>();
 		Wo wo = new Wo();
 		WXBizMsgCrypt crypt = new WXBizMsgCrypt(Config.exmail().getToken(), Config.exmail().getEncodingAesKey(),

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionListTitlePassive.java

@@ -13,19 +13,29 @@ import com.x.organization.assemble.personal.Business;
 import com.x.organization.core.entity.Person;
 import com.x.organization.core.entity.PersonAttribute;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ActionListTitlePassive extends BaseAction {
 
 	ActionResult<List<Wo>> execute(EffectivePerson effectivePerson) throws Exception {
-		if (!Config.exmail().getEnable()) {
-			throw new ExceptionExmailDisable();
-		}
-		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
-			ActionResult<List<Wo>> result = new ActionResult<>();
-			Business business = new Business(emc);
-			List<Wo> wos = this.list(business, effectivePerson);
-			result.setData(wos);
-			return result;
+
+		checkEnable();
+
+		ActionResult<List<Wo>> result = new ActionResult<>();
+		List<Wo> wos = new ArrayList<>();
+
+		if ((!effectivePerson.isAnonymous()) && (!effectivePerson.isCipher())) {
+			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
+				Business business = new Business(emc);
+				wos = this.list(business, effectivePerson);
+			}
 		}
+
+		result.setData(wos);
+		return result;
 	}
 
 	private List<Wo> list(Business business, EffectivePerson effectivePerson) throws Exception {
@@ -45,6 +55,9 @@ class ActionListTitlePassive extends BaseAction {
 	}
 
 	public static class Wo extends WrapString {
+
+		private static final long serialVersionUID = 1L;
+
 	}
 
 }
\ No newline at end of file

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionNewCount.java

@@ -10,19 +10,29 @@ import com.x.base.core.project.jaxrs.WrapCount;
 import com.x.organization.assemble.personal.Business;
 import com.x.organization.core.entity.Person;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ActionNewCount extends BaseAction {
 
 	ActionResult<Wo> execute(EffectivePerson effectivePerson) throws Exception {
-		if (!Config.exmail().getEnable()) {
-			throw new ExceptionExmailDisable();
-		}
-		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
-			ActionResult<Wo> result = new ActionResult<>();
-			Business business = new Business(emc);
-			Wo wo = this.get(business, effectivePerson);
-			result.setData(wo);
-			return result;
+
+		checkEnable();
+
+		ActionResult<Wo> result = new ActionResult<>();
+		Wo wo = new Wo();
+
+		if ((!effectivePerson.isAnonymous()) && (!effectivePerson.isCipher())) {
+			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
+				Business business = new Business(emc);
+				wo = this.get(business, effectivePerson);
+			}
 		}
+
+		result.setData(wo);
+		return result;
 	}
 
 	private Wo get(Business business, EffectivePerson effectivePerson) throws Exception {
@@ -46,9 +56,35 @@ class ActionNewCount extends BaseAction {
 		private String errmsg;
 		private Long count;
 
+		public Integer getErrcode() {
+			return errcode;
+		}
+
+		public void setErrcode(Integer errcode) {
+			this.errcode = errcode;
+		}
+
+		public String getErrmsg() {
+			return errmsg;
+		}
+
+		public void setErrmsg(String errmsg) {
+			this.errmsg = errmsg;
+		}
+
+		public Long getCount() {
+			return count;
+		}
+
+		public void setCount(Long count) {
+			this.count = count;
+		}
+
 	}
 
 	public static class Wo extends WrapCount {
+
+		private static final long serialVersionUID = 1L;
 	}
 
 }
\ No newline at end of file

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionNewCountPassive.java

@@ -15,19 +15,29 @@ import com.x.organization.assemble.personal.Business;
 import com.x.organization.core.entity.Person;
 import com.x.organization.core.entity.PersonAttribute;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ActionNewCountPassive extends BaseAction {
 
 	ActionResult<Wo> execute(EffectivePerson effectivePerson) throws Exception {
-		if (!Config.exmail().getEnable()) {
-			throw new ExceptionExmailDisable();
-		}
-		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
-			ActionResult<Wo> result = new ActionResult<>();
-			Business business = new Business(emc);
-			Wo wo = this.get(business, effectivePerson);
-			result.setData(wo);
-			return result;
+
+		checkEnable();
+
+		ActionResult<Wo> result = new ActionResult<>();
+		Wo wo = new Wo();
+
+		if ((!effectivePerson.isAnonymous()) && (!effectivePerson.isCipher())) {
+			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
+				Business business = new Business(emc);
+				wo = this.get(business, effectivePerson);
+			}
 		}
+
+		result.setData(wo);
+		return result;
 	}
 
 	private Wo get(Business business, EffectivePerson effectivePerson) throws Exception {

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ActionSso.java

@@ -10,19 +10,29 @@ import com.x.base.core.project.http.EffectivePerson;
 import com.x.organization.assemble.personal.Business;
 import com.x.organization.core.entity.Person;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ActionSso extends BaseAction {
 
 	ActionResult<Wo> execute(EffectivePerson effectivePerson) throws Exception {
-		if (!Config.exmail().getEnable()) {
-			throw new ExceptionExmailDisable();
-		}
-		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
-			ActionResult<Wo> result = new ActionResult<>();
-			Business business = new Business(emc);
-			Wo wo = this.get(business, effectivePerson);
-			result.setData(wo);
-			return result;
+
+		checkEnable();
+
+		ActionResult<Wo> result = new ActionResult<>();
+		Wo wo = new Wo();
+
+		if ((!effectivePerson.isAnonymous()) && (!effectivePerson.isCipher())) {
+			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
+				Business business = new Business(emc);
+				wo = this.get(business, effectivePerson);
+			}
 		}
+
+		result.setData(wo);
+		return result;
 	}
 
 	private Wo get(Business business, EffectivePerson effectivePerson) throws Exception {

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/AesException.java

 package com.x.organization.assemble.personal.jaxrs.exmail;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 public class AesException extends Exception {
 	public final static int OK = 0;
 	public final static int ValidateSignatureError = -40001;

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/BaseAction.java

 package com.x.organization.assemble.personal.jaxrs.exmail;
 
+import org.apache.commons.lang3.BooleanUtils;
+
+import com.x.base.core.project.config.Config;
 import com.x.base.core.project.jaxrs.StandardJaxrsAction;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 abstract class BaseAction extends StandardJaxrsAction {
 
+	protected void checkEnable() throws Exception {
+		if (BooleanUtils.isNotTrue(Config.exmail().getEnable())) {
+			throw new ExceptionExmailDisable();
+		}
+	}
 }
\ No newline at end of file

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ByteGroup.java

@@ -2,6 +2,11 @@ package com.x.organization.assemble.personal.jaxrs.exmail;
 
 import java.util.ArrayList;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ByteGroup {
 	ArrayList<Byte> byteContainer = new ArrayList<Byte>();
 

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ExceptionExmailDisable.java

@@ -2,6 +2,11 @@ package com.x.organization.assemble.personal.jaxrs.exmail;
 
 import com.x.base.core.project.exception.LanguagePromptException;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ExceptionExmailDisable extends LanguagePromptException {
 
 	private static final long serialVersionUID = -3439770681867963457L;

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ExceptionNewCount.java

@@ -2,6 +2,11 @@ package com.x.organization.assemble.personal.jaxrs.exmail;
 
 import com.x.base.core.project.exception.LanguagePromptException;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 class ExceptionNewCount extends LanguagePromptException {
 
 	private static final long serialVersionUID = -3885997486474873786L;

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/ExmailAction.java

@@ -24,6 +24,11 @@ import com.x.base.core.project.jaxrs.StandardJaxrsAction;
 import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 @Path("exmail")
 @JaxrsDescribe("腾讯企业邮")
 public class ExmailAction extends StandardJaxrsAction {
@@ -114,15 +119,25 @@ public class ExmailAction extends StandardJaxrsAction {
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
 	}
 
-	@JaxrsMethodDescribe(value = "接收腾讯企业邮回调Post方法.", action = ActionPost.class)
+	/**
+	 * 接收腾讯企业邮回调Post方法 单独申明了fitler避免权限过滤
+	 * 
+	 * @param asyncResponse
+	 * @param request
+	 * @param msg_signature
+	 * @param timestamp
+	 * @param nonce
+	 * @param body
+	 */
+	@JaxrsMethodDescribe(value = "接收腾讯企业邮回调Post方法.", action = ActionCallback.class)
 	@POST
-	public void post(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
+	public void callback(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
 			@QueryParam("msg_signature") String msg_signature, @QueryParam("timestamp") String timestamp,
 			@QueryParam("nonce") String nonce, String body) {
 		EffectivePerson effectivePerson = this.effectivePerson(request);
-		ActionResult<ActionPost.Wo> result = new ActionResult<>();
+		ActionResult<ActionCallback.Wo> result = new ActionResult<>();
 		try {
-			result = new ActionPost().execute(effectivePerson, msg_signature, timestamp, nonce, body);
+			result = new ActionCallback().execute(effectivePerson, msg_signature, timestamp, nonce, body);
 		} catch (Exception e) {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/PKCS7Encoder.java

@@ -12,7 +12,7 @@ import java.nio.charset.Charset;
 import java.util.Arrays;
 
 /**
- * 提供基于PKCS7算法的加解密接口.
+ * @author ray 提供基于PKCS7算法的加解密接口.
  */
 class PKCS7Encoder {
 	static Charset CHARSET = Charset.forName("utf-8");

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/QueueUpdateExmail.java

@@ -32,6 +32,11 @@ import com.x.base.core.project.tools.StringTools;
 import com.x.organization.core.entity.Person;
 import com.x.organization.core.entity.PersonAttribute;
 
+/**
+ * 
+ * @author ray
+ *
+ */
 public class QueueUpdateExmail extends AbstractQueue<String> {
 
 	private static final String MSGTYPE_UNREAD = "UnRead";

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/SHA1.java

@@ -12,6 +12,7 @@ import java.security.MessageDigest;
 import java.util.Arrays;
 
 /**
+ * @author ray
  * SHA1 class
  *
  * 计算公众平台的消息签名接口.

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/WXBizMsgCrypt.java

@@ -14,6 +14,8 @@
 package com.x.organization.assemble.personal.jaxrs.exmail;
 
 import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.security.SecureRandom;
 import java.util.Arrays;
 import java.util.Random;
 
@@ -22,24 +24,26 @@ import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
 
 /**
- * 提供接收和推送给公众平台消息的加解密接口(UTF8编码的字符串).
- * <ol>
- * <li>第三方回复加密消息给公众平台</li>
- * <li>第三方收到公众平台发送的消息，验证消息的安全性，并对消息进行解密。</li>
- * </ol>
- * 说明：异常java.security.InvalidKeyException:illegal Key Size的解决方案
- * <ol>
- * <li>在官方网站下载JCE无限制权限策略文件（JDK7的下载地址：
- * http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html</li>
- * <li>下载后解压，可以看到local_policy.jar和US_export_policy.jar以及readme.txt</li>
- * <li>如果安装了JRE，将两个jar文件放到%JRE_HOME%\lib\security目录下覆盖原来的文件</li>
- * <li>如果安装了JDK，将两个jar文件放到%JDK_HOME%\jre\lib\security目录下覆盖原来文件</li>
- * </ol>
+ * @author ray 提供接收和推送给公众平台消息的加解密接口(UTF8编码的字符串).
+ *         <ol>
+ *         <li>第三方回复加密消息给公众平台</li>
+ *         <li>第三方收到公众平台发送的消息，验证消息的安全性，并对消息进行解密。</li>
+ *         </ol>
+ *         说明：异常java.security.InvalidKeyException:illegal Key Size的解决方案
+ *         <ol>
+ *         <li>在官方网站下载JCE无限制权限策略文件（JDK7的下载地址：
+ *         http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html</li>
+ *         <li>下载后解压，可以看到local_policy.jar和US_export_policy.jar以及readme.txt</li>
+ *         <li>如果安装了JRE，将两个jar文件放到%JRE_HOME%\lib\security目录下覆盖原来的文件</li>
+ *         <li>如果安装了JDK，将两个jar文件放到%JDK_HOME%\jre\lib\security目录下覆盖原来文件</li>
+ *         </ol>
  */
 public class WXBizMsgCrypt {
-	static Charset CHARSET = Charset.forName("utf-8");
+	static final Charset CHARSET = StandardCharsets.UTF_8;
+	static final Random random = new SecureRandom();
 	Base64 base64 = new Base64();
 	byte[] aesKey;
 	String token;
@@ -63,8 +67,7 @@ public class WXBizMsgCrypt {
 		this.corpId = corpId;
 		// aesKey = Base64.decodeBase64(encodingAesKey + "=");
 		/**
-		 * 默认的方法 aesKey = Base64.decodeBase64(encodingAesKey + "=");
-		 * 实际运行有报错
+		 * 默认的方法 aesKey = Base64.decodeBase64(encodingAesKey + "="); 实际运行有报错
 		 */
 		java.util.Base64.Decoder decoder = java.util.Base64.getDecoder();
 		aesKey = decoder.decode(encodingAesKey);
@@ -93,8 +96,8 @@ public class WXBizMsgCrypt {
 	// 随机生成16位字符串
 	String getRandomStr() {
 		String base = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-		Random random = new Random();
-		StringBuffer sb = new StringBuffer();
+//		Random random = new Random();
+		StringBuilder sb = new StringBuilder();
 		for (int i = 0; i < 16; i++) {
 			int number = random.nextInt(base.length());
 			sb.append(base.charAt(number));
@@ -220,7 +223,7 @@ public class WXBizMsgCrypt {
 		String encrypt = encrypt(getRandomStr(), replyMsg);
 
 		// 生成安全签名
-		if (timeStamp == "") {
+		if (StringUtils.isEmpty(timeStamp)) {
 			timeStamp = Long.toString(System.currentTimeMillis());
 		}
 

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/exmail/XMLParse.java

@@ -19,9 +19,9 @@ import org.w3c.dom.NodeList;
 import org.xml.sax.InputSource;
 
 /**
- * XMLParse class
+ * @author ray XMLParse class
  *
- * 提供提取消息格式中的密文及生成回复消息格式的接口.
+ *         提供提取消息格式中的密文及生成回复消息格式的接口.
  */
 class XMLParse {