Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
ghsby
o2oa
提交
92e7d568
o2oa
项目概览
ghsby
/
o2oa
落后 Fork 源项目 2880 个版本
Fork自
浙江兰德纵横网络技术股份有限公司 / o2oa
通知
1
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
o2oa
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
92e7d568
编写于
7月 12, 2021
作者:
O
o2null
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
codeSafe 安全扫描更新
上级
83a86925
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
275 addition
and
292 deletion
+275
-292
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/command/ActionCommand.java
...ava/com/x/program/center/jaxrs/command/ActionCommand.java
+3
-12
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java
...in/java/com/x/program/center/jaxrs/config/ActionSave.java
+53
-54
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/dingding/encrypt/DingTalkEncryptor.java
...gram/center/jaxrs/dingding/encrypt/DingTalkEncryptor.java
+204
-197
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/jest/BaseAction.java
...main/java/com/x/program/center/jaxrs/jest/BaseAction.java
+2
-3
o2server/x_program_center/src/main/java/com/x/program/center/qiyeweixin/SyncOrganization.java
...ava/com/x/program/center/qiyeweixin/SyncOrganization.java
+13
-26
未找到文件。
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/command/ActionCommand.java
浏览文件 @
92e7d568
...
...
@@ -109,20 +109,16 @@ public class ActionCommand extends BaseAction {
private
boolean
executeSyncFile
(
String
syncFilePath
,
String
nodeName
,
int
nodePort
)
{
boolean
syncFileFlag
=
false
;
File
syncFile
;
InputStream
fileInputStream
=
null
;
try
(
Socket
socket
=
new
Socket
(
nodeName
,
nodePort
))
{
syncFile
=
new
File
(
Config
.
base
(),
syncFilePath
);
fileInputStream
=
new
FileInputStream
(
syncFile
);
socket
.
setKeepAlive
(
true
);
socket
.
setSoTimeout
(
5000
);
DataOutputStream
dos
=
null
;
DataInputStream
dis
=
null
;
try
{
dos
=
new
DataOutputStream
(
socket
.
getOutputStream
());
dis
=
new
DataInputStream
(
socket
.
getInputStream
());
try
(
InputStream
fileInputStream
=
new
FileInputStream
(
syncFile
);
DataOutputStream
dos
=
new
DataOutputStream
(
socket
.
getOutputStream
());
DataInputStream
dis
=
new
DataInputStream
(
socket
.
getInputStream
());)
{
Map
<
String
,
Object
>
commandObject
=
new
HashMap
<>();
commandObject
.
put
(
"command"
,
"syncFile:"
+
syncFilePath
);
...
...
@@ -142,11 +138,6 @@ public class ActionCommand extends BaseAction {
}
logger
.
info
(
"同步文件end......."
);
}
finally
{
dos
.
close
();
dis
.
close
();
socket
.
close
();
fileInputStream
.
close
();
}
syncFileFlag
=
true
;
...
...
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java
浏览文件 @
92e7d568
package
com.x.program.center.jaxrs.config
;
import
java.io.DataInputStream
;
import
java.io.DataOutputStream
;
import
java.io.File
;
import
java.io.FileInputStream
;
import
java.io.InputStream
;
import
java.net.Socket
;
import
java.text.SimpleDateFormat
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
javax.servlet.http.HttpServletRequest
;
import
org.apache.commons.io.FileUtils
;
import
org.apache.commons.lang3.BooleanUtils
;
import
com.google.gson.Gson
;
import
com.google.gson.JsonElement
;
import
com.google.gson.JsonSyntaxException
;
import
com.x.base.core.project.annotation.FieldDescribe
;
import
com.x.base.core.project.config.Config
;
import
com.x.base.core.project.config.Nodes
;
...
...
@@ -14,26 +29,19 @@ import com.x.base.core.project.logger.Logger;
import
com.x.base.core.project.logger.LoggerFactory
;
import
com.x.base.core.project.tools.Crypto
;
import
com.x.base.core.project.tools.DefaultCharset
;
import
org.apache.commons.io.FileUtils
;
import
javax.servlet.http.HttpServletRequest
;
import
java.io.*
;
import
java.net.Socket
;
import
java.text.SimpleDateFormat
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
public
class
ActionSave
extends
BaseAction
{
private
static
Logger
logger
=
LoggerFactory
.
getLogger
(
ActionSave
.
class
);
ActionResult
<
Wo
>
execute
(
HttpServletRequest
request
,
EffectivePerson
effectivePerson
,
JsonElement
jsonElement
)
throws
Exception
{
ActionResult
<
Wo
>
execute
(
HttpServletRequest
request
,
EffectivePerson
effectivePerson
,
JsonElement
jsonElement
)
throws
Exception
{
ActionResult
<
Wo
>
result
=
new
ActionResult
<>();
Wi
wi
=
this
.
convertToWrapIn
(
jsonElement
,
Wi
.
class
);
Wo
wo
=
new
Wo
();
SimpleDateFormat
df
=
new
SimpleDateFormat
(
"yyyy-MM-dd HH:mm:ss"
);
String
fileName
=
wi
.
getFileName
();
if
(
fileName
==
null
)
{
if
(
fileName
==
null
)
{
throw
new
ExceptionNameEmpty
();
}
...
...
@@ -49,37 +57,40 @@ public class ActionSave extends BaseAction {
throw
new
ExceptionJsonError
();
}
if
(!
Config
.
nodes
().
centerServers
().
first
().
getValue
().
getConfigApiEnable
(
))
{
if
(
BooleanUtils
.
isNotTrue
(
Config
.
nodes
().
centerServers
().
first
().
getValue
().
getConfigApiEnable
()
))
{
throw
new
ExceptionModifyConfig
();
}
File
configFold
=
new
File
(
Config
.
base
(),
Config
.
DIR_CONFIG
);
if
(!
configFold
.
exists
())
{
File
configFold
=
new
File
(
Config
.
base
(),
Config
.
DIR_CONFIG
);
if
(!
configFold
.
exists
())
{
configFold
.
mkdir
();
}
File
file
=
new
File
(
Config
.
base
(),
Config
.
DIR_CONFIG
+
"/"
+
fileName
);
if
(!
file
.
exists
())
{
File
file
=
new
File
(
Config
.
base
(),
Config
.
DIR_CONFIG
+
"/"
+
fileName
);
if
(!
file
.
exists
())
{
file
.
createNewFile
();
}
if
(
file
.
exists
())
{
if
(
file
.
isFile
())
{
FileUtils
.
writeStringToFile
(
file
,
data
,
DefaultCharset
.
charset
);
if
(
file
.
exists
())
{
if
(
file
.
isFile
())
{
FileUtils
.
writeStringToFile
(
file
,
data
,
DefaultCharset
.
charset
);
}
}
Nodes
nodes
=
Config
.
nodes
();
//同步config文件
for
(
String
node
:
nodes
.
keySet
()){
if
(
nodes
.
get
(
node
).
getApplication
().
getEnable
()
||
nodes
.
get
(
node
).
getCenter
().
getEnable
()){
boolean
Syncflag
=
executeSyncFile
(
Config
.
DIR_CONFIG
+
"/"
+
fileName
,
node
,
nodes
.
get
(
node
).
nodeAgentPort
());
// 同步config文件
for
(
String
node
:
nodes
.
keySet
())
{
if
(
nodes
.
get
(
node
).
getApplication
().
getEnable
()
||
nodes
.
get
(
node
).
getCenter
().
getEnable
())
{
// boolean Syncflag = executeSyncFile(Config.DIR_CONFIG + "/" + fileName, node,
// nodes.get(node).nodeAgentPort());
executeSyncFile
(
Config
.
DIR_CONFIG
+
"/"
+
fileName
,
node
,
nodes
.
get
(
node
).
nodeAgentPort
());
}
}
try
{
Thread
.
sleep
(
1000
);
}
catch
(
InterruptedException
e
)
{
logger
.
error
(
e
);
}
this
.
configFlush
(
effectivePerson
);
...
...
@@ -90,29 +101,19 @@ public class ActionSave extends BaseAction {
return
result
;
}
private
boolean
executeSyncFile
(
String
syncFilePath
,
String
nodeName
,
int
nodePort
){
boolean
syncFileFlag
=
false
;
File
syncFile
;
InputStream
fileInputStream
=
null
;
private
boolean
executeSyncFile
(
String
syncFilePath
,
String
nodeName
,
int
nodePort
)
{
boolean
syncFileFlag
=
false
;
File
syncFile
;
try
(
Socket
socket
=
new
Socket
(
nodeName
,
nodePort
))
{
syncFile
=
new
File
(
Config
.
base
(),
syncFilePath
);
fileInputStream
=
new
FileInputStream
(
syncFile
);
socket
.
setKeepAlive
(
true
);
socket
.
setSoTimeout
(
5000
);
DataOutputStream
dos
=
null
;
DataInputStream
dis
=
null
;
try
{
dos
=
new
DataOutputStream
(
socket
.
getOutputStream
());
dis
=
new
DataInputStream
(
socket
.
getInputStream
());
try
(
DataOutputStream
dos
=
new
DataOutputStream
(
socket
.
getOutputStream
());
DataInputStream
dis
=
new
DataInputStream
(
socket
.
getInputStream
());
InputStream
fileInputStream
=
new
FileInputStream
(
syncFile
))
{
Map
<
String
,
Object
>
commandObject
=
new
HashMap
<>();
commandObject
.
put
(
"command"
,
"syncFile:"
+
syncFilePath
);
commandObject
.
put
(
"command"
,
"syncFile:"
+
syncFilePath
);
commandObject
.
put
(
"credential"
,
Crypto
.
rsaEncrypt
(
"o2@"
,
Config
.
publicKey
()));
dos
.
writeUTF
(
XGsonBuilder
.
toJson
(
commandObject
));
dos
.
flush
();
...
...
@@ -120,23 +121,15 @@ public class ActionSave extends BaseAction {
dos
.
writeUTF
(
syncFilePath
);
dos
.
flush
();
logger
.
info
(
"同步文件starting......."
);
byte
[]
bytes
=
new
byte
[
1024
];
int
length
=
0
;
while
((
length
=
fileInputStream
.
read
(
bytes
,
0
,
bytes
.
length
))
!=
-
1
)
{
int
length
=
0
;
while
((
length
=
fileInputStream
.
read
(
bytes
,
0
,
bytes
.
length
))
!=
-
1
)
{
dos
.
write
(
bytes
,
0
,
length
);
dos
.
flush
();
}
logger
.
info
(
"同步文件end......."
);
}
finally
{
dos
.
close
();
dis
.
close
();
socket
.
close
();
fileInputStream
.
close
();
}
syncFileFlag
=
true
;
}
catch
(
Exception
ex
)
{
logger
.
error
(
ex
);
...
...
@@ -145,7 +138,7 @@ public class ActionSave extends BaseAction {
return
syncFileFlag
;
}
public
static
class
Wi
extends
GsonPropertyObject
{
public
static
class
Wi
extends
GsonPropertyObject
{
@FieldDescribe
(
"服务器地址(*代表多台应用服务器)"
)
private
String
nodeName
;
...
...
@@ -162,30 +155,35 @@ public class ActionSave extends BaseAction {
public
String
getNodeName
()
{
return
nodeName
;
}
public
void
setNodeName
(
String
nodeName
)
{
this
.
nodeName
=
nodeName
;
}
public
String
getNodePort
()
{
return
nodePort
;
}
public
void
setNodePort
(
String
nodePort
)
{
this
.
nodePort
=
nodePort
;
}
public
String
getFileName
()
{
return
fileName
;
}
public
void
setFileName
(
String
fileName
)
{
this
.
fileName
=
fileName
;
}
public
String
getFileContent
()
{
return
fileContent
;
}
public
void
setFileContent
(
String
fileContent
)
{
this
.
fileContent
=
fileContent
;
}
}
public
static
class
Wo
extends
GsonPropertyObject
{
...
...
@@ -236,6 +234,7 @@ public class ActionSave extends BaseAction {
public
void
setSample
(
boolean
isSample
)
{
this
.
isSample
=
isSample
;
}
public
String
getMessage
()
{
return
message
;
}
...
...
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/dingding/encrypt/DingTalkEncryptor.java
浏览文件 @
92e7d568
package
com.x.program.center.jaxrs.dingding.encrypt
;
import
org.apache.commons.codec.binary.Base64
;
import
javax.crypto.Cipher
;
...
...
@@ -18,202 +17,210 @@ import java.util.HashMap;
import
java.util.Map
;
/**
* Created by fancyLou on 2020-10-26.
* Copyright © 2020 O2. All rights reserved.
* Created by fancyLou on 2020-10-26. Copyright © 2020 O2. All rights reserved.
*/
public
class
DingTalkEncryptor
{
private
static
final
Charset
CHARSET
=
Charset
.
forName
(
"utf-8"
);
private
static
final
Base64
base64
=
new
Base64
();
private
byte
[]
aesKey
;
private
String
token
;
private
String
corpId
;
private
static
final
Integer
AES_ENCODE_KEY_LENGTH
=
43
;
private
static
final
Integer
RANDOM_LENGTH
=
16
;
public
DingTalkEncryptor
(
String
token
,
String
encodingAesKey
,
String
corpIdOrSuiteKey
)
throws
DingTalkEncryptException
{
if
(
null
!=
encodingAesKey
&&
encodingAesKey
.
length
()
==
AES_ENCODE_KEY_LENGTH
)
{
this
.
token
=
token
;
this
.
corpId
=
corpIdOrSuiteKey
;
this
.
aesKey
=
Base64
.
decodeBase64
(
encodingAesKey
+
"="
);
}
else
{
throw
new
DingTalkEncryptException
(
900004
);
}
}
public
Map
<
String
,
String
>
getEncryptedMap
(
String
plaintext
,
Long
timeStamp
,
String
nonce
)
throws
DingTalkEncryptException
{
if
(
null
==
plaintext
)
{
throw
new
DingTalkEncryptException
(
900001
);
}
else
if
(
null
==
timeStamp
)
{
throw
new
DingTalkEncryptException
(
900002
);
}
else
if
(
null
==
nonce
)
{
throw
new
DingTalkEncryptException
(
900003
);
}
else
{
String
encrypt
=
this
.
encrypt
(
Utils
.
getRandomStr
(
RANDOM_LENGTH
),
plaintext
);
String
signature
=
this
.
getSignature
(
this
.
token
,
String
.
valueOf
(
timeStamp
),
nonce
,
encrypt
);
Map
<
String
,
String
>
resultMap
=
new
HashMap
();
resultMap
.
put
(
"msg_signature"
,
signature
);
resultMap
.
put
(
"encrypt"
,
encrypt
);
resultMap
.
put
(
"timeStamp"
,
String
.
valueOf
(
timeStamp
));
resultMap
.
put
(
"nonce"
,
nonce
);
return
resultMap
;
}
}
public
String
getDecryptMsg
(
String
msgSignature
,
String
timeStamp
,
String
nonce
,
String
encryptMsg
)
throws
DingTalkEncryptException
{
String
signature
=
this
.
getSignature
(
this
.
token
,
timeStamp
,
nonce
,
encryptMsg
);
if
(!
signature
.
equals
(
msgSignature
))
{
throw
new
DingTalkEncryptException
(
900006
);
}
else
{
String
result
=
this
.
decrypt
(
encryptMsg
);
return
result
;
}
}
private
String
encrypt
(
String
random
,
String
plaintext
)
throws
DingTalkEncryptException
{
try
{
byte
[]
randomBytes
=
random
.
getBytes
(
CHARSET
);
byte
[]
plainTextBytes
=
plaintext
.
getBytes
(
CHARSET
);
byte
[]
lengthByte
=
Utils
.
int2Bytes
(
plainTextBytes
.
length
);
byte
[]
corpidBytes
=
this
.
corpId
.
getBytes
(
CHARSET
);
ByteArrayOutputStream
byteStream
=
new
ByteArrayOutputStream
();
byteStream
.
write
(
randomBytes
);
byteStream
.
write
(
lengthByte
);
byteStream
.
write
(
plainTextBytes
);
byteStream
.
write
(
corpidBytes
);
byte
[]
padBytes
=
PKCS7Padding
.
getPaddingBytes
(
byteStream
.
size
());
byteStream
.
write
(
padBytes
);
byte
[]
unencrypted
=
byteStream
.
toByteArray
();
byteStream
.
close
();
Cipher
cipher
=
Cipher
.
getInstance
(
"AES/CBC/NoPadding"
);
SecretKeySpec
keySpec
=
new
SecretKeySpec
(
this
.
aesKey
,
"AES"
);
IvParameterSpec
iv
=
new
IvParameterSpec
(
this
.
aesKey
,
0
,
16
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
keySpec
,
iv
);
byte
[]
encrypted
=
cipher
.
doFinal
(
unencrypted
);
String
result
=
base64
.
encodeToString
(
encrypted
);
return
result
;
}
catch
(
Exception
var15
)
{
throw
new
DingTalkEncryptException
(
900007
);
}
}
private
String
decrypt
(
String
text
)
throws
DingTalkEncryptException
{
byte
[]
originalArr
;
byte
[]
networkOrder
;
try
{
Cipher
cipher
=
Cipher
.
getInstance
(
"AES/CBC/NoPadding"
);
SecretKeySpec
keySpec
=
new
SecretKeySpec
(
this
.
aesKey
,
"AES"
);
IvParameterSpec
iv
=
new
IvParameterSpec
(
Arrays
.
copyOfRange
(
this
.
aesKey
,
0
,
16
));
cipher
.
init
(
2
,
keySpec
,
iv
);
networkOrder
=
Base64
.
decodeBase64
(
text
);
originalArr
=
cipher
.
doFinal
(
networkOrder
);
}
catch
(
Exception
var9
)
{
throw
new
DingTalkEncryptException
(
900008
);
}
String
plainText
;
String
fromCorpid
;
try
{
byte
[]
bytes
=
PKCS7Padding
.
removePaddingBytes
(
originalArr
);
networkOrder
=
Arrays
.
copyOfRange
(
bytes
,
16
,
20
);
int
plainTextLegth
=
Utils
.
bytes2int
(
networkOrder
);
plainText
=
new
String
(
Arrays
.
copyOfRange
(
bytes
,
20
,
20
+
plainTextLegth
),
CHARSET
);
fromCorpid
=
new
String
(
Arrays
.
copyOfRange
(
bytes
,
20
+
plainTextLegth
,
bytes
.
length
),
CHARSET
);
}
catch
(
Exception
var8
)
{
throw
new
DingTalkEncryptException
(
900009
);
}
if
(!
fromCorpid
.
equals
(
this
.
corpId
))
{
throw
new
DingTalkEncryptException
(
900010
);
}
else
{
return
plainText
;
}
}
public
String
getSignature
(
String
token
,
String
timestamp
,
String
nonce
,
String
encrypt
)
throws
DingTalkEncryptException
{
try
{
String
[]
array
=
new
String
[]{
token
,
timestamp
,
nonce
,
encrypt
};
Arrays
.
sort
(
array
);
StringBuffer
sb
=
new
StringBuffer
();
for
(
int
i
=
0
;
i
<
4
;
++
i
)
{
sb
.
append
(
array
[
i
]);
}
String
str
=
sb
.
toString
();
MessageDigest
md
=
MessageDigest
.
getInstance
(
"SHA-1"
);
md
.
update
(
str
.
getBytes
());
byte
[]
digest
=
md
.
digest
();
StringBuffer
hexstr
=
new
StringBuffer
();
String
shaHex
=
""
;
for
(
int
i
=
0
;
i
<
digest
.
length
;
++
i
)
{
shaHex
=
Integer
.
toHexString
(
digest
[
i
]
&
255
);
if
(
shaHex
.
length
()
<
2
)
{
hexstr
.
append
(
0
);
}
hexstr
.
append
(
shaHex
);
}
return
hexstr
.
toString
();
}
catch
(
Exception
var13
)
{
throw
new
DingTalkEncryptException
(
900006
);
}
}
private
static
void
RemoveCryptographyRestrictions
()
throws
Exception
{
Class
<?>
jceSecurity
=
getClazz
(
"javax.crypto.JceSecurity"
);
Class
<?>
cryptoPermissions
=
getClazz
(
"javax.crypto.CryptoPermissions"
);
Class
<?>
cryptoAllPermission
=
getClazz
(
"javax.crypto.CryptoAllPermission"
);
if
(
jceSecurity
!=
null
)
{
setFinalStaticValue
(
jceSecurity
,
"isRestricted"
,
false
);
PermissionCollection
defaultPolicy
=
(
PermissionCollection
)
getFieldValue
(
jceSecurity
,
"defaultPolicy"
,
(
Object
)
null
,
PermissionCollection
.
class
);
if
(
cryptoPermissions
!=
null
)
{
Map
<?,
?>
map
=
(
Map
)
getFieldValue
(
cryptoPermissions
,
"perms"
,
defaultPolicy
,
Map
.
class
);
map
.
clear
();
}
if
(
cryptoAllPermission
!=
null
)
{
Permission
permission
=
(
Permission
)
getFieldValue
(
cryptoAllPermission
,
"INSTANCE"
,
(
Object
)
null
,
Permission
.
class
);
defaultPolicy
.
add
(
permission
);
}
}
}
private
static
Class
<?>
getClazz
(
String
className
)
{
Class
clazz
=
null
;
try
{
clazz
=
Class
.
forName
(
className
);
}
catch
(
Exception
var3
)
{
}
return
clazz
;
}
private
static
void
setFinalStaticValue
(
Class
<?>
srcClazz
,
String
fieldName
,
Object
newValue
)
throws
Exception
{
Field
field
=
srcClazz
.
getDeclaredField
(
fieldName
);
field
.
setAccessible
(
true
);
Field
modifiersField
=
Field
.
class
.
getDeclaredField
(
"modifiers"
);
modifiersField
.
setAccessible
(
true
);
modifiersField
.
setInt
(
field
,
field
.
getModifiers
()
&
-
17
);
field
.
set
((
Object
)
null
,
newValue
);
}
private
static
<
T
>
T
getFieldValue
(
Class
<?>
srcClazz
,
String
fieldName
,
Object
owner
,
Class
<
T
>
dstClazz
)
throws
Exception
{
Field
field
=
srcClazz
.
getDeclaredField
(
fieldName
);
field
.
setAccessible
(
true
);
return
dstClazz
.
cast
(
field
.
get
(
owner
));
}
static
{
try
{
Security
.
setProperty
(
"crypto.policy"
,
"limited"
);
RemoveCryptographyRestrictions
();
}
catch
(
Exception
var1
)
{
}
}
private
static
final
Charset
CHARSET
=
Charset
.
forName
(
"utf-8"
);
private
static
final
Base64
base64
=
new
Base64
();
private
byte
[]
aesKey
;
private
String
token
;
private
String
corpId
;
private
static
final
Integer
AES_ENCODE_KEY_LENGTH
=
43
;
private
static
final
Integer
RANDOM_LENGTH
=
16
;
public
DingTalkEncryptor
(
String
token
,
String
encodingAesKey
,
String
corpIdOrSuiteKey
)
throws
DingTalkEncryptException
{
if
(
null
!=
encodingAesKey
&&
encodingAesKey
.
length
()
==
AES_ENCODE_KEY_LENGTH
)
{
this
.
token
=
token
;
this
.
corpId
=
corpIdOrSuiteKey
;
this
.
aesKey
=
Base64
.
decodeBase64
(
encodingAesKey
+
"="
);
}
else
{
throw
new
DingTalkEncryptException
(
900004
);
}
}
public
Map
<
String
,
String
>
getEncryptedMap
(
String
plaintext
,
Long
timeStamp
,
String
nonce
)
throws
DingTalkEncryptException
{
if
(
null
==
plaintext
)
{
throw
new
DingTalkEncryptException
(
900001
);
}
else
if
(
null
==
timeStamp
)
{
throw
new
DingTalkEncryptException
(
900002
);
}
else
if
(
null
==
nonce
)
{
throw
new
DingTalkEncryptException
(
900003
);
}
else
{
String
encrypt
=
this
.
encrypt
(
Utils
.
getRandomStr
(
RANDOM_LENGTH
),
plaintext
);
String
signature
=
this
.
getSignature
(
this
.
token
,
String
.
valueOf
(
timeStamp
),
nonce
,
encrypt
);
Map
<
String
,
String
>
resultMap
=
new
HashMap
();
resultMap
.
put
(
"msg_signature"
,
signature
);
resultMap
.
put
(
"encrypt"
,
encrypt
);
resultMap
.
put
(
"timeStamp"
,
String
.
valueOf
(
timeStamp
));
resultMap
.
put
(
"nonce"
,
nonce
);
return
resultMap
;
}
}
public
String
getDecryptMsg
(
String
msgSignature
,
String
timeStamp
,
String
nonce
,
String
encryptMsg
)
throws
DingTalkEncryptException
{
String
signature
=
this
.
getSignature
(
this
.
token
,
timeStamp
,
nonce
,
encryptMsg
);
if
(!
signature
.
equals
(
msgSignature
))
{
throw
new
DingTalkEncryptException
(
900006
);
}
else
{
String
result
=
this
.
decrypt
(
encryptMsg
);
return
result
;
}
}
private
String
encrypt
(
String
random
,
String
plaintext
)
throws
DingTalkEncryptException
{
try
{
byte
[]
randomBytes
=
random
.
getBytes
(
CHARSET
);
byte
[]
plainTextBytes
=
plaintext
.
getBytes
(
CHARSET
);
byte
[]
lengthByte
=
Utils
.
int2Bytes
(
plainTextBytes
.
length
);
byte
[]
corpidBytes
=
this
.
corpId
.
getBytes
(
CHARSET
);
ByteArrayOutputStream
byteStream
=
new
ByteArrayOutputStream
();
byteStream
.
write
(
randomBytes
);
byteStream
.
write
(
lengthByte
);
byteStream
.
write
(
plainTextBytes
);
byteStream
.
write
(
corpidBytes
);
byte
[]
padBytes
=
PKCS7Padding
.
getPaddingBytes
(
byteStream
.
size
());
byteStream
.
write
(
padBytes
);
byte
[]
unencrypted
=
byteStream
.
toByteArray
();
byteStream
.
close
();
Cipher
cipher
=
Cipher
.
getInstance
(
"AES/CBC/NoPadding"
);
SecretKeySpec
keySpec
=
new
SecretKeySpec
(
this
.
aesKey
,
"AES"
);
IvParameterSpec
iv
=
new
IvParameterSpec
(
this
.
aesKey
,
0
,
16
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
keySpec
,
iv
);
byte
[]
encrypted
=
cipher
.
doFinal
(
unencrypted
);
String
result
=
base64
.
encodeToString
(
encrypted
);
return
result
;
}
catch
(
Exception
var15
)
{
throw
new
DingTalkEncryptException
(
900007
);
}
}
private
String
decrypt
(
String
text
)
throws
DingTalkEncryptException
{
byte
[]
originalArr
;
byte
[]
networkOrder
;
try
{
Cipher
cipher
=
Cipher
.
getInstance
(
"AES/CBC/NoPadding"
);
SecretKeySpec
keySpec
=
new
SecretKeySpec
(
this
.
aesKey
,
"AES"
);
IvParameterSpec
iv
=
new
IvParameterSpec
(
Arrays
.
copyOfRange
(
this
.
aesKey
,
0
,
16
));
cipher
.
init
(
2
,
keySpec
,
iv
);
networkOrder
=
Base64
.
decodeBase64
(
text
);
originalArr
=
cipher
.
doFinal
(
networkOrder
);
}
catch
(
Exception
var9
)
{
throw
new
DingTalkEncryptException
(
900008
);
}
String
plainText
;
String
fromCorpid
;
try
{
byte
[]
bytes
=
PKCS7Padding
.
removePaddingBytes
(
originalArr
);
networkOrder
=
Arrays
.
copyOfRange
(
bytes
,
16
,
20
);
int
plainTextLegth
=
Utils
.
bytes2int
(
networkOrder
);
plainText
=
new
String
(
Arrays
.
copyOfRange
(
bytes
,
20
,
20
+
plainTextLegth
),
CHARSET
);
fromCorpid
=
new
String
(
Arrays
.
copyOfRange
(
bytes
,
20
+
plainTextLegth
,
bytes
.
length
),
CHARSET
);
}
catch
(
Exception
var8
)
{
throw
new
DingTalkEncryptException
(
900009
);
}
if
(!
fromCorpid
.
equals
(
this
.
corpId
))
{
throw
new
DingTalkEncryptException
(
900010
);
}
else
{
return
plainText
;
}
}
public
String
getSignature
(
String
token
,
String
timestamp
,
String
nonce
,
String
encrypt
)
throws
DingTalkEncryptException
{
try
{
String
[]
array
=
new
String
[]
{
token
,
timestamp
,
nonce
,
encrypt
};
Arrays
.
sort
(
array
);
StringBuffer
sb
=
new
StringBuffer
();
for
(
int
i
=
0
;
i
<
4
;
++
i
)
{
sb
.
append
(
array
[
i
]);
}
String
str
=
sb
.
toString
();
MessageDigest
md
=
MessageDigest
.
getInstance
(
"SHA-1"
);
md
.
update
(
str
.
getBytes
());
byte
[]
digest
=
md
.
digest
();
StringBuffer
hexstr
=
new
StringBuffer
();
String
shaHex
=
""
;
for
(
int
i
=
0
;
i
<
digest
.
length
;
++
i
)
{
shaHex
=
Integer
.
toHexString
(
digest
[
i
]
&
255
);
if
(
shaHex
.
length
()
<
2
)
{
hexstr
.
append
(
0
);
}
hexstr
.
append
(
shaHex
);
}
return
hexstr
.
toString
();
}
catch
(
Exception
var13
)
{
throw
new
DingTalkEncryptException
(
900006
);
}
}
private
static
void
RemoveCryptographyRestrictions
()
throws
Exception
{
Class
<?>
jceSecurity
=
getClazz
(
"javax.crypto.JceSecurity"
);
Class
<?>
cryptoPermissions
=
getClazz
(
"javax.crypto.CryptoPermissions"
);
Class
<?>
cryptoAllPermission
=
getClazz
(
"javax.crypto.CryptoAllPermission"
);
if
(
jceSecurity
!=
null
)
{
setFinalStaticValue
(
jceSecurity
,
"isRestricted"
,
false
);
PermissionCollection
defaultPolicy
=
(
PermissionCollection
)
getFieldValue
(
jceSecurity
,
"defaultPolicy"
,
(
Object
)
null
,
PermissionCollection
.
class
);
if
(
cryptoPermissions
!=
null
)
{
Map
<?,
?>
map
=
(
Map
)
getFieldValue
(
cryptoPermissions
,
"perms"
,
defaultPolicy
,
Map
.
class
);
map
.
clear
();
}
if
(
cryptoAllPermission
!=
null
)
{
Permission
permission
=
(
Permission
)
getFieldValue
(
cryptoAllPermission
,
"INSTANCE"
,
(
Object
)
null
,
Permission
.
class
);
defaultPolicy
.
add
(
permission
);
}
}
}
private
static
Class
<?>
getClazz
(
String
className
)
{
Class
clazz
=
null
;
try
{
clazz
=
Class
.
forName
(
className
);
}
catch
(
Exception
var3
)
{
var3
.
printStackTrace
(
System
.
out
);
}
return
clazz
;
}
private
static
void
setFinalStaticValue
(
Class
<?>
srcClazz
,
String
fieldName
,
Object
newValue
)
throws
Exception
{
Field
field
=
srcClazz
.
getDeclaredField
(
fieldName
);
field
.
setAccessible
(
true
);
Field
modifiersField
=
Field
.
class
.
getDeclaredField
(
"modifiers"
);
modifiersField
.
setAccessible
(
true
);
modifiersField
.
setInt
(
field
,
field
.
getModifiers
()
&
-
17
);
field
.
set
((
Object
)
null
,
newValue
);
}
private
static
<
T
>
T
getFieldValue
(
Class
<?>
srcClazz
,
String
fieldName
,
Object
owner
,
Class
<
T
>
dstClazz
)
throws
Exception
{
Field
field
=
srcClazz
.
getDeclaredField
(
fieldName
);
field
.
setAccessible
(
true
);
return
dstClazz
.
cast
(
field
.
get
(
owner
));
}
static
{
try
{
Security
.
setProperty
(
"crypto.policy"
,
"limited"
);
RemoveCryptographyRestrictions
();
}
catch
(
Exception
var1
)
{
var1
.
printStackTrace
(
System
.
out
);
}
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/jest/BaseAction.java
浏览文件 @
92e7d568
...
...
@@ -37,11 +37,10 @@ abstract class BaseAction extends StandardJaxrsAction {
private
static
CopyOnWriteArrayList
<
Class
<?>>
assembles
;
private
static
String
HOST_LOCALHOST
=
"localhost"
;
private
static
final
String
HOST_LOCALHOST
=
"localhost"
;
protected
String
getHost
(
HttpServletRequest
request
)
throws
Exception
{
URL
url
=
new
URL
(
request
.
getRequestURL
().
toString
());
return
url
.
getHost
();
return
new
URL
(
request
.
getRequestURL
().
toString
()).
getHost
();
}
protected
boolean
isUndefindHost
(
String
host
)
{
...
...
o2server/x_program_center/src/main/java/com/x/program/center/qiyeweixin/SyncOrganization.java
浏览文件 @
92e7d568
...
...
@@ -143,7 +143,7 @@ public class SyncOrganization {
unit
=
this
.
createUnit
(
business
,
result
,
sup
,
org
);
}
else
{
if
(!
StringUtils
.
equals
(
unit
.
getQiyeweixinHash
(),
DigestUtils
.
sha256Hex
(
XGsonBuilder
.
toJson
(
org
))))
{
logger
.
print
(
"组织【{}】的hash值变化,更新组织===="
,
org
.
getName
());
logger
.
print
(
"组织【{}】的hash值变化,更新组织===="
,
org
.
getName
());
unit
=
this
.
updateUnit
(
business
,
result
,
unit
,
org
);
}
}
...
...
@@ -203,17 +203,17 @@ public class SyncOrganization {
logger
.
print
(
"正在检查下级组织{},如果存在下级组织,则先删除下级组织."
,
unit
.
getDistinguishedName
());
List
<
Unit
>
subUnits
=
business
.
unit
().
listSubNestedObject
(
unit
);
if
(
ListTools
.
isNotEmpty
(
subUnits
))
{
for
(
Unit
subUnit
:
subUnits
)
{
removeSingleUnit
(
business
,
result
,
subUnit
);
if
(
ListTools
.
isNotEmpty
(
subUnits
))
{
for
(
Unit
subUnit
:
subUnits
)
{
removeSingleUnit
(
business
,
result
,
subUnit
);
}
}
logger
.
print
(
"正在尝试删除单个组织{}."
,
unit
.
getDistinguishedName
());
EntityManagerContainer
emc
=
business
.
entityManagerContainer
();
//检查一下,该组织是否已经被删除过了
unit
=
emc
.
find
(
unit
.
getId
(),
Unit
.
class
);
if
(
unit
!=
null
)
{
//
检查一下,该组织是否已经被删除过了
unit
=
emc
.
find
(
unit
.
getId
(),
Unit
.
class
);
if
(
unit
!=
null
)
{
emc
.
beginTransaction
(
UnitAttribute
.
class
);
emc
.
beginTransaction
(
UnitDuty
.
class
);
emc
.
beginTransaction
(
Identity
.
class
);
...
...
@@ -246,11 +246,11 @@ public class SyncOrganization {
person
=
this
.
createOrLinkPerson
(
business
,
result
,
user
);
}
}
else
{
if
((
StringUtils
.
isNotEmpty
(
user
.
getMobile
()))
&&
StringUtils
.
isNotEmpty
(
user
.
getName
()))
{
if
(!
StringUtils
.
equals
(
DigestUtils
.
sha256Hex
(
XGsonBuilder
.
toJson
(
user
)),
person
.
getQiyeweixinHash
()))
{
person
=
this
.
updatePerson
(
business
,
result
,
person
,
user
);
}
}
if
((
StringUtils
.
isNotEmpty
(
user
.
getMobile
()))
&&
StringUtils
.
isNotEmpty
(
user
.
getName
()))
{
if
(!
StringUtils
.
equals
(
DigestUtils
.
sha256Hex
(
XGsonBuilder
.
toJson
(
user
)),
person
.
getQiyeweixinHash
()))
{
person
=
this
.
updatePerson
(
business
,
result
,
person
,
user
);
}
}
}
return
person
;
}
...
...
@@ -290,19 +290,6 @@ public class SyncOrganization {
return
person
;
}
// private String getPassword(ScriptEngine engine, Pattern pattern, Person person) throws Exception {
// String str = Config.person().getPassword();
// Matcher matcher = pattern.matcher(str);
// if (matcher.matches()) {
// String eval = matcher.group(1);
// engine.put("person", person);
// String pass = engine.eval(eval).toString();
// return pass;
// } else {
// return str;
// }
// }
private
String
initPassword
(
Business
business
,
Person
person
)
throws
Exception
{
String
str
=
Config
.
person
().
getPassword
();
Pattern
pattern
=
Pattern
.
compile
(
com
.
x
.
base
.
core
.
project
.
config
.
Person
.
REGULAREXPRESSION_SCRIPT
);
...
...
@@ -521,7 +508,7 @@ public class SyncOrganization {
List
<
Person
>
allPeople
=
this
.
listPerson
(
business
);
/* 删除个人 */
for
(
Person
person
:
ListUtils
.
subtract
(
allPeople
,
people
))
{
logger
.
print
(
"删除用户:{}"
,
person
.
getDistinguishedName
());
logger
.
print
(
"删除用户:{}"
,
person
.
getDistinguishedName
());
this
.
removePerson
(
business
,
result
,
person
);
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录