修改加密接口跳过getPicInfo

2025-02-26 10:05:20 +08:00 · 2025-02-26 10:05:20 +08:00 · 861e82a906
commit 861e82a906
parent cfe3cfd488
1 changed files with 82 additions and 80 deletions
--- a/sgtjzhzxsp-framework/src/main/java/com/bhne/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/sgtjzhzxsp-framework/src/main/java/com/bhne/framework/security/filter/JwtAuthenticationTokenFilter.java
@ -1,6 +1,7 @@
 package com.bhne.framework.security.filter;

 import com.bhne.common.core.domain.model.LoginUser;
+import com.bhne.common.utils.SM2Utils2;
 import com.bhne.common.utils.SecurityUtils;
 import com.bhne.common.utils.StringUtils;
 import com.bhne.framework.web.service.TokenService;
@ -19,6 +20,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Arrays;

 /**
 * token过滤器 验证token有效性
@ -45,86 +47,86 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
        chain.doFilter(request, response);

        // 加密代码（到结束）
-        // String pathUrl = ((HttpServletRequest) request).getRequestURI();
-        // String[] disAllowedPaths = {"/", "/"};
-        // if (Arrays.asList(disAllowedPaths).contains(pathUrl)) {
-        //     chain.doFilter(request, response);
-        // } else {
-        //
-        // }
-        // WrapperedRequest wrapRequest = null;
-        // LoginUser loginUser = null;
-        // // 上传、导入、读取文件 排除加解密
-        // String[] disDecryptPaths = {
-        //         "/zhDataMaintain/simpleRead"
-        //         , "/zhMapPro/importBasic"
-        //         , "/zhMapPro/importCertificateBasic"
-        //         , "/tj/safetyPro/contractorImport"
-        //         , "/tj/safetyPro/contractorSubcontractingImport"
-        //         , "/tj/safetyPro/subcontractingImport"
-        //         , "/zhFile/upload"
-        //         , "/zhFile/uploadFile"
-        //         , "/zhFile/uploadPic"
-        //         , "/tj/safetyPro/uploadViolationImg"
-        // };
-        // // 导出、下载、预览文件 排除加解密
-        // String[] disEncryptPaths = {
-        //         "/zhDataMaintain/simpleWrite"
-        //         , "/tj/safetyPro/contractorExport"
-        //         , "/tj/safetyPro/contractorSubcontractingExport"
-        //         , "/tj/safetyPro/contractorTemplateExport"
-        //         , "/tj/safetyPro/contractorSubcontractingTemplateExport"
-        //         , "/tj/safetyPro/subcontractingExport"
-        //         , "/tj/safetyPro/subcontractingTemplateExport"
-        //         , "/zhFile/show"
-        //         , "/zhFile/getOne"
-        //         , "/zhFile/download"
-        //         , "/zhFile/getPicInfo"
-        // };
-        //
-        // if (Arrays.asList(disDecryptPaths).contains(pathUrl)) {
-        //     loginUser = tokenService.getLoginUser(request);
-        // } else {
-        //     String requestBody = getRequestBody((HttpServletRequest) request);
-        //     // 解密请求报文
-        //     String requestBodyMw = SM2Utils2.decrypt(requestBody);
-        //     wrapRequest = new WrapperedRequest((HttpServletRequest) request, requestBodyMw);
-        //     loginUser = tokenService.getLoginUser(wrapRequest);
-        // }
-        // WrapperedResponse wrapResponse = new WrapperedResponse((HttpServletResponse) response);
-        //
-        // if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
-        //     tokenService.verifyToken(loginUser);
-        //     UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
-        //     // 判断请求是否为不需要解密请求体
-        //     HttpServletRequest resultRequest = Arrays.asList(disDecryptPaths).contains(pathUrl) ? request : wrapRequest;
-        //     authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(resultRequest));
-        //     SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-        // }
-        //
-        // if (Arrays.asList(disDecryptPaths).contains(pathUrl) && Arrays.asList(disEncryptPaths).contains(pathUrl)) {
-        //     chain.doFilter(request, response);
-        // } else {
-        //     if (Arrays.asList(disDecryptPaths).contains(pathUrl)) {
-        //         chain.doFilter(request, wrapResponse);
-        //         byte[] data = wrapResponse.getResponseData();
-        //         // 加密返回报文
-        //         String responseBodyMw = SM2Utils2.encrypt(new String(data, "UTF-8"));
-        //         response.setContentType("text/html;charset=utf-8");
-        //         writeResponse(response, responseBodyMw);
-        //     } else {
-        //         if (Arrays.asList(disEncryptPaths).contains(pathUrl)) {
-        //             chain.doFilter(wrapRequest, response);
-        //         } else {
-        //             chain.doFilter(wrapRequest, wrapResponse);
-        //             byte[] data = wrapResponse.getResponseData();
-        //             // 加密返回报文
-        //             String responseBodyMw = SM2Utils2.encrypt(new String(data, "UTF-8"));
-        //             response.setContentType("text/html;charset=utf-8");
-        //             writeResponse(response, responseBodyMw);
-        //         }
-        //     }
-        // }
+//         String pathUrl = ((HttpServletRequest) request).getRequestURI();
+//         String[] disAllowedPaths = {"/", "/"};
+//         if (Arrays.asList(disAllowedPaths).contains(pathUrl)) {
+//             chain.doFilter(request, response);
+//         } else {
+//
+//         }
+//         WrapperedRequest wrapRequest = null;
+//         LoginUser loginUser = null;
+//         // 上传、导入、读取文件 排除加解密
+//         String[] disDecryptPaths = {
+//                 "/zhDataMaintain/simpleRead"
+//                 , "/zhMapPro/importBasic"
+//                 , "/zhMapPro/importCertificateBasic"
+//                 , "/tj/safetyPro/contractorImport"
+//                 , "/tj/safetyPro/contractorSubcontractingImport"
+//                 , "/tj/safetyPro/subcontractingImport"
+//                 , "/zhFile/upload"
+//                 , "/zhFile/uploadFile"
+//                 , "/zhFile/uploadPic"
+//                 , "/tj/safetyPro/uploadViolationImg"
+//         };
+//         // 导出、下载、预览文件 排除加解密
+//         String[] disEncryptPaths = {
+//                 "/zhDataMaintain/simpleWrite"
+//                 , "/tj/safetyPro/contractorExport"
+//                 , "/tj/safetyPro/contractorSubcontractingExport"
+//                 , "/tj/safetyPro/contractorTemplateExport"
+//                 , "/tj/safetyPro/contractorSubcontractingTemplateExport"
+//                 , "/tj/safetyPro/subcontractingExport"
+//                 , "/tj/safetyPro/subcontractingTemplateExport"
+//                 , "/zhFile/show"
+//                 , "/zhFile/getOne"
+//                 , "/zhFile/download"
+//                 //, "/zhFile/getPicInfo"
+//         };
+//
+//         if (Arrays.asList(disDecryptPaths).contains(pathUrl)) {
+//             loginUser = tokenService.getLoginUser(request);
+//         } else {
+//             String requestBody = getRequestBody((HttpServletRequest) request);
+//             // 解密请求报文
+//             String requestBodyMw = SM2Utils2.decrypt(requestBody);
+//             wrapRequest = new WrapperedRequest((HttpServletRequest) request, requestBodyMw);
+//             loginUser = tokenService.getLoginUser(wrapRequest);
+//         }
+//         WrapperedResponse wrapResponse = new WrapperedResponse((HttpServletResponse) response);
+//
+//         if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
+//             tokenService.verifyToken(loginUser);
+//             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
+//             // 判断请求是否为不需要解密请求体
+//             HttpServletRequest resultRequest = Arrays.asList(disDecryptPaths).contains(pathUrl) ? request : wrapRequest;
+//             authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(resultRequest));
+//             SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+//         }
+//
+//         if (Arrays.asList(disDecryptPaths).contains(pathUrl) && Arrays.asList(disEncryptPaths).contains(pathUrl)) {
+//             chain.doFilter(request, response);
+//         } else {
+//             if (Arrays.asList(disDecryptPaths).contains(pathUrl)) {
+//                 chain.doFilter(request, wrapResponse);
+//                 byte[] data = wrapResponse.getResponseData();
+//                 // 加密返回报文
+//                 String responseBodyMw = SM2Utils2.encrypt(new String(data, "UTF-8"));
+//                 response.setContentType("text/html;charset=utf-8");
+//                 writeResponse(response, responseBodyMw);
+//             } else {
+//                 if (Arrays.asList(disEncryptPaths).contains(pathUrl)) {
+//                     chain.doFilter(wrapRequest, response);
+//                 } else {
+//                     chain.doFilter(wrapRequest, wrapResponse);
+//                     byte[] data = wrapResponse.getResponseData();
+//                     // 加密返回报文
+//                     String responseBodyMw = SM2Utils2.encrypt(new String(data, "UTF-8"));
+//                     response.setContentType("text/html;charset=utf-8");
+//                     writeResponse(response, responseBodyMw);
+//                 }
+//             }
+//         }
    }

    private String getRequestBody(HttpServletRequest req) {