From 02526f8b20f4b33e970b3e38aa889fba63027ee1 Mon Sep 17 00:00:00 2001 From: WendyYang Date: Tue, 19 Nov 2024 15:29:27 +0800 Subject: [PATCH] =?UTF-8?q?fix:=201.=20=E6=96=87=E4=BB=B6=E9=A2=84?= =?UTF-8?q?=E8=A7=88=E4=BF=AE=E6=94=B9=E5=8F=82=E6=95=B0=E5=8A=A0=E5=AF=86?= =?UTF-8?q?=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../api/common/util/PreviewFileIdEncryptUtil.java | 32 ++++++++++++ .../com/hz/pm/api/external/FilePreviewClient.java | 58 +++++++++++++++++++--- .../external/controller/FilePreviewController.java | 2 +- .../api/external/controller/MhApiController.java | 9 +++- .../hz/pm/api/external/model/PreviewFileIdBO.java | 31 ++++++++++++ .../security/auth/mh/MhLoginUserDetailService.java | 3 +- 6 files changed, 123 insertions(+), 12 deletions(-) create mode 100644 hz-pm-api/src/main/java/com/hz/pm/api/common/util/PreviewFileIdEncryptUtil.java create mode 100644 hz-pm-api/src/main/java/com/hz/pm/api/external/model/PreviewFileIdBO.java diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/common/util/PreviewFileIdEncryptUtil.java b/hz-pm-api/src/main/java/com/hz/pm/api/common/util/PreviewFileIdEncryptUtil.java new file mode 100644 index 0000000..435c52c --- /dev/null +++ b/hz-pm-api/src/main/java/com/hz/pm/api/common/util/PreviewFileIdEncryptUtil.java @@ -0,0 +1,32 @@ +package com.hz.pm.api.common.util; + +import cn.hutool.core.codec.Base64; +import cn.hutool.crypto.SecureUtil; +import cn.hutool.crypto.symmetric.AES; + +/** + *

+ * PreviewFileIdEncryptUtil + *

+ * + * @author WendyYang + * @since 13:36 2024/11/19 + */ +public class PreviewFileIdEncryptUtil { + + private PreviewFileIdEncryptUtil() { + } + + private static final String KEY_BASE64 = "ffbTIYYplRaDcNnrP3dm99s8jCGls4bBqJPnFUo44ik="; + + public static String encryptFileId(String fileId) { + AES aes = SecureUtil.aes(Base64.decode(KEY_BASE64)); + return aes.encryptHex(fileId); + } + + public static String decryptFileId(String fileId) { + AES aes = SecureUtil.aes(Base64.decode(KEY_BASE64)); + return aes.decryptStr(fileId); + } + +} diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/external/FilePreviewClient.java b/hz-pm-api/src/main/java/com/hz/pm/api/external/FilePreviewClient.java index 57fd9ad..88f36c5 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/external/FilePreviewClient.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/external/FilePreviewClient.java @@ -1,6 +1,10 @@ package com.hz.pm.api.external; +import cn.hutool.core.util.ArrayUtil; import cn.hutool.core.util.NumberUtil; +import com.hz.pm.api.common.enumeration.FileOrigin; +import com.hz.pm.api.common.util.PreviewFileIdEncryptUtil; +import com.hz.pm.api.external.model.PreviewFileIdBO; import com.hz.pm.api.external.model.dto.MhFileInfoDTO; import com.hz.pm.api.meeting.entity.config.WebProps; import com.ningdatech.basic.exception.BizException; @@ -14,6 +18,7 @@ import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.time.Duration; import java.util.List; /** @@ -41,9 +46,6 @@ public class FilePreviewClient { private static final String FILE_DOWN_NO_AUTH_URL = "/api/v1/file/preview/anonymous/down/"; - private static final String MH_DOWN_FILE_URL = "/api/v1/mh/anonymous/file/download/"; - - //================================================================================================================== private static final String PREVIEW_PATH_FMT = "%s/public/risen/core/resrc/view/pdf_view.html.do?strMap.remote_url=%s&strMap.ext=%s"; @@ -52,11 +54,14 @@ public class FilePreviewClient { String serverName = request.getServerName(); log.info("serverName:{}", serverName); StringBuilder fileDownUrl = new StringBuilder(); + String filePreviewUrlHost; if (serverName.contains("weixin") || serverName.contains("10.54.38.13")) { // 浙政钉访问需要转换为互联网可访问的地址 fileDownUrl.append(WebProps.zzdApiUrl); + filePreviewUrlHost = mhFilePreviewPublicUrl; } else { fileDownUrl.append(WebProps.apiUrl); + filePreviewUrlHost = mhFilePreviewPrivateUrl; } String fileSuffix; // 信产文件ID为字符串、当前系统文件ID为数字 @@ -64,18 +69,55 @@ public class FilePreviewClient { List fileInfos = mhFileClient.listFileInfo(fileId); MhFileInfoDTO mhFileInfo = fileInfos.get(0); fileSuffix = mhFileInfo.getFileSuffix(); - fileDownUrl.append(MH_DOWN_FILE_URL).append(fileId); + String tmpFileId = generateFileId(fileId, FileOrigin.MH); + fileDownUrl.append(FILE_DOWN_NO_AUTH_URL).append(tmpFileId); } else { - fileDownUrl.append(FILE_DOWN_NO_AUTH_URL).append(fileId); + String tmpFileId = generateFileId(fileId, FileOrigin.OSS); + fileDownUrl.append(FILE_DOWN_NO_AUTH_URL).append(tmpFileId); File file = fileService.getById(fileId); fileSuffix = file.getSuffix(); } - return String.format(PREVIEW_PATH_FMT, mhFilePreviewPrivateUrl, fileDownUrl, fileSuffix); + return String.format(PREVIEW_PATH_FMT, filePreviewUrlHost, fileDownUrl, fileSuffix); + } + + private static String generateFileId(String fileId, FileOrigin oss) { + PreviewFileIdBO previewFileId = PreviewFileIdBO.builder() + // 默认过期时间6小时 + .expireTime(System.currentTimeMillis() + Duration.ofHours(6).toMillis()) + .fileId(fileId) + .fileOrigin(oss) + .build(); + return PreviewFileIdEncryptUtil.encryptFileId(previewFileId.concat()); + } + + private static PreviewFileIdBO parseFileId(String fileId) { + String decryptFileId = PreviewFileIdEncryptUtil.decryptFileId(fileId); + String[] split = decryptFileId.split("#"); + if (ArrayUtil.isEmpty(split) || split.length != 3) { + throw BizException.wrap("文件ID无效"); + } + return PreviewFileIdBO.builder() + .fileId(split[0]) + .expireTime(Long.parseLong(split[1])) + .fileOrigin(FileOrigin.valueOf(split[2])) + .build(); } - public void downloadFile(Long fileId, HttpServletResponse response) { + public void downloadFile(String fileId, HttpServletResponse response) { try { - fileService.download(fileId, response); + PreviewFileIdBO previewFileId = parseFileId(fileId); + if (previewFileId.getExpireTime() != null + && previewFileId.getExpireTime() > 0 + && System.currentTimeMillis() > previewFileId.getExpireTime()) { + throw BizException.wrap("文件地址已过期,请重试"); + } + if (FileOrigin.MH.equals(previewFileId.getFileOrigin())) { + mhFileClient.download(previewFileId.getFileId(), response); + } else if (FileOrigin.OSS.equals(previewFileId.getFileOrigin())) { + fileService.download(Long.valueOf(previewFileId.getFileId()), response); + } else { + throw BizException.wrap("文件类型不支持"); + } } catch (Exception e) { log.info("文件下载失败:{}", fileId, e); throw BizException.wrap("文件下载失败:%s", fileId); diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/FilePreviewController.java b/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/FilePreviewController.java index c9fb6b5..32cf876 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/FilePreviewController.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/FilePreviewController.java @@ -36,7 +36,7 @@ public class FilePreviewController { @ApiOperation("文件下载(不鉴权)") @GetMapping("/anonymous/down/{fileId}") - public void anonymousFileDown(@PathVariable Long fileId, HttpServletResponse response) { + public void anonymousFileDown(@PathVariable String fileId, HttpServletResponse response) { filePreviewClient.downloadFile(fileId, response); } diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/MhApiController.java b/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/MhApiController.java index bcda037..6daeba2 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/MhApiController.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/external/controller/MhApiController.java @@ -38,13 +38,20 @@ public class MhApiController { return mhApiClient.dictListByType(dictType); } - @GetMapping({"/anonymous/file/download/{fileId}", "/file/download/{fileId}"}) + @GetMapping("/file/download/{fileId}") @WebLog("下载信创平台文件") @ApiOperation("下载信创平台文件") public void download(@PathVariable String fileId, HttpServletResponse response) { mhFileClient.download(fileId, response); } + @GetMapping("/anonymous/file/download/{fileId}") + @WebLog("下载信创平台文件") + @ApiOperation("下载信创平台文件") + public void anonymousDownload(@PathVariable String fileId, HttpServletResponse response) { + mhFileClient.download(fileId, response); + } + @GetMapping("/file/listFileInfo") @ApiOperation("获取文件详情") public List listFileInfo(@RequestParam String fileIds) { diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/external/model/PreviewFileIdBO.java b/hz-pm-api/src/main/java/com/hz/pm/api/external/model/PreviewFileIdBO.java new file mode 100644 index 0000000..2fbce05 --- /dev/null +++ b/hz-pm-api/src/main/java/com/hz/pm/api/external/model/PreviewFileIdBO.java @@ -0,0 +1,31 @@ +package com.hz.pm.api.external.model; + +import com.hz.pm.api.common.enumeration.FileOrigin; +import lombok.Builder; +import lombok.Getter; +import lombok.Setter; + +/** + *

+ * PreviewFileIdBO + *

+ * + * @author WendyYang + * @since 14:12 2024/11/19 + */ +@Builder +@Getter +@Setter +public class PreviewFileIdBO { + + private String fileId; + + private Long expireTime; + + private FileOrigin fileOrigin; + + public String concat() { + return this.fileId + "#" + this.expireTime + "#" + this.fileOrigin; + } + +} diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/mh/MhLoginUserDetailService.java b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/mh/MhLoginUserDetailService.java index 33c98ad..3447801 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/mh/MhLoginUserDetailService.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/mh/MhLoginUserDetailService.java @@ -1,7 +1,6 @@ package com.hz.pm.api.user.security.auth.mh; -import cn.hutool.json.JSONUtil; import com.hz.pm.api.common.helper.UserInfoHelper; import com.hz.pm.api.user.convert.UserInfoConvertor; import com.hz.pm.api.user.security.auth.checker.UserLoginChecker; @@ -32,7 +31,7 @@ public class MhLoginUserDetailService implements UserDetailsService { public UserInfoDetails loadUserByUsername(String username) throws UsernameNotFoundException { UserFullInfoDTO userInfo = userInfoHelper.getUserFullInfoByMhUserIdOrOpenId(username); UserLoginChecker.checkLoginAuth(userInfo); - log.info("登录用户为:{}", JSONUtil.toJsonStr(userInfo)); + log.info("登录用户为:{} {}", userInfo.getUserId(), userInfo.getUsername()); return UserInfoConvertor.convert(userInfo); }