From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Wed, 19 Jun 2019 07:00:42 +0000 (+0800)
Subject: 增加检查 sign 开关
X-Git-Tag: 1.0.0^2~161
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=c82e2c8107b62659118837d05082adcf239cac9f;p=epayment%2Ffood_payapi.git

增加检查 sign 开关
---

diff --git a/config/application-devel-pg-local.properties b/config/application-devel-pg-local.properties
index e976303b..ef591a93 100644
--- a/config/application-devel-pg-local.properties
+++ b/config/application-devel-pg-local.properties
@@ -21,6 +21,7 @@ jwt.expiration=3600
 # user password
 auth.password.bcrypt.seed=
 
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
 shopbalance.updater.cron = -
\ No newline at end of file
diff --git a/config/application-devel-pg.properties b/config/application-devel-pg.properties
index ada087da..5ea16f5c 100644
--- a/config/application-devel-pg.properties
+++ b/config/application-devel-pg.properties
@@ -21,8 +21,7 @@ jwt.expiration=3600
 auth.password.bcrypt.seed=
 spring.jackson.serialization.fail-on-empty-beans=false
 logging.level.org.springframework.web=DEBUG
-
-
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
-shopbalance.updater.cron = -
\ No newline at end of file
+shopbalance.updater.cron=-
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
index d19f656b..0f9f3149 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
@@ -13,6 +13,7 @@ import org.aspectj.lang.annotation.Around
 import org.aspectj.lang.annotation.Aspect
 import org.aspectj.lang.annotation.Pointcut
 import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.http.ResponseEntity
 import org.springframework.security.core.Authentication
 import org.springframework.stereotype.Component
@@ -49,6 +50,9 @@ class RestControllerAspect {
     @Autowired
     lateinit var commonService: CommonService
 
+    @Value("\${security.request.sign: true}")
+    private var requestSignCheck: Boolean = true
+
     private val logger = KotlinLogging.logger { }
 
     @Pointcut("@within(org.springframework.web.bind.annotation.RestController)")
@@ -65,7 +69,7 @@ class RestControllerAspect {
         return try {
             if (body is APIRequestParam) {
                 body.checkParam()
-                if (!body.checkSign(commonService.getSecretByAppid(auth.name))) {
+                if (requestSignCheck && !body.checkSign(commonService.getSecretByAppid(auth.name))) {
                     throw RequestParamCheckException(TradeErrorCode.REQUEST_SIGN_ERROR, "åæ°ç­¾åéè¯¯")
                 }
             } else {