From 4939a457a07b7533076891fe84ab56a8f19a64d1 Mon Sep 17 00:00:00 2001 From: Tang Cheng Date: Mon, 15 Apr 2019 22:30:15 +0800 Subject: [PATCH] =?utf8?q?=E5=A2=9E=E5=8A=A0=20spring=20security?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- build.gradle | 1 + .../com/supwisdom/dlpay/DlpayApplication.kt | 44 ++++++++++++++++++- .../consume/controller/consume_service.kt | 41 ++++++++--------- .../dlpay/framework/framework_util.kt | 28 +++++++++--- 4 files changed, 86 insertions(+), 28 deletions(-) diff --git a/build.gradle b/build.gradle index e86876d5..0e9b1307 100644 --- a/build.gradle +++ b/build.gradle @@ -19,6 +19,7 @@ repositories { dependencies { implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'com.fasterxml.jackson.module:jackson-module-kotlin' implementation 'org.jetbrains.kotlin:kotlin-reflect' implementation 'org.jetbrains.kotlin:kotlin-stdlib-jdk8' diff --git a/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt b/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt index 0a4f46a2..fb178301 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt @@ -2,14 +2,54 @@ package com.supwisdom.dlpay import org.springframework.boot.autoconfigure.SpringBootApplication import org.springframework.boot.runApplication +import org.springframework.context.annotation.Bean import org.springframework.context.annotation.ComponentScan import org.springframework.context.annotation.PropertySource +import org.springframework.security.config.annotation.web.builders.HttpSecurity +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter +import org.springframework.security.core.userdetails.User +import org.springframework.security.core.userdetails.UserDetailsService +import org.springframework.security.provisioning.InMemoryUserDetailsManager +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer +import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer -@ComponentScan("com.supwisdom.dlpay") +@EnableWebSecurity +class WebSecurityConfig : WebMvcConfigurer { + + @Bean + open fun userDetailsService(): UserDetailsService { + val manager = InMemoryUserDetailsManager() + manager.createUser(User.withDefaultPasswordEncoder() + .username("admin") + .password("123456") + .roles("USER").build()) + return manager + } + + +} + +@EnableWebSecurity +class OAuth2ClientSecurityConfig : WebSecurityConfigurerAdapter() { + + override fun configure(http: HttpSecurity) { + http.authorizeRequests() + .antMatchers("/login", "/resources/**", "/about").permitAll() + .antMatchers("/admin/**").hasRole("ADMIN") + .antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')") + .anyRequest().authenticated() + .and() + .formLogin() + .and() + .oauth2Login() + } +} + @SpringBootApplication class DlpayApplication fun main(args: Array) { - runApplication(*args) + runApplication(*args) } diff --git a/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt b/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt index 1c36a130..566b39d3 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt @@ -102,35 +102,36 @@ class ConsumeController { } }.done(personBalancePayService, false) ResponseEntity.ok(ResponseBodyBuilder.create() - .success() .data("refno", dtl.refno) - .build()) + .success()) } catch (e: TransactionException) { ResponseEntity.ok(ResponseBodyBuilder.create() - .exception(99, e, "查询异常") - .build()) + .transException(e, "交易初始化异常")) } } @PostMapping("/ykt/payfinish") fun yktPayFinish(refno: String, yktshopid: String, devphyid: String?): ResponseEntity { - val dtl = personBalancePayService.wip(refno) - val person = personService.getPersonByUserid(dtl.userid) - val code = CallService.callYktPay(paytypeService.getPaytypeConfigByPaytype(PaytypeUtil.YKTPAY), - dtl, DateUtil.getNow(), person.thirdUniqueIdenty, yktshopid, devphyid) - return if (code.retcode == "0") { - val suc = PersonTransBuilder.newBuilder(accountUtilServcie) - .done(dtl.refno, TradeDict.DTL_STATUS_SUCCESS, personBalancePayService) - ResponseEntity.ok(ResponseBodyBuilder.create() - .success() - .data("refno", suc.refno) - .build()) - } else { - PersonTransBuilder.newBuilder(accountUtilServcie) - .done(dtl.refno, TradeDict.DTL_STATUS_FAIL, personBalancePayService) + return try { + val dtl = personBalancePayService.wip(refno) + val person = personService.getPersonByUserid(dtl.userid) + val code = CallService.callYktPay(paytypeService.getPaytypeConfigByPaytype(PaytypeUtil.YKTPAY), + dtl, DateUtil.getNow(), person.thirdUniqueIdenty, yktshopid, devphyid) + if (code.retcode == "0") { + PersonTransBuilder.newBuilder(accountUtilServcie) + .done(dtl.refno, TradeDict.DTL_STATUS_SUCCESS, personBalancePayService) + ResponseEntity.ok(ResponseBodyBuilder.create() + .data("refno", dtl.refno) + .success()) + } else { + PersonTransBuilder.newBuilder(accountUtilServcie) + .done(dtl.refno, TradeDict.DTL_STATUS_FAIL, personBalancePayService) + ResponseEntity.ok(ResponseBodyBuilder.create() + .fail(TradeErrorCode.TRANSACTION_NOT_EXISTS, "交易请求失败-${code.retcode}")) + } + } catch (e: TransactionException) { ResponseEntity.ok(ResponseBodyBuilder.create() - .result(1, code.retmsg) - .build()) + .transException(e, "交易确认失败")) } } } \ No newline at end of file diff --git a/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt b/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt index eae962ce..e5ed5fe1 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt @@ -1,6 +1,7 @@ package com.supwisdom.dlpay.framework import com.supwisdom.dlpay.exception.TransactionCheckException +import com.supwisdom.dlpay.exception.TransactionException import com.supwisdom.dlpay.framework.util.TradeErrorCode class ResponseBodyBuilder private constructor() { @@ -25,25 +26,40 @@ class ResponseBodyBuilder private constructor() { return this } - fun success(msg: String? = null): ResponseBodyBuilder { + fun success(msg: String? = null): Map { result(0, msg) - return this + return build() + } + + fun fail(code: Int, msg: String): Map { + if (code == 0) { + throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "错误码未正确定义") + } + result(code, msg) + return build() } - fun exception(code: Int, exception: Exception, msg: String? = null): ResponseBodyBuilder { + fun exception(code: Int, exception: Exception, msg: String? = null): Map { data("exception", exception.message ?: "$exception") - return result(code, msg) + result(code, msg) + return build() + } + + fun transException(exception: TransactionException, msg: String): Map { + data("exception", exception.message!!) + result(exception.code(), "$msg - [${exception.message}]") + return build() } fun data(name: String, value: Any): ResponseBodyBuilder { - if(name in RESERVED_KEY) { + if (name in RESERVED_KEY) { throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "返回值 <$name> 为保留值,不能使用") } this.respData[name] = value return this } - fun build(): Map { + private fun build(): Map { if (retCode == INVALIDE_RETCODE) { throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "未设置返回码!") } -- 2.17.1