From c82e2c8107b62659118837d05082adcf239cac9f Mon Sep 17 00:00:00 2001
From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Wed, 19 Jun 2019 15:00:42 +0800
Subject: [PATCH] =?utf8?q?=E5=A2=9E=E5=8A=A0=E6=A3=80=E6=9F=A5=20sign=20?=
 =?utf8?q?=E5=BC=80=E5=85=B3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 config/application-devel-pg-local.properties       | 1 +
 config/application-devel-pg.properties             | 5 ++---
 src/main/kotlin/com/supwisdom/dlpay/api/advices.kt | 6 +++++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/config/application-devel-pg-local.properties b/config/application-devel-pg-local.properties
index e976303b..ef591a93 100644
--- a/config/application-devel-pg-local.properties
+++ b/config/application-devel-pg-local.properties
@@ -21,6 +21,7 @@ jwt.expiration=3600
 # user password
 auth.password.bcrypt.seed=
 
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
 shopbalance.updater.cron = -
\ No newline at end of file
diff --git a/config/application-devel-pg.properties b/config/application-devel-pg.properties
index ada087da..5ea16f5c 100644
--- a/config/application-devel-pg.properties
+++ b/config/application-devel-pg.properties
@@ -21,8 +21,7 @@ jwt.expiration=3600
 auth.password.bcrypt.seed=
 spring.jackson.serialization.fail-on-empty-beans=false
 logging.level.org.springframework.web=DEBUG
-
-
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
-shopbalance.updater.cron = -
\ No newline at end of file
+shopbalance.updater.cron=-
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
index d19f656b..0f9f3149 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
@@ -13,6 +13,7 @@ import org.aspectj.lang.annotation.Around
 import org.aspectj.lang.annotation.Aspect
 import org.aspectj.lang.annotation.Pointcut
 import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.http.ResponseEntity
 import org.springframework.security.core.Authentication
 import org.springframework.stereotype.Component
@@ -49,6 +50,9 @@ class RestControllerAspect {
     @Autowired
     lateinit var commonService: CommonService
 
+    @Value("\${security.request.sign: true}")
+    private var requestSignCheck: Boolean = true
+
     private val logger = KotlinLogging.logger { }
 
     @Pointcut("@within(org.springframework.web.bind.annotation.RestController)")
@@ -65,7 +69,7 @@ class RestControllerAspect {
         return try {
             if (body is APIRequestParam) {
                 body.checkParam()
-                if (!body.checkSign(commonService.getSecretByAppid(auth.name))) {
+                if (requestSignCheck && !body.checkSign(commonService.getSecretByAppid(auth.name))) {
                     throw RequestParamCheckException(TradeErrorCode.REQUEST_SIGN_ERROR, "åæ°ç­¾åéè¯¯")
                 }
             } else {
-- 
2.17.1