增加 spring security
diff --git a/build.gradle b/build.gradle
index e86876d..0e9b130 100644
--- a/build.gradle
+++ b/build.gradle
@@ -19,6 +19,7 @@
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-web'
+ implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.fasterxml.jackson.module:jackson-module-kotlin'
implementation 'org.jetbrains.kotlin:kotlin-reflect'
implementation 'org.jetbrains.kotlin:kotlin-stdlib-jdk8'
diff --git a/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt b/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt
index 0a4f46a..fb17830 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/DlpayApplication.kt
@@ -2,14 +2,54 @@
import org.springframework.boot.autoconfigure.SpringBootApplication
import org.springframework.boot.runApplication
+import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.ComponentScan
import org.springframework.context.annotation.PropertySource
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
+import org.springframework.security.core.userdetails.User
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.security.provisioning.InMemoryUserDetailsManager
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-@ComponentScan("com.supwisdom.dlpay")
+@EnableWebSecurity
+class WebSecurityConfig : WebMvcConfigurer {
+
+ @Bean
+ open fun userDetailsService(): UserDetailsService {
+ val manager = InMemoryUserDetailsManager()
+ manager.createUser(User.withDefaultPasswordEncoder()
+ .username("admin")
+ .password("123456")
+ .roles("USER").build())
+ return manager
+ }
+
+
+}
+
+@EnableWebSecurity
+class OAuth2ClientSecurityConfig : WebSecurityConfigurerAdapter() {
+
+ override fun configure(http: HttpSecurity) {
+ http.authorizeRequests()
+ .antMatchers("/login", "/resources/**", "/about").permitAll()
+ .antMatchers("/admin/**").hasRole("ADMIN")
+ .antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
+ .anyRequest().authenticated()
+ .and()
+ .formLogin()
+ .and()
+ .oauth2Login()
+ }
+}
+
@SpringBootApplication
class DlpayApplication
fun main(args: Array<String>) {
- runApplication<DlpayApplication>(*args)
+ runApplication<DlpayApplication>(*args)
}
diff --git a/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt b/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt
index 1c36a13..566b39d 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/consume/controller/consume_service.kt
@@ -102,35 +102,36 @@
}
}.done(personBalancePayService, false)
ResponseEntity.ok(ResponseBodyBuilder.create()
- .success()
.data("refno", dtl.refno)
- .build())
+ .success())
} catch (e: TransactionException) {
ResponseEntity.ok(ResponseBodyBuilder.create()
- .exception(99, e, "查询异常")
- .build())
+ .transException(e, "交易初始化异常"))
}
}
@PostMapping("/ykt/payfinish")
fun yktPayFinish(refno: String, yktshopid: String, devphyid: String?): ResponseEntity<Any> {
- val dtl = personBalancePayService.wip(refno)
- val person = personService.getPersonByUserid(dtl.userid)
- val code = CallService.callYktPay(paytypeService.getPaytypeConfigByPaytype(PaytypeUtil.YKTPAY),
- dtl, DateUtil.getNow(), person.thirdUniqueIdenty, yktshopid, devphyid)
- return if (code.retcode == "0") {
- val suc = PersonTransBuilder.newBuilder(accountUtilServcie)
- .done(dtl.refno, TradeDict.DTL_STATUS_SUCCESS, personBalancePayService)
+ return try {
+ val dtl = personBalancePayService.wip(refno)
+ val person = personService.getPersonByUserid(dtl.userid)
+ val code = CallService.callYktPay(paytypeService.getPaytypeConfigByPaytype(PaytypeUtil.YKTPAY),
+ dtl, DateUtil.getNow(), person.thirdUniqueIdenty, yktshopid, devphyid)
+ if (code.retcode == "0") {
+ PersonTransBuilder.newBuilder(accountUtilServcie)
+ .done(dtl.refno, TradeDict.DTL_STATUS_SUCCESS, personBalancePayService)
+ ResponseEntity.ok(ResponseBodyBuilder.create()
+ .data("refno", dtl.refno)
+ .success())
+ } else {
+ PersonTransBuilder.newBuilder(accountUtilServcie)
+ .done(dtl.refno, TradeDict.DTL_STATUS_FAIL, personBalancePayService)
+ ResponseEntity.ok(ResponseBodyBuilder.create()
+ .fail(TradeErrorCode.TRANSACTION_NOT_EXISTS, "交易请求失败-${code.retcode}"))
+ }
+ } catch (e: TransactionException) {
ResponseEntity.ok(ResponseBodyBuilder.create()
- .success()
- .data("refno", suc.refno)
- .build())
- } else {
- PersonTransBuilder.newBuilder(accountUtilServcie)
- .done(dtl.refno, TradeDict.DTL_STATUS_FAIL, personBalancePayService)
- ResponseEntity.ok(ResponseBodyBuilder.create()
- .result(1, code.retmsg)
- .build())
+ .transException(e, "交易确认失败"))
}
}
}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt b/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt
index eae962c..e5ed5fe 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/framework/framework_util.kt
@@ -1,6 +1,7 @@
package com.supwisdom.dlpay.framework
import com.supwisdom.dlpay.exception.TransactionCheckException
+import com.supwisdom.dlpay.exception.TransactionException
import com.supwisdom.dlpay.framework.util.TradeErrorCode
class ResponseBodyBuilder private constructor() {
@@ -25,25 +26,40 @@
return this
}
- fun success(msg: String? = null): ResponseBodyBuilder {
+ fun success(msg: String? = null): Map<String, Any> {
result(0, msg)
- return this
+ return build()
}
- fun exception(code: Int, exception: Exception, msg: String? = null): ResponseBodyBuilder {
+ fun fail(code: Int, msg: String): Map<String, Any> {
+ if (code == 0) {
+ throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "错误码未正确定义")
+ }
+ result(code, msg)
+ return build()
+ }
+
+ fun exception(code: Int, exception: Exception, msg: String? = null): Map<String, Any> {
data("exception", exception.message ?: "$exception")
- return result(code, msg)
+ result(code, msg)
+ return build()
+ }
+
+ fun transException(exception: TransactionException, msg: String): Map<String, Any> {
+ data("exception", exception.message!!)
+ result(exception.code(), "$msg - [${exception.message}]")
+ return build()
}
fun data(name: String, value: Any): ResponseBodyBuilder {
- if(name in RESERVED_KEY) {
+ if (name in RESERVED_KEY) {
throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "返回值 <$name> 为保留值,不能使用")
}
this.respData[name] = value
return this
}
- fun build(): Map<String, Any> {
+ private fun build(): Map<String, Any> {
if (retCode == INVALIDE_RETCODE) {
throw TransactionCheckException(TradeErrorCode.INPUT_DATA_ERROR, "未设置返回码!")
}