From 692e1a35f85dc44564546dea066b5b570ed3001c Mon Sep 17 00:00:00 2001 From: jaewohong Date: Thu, 6 Nov 2025 12:02:51 +0900 Subject: [PATCH] =?UTF-8?q?=EC=86=8C=EC=8A=A4=EC=88=98=EC=A0=95,=20?= =?UTF-8?q?=EC=95=94=ED=98=B8=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- libs/kjb-safedb.jar | Bin 0 -> 12565 bytes .../impl/HttpClient5AdapterServiceRest.java | 297 ++++++++++++++---- .../http/dynamic/HttpAdapterServiceKey.java | 2 + ...entAccessTokenServiceWithBase64Header.java | 3 +- ...HttpClientAccessTokenServiceWithParam.java | 11 +- .../eactive/eai/common/logger/EAILogDAO.java | 128 +++++++- .../inbound/processor/RequestProcessor.java | 14 +- 7 files changed, 391 insertions(+), 64 deletions(-) create mode 100644 libs/kjb-safedb.jar diff --git a/libs/kjb-safedb.jar b/libs/kjb-safedb.jar new file mode 100644 index 0000000000000000000000000000000000000000..884cbf47bbb0022553f9f9fc7e05df4db65bbab8 GIT binary patch literal 12565 zcmb7q1yEdTwl(g-8<*hj5)v%9yL)iA;F{p>1b26LcXxMd+=DwmsXH@wZr=R&&D&Mo zd|kEI+RZtAc5PX*65tT%ARsU>Af@)28X#{5_UrAE#G#D)iSB9Jv-ssMEQYBb|vj#mF?sGbjwMb+c@`Gn_D{X-FUJ!xJe(c z)`E|*0Twf=bOJpq@j*`kJR}DL&>Kykp2K!BXuLr-d^|1#IUOy1eAroego^?Q&)h}{ zlwfY71=2{n&-#gT>3B=rC55C9(~Gyi7c3vRYYMdvTwS-{6mmC*YzvDw&~(^Jf@gEq z7WM4+JKHj>d~8~H=4Nv04pQ;$xJ|wD3MGUKA`H4Ggs;IAI-`(&n(<3^R&w_w2gae5 zH}0>FYu!P5QUO(%J?SzT^F&A+I2}l~q~tJd~Xx|_~ftyi0Q(~@4PM(^{x&bquc#u9Or?bZCn5(vB6}B1O(HR5{ z#jLF*ba+_0Sk|oFgxg4rc?33$n*I|^{-r?dSs*$CGjtX#ti~sShYA%10V8|GOEXN# zvxzV5A2QRXyPnq&9YilRgdxHC6yCjaC?ttP3+2Wxmx#1{Aw4eEa)uaA{0J=O1d?P9 z`WiuWq2d_@=WIn1NFeqHv6duJ7b44-)xZbcS4&VupU=Doec6=MYBQm(`#xzEWT`^3 z1lPP?n%uu->w!45%O!h3O;>+=TNKpevYH{h7+!OqkgT9?6k(|$7>gzA0=`gKt2XlP zyA^i=!aKZBA$vq|>U;?a(wV?HBf9z_4m#imNo>@VM}8*GLoGgT zQ{S5K0*=CqdyYkFMJf~U@;P7xj5Ta>9Ka2gYuV}8Vr{m{Z9HaKzICP2+jeEQRZkqb z@9g|5_r;K?YNMfsO(Ysa)rJq|N4X^T#|yi~{qT>^XTJpv7;Ungcrej-8mD*R&qI zG66$Qzb%0P2Tqv547-j?&6|fUMIzk0^-Ew|*%zp@fxA@ib)Xh(^DFec_hu$S$kATv zC98{3xt7P>g<_sYzb$_sA$m&yFZEr_`H4qM_68LfT_%}1L$5KzdP=M9PNzgUSA+ZP z<;LlAY#DTU+fHKZ^~!M=rg6EJtMlmA;do=*^i-Xpu({QZ>^bO5)_Y$xxUQ}?JTCW& zp!@H)N`gl^071y**-P9AGN6$?N6hAsWB0^6nI39%@>*A@nV#?8ugXH(sqQ#mq70kz zzsbTgna=PeZ8k19yST84bv2P)AXm!>vUup{iFOFpDp$FMsxinU8GdvObf+}qzJ(~E z_#Eg`WHp)7Qn7{^BuLSzf;%u6-r`vLQ9;>J&3U$@iB@)oK`VYYrV3d*ShdqEdE9zd zh)=-!ToHGcL8+^{Zi2yyb@D}0K8y@3s=>;{lZ{W0`Vz%XJ(jqY1V=@GA3RrG)?htVZ5W|bgH83At{$FA|bH(Bn0zTD40^8Ej|VDQvt3!R2=dGo=!3|+oQfa zn(R;SdIm0c-ZL*>3b|0TDA4rc}o!eVXse$9Kl*&A#1Y4NZruGrS;z6cgKi5-6Hd}NRhL=4ijHh%RRB_1u9_U`Lh5s2XAUc! z{?z>t1m#~_KxK&XsN6b&>b0nx;ELJY^^OD$umN zh&CSF#*jtb1bbY{vEC#!RHRhn)io zq{etpeTa*b?8|Va3)B|*p%0hbSNi#*fuBF)gg>)?KOW<$Sa+dlcVS1q1qZ;C1K?Yo zUN_uuMC?sICEIWNEMNx>8Xz3 z<&qHVEv<$fB|hHS+iglh43|IJKO&doCF%NBcxNKoF9JF40uCgZHR|uTo%+^AYzsbk zi5wUY&EbTQ7J6qQJ7reF%qry-_j>5n_guGke%Mbf~6x&e%)xeGS- z0p$s8*aHD-N`s*&CQ=e|R2lITO{lWU6mansKZOMkOk69w_l9>`qvck%Ocy$Tt?E$l z&nD18K|p-oYC!tGuS_J&^c3F8o4*t%a>LSKOz7O0QPe{M+qei8$9+A1WsFUe1-2OU zHq!@+%;0q~V=#B-^iLqXLkmGd-~w5dV$*IiW57C(S7#4!8(;cv0)c>z*ti?AQP}*} zVnIpBbQta}J}Z6hPxtW5cvk`7{Lk+6N=f~~#t4tT{vTfSPzYX3b%Y-b11GL+=gHfr zmuTgY=5oqr>swxw4Hich23jR^o`zZ7YZ)yc){GmQp?4R>9Z+P@Gwl+6y_^+|A$##K z)O^!eWi(+E`xSa;x%Pmh+ll%@L^@k&OT5#ozCqDe-+}A1a?aL5Nz}N4z_auM6c_+{ zh!QMrL6hgSL$8`0O!pjIRoDYul>)z`1W#DBjGfw!FqB1SA^z zzrDT&dQ#Q~hJO@)KNR^CmX(oT2%@9t4BnF`@WU$M@LL=UN{KI#B4dhY=3R z3bS{?7z7P4i{+n4BDLN|DloJf<+YMB3W$C>*{JeHr zPxE}ee#r|Ox^aYMpsDneU`>TFV0@i=1&!#$w8PCT>P5ckGsVnLMwN6CCvn+m7; zNJyb&^q%I1vR6`OL^>)-CxL>j(KC@K>ei=9&Ot?FF04g|ei`&5wT}eaeOK&YWTRU& zxOzQpy^#twecluWTr7nci~TnKcv`tquw#V@KucW?VylZvlj7oI@X;3UfdSuo-}UJ<*|C&O_#b5J5N zs>({7JAgbuPI(2PbgD03kV)n|MZ!pc#`D2j( zvjm=MH#UzqIL<|azGy3bgTGzEd?demr?>yOO$h3|4Q`&l5IQUErrkSkX8{2QOb^YL zAW#1zNbBy)GdEXoZKXYfm5KIe?GN_Th}QtO*`mfw)j8`!_cVZerY^P<`pWD%S(~1T z^|pWJr3nQVG1>fW!QFJ>6%jRN@R1`GsdpK{=~|AtQgQYudEw9Z!P7dOibVFBX6`HN z2$M6^*9QG0NAfThP*zY{gA=ueuY8qZ6N(Zp|=w>p2}-Ca&;_ z_x9^0Nu1Z=xcuRzn9aTUvX|}9^^+*ieXLDJh8^!vZ=P)Br~6+?f$<0VKXP>R3|itN z;669impwL+i?M*)-~43SNekSh+yBBLF}Iv^pKIlFlC=Yw({I3}4z1p+9eQeqRq_~- zAyiTX>*9k1)8B^gcse#_8z!D;@*QP&;!D1X$3?IWWOtTt==tE( zQm>ET3lVbSRrd%%th*8BWMiDBBWC5gAa_Epi1&+=*A)PPr%BiqPoUnDh&w^5pxNXR z+c%1Bl+FRY zK(lsIu|U*si=QBGAwWAu&LZQ{imuS}ohIlJq%ed77`IS#?dx9n;sjxnhM5hm=tU@< z?4W6h&NAJg^V9HZc*LkKZ+a(%3(aC>Ll=%R6mQ*ZAR3dvQ0b=Fh@yjU|2CQE8B*)QcuQJ&PqvTLx==F*wcjZ$YW z4*1Toe(^|bA&rqV+8QC%LI$V_!URVZ$=~>JSL%}Ddkw$>M++z$%}b8OZ<^V!YU zCn!!LZZVuCwfmz|r(q{j1U^f6Q%y}*6Y5?yOHD~jRZS26rAlnMhG1huj-?`YkF}qR zm(gJF!AheGNlhpNEvBAU6{Gi&>cr>16wKn^)R$N|sX%FHymJ}MqxS0cCu;l7kma_V z1?B9Xs^zJ*B&#lIq+wiG$LYS9r7V|yhUSjKOMo+n4_iU%AO9kfy-lbQdK|j;%0iEZn ztgHYD>mbT_()P7ErxV-=4vh*JuIVL8ROlq*>3%T(N8{r}hsL9Wom4pK$}+WmxEIol zeNYlQh&jUunT^5{R*XGX4ET|-ZAjSo*J4(+$$$1sQu5?7?TjFI3a3> z2(5-eRLUDeuajv%X+EMU8CB^bf~M#n7#19Yd3{lQu7aJBp)|>JXp2L(hWFnuoGQ^s z$Wv2P+($6CI?#Jn+q>4dk4vDd9@vC+3}|s}l;LM{vWUYFeFk%x7PY_`SS{VP^0L5% zTa*1sZY6ha4EPoWj0|qyq9gYYZqF3!UH^#$c#WNDKd*zsPo?Jh4h7JlIT>6p6HFH@K&z+Q5iKOcS6s&O+JCn?+1dX!ncV5CE1 z@6!wAP$CU7@VbiHNy>9%hY+GHst7@!9vh?w2Wb4vlyg+Rdv-0}Ww>y?w&55XYe9*N zTy$Ikco8@vHENanE$jmuFvDzApt)Dq>ZrM=FhXzL?oFQvc)m^_fw$)0oCY<~<2i@S zt7i|IlJzRl>m)d(GssTmxp89k6qm~h70Cjk@`ABPgqaio2YPYTDSCC(yMc>f@T1Ps z-+x{QX!E+qmM~WV!F051qHZr6V+<@B=X6({sas5xdo>e*KnSII#dJPd2gWb3dfGkV z5k9_E24pye8ax>Bk!ANpa}1h}Wl9RYM2 zN~$FYc55sBoC+hMsj ze>dv+fvTMwwfV=MbWZTR(Zd2X+v*jhI+klL8CDUy?8jRKBVj`2#u#2MVS*3xws0h- zj>2B=(C{qq^51J4)*vOL7P!3}+`!aFj5hgrYI1?PhsBVX(fvf(ji-x`uuig^!~d31 zbEjUc9<)GxWXro-2m8UPfwT6zu;Oa=Sb}-1Yv+~BPlE8XSNE-ORSi6Z2Zu0aYVHda z1u1x)#zl>-=Sq$ofl*h54`}-L+k7EJz5fc?nc2Y8;cg4kGZ$wTw)lGInn zKqp2SKIo^E#RlH)i8WKxZ{g-ac*zfu4+vwn!Tv+}@4oig2Kuk)%Oa7moo(|i6kka1 zrVs3_q2%Cq-1jqOZ*my1;|Vm`Df6c63iBFq?%BlA1T~UAMA;%-O54=O<0w={!g#+* zgiT%<5A@M)e*wK{kpF(UK^}+M(~_Nwku=q8zp&N`2I(aa*;%ivfxl@Se%nb(VifB5KEwCCZz--SOG)2n;xf;%LN?l+ai2cUQasW}OBe`OSoygXJcipp&XIH`$uS$Sg*i(x%jthi$?#5b2 zX9=4$611ft11aXv7)5AK$cJOXG_Qm?D$wP2K$n{%8|a4;r_Vh8D$dYL9?O&#&zuGb ztjKfBMunF3>6euVyT9$_bI+AX*PsR!h}uV%nVOL)ZU4O~9XuFzM>oI31a=XIio2h7+yq zj1$dbnZ~CX4U-7va!h%~#vZ zX@j^+#{i%dm)Y)DY-!)$pX%7P#&-)2rFqoY?r#-fL+6#9D`z6=(Pd&B-4w3q&8H

47%ep(>~T=&u*f zGgv>dOfhSLz|G)@{+;}Ye)_Vtq1n}*SN1+&xM>ft2^MGzTyXAj8(9CKa8Y5EMBplY zwyCArnp}K4k?nS{`TSZR0A!|L>z3)i(D(U4SQJG#=DOPl(6Hk)M3pwi> z+Sr>~Tm55`^W#ir`ZHF4JM?ms!_NE{0Z?7aAx}Of@~rpNFt8|+=-xyBxf~YzVUA#kgE46W-g2~GU?dF^Jc-GHW?M6MHo*v$PMj2*CZ5ZvwCphh! z@S!3IMm-%2Jl}-LBU_0_u|qX>KI212G91w(5B~V_BHGpB+mEnWHD|GpFgUAqBCBAY zq^1-fKJ?&aIWwvTC01YZwUr;+!jFjAIKiKLd?IboirE*VS8~2c_mCm!k!*EoLYxgp ztYmIj-BO_%;pG(3{}?~Jld)C3?5wy+xh_mVYc|5d!MZ+&y{6tZH-~4Pt~6xLT!NEh zg0B6CLEoP3Y8^uLr(rG8N7w93CBI`o2!G8E=JkQTaHVhk@8Fb~ZFbWm?UM1Lhe{wg z@n1Q6h2~F2dIp-`(Tk7-h1BpeQyD}!K$cBqFq^}EN z71dl?*J_3ysyb=d+)c5`8-2Y!H8*t=0^}fD_Z1=qgERM5x`IuQlvd@>(a~x`l&#^V zvXwWdu?+yUU!sO6^6zC<2E?1Lcv@5A&O&e6H>`mk(UXwpbQ4IxLytJ!8KKpI$>Dj9wW<6BvIz~#YY&^I;_t$b z_>vd0o<|H5g7|_EMYrT{?``sZ0tPmBaI-*$@&K0X!1gBU%GXMF1t8yAd=8l@L%=}{ z)elw<>Y;hM#SNPMirjX`d0`xAnaZE10pRtD-p}YTmYx{YX{Joccm!8ULTylPmZ1So zQ#Yx9lv`$ZkmFAyhf9F5!GBrUYC_(3l{YAC|7}BDHZkaz`8JsJczgD^|8LKof`R$( zk6yGE12`YL|N7z_eKBR}+4$P5@-bu(j4hw2U}K>TcQZcQ>?!*)*|Ua~sOBB0XDkPc z7Hh0;D+i0+4flAHb>=1}KivMllI-Ai#O0edX+$A?V!@=0;L!HhgD zb*V|K%cQz%sg8{+s>e#8qMT4O>Y8vHM|4qXmv!1aV4zDLYFKr!gJ0UO1kT03^qaJ| z?j_O>Zo@_%4>?XYl=QZ7N*&E-9wcpXy|U`cTIl6BwZE_ds7`8uyB zSORPUn z*#v+9IT0Fq#QG3>M8{<4W)rsrrfXuhwy`keg8h~B^ntYsh6xjKHnI(Dv+G5%E~q4l zD98%Fj9soB3ot_Z{bTq1kAun9t-5CL()D!LxJ28co_5|(Jwlnl_B^#4HR=&!(L{;* z-3gO}l;Ttj|A{Dp9~FBmJ?LqxlO!ap@PKnz3-l%>uxl2(@-2D^+4i4Ehr?DYe5`uB zi9AVtX8?SJgu@(>{CH^djm`E@rx4y7GOm5>Vh}lBYrRiMZQ%F*9o67%mT?=*JjR!x z1ziYjuybrF%-c??N+T;@?~mU4ote_7>TDcV=u8bQk!>}5NV&l*mxf>hOyqc5Gn8>u z&18CZ7Nz3{!AcuR3vA_-1^tqdmRlRmVyoJ?i}HN+v{m7kCCBWJy56p3D-1D@9o}5e zV$s85OmtkCXGgD;IrzOAvq$r9zx|k4Zbb!tylG6t-qbDs%ZB6EdP9(3z}mvW(#r0i z6L<|3TqX1u|3pnrAnTLK&KZyri4cN?t2@Qw(g}=kJq<9pKxD39;Iu8HGq+Tz}oSR z0P~Q#c~;=`K;TDct74FR40!a&(RwUtEAtI+?E3>EJQ{EXp{qPg7{852DD9p>Pln4p z1y*g~3Ak+ZzrRF!4rF>QL`sK^Jf)|jgBLYoZBCd|8f9|4s(D!uv$ouwHgwR^8P2cX z-Ze6^td_4Cn%^HwJ%0WO`jWfzL!|a74S%*|A1rnxuPHlEYL+^uT6(Yo4*e8YJ9TU& zc^poZn@b9Z0h$gTD~LkcK`yCwK2VZUU-dygH(_3a#%wJIpHM_o8

6cZ}6G2~WIl zPSH+@4jW;qH=edubc|D1)t`mx{TlJGUPw=|{p=!R!OZ75O4T9-Dild4nsD?(hW#-! zsk1WYtRGvRqjh+*6+^F}7oWdpRHnEtqD-VYC|VxXHJvDDV(r{B&=jd@)2cd(r7I2B zxR7{$bx=3HGJ8_}Y}0ChX%5{(GVa1fPVfRdYVU^zESU)Ul;Kh=pThCcPfVUDp_YbB zs@?QF3ujCOyCU?%;xIcc(2gt1C>32(7))mX3zVqEiwGOjMy_wU;aEW1-=7UT-bT$o z+!jc=I>M3qzWaxMkVt-Es$FeZ|bZ{E6clHFHL2m zThYU{mXmO@%hy3XoVgWH@=!l}PFyqXW>)lpr9N8-n&4;fI$(pXWz8bH+`ymm6=a{t3I+6%@)*flha&OhbY!hZhnt#);g6gd660 zb7~@^z%Iyw9NXKAdGr&abZ5|SoA~^dq|)J3%an5P}Y>=FMB_;tLz<$YLc|Xqf8;XZ{yAH;2ntE zlC$j(YWR-z8kT?Kmcur!Dl{uwCR}Z`f`v-IVS$^FwmX4f5bF zmm5dC2jb@9=3~w|KiSYJ5rMWVh2WM_@|Nj{4euk;UptgERo0Bxw<_uWZN*6b_mz^8 zy{W}N5}TjWABl||cEkYdy;!57I$Lh+u3kc%-U%e!&Ybde$h$B&c{fzVg9+WPq{IxR zd!iRGod;Qm(qNDM?6RGRuZ`o0VlbriI%9_Et#1kK?3m^9me+b6G=Wb@1XX1#P*1qG zAE)eQ6HRm4Myvnb3VL^mbbuX>RnTZlIONJ)WguCl`dp>A626m-N-sC0T(h=9B=y{C z(!t^~3#U<~cCqbko;L^n>W)Q7bC+(w3CpyR^eF9p+0M*B=C{IAXCAvJ=4xEc?tC~` zW4iteYZNPT4P|7FB5PYnAEDt*B%EfzX<23Ps9_g%_3%h-4-aeK(_UQumloC1v!oOy z5A*coC(d>EN(CnFy3u;-U9|No?x^Orz4FF6tIxunwUQLw(h_wV*xZlaZD9H#*46&_ ziUQc;JjHDd<2U?{Fnj(2$XkTmOY#Z!m{coqwve_eS~n=QnFT%AQ=P;HvfJRC zVT*3YdSAV2`Fr={8o)~`ywhEx#cNKrCu+qLO^%b#r(-x_wQ!@>+G=CKTlyh0p4;EA zf_7faB~t{?0wH#@jDH@g5hq9{#B0{5iMlx~1{HdxVdDUN?m&A^GuV z!@*FerlV(9hrVPHCAMleCUqO@Ip6|n?q_YV6u69>?9VVSDG9-?>X^8b9eyHSElV6g{G3RaaP^ z<`Bk+F*4)1+V%{%2(kYtpkL0~XB#I>V$<<>_j##+rF$cO8$Z*9`4tnjoj5x9*((i3 zzO{EHeZtN<;{}556>8}y1#5tXda@se5bHC74=Z`#In@xW;I@ciUlhoXo9^$LVZ*3n z5(JYu1Tn1S{5bK0TC$3Eg=+#mI_U*lk{STBK77pB2J^$99Wi9WzVD_g|vme~0}iQSdM4UzX!V_4fWR*uP1He`omR{ZIYzFD39F_A9XC+wqsi z_U{nCbisevFGSMY@!wUse~0{~68^(}A^YBr|Bn2n0scGmFU{~D_6vRUcKjXvOF{g1 z48Ih_f7mYu>bFk!KQa76Py9R4?|R~YQssCV{yov}>f+ytf0qOON&Na&KL5=({14)w z-?@L6!u-jt^S0pr-?{%?81p;#?`!fuxzmyUJMOf6)In zm-s!-??aD2<0KILpW^(_5yEwSZ$tgwasN*Id%yK3@h0)#690$p>v!(o jOPxQtyD0va``-#5SqaFuQSPtYh79uXmT@3ye|`FY2wF4p literal 0 HcmV?d00001 diff --git a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java index 0ddd235..db918b9 100644 --- a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java +++ b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java @@ -86,6 +86,7 @@ import java.nio.charset.StandardCharsets; import java.util.Base64; import com.kjbank.encrypt.exchange.crypto.AES256Cipher; import com.kjbank.encrypt.exchange.crypto.AESCipher; +import com.nimbusds.jwt.SignedJWT; import com.kjbank.encrypt.exchange.crypto.AES256GCMCipher; import com.eactive.eai.authserver.service.OAuth2Manager; @@ -114,6 +115,11 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp public static final String HTTP_STATUS = "HTTP_STATUS"; public static final String HEADER_KEYS = "HEADER_KEYS"; public static final String AUTH_TOKEN = "AUTH_TOKEN"; + + public static final String PAYLOAD_PARAM_NAME_CLIENT_ID = "client_id"; // jwhong + + private boolean useAdapterToken; + private boolean encryptResponseApply; /** * 1. 기능 : REST API 통신에 사용
@@ -144,7 +150,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp String headerGroupName = prop.getProperty(HEADER_GROUP); String relayResponseHeaderKeys = prop.getProperty(HEADER_KEYS, ""); - boolean useAdapterToken = StringUtils.equalsIgnoreCase(prop.getProperty("ADAPTER_TOKEN_USE_YN", "N"), "Y"); + useAdapterToken = StringUtils.equalsIgnoreCase(prop.getProperty("ADAPTER_TOKEN_USE_YN", "N"), "Y"); boolean useForwardProxy = StringUtils.equalsIgnoreCase(prop.getProperty("FORWARD_PROXY_USE_YN", "N"), "Y"); String forwardProxyUrl = prop.getProperty("FORWARD_PROXY_URL"); @@ -157,6 +163,9 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp // 레이아웃 메시지 타입 REST URL 추출 시 활용. Default JSON String messageType = prop.getProperty("MESSAGE_TYPE", MessageType.JSON); String inboundMethod = tempProp.getProperty(HttpAdapterServiceKey.INBOUND_METHOD, "POST"); + + //Outbound 요청에 대한 응답 메시지의 복호화 여부 결정위해 + encryptResponseApply = StringUtils.equalsIgnoreCase(prop.getProperty("ENCRYPT_RESPONSE_APPLY", "N"), "Y"); /** * @formatter:off @@ -287,6 +296,51 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp requestConfigBuilder.setProxy(proxy); } + // OAuth2AccessToken check 부분을 뒤에서 여기로 위치를 옮김, 나이스지키미 암호화 KEY를 얻기 위해서. JWHONG + OAuth2AccessTokenVO accessToken = null; + String auth =""; + if (useAdapterToken) { + AccessTokenManagerByDB tokenManager = AccessTokenManagerByDB.getInstance(); + accessToken = (OAuth2AccessTokenVO) tokenManager.getAccessTokenVO(vo.getAdapterGroupName()); + + // 토큰이 없거나 만료 됐으면 재발급 + if (accessToken == null || accessToken.isExpired()) { + String oldToken = accessToken == null ? null : accessToken.getAccessToken(); + accessToken = (OAuth2AccessTokenVO) tokenManager.retryAccessTokenVO(vo.getAdapterGroupName(), prop, + oldToken); + } + + if (logger.isDebug()) { + logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() + ") TOKEN = [" + + accessToken + "]"); + } + + Properties properties = AdapterPropManager.getInstance().getProperties(vo.getAdapterName()); // jwhong + String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong + if (useAdapterToken && "AES256-NICEON".equals(encryptAlgorithm)) { + String niceToken = accessToken.getAccessToken(); + String clientId = JwtClientIdExtractor(niceToken); + long currentTime = System.currentTimeMillis(); + auth = niceToken + ":" + currentTime + ":" + clientId ; + auth = Base64.getEncoder().encodeToString(auth.getBytes("UTF-8")); + + setNiceOnAuthHeaders(method, auth); + } else { + setAuthHeaders(method, accessToken); // 원래 있던 logic + } + + + if (logger.isDebug()) { + logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() + + ") RequestHeader [Authorization=" + method.getHeader("Authorization") + "]"); + } + } + + if(!StringUtils.isBlank(authToken)) { + setAuthHeaders(method, authToken); + } + // 여기 까지 + configureHttpClient(requestConfigBuilder, vo, method); switch (HttpMethodType.getValue(rmethod)) { @@ -311,7 +365,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp case POST: // assignPostBody(dataObject, contentType, vo.getEncode(), method); //assignPostBody(dataContent, contentType, vo.getEncode(), method); // jwhong commnet - assignPostBody(dataContent, contentType, vo.getEncode(), method, vo.getAdapterName()); + assignPostBody(dataContent, contentType, vo.getEncode(), method, vo.getAdapterName(), auth); break; default: break; @@ -322,39 +376,12 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp + method.getEntity() + "] "); } - OAuth2AccessTokenVO accessToken = null; - if (useAdapterToken) { - AccessTokenManagerByDB tokenManager = AccessTokenManagerByDB.getInstance(); - accessToken = (OAuth2AccessTokenVO) tokenManager.getAccessTokenVO(vo.getAdapterGroupName()); - - // 토큰이 없거나 만료 됐으면 재발급 - if (accessToken == null || accessToken.isExpired()) { - String oldToken = accessToken == null ? null : accessToken.getAccessToken(); - accessToken = (OAuth2AccessTokenVO) tokenManager.retryAccessTokenVO(vo.getAdapterGroupName(), prop, - oldToken); - } - - if (logger.isDebug()) { - logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() + ") TOKEN = [" - + accessToken + "]"); - } - - setAuthHeaders(method, accessToken); - - if (logger.isDebug()) { - logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() - + ") RequestHeader [Authorization=" + method.getHeader("Authorization") + "]"); - } - } - - if(!StringUtils.isBlank(authToken)) { - setAuthHeaders(method, authToken); - } + // OAuth2AccessToken 원래 있던 위치 JWHONG // 전달 header 셋팅 // Adapter 레벨 header 보다 data로 넘어온 httpHeader를 우선 적용(header명이 같다면 덮어씀) assignRequestHeaders(method, httpHeader); - + int status = -1; try { @@ -396,7 +423,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp // encrypt algorithm type 추출 from adapter property jwhong Properties properties = AdapterPropManager.getInstance().getProperties(vo.getAdapterName()); // jwhong String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong - String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); // jwhong try { if (logger.isDebug()) { @@ -414,7 +440,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp responseMessageOri = EntityUtils.toByteArray(response.getEntity()); System.out.println("responseMessageOri 바이트 배열 길이: " + responseMessageOri.length); - responseMessage = doOutboundPostFilter(responseMessageOri, encryptAlgorithm, vo.getAdapterName()); // jwhong + responseMessage = doOutboundPostFilter(responseMessageOri, encryptAlgorithm, vo.getAdapterName(), accessToken); // jwhong // 여기까지 responseHeaders = response.getHeaders(); @@ -682,6 +708,37 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp method.setHeader("Authorization", String.format("%s %s", AccessTokenVO.BEARER_TYPE, accessToken.getAccessToken())); } + + /* nice on 나이스 지키미 용으로 생성함 + * jwhong 2015-11-04 + */ + private void setNiceOnAuthHeaders(HttpUriRequestBase method, String auth) throws Exception { + method.setHeader("Authorization", + String.format("%s %s", AccessTokenVO.BEARER_TYPE, auth)); // 나이스지키미 format임 + method.setHeader("ProductID", "2303345072"); + //method.setHeader("Authorization", + // String.format("%s %s", AccessTokenVO.BEARER_TYPE, accessToken.getAccessToken())); + } + + /* nice clientid 추출을 위하여 추가한 내용임. jwhong + * + */ + private String JwtClientIdExtractor(String inboundToken) { + + String tokenClientId =""; + try { + SignedJWT signedJWT = SignedJWT.parse(inboundToken); + tokenClientId = (String) signedJWT.getJWTClaimsSet().getClaim(PAYLOAD_PARAM_NAME_CLIENT_ID); + } catch (Exception e) { + logger.error(e.getMessage()); + tokenClientId = ""; + } + + System.out.println("Token Client ID: " + tokenClientId); + return tokenClientId; + + } + private boolean checkTokenRetry(byte[] responseMessage, String tokenErrorCodeKey, String tokenErrorCodeValues, String encode) { @@ -737,7 +794,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp } @SuppressWarnings("deprecation") - private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method, String adapterName) { + private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method, String adapterName, String niceAuth) { if (eaiBody == null) { return; } @@ -758,7 +815,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp } else { ContentType contentTypeObj = ContentType.create(contentType, charset); - String eaiBodyMessage = doOutboundPreFilter(eaiBody,adapterName); // jwhong + String eaiBodyMessage = doOutboundPreFilter(eaiBody, adapterName, niceAuth); // jwhong StringEntity entity = new StringEntity(eaiBodyMessage, contentTypeObj); // 요청 본문을 StringEntity 객체로 생성 //StringEntity entity = new StringEntity(eaiBody.toString(), contentTypeObj); @@ -768,12 +825,15 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp } } - private String doOutboundPreFilter(Object eaiBody, String adapterName) { + // from here by jwhong + private String doOutboundPreFilter(Object eaiBody, String adapterName, String niceAuth) { Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong - String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); + //String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID"); + String encryptAES256Iv = properties.getProperty("ENCRYPT_AES256_IV"); + String encryptAES256Key = properties.getProperty("ENCRYPT_AES256_KEY"); // outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다. // 참고로 inbound encrypt 에는 Token 또는 SecretKey 가 암호화 key로 사용된다. @@ -781,19 +841,30 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp OAuth2Manager manager = OAuth2Manager.getInstance(); ClientDetails clientDetail = manager.getClientDeatilsStore().get(encryptClientId); String clientSecret = ""; - if ( clientDetail != null ) { + if ( clientDetail != null ) { // not null 이라는 것은 APIM Oauth Server에 등록된 client ID 이다. + // 이건 KJBank로 Outbound 나가는 것임 clientSecret = clientDetail.getClientSecret(); + } else { // 그럼 업체로 Outbound 나가는것은, 업체에서 사용하는 secretkey를 사용한다. + clientSecret = encryptClientId; + } + + // Nice-auth , token 값을 substring 해서 사용한다. 나이스 지키미는 adapter token에서 추출된 token을 사용한다. + if (useAdapterToken && "AES256-NICEON".equals(encryptAlgorithm)) { + clientSecret = niceAuth; } // 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다. - String responseMessage = doOutboundPreEncrypt(eaiBody, encryptAlgorithm, clientSecret); + String responseMessage = doOutboundPreEncrypt(eaiBody, encryptAlgorithm, clientSecret, encryptAES256Iv, encryptAES256Key); return responseMessage; } - private String doOutboundPreEncrypt(Object eaiBody, String encryptAlgorithm, String clientSecretKey) { + private String doOutboundPreEncrypt(Object eaiBody, String encryptAlgorithm, String clientSecretKey, String encryptAES256Iv, String encryptAES256Key ) { String encryptedMessage = ""; + String encryptedJsonKey = ""; + + encryptedJsonKey = getJsonKey(encryptAlgorithm); switch (encryptAlgorithm) { case "AES": @@ -818,12 +889,33 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp } break; case "AES256": - //AES256Cipher aes256Cipher = new AES256Cipher(); try { - //String cleintSecretKey="BxnZ4wpIrTSw8fAkMuF3lYIGZySl1vl47jrErPpGWbAH7uUBeVsJ77njNUrnkAdHJ5fKbNqbiNIE6qCAJ8KfxYJMmbZZrsXCwNMUFooRUcsyRfcDd80h9v490UO4YoQB"; String key = clientSecretKey.substring(10,42); - //String key = "0123456789abcdefghij0123456789ab"; - //encryptedMessage= aes256Cipher.encrypt(eaiBody.toString(), key); + encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), key); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage()); + } + break; + case "AES256-KAKAO": + try { + encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), encryptAES256Iv, encryptAES256Key); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage()); + } + break; + case "AES256-TOSS": + try { + encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), encryptAES256Iv, encryptAES256Key); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage()); + } + break; + case "AES256-NICEON": + try { + String key = clientSecretKey.substring(10,42); encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), key); } catch (Exception e) { e.printStackTrace(); @@ -844,18 +936,31 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp break; default: encryptedMessage = eaiBody.toString(); - break; + return encryptedMessage; + //break; } - return encryptedMessage; + + Map map = new HashMap<>(); + map.put(encryptedJsonKey, encryptedMessage); + JSONObject json = new JSONObject(); + json.putAll(map); + return json.toJSONString(); + //return encryptedMessage; } - private byte[] doOutboundPostFilter(byte[] eaiBody, String decryptAlgorithm, String adapterName) { + private byte[] doOutboundPostFilter(byte[] eaiBody, String decryptAlgorithm, String adapterName, OAuth2AccessTokenVO niceAccessToken ) { + + if ( !encryptResponseApply) { + return eaiBody; + } Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong - String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong - String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); + //String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong + //String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID"); + String encryptAES256Iv = properties.getProperty("ENCRYPT_AES256_IV"); + String encryptAES256Key = properties.getProperty("ENCRYPT_AES256_KEY"); // outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다. OAuth2Manager manager = OAuth2Manager.getInstance(); @@ -863,18 +968,26 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp String clientSecret = ""; if ( clientDetail != null ) { clientSecret = clientDetail.getClientSecret(); + } else { + clientSecret = encryptClientId; } - // 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다. - byte[] resPostMessage = doOutboundPostDecrypt(eaiBody, decryptAlgorithm, clientSecret); + // Nice-auth , token 값을 substring 해서 사용한다. 나이스 지키미는 adapter token에서 추출된 token을 사용한다. + if (useAdapterToken && "AES256-NICEON".equals(decryptAlgorithm)) { + clientSecret = niceAccessToken.getAccessToken(); + } + + byte[] resPostMessage = doOutboundPostDecrypt(eaiBody, decryptAlgorithm, clientSecret, encryptAES256Iv, encryptAES256Key); return resPostMessage; } - private byte[] doOutboundPostDecrypt(byte[] eaiBody, String decryptAlgorithm, String clientSecretKey) { + private byte[] doOutboundPostDecrypt(byte[] eaiBody, String decryptAlgorithm, String clientSecretKey, String encryptAES256Iv, String encryptAES256Key ) { byte[] decryptedMessage = null; String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8); + eaiStringBody = extractBodyMsg(decryptAlgorithm, eaiStringBody); + //test source System.out.println("eaiBody 바이트 배열 길이: " + eaiBody.length); System.out.println("Base64 문자열: " + eaiStringBody); @@ -897,7 +1010,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp case "AES128-TOSS": try { String key128 = clientSecretKey.substring(22,38); - //String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128); String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128); decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8); } catch (Exception e) { @@ -908,7 +1020,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp case "AES128-TOGETHER": try { String key128 = clientSecretKey.substring(44,60); - //String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128); String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128); decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8); } catch (Exception e) { @@ -926,6 +1037,34 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage()); } break; + case "AES256-KAKAO": + try { + String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, encryptAES256Iv, encryptAES256Key); + decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage()); + } + break; + case "AES256-TOSS": + try { + String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, encryptAES256Iv, encryptAES256Key); + decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage()); + } + break; + case "AES256-NICEON": + try { + String key = clientSecretKey.substring(10,42); + String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, key); + decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage()); + } + break; case "AES256GCM": try { byte[] key = AES256GCMCipher.generateKey(); @@ -952,6 +1091,56 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp } + private String extractBodyMsg(String decryptAlgorithm, String eaiStringBody) { + + String decryptedJsonKey = ""; + String decryptedBodyMessage = ""; + + decryptedJsonKey = getJsonKey(decryptAlgorithm); + + try { + JSONParser parser = new JSONParser(); + JSONObject jsonObject = (JSONObject) parser.parse(eaiStringBody); + decryptedBodyMessage = (String) jsonObject.get(decryptedJsonKey); + } catch (Exception e) { + e.printStackTrace(); + logger.error("HttpClient5AdapterServiceRest] extractBodyMsg error : " + e.getMessage()); + } + + return decryptedBodyMessage; + + } + + private String getJsonKey(String Algorithm) { + + String jsonKey = ""; + + switch (Algorithm) { + case "AES128-TOSS": + jsonKey = "preScreeningRequest"; + break; + case "AES128-TOGETHER": + jsonKey = "obpTxData"; + break; + case "AES256": + jsonKey = "preScreeningRequest"; + break; + case "AES256-KAKAO": + jsonKey = "encrypted_data"; + break; + case "AES256-TOSS": + jsonKey = "encryptedData"; + break; + case "AES256-NICEON": + jsonKey = "preScreeningRequest"; + break; + case "AES256GCM": + break; + default: + break; + } + return jsonKey; + } // by jwhong private String encrypt(String plainText) { try { diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/HttpAdapterServiceKey.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/HttpAdapterServiceKey.java index f83d8f3..a989dfd 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/HttpAdapterServiceKey.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/HttpAdapterServiceKey.java @@ -75,6 +75,8 @@ public interface HttpAdapterServiceKey { static final String ENCRYPT_ALGORITHM = "ENCRYPT_ALGORITHM"; //jwhong static final String INBOUND_TOKEN = "authorization"; // jwhong static final String ENCRYPT_BASE_TYPE = "ENCRYPT_BASE_TYPE"; // jwhong + static final String ENCRYPT_AES256_IV = "ENCRYPT_AES256_IV"; // jwhong + static final String ENCRYPT_AES256_KEY = "ENCRYPT_AES256_KEY"; // jwhong //응답 처리 용 표준 전문 오브젝트 static final String STANDARD_MESSAGE_OBJECT = "STANDARD_MESSAGE_OBJECT"; diff --git a/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithBase64Header.java b/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithBase64Header.java index c1aef65..6316890 100644 --- a/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithBase64Header.java +++ b/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithBase64Header.java @@ -96,7 +96,8 @@ public class HttpClientAccessTokenServiceWithBase64Header implements HttpClientA if (!UrlUtils.isAbsoluteUrl(uri)) { uri = appendPath(adapterUrl, uri); } - String contentType = "application/json;"; + //String contentType = "application/json;"; // comment by jwhong + String contentType = "application/x-www-form-urlencoded"; // 광주은행 나이스지키미 Charset charset; if (StringUtils.isNotBlank(encode)) { diff --git a/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithParam.java b/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithParam.java index 3772406..45e7c60 100644 --- a/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithParam.java +++ b/src/main/java/com/eactive/eai/authoutbound/client/impl/HttpClientAccessTokenServiceWithParam.java @@ -51,7 +51,7 @@ import com.openbanking.eai.common.token.AccessTokenVO; import com.openbanking.eai.common.token.OAuth2AccessTokenVO; import org.springframework.security.web.util.UrlUtils; -/** +/** * 1. 기능 : HTTP 웹 컴포넌트를 POST 방식으로 호출할 수 있는 기능을 제공한다. 2. 처리 개요 : * - 2009.11.24 * retry 로직 제거 : 요청 3. 주의사항 * @@ -224,17 +224,20 @@ public class HttpClientAccessTokenServiceWithParam implements HttpClientAccessTo logger.debug("contentType = [" + contentType + "]"); logger.debug("encode = [" + encode + "]"); + OAuth2AccessTokenVO accessToken = new OAuth2AccessTokenVO(); try (CloseableHttpResponse response = httpClient.execute(httpPost)) { if (response.getCode() != 200) { + System.out.println("OAuth token receive status fail value= "+ response.getCode()); throw new Exception("OAuth token receive status fail value= " + response.getCode()); } + System.out.println("OAuth token receive status SUCCESS value= "+ response.getCode()); HttpEntity entity = response.getEntity(); String responseString = EntityUtils.toString(entity, encode); logger.debug("oauthToken RECV = [" + responseString + "]"); if (StringUtils.isNotBlank(responseString)) { - OAuth2AccessTokenVO accessToken = new OAuth2AccessTokenVO(); + //OAuth2AccessTokenVO accessToken = new OAuth2AccessTokenVO(); ObjectMapper objectMapper = new ObjectMapper(); JsonNode responseJSON = objectMapper.readTree(responseString); @@ -259,6 +262,10 @@ public class HttpClientAccessTokenServiceWithParam implements HttpClientAccessTo } else { throw new Exception("oauth token return null"); } + } catch (Exception e) { + e.printStackTrace(); + logger.error("[HttpClientAccessTokenServiceWithParam] retrieve accessToken exception :" + e.getMessage()); + return accessToken; } } } diff --git a/src/main/java/com/eactive/eai/common/logger/EAILogDAO.java b/src/main/java/com/eactive/eai/common/logger/EAILogDAO.java index ae79af9..4dfc052 100644 --- a/src/main/java/com/eactive/eai/common/logger/EAILogDAO.java +++ b/src/main/java/com/eactive/eai/common/logger/EAILogDAO.java @@ -57,6 +57,10 @@ import com.eactive.eai.transformer.transform.Transform; import com.eactive.eai.transformer.transform.TransformManager; import com.eactive.eai.util.HexaConverter; import com.ext.eai.common.stdmessage.STDMessageKeys; +// safeDB +import com.eactive.ext.kjb.safedb.KjbSafedbWrapper; +import com.eactive.ext.kjb.safedb.Utils; +// until here @Service @@ -452,6 +456,7 @@ public class EAILogDAO { } // 암호화 + /* Charset hexaCharset = Charset.forName("euc-kr"); if ("Y".equalsIgnoreCase(EncryptionManager.getInstance().getEncryptYN())) { try { @@ -471,20 +476,22 @@ public class EAILogDAO { } } else { biz = bizMsgStr; - } + } + */ // jwhong safeDB 암호화 - /* + if ("Y".equalsIgnoreCase(EncryptionManager.getInstance().getEncryptYN())) { try { biz = EncryptSafeDb(bizMsgStr); } catch (Exception e) { logger.error("EAIFileLogger] bizMsgStr encryption Error - " + e.getMessage()); + biz = bizMsgStr; } } else { biz = bizMsgStr; } - */ + // jwhong safeDB end // 임시코드 시작 @@ -855,12 +862,121 @@ public class EAILogDAO { return false; } + + private String EncryptSafeDb(String attribute) { + String originalAttribute = attribute; + if (StringUtils.isNotEmpty(attribute)) { + KjbSafedbWrapper wrapper = KjbSafedbWrapper.getInstance(); + attribute = wrapper.encryptNotRnnoString(attribute); + + if (logger.isInfo()) { + // originalAttribute 홀수 글자 마스킹 + StringBuilder sb = new StringBuilder(); + for (int i = 0; i < originalAttribute.length(); i++) { + if (i % 2 == 0) { + sb.append(originalAttribute.charAt(i)); + } else { + sb.append("*"); + } + } + originalAttribute = sb.toString(); + System.out.println("DB 암호화 #2 : {"+ originalAttribute +"} -> {"+attribute+"}"); + //logger.debug("DB 암호화 #2 : {} -> {}", originalAttribute, attribute); + } + } + return attribute; + + } + + public String DecryptSafeDb(String dbData) { + + String dbDataOriginal = dbData; + if (StringUtils.isNotEmpty(dbData)) { + if (this.isEncrypted(dbData)) { + KjbSafedbWrapper safeDBWrapper = KjbSafedbWrapper.getInstance(); + try { + dbData = safeDBWrapper.decryptNotRnno(dbData); + } catch (Exception e) { + // 복호화 실패시 원본 반환 + String logData = dbData.length() <= 3 ? dbData : dbData.substring(0, 3) + "..."; + logger.warn("DB 복호화 실패: 복호화하지 않고 원본 반환. dbData={} (Length : {})", logData, dbData.length()); + return dbData; + } + } else { + logger.debug("DB 복호화 경고: Base64 형식이 아님. 복호화하지 않고 원본 반환. dbData={}", dbData); + } + } + + //logger.debug("DB 복호화 #2 : {} -> {}", dbDataOriginal, dbData); + + return dbData; + } + + /** + * 암호화 여부 확인(base64 인코딩 여부로 판단, 또는 0-9, - 로 구성된 경우 암호화 되지 않은 걸로 판단(연락처)) + * @param data + * @return + */ + private boolean isEncrypted(String data) { + if (StringUtils.isEmpty(data)) { + return false; + } + + // 숫자, - 로만 구성된 경우 암호화 되지 않은 걸로 판단 (ex: 연락처) + if (data.matches("^[0-9-]+$")) { + return false; + } + + data = data.trim(); + + // Base64 형식 체크 + if (!Utils.isBase64(data)) { + return false; + } + + // Base64 길이 체크 (4의 배수) + if (data.length() % 4 != 0) { + return false; + } + + + return true; + } + + + /* private String EncryptSafeDb(String msg) { PropManager propManager = PropManager.getInstance(); String safeDbPath = propManager.getProperty("SafeDB","safedb.path"); - return "this is a message"; + + SimpleSafeDB safedb = SimpleSafeDB.getInstance(); + boolean loginResult = false; + if(!safedb.login()) { + loginResult = safedb.getSafeDBConfigMgr().isLoginCheck(); + } + + String userName = "SAFEDB"; + String tableName = "SAFEDB.POLICY"; + String columnName1 = "bzwkdatactnt"; + + byte[] byteMsg = msg.getBytes(StandardCharsets.UTF_8); + byte[] encryptedBytes1 = null; + + try { + encryptedBytes1 = safedb.encrypt(userName, tableName, columnName1, byteMsg); + System.out.println("Encrypted Data : [" + new String(encryptedBytes1) + "]"); + + byte[] decryptedBytes1 = safedb.decrypt(userName, tableName, columnName1, encryptedBytes1); + + } catch (SafeDBSDKException e) { + e.printStackTrace(); + + } + + String encryptedMsg = new String(encryptedBytes1, StandardCharsets.UTF_8); + return encryptedMsg; } - - + */ + } diff --git a/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java b/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java index eb38a42..0aba908 100644 --- a/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java +++ b/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java @@ -53,6 +53,10 @@ import com.eactive.eai.message.parser.StandardReader; import com.eactive.eai.message.service.InterfaceMapper; import com.eactive.eai.util.SimHeaderUtil; import com.ext.eai.common.stdmessage.STDMessageKeys; + +import org.json.simple.JSONObject; +import java.util.HashMap; +import java.util.Map; //import org.apache.commons.lang3.StringUtils; //import org.springframework.http.HttpStatus; @@ -1297,7 +1301,15 @@ public class RequestProcessor extends RequestProcessorSupport { } else { // 비동기 거래, S-A의 응답거래시에는 NULL을 리턴 - return null; + //return null; // 원래 null return 인데 광주은행은 GUID를 Return 해 달라고 해서 수정함 jwhong + //map.put("guid", guid); + + Map map = new HashMap<>(); + map.put("uuid", vo.getUuid()); + JSONObject json = new JSONObject(map); + //return json.toJSONString(); + + return vo.getUuid(); } }