Merge branch 'jenkins_with_weblogic' of ssh://git@192.168.240.178:18081/eapim/elink-online-common.git into jenkins_with_weblogic
This commit is contained in:
+15
-6
@@ -15,6 +15,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
import com.eactive.eai.adapter.http.HttpMethodType;
|
||||
import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey;
|
||||
import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceSupport;
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
@@ -43,8 +44,7 @@ public class HmacSha256VerifyFilterKjb implements HttpAdapterFilter {
|
||||
String xObpSignatureUrl = request.getHeader("x-obp-signature-url");
|
||||
String xObpSignatureBody = request.getHeader("x-obp-signature-body");
|
||||
if (StringUtils.isBlank(xObpPartnercode)
|
||||
|| StringUtils.isBlank(xObpSignatureUrl)
|
||||
|| StringUtils.isBlank(xObpSignatureBody)) {
|
||||
|| StringUtils.isBlank(xObpSignatureUrl)) {
|
||||
throw new JwtAuthException(
|
||||
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
|
||||
"Can not find mandatory Http Header");
|
||||
@@ -67,10 +67,19 @@ public class HmacSha256VerifyFilterKjb implements HttpAdapterFilter {
|
||||
"Signature verifying failed : x-obp-signature-url");
|
||||
}
|
||||
|
||||
if (!StringUtils.equals(xObpSignatureBody, macBody)) {
|
||||
throw new JwtAuthException(
|
||||
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
|
||||
"Signature verifying failed : x-obp-signature-body");
|
||||
switch (HttpMethodType.getValue(request.getMethod())) {
|
||||
case GET:
|
||||
case DELETE:
|
||||
break;
|
||||
default:
|
||||
if (StringUtils.isNotBlank(inboundBody) && !StringUtils.equals("{}", inboundBody)) {
|
||||
if (!StringUtils.equals(xObpSignatureBody, macBody)) {
|
||||
throw new JwtAuthException(
|
||||
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
|
||||
"Signature verifying failed : x-obp-signature-body");
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
} catch (JwtAuthException e) {
|
||||
|
||||
Reference in New Issue
Block a user