|
|
|
@@ -86,8 +86,10 @@ import java.nio.charset.StandardCharsets;
|
|
|
|
|
import java.util.Base64;
|
|
|
|
|
import com.kjbank.encrypt.exchange.crypto.AES256Cipher;
|
|
|
|
|
import com.kjbank.encrypt.exchange.crypto.AESCipher;
|
|
|
|
|
import com.nimbusds.jwt.SignedJWT;
|
|
|
|
|
import com.kjbank.encrypt.exchange.crypto.AES256GCMCipher;
|
|
|
|
|
import com.eactive.eai.authserver.service.OAuth2Manager;
|
|
|
|
|
import java.util.Set;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
@@ -115,6 +117,11 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
public static final String HEADER_KEYS = "HEADER_KEYS";
|
|
|
|
|
public static final String AUTH_TOKEN = "AUTH_TOKEN";
|
|
|
|
|
|
|
|
|
|
public static final String PAYLOAD_PARAM_NAME_CLIENT_ID = "client_id"; // jwhong
|
|
|
|
|
|
|
|
|
|
private boolean useAdapterToken;
|
|
|
|
|
private boolean encryptResponseApply;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 1. 기능 : REST API 통신에 사용 <br>
|
|
|
|
|
* 2. 처리 개요 : - 속성 정보를 설정 하고 수동 시스템 서비스를 호출 한다. <br>
|
|
|
|
@@ -144,7 +151,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
|
|
|
|
|
String headerGroupName = prop.getProperty(HEADER_GROUP);
|
|
|
|
|
String relayResponseHeaderKeys = prop.getProperty(HEADER_KEYS, "");
|
|
|
|
|
boolean useAdapterToken = StringUtils.equalsIgnoreCase(prop.getProperty("ADAPTER_TOKEN_USE_YN", "N"), "Y");
|
|
|
|
|
useAdapterToken = StringUtils.equalsIgnoreCase(prop.getProperty("ADAPTER_TOKEN_USE_YN", "N"), "Y");
|
|
|
|
|
|
|
|
|
|
boolean useForwardProxy = StringUtils.equalsIgnoreCase(prop.getProperty("FORWARD_PROXY_USE_YN", "N"), "Y");
|
|
|
|
|
String forwardProxyUrl = prop.getProperty("FORWARD_PROXY_URL");
|
|
|
|
@@ -158,6 +165,9 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
String messageType = prop.getProperty("MESSAGE_TYPE", MessageType.JSON);
|
|
|
|
|
String inboundMethod = tempProp.getProperty(HttpAdapterServiceKey.INBOUND_METHOD, "POST");
|
|
|
|
|
|
|
|
|
|
//Outbound 요청에 대한 응답 메시지의 복호화 여부 결정위해 jwhong
|
|
|
|
|
encryptResponseApply = StringUtils.equalsIgnoreCase(prop.getProperty("ENCRYPT_RESPONSE_APPLY", "N"), "Y");
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @formatter:off
|
|
|
|
|
* TSEAIHE02.RESTOPTION 정보 => JSON 형태로 구성
|
|
|
|
@@ -287,6 +297,51 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
requestConfigBuilder.setProxy(proxy);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// OAuth2AccessToken check 부분을 뒤에서 여기로 위치를 옮김, 나이스지키미 암호화 KEY를 얻기 위해서. JWHONG
|
|
|
|
|
OAuth2AccessTokenVO accessToken = null;
|
|
|
|
|
String auth ="";
|
|
|
|
|
if (useAdapterToken) {
|
|
|
|
|
AccessTokenManagerByDB tokenManager = AccessTokenManagerByDB.getInstance();
|
|
|
|
|
accessToken = (OAuth2AccessTokenVO) tokenManager.getAccessTokenVO(vo.getAdapterGroupName());
|
|
|
|
|
|
|
|
|
|
// 토큰이 없거나 만료 됐으면 재발급
|
|
|
|
|
if (accessToken == null || accessToken.isExpired()) {
|
|
|
|
|
String oldToken = accessToken == null ? null : accessToken.getAccessToken();
|
|
|
|
|
accessToken = (OAuth2AccessTokenVO) tokenManager.retryAccessTokenVO(vo.getAdapterGroupName(), prop,
|
|
|
|
|
oldToken);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (logger.isDebug()) {
|
|
|
|
|
logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() + ") TOKEN = ["
|
|
|
|
|
+ accessToken + "]");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Properties properties = AdapterPropManager.getInstance().getProperties(vo.getAdapterName()); // jwhong
|
|
|
|
|
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
|
|
|
|
if (useAdapterToken && "AES256-NICEON".equals(encryptAlgorithm)) {
|
|
|
|
|
String niceToken = accessToken.getAccessToken();
|
|
|
|
|
String clientId = JwtClientIdExtractor(niceToken);
|
|
|
|
|
long currentTime = System.currentTimeMillis();
|
|
|
|
|
auth = niceToken + ":" + currentTime + ":" + clientId ;
|
|
|
|
|
auth = Base64.getEncoder().encodeToString(auth.getBytes("UTF-8"));
|
|
|
|
|
|
|
|
|
|
setNiceOnAuthHeaders(method, auth);
|
|
|
|
|
} else {
|
|
|
|
|
setAuthHeaders(method, accessToken); // 원래 있던 logic
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (logger.isDebug()) {
|
|
|
|
|
logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName()
|
|
|
|
|
+ ") RequestHeader [Authorization=" + method.getHeader("Authorization") + "]");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(!StringUtils.isBlank(authToken)) {
|
|
|
|
|
setAuthHeaders(method, authToken);
|
|
|
|
|
}
|
|
|
|
|
// 여기 까지
|
|
|
|
|
|
|
|
|
|
configureHttpClient(requestConfigBuilder, vo, method);
|
|
|
|
|
|
|
|
|
|
switch (HttpMethodType.getValue(rmethod)) {
|
|
|
|
@@ -311,7 +366,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
case POST:
|
|
|
|
|
// assignPostBody(dataObject, contentType, vo.getEncode(), method);
|
|
|
|
|
//assignPostBody(dataContent, contentType, vo.getEncode(), method); // jwhong commnet
|
|
|
|
|
assignPostBody(dataContent, contentType, vo.getEncode(), method, vo.getAdapterName());
|
|
|
|
|
assignPostBody(dataContent, contentType, vo.getEncode(), method, vo.getAdapterName(), auth);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
@@ -322,39 +377,15 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
+ method.getEntity() + "] ");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
OAuth2AccessTokenVO accessToken = null;
|
|
|
|
|
if (useAdapterToken) {
|
|
|
|
|
AccessTokenManagerByDB tokenManager = AccessTokenManagerByDB.getInstance();
|
|
|
|
|
accessToken = (OAuth2AccessTokenVO) tokenManager.getAccessTokenVO(vo.getAdapterGroupName());
|
|
|
|
|
|
|
|
|
|
// 토큰이 없거나 만료 됐으면 재발급
|
|
|
|
|
if (accessToken == null || accessToken.isExpired()) {
|
|
|
|
|
String oldToken = accessToken == null ? null : accessToken.getAccessToken();
|
|
|
|
|
accessToken = (OAuth2AccessTokenVO) tokenManager.retryAccessTokenVO(vo.getAdapterGroupName(), prop,
|
|
|
|
|
oldToken);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (logger.isDebug()) {
|
|
|
|
|
logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName() + ") TOKEN = ["
|
|
|
|
|
+ accessToken + "]");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
setAuthHeaders(method, accessToken);
|
|
|
|
|
|
|
|
|
|
if (logger.isDebug()) {
|
|
|
|
|
logger.debug("HttpClientAdapterServiceRest] SEND (" + vo.getAdapterGroupName()
|
|
|
|
|
+ ") RequestHeader [Authorization=" + method.getHeader("Authorization") + "]");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(!StringUtils.isBlank(authToken)) {
|
|
|
|
|
setAuthHeaders(method, authToken);
|
|
|
|
|
}
|
|
|
|
|
// OAuth2AccessToken 원래 있던 위치 JWHONG
|
|
|
|
|
|
|
|
|
|
// 전달 header 셋팅
|
|
|
|
|
// Adapter 레벨 header 보다 data로 넘어온 httpHeader를 우선 적용(header명이 같다면 덮어씀)
|
|
|
|
|
assignRequestHeaders(method, httpHeader);
|
|
|
|
|
|
|
|
|
|
// KJBank API 추적정보를 Header에 제공. jwhong
|
|
|
|
|
assignRequestKJHeaders(method, prop, tempProp );
|
|
|
|
|
|
|
|
|
|
int status = -1;
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
@@ -396,7 +427,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
// encrypt algorithm type 추출 from adapter property jwhong
|
|
|
|
|
Properties properties = AdapterPropManager.getInstance().getProperties(vo.getAdapterName()); // jwhong
|
|
|
|
|
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
|
|
|
|
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); // jwhong
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
if (logger.isDebug()) {
|
|
|
|
@@ -414,7 +444,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
responseMessageOri = EntityUtils.toByteArray(response.getEntity());
|
|
|
|
|
System.out.println("responseMessageOri 바이트 배열 길이: " + responseMessageOri.length);
|
|
|
|
|
|
|
|
|
|
responseMessage = doOutboundPostFilter(responseMessageOri, encryptAlgorithm, vo.getAdapterName()); // jwhong
|
|
|
|
|
responseMessage = doOutboundPostFilter(responseMessageOri, encryptAlgorithm, vo.getAdapterName(), accessToken); // jwhong
|
|
|
|
|
// 여기까지
|
|
|
|
|
|
|
|
|
|
responseHeaders = response.getHeaders();
|
|
|
|
@@ -683,6 +713,37 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
String.format("%s %s", AccessTokenVO.BEARER_TYPE, accessToken.getAccessToken()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* nice on 나이스 지키미 용으로 생성함
|
|
|
|
|
* jwhong 2015-11-04
|
|
|
|
|
*/
|
|
|
|
|
private void setNiceOnAuthHeaders(HttpUriRequestBase method, String auth) throws Exception {
|
|
|
|
|
method.setHeader("Authorization",
|
|
|
|
|
String.format("%s %s", AccessTokenVO.BEARER_TYPE, auth)); // 나이스지키미 format임
|
|
|
|
|
method.setHeader("ProductID", "2303345072");
|
|
|
|
|
//method.setHeader("Authorization",
|
|
|
|
|
// String.format("%s %s", AccessTokenVO.BEARER_TYPE, accessToken.getAccessToken()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* nice clientid 추출을 위하여 추가한 내용임. jwhong
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
private String JwtClientIdExtractor(String inboundToken) {
|
|
|
|
|
|
|
|
|
|
String tokenClientId ="";
|
|
|
|
|
try {
|
|
|
|
|
SignedJWT signedJWT = SignedJWT.parse(inboundToken);
|
|
|
|
|
tokenClientId = (String) signedJWT.getJWTClaimsSet().getClaim(PAYLOAD_PARAM_NAME_CLIENT_ID);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
logger.error(e.getMessage());
|
|
|
|
|
tokenClientId = "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
System.out.println("Token Client ID: " + tokenClientId);
|
|
|
|
|
return tokenClientId;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private boolean checkTokenRetry(byte[] responseMessage, String tokenErrorCodeKey, String tokenErrorCodeValues,
|
|
|
|
|
String encode) {
|
|
|
|
|
if (responseMessage == null) {
|
|
|
|
@@ -736,8 +797,41 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* KJBank Target System으로 요청 보낼때 header에 clientId(업체정보), APIM거래추적자(UUID), 최초 요청시간 을 보낸다. jwhong
|
|
|
|
|
*/
|
|
|
|
|
private void assignRequestKJHeaders(HttpUriRequestBase method, Properties prop, Properties tempProp) {
|
|
|
|
|
|
|
|
|
|
Properties inboundHeaders = (Properties) tempProp.get(HttpAdapterServiceKey.INBOUND_HEADER);
|
|
|
|
|
String authorization = inboundHeaders.getProperty("authorization");
|
|
|
|
|
String jwtToken = "";
|
|
|
|
|
|
|
|
|
|
if (authorization != null && authorization.startsWith("Bearer ")) {
|
|
|
|
|
jwtToken = authorization.substring(7); // "Bearer " 이후의 JWT만 추출
|
|
|
|
|
//System.out.println("JWT Token: " + jwtToken);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* 업체정보 */
|
|
|
|
|
String clientId = JwtClientIdExtractor(jwtToken);
|
|
|
|
|
method.setHeader("clientId", clientId);
|
|
|
|
|
|
|
|
|
|
/* APIM 거래추적자 */
|
|
|
|
|
String uuid = tempProp.getProperty(TransactionContextKeys.TRANSACTION_UUID, "");
|
|
|
|
|
method.setHeader("traceId", uuid);
|
|
|
|
|
|
|
|
|
|
/* 최초요청시간 */
|
|
|
|
|
Set<String> keys = tempProp.stringPropertyNames();
|
|
|
|
|
for (String key : keys) {
|
|
|
|
|
String value = tempProp.getProperty(key);
|
|
|
|
|
System.out.println(key + " = " + value);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
String receivedTimestamp = tempProp.getProperty(HttpAdapterServiceKey.INBOUND_REQUESTED_TIME, "");
|
|
|
|
|
method.setHeader("receivedTimestamp", receivedTimestamp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@SuppressWarnings("deprecation")
|
|
|
|
|
private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method, String adapterName) {
|
|
|
|
|
private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method, String adapterName, String niceAuth) {
|
|
|
|
|
if (eaiBody == null) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
@@ -758,7 +852,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
} else {
|
|
|
|
|
ContentType contentTypeObj = ContentType.create(contentType, charset);
|
|
|
|
|
|
|
|
|
|
String eaiBodyMessage = doOutboundPreFilter(eaiBody,adapterName); // jwhong
|
|
|
|
|
String eaiBodyMessage = doOutboundPreFilter(eaiBody, adapterName, niceAuth); // jwhong
|
|
|
|
|
StringEntity entity = new StringEntity(eaiBodyMessage, contentTypeObj);
|
|
|
|
|
// 요청 본문을 StringEntity 객체로 생성
|
|
|
|
|
//StringEntity entity = new StringEntity(eaiBody.toString(), contentTypeObj);
|
|
|
|
@@ -768,12 +862,15 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private String doOutboundPreFilter(Object eaiBody, String adapterName) {
|
|
|
|
|
// from here by jwhong
|
|
|
|
|
private String doOutboundPreFilter(Object eaiBody, String adapterName, String niceAuth) {
|
|
|
|
|
|
|
|
|
|
Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong
|
|
|
|
|
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
|
|
|
|
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
|
|
|
|
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM",""); // jwhong
|
|
|
|
|
//String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
|
|
|
|
String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID");
|
|
|
|
|
String encryptAES256Iv = properties.getProperty("ENCRYPT_AES256_IV");
|
|
|
|
|
String encryptAES256Key = properties.getProperty("ENCRYPT_AES256_KEY");
|
|
|
|
|
|
|
|
|
|
// outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다.
|
|
|
|
|
// 참고로 inbound encrypt 에는 Token 또는 SecretKey 가 암호화 key로 사용된다.
|
|
|
|
@@ -781,19 +878,30 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
OAuth2Manager manager = OAuth2Manager.getInstance();
|
|
|
|
|
ClientDetails clientDetail = manager.getClientDeatilsStore().get(encryptClientId);
|
|
|
|
|
String clientSecret = "";
|
|
|
|
|
if ( clientDetail != null ) {
|
|
|
|
|
if ( clientDetail != null ) { // not null 이라는 것은 APIM Oauth Server에 등록된 client ID 이다.
|
|
|
|
|
// 이건 KJBank로 Outbound 나가는 것임
|
|
|
|
|
clientSecret = clientDetail.getClientSecret();
|
|
|
|
|
} else { // 그럼 업체로 Outbound 나가는것은, 업체에서 사용하는 secretkey를 사용한다.
|
|
|
|
|
clientSecret = encryptClientId;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Nice-auth , token 값을 substring 해서 사용한다. 나이스 지키미는 adapter token에서 추출된 token을 사용한다.
|
|
|
|
|
if (useAdapterToken && "AES256-NICEON".equals(encryptAlgorithm)) {
|
|
|
|
|
clientSecret = niceAuth;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다.
|
|
|
|
|
|
|
|
|
|
String responseMessage = doOutboundPreEncrypt(eaiBody, encryptAlgorithm, clientSecret);
|
|
|
|
|
String responseMessage = doOutboundPreEncrypt(eaiBody, encryptAlgorithm, clientSecret, encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
return responseMessage;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
private String doOutboundPreEncrypt(Object eaiBody, String encryptAlgorithm, String clientSecretKey) {
|
|
|
|
|
private String doOutboundPreEncrypt(Object eaiBody, String encryptAlgorithm, String clientSecretKey, String encryptAES256Iv, String encryptAES256Key ) {
|
|
|
|
|
|
|
|
|
|
String encryptedMessage = "";
|
|
|
|
|
String encryptedJsonKey = "";
|
|
|
|
|
|
|
|
|
|
encryptedJsonKey = getJsonKey(encryptAlgorithm);
|
|
|
|
|
|
|
|
|
|
switch (encryptAlgorithm) {
|
|
|
|
|
case "AES":
|
|
|
|
@@ -818,12 +926,33 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256":
|
|
|
|
|
//AES256Cipher aes256Cipher = new AES256Cipher();
|
|
|
|
|
try {
|
|
|
|
|
//String cleintSecretKey="BxnZ4wpIrTSw8fAkMuF3lYIGZySl1vl47jrErPpGWbAH7uUBeVsJ77njNUrnkAdHJ5fKbNqbiNIE6qCAJ8KfxYJMmbZZrsXCwNMUFooRUcsyRfcDd80h9v490UO4YoQB";
|
|
|
|
|
String key = clientSecretKey.substring(10,42);
|
|
|
|
|
//String key = "0123456789abcdefghij0123456789ab";
|
|
|
|
|
//encryptedMessage= aes256Cipher.encrypt(eaiBody.toString(), key);
|
|
|
|
|
encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), key);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-KAKAO":
|
|
|
|
|
try {
|
|
|
|
|
encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-TOSS":
|
|
|
|
|
try {
|
|
|
|
|
encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-NICEON":
|
|
|
|
|
try {
|
|
|
|
|
String key = clientSecretKey.substring(10,42);
|
|
|
|
|
encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), key);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
@@ -844,18 +973,31 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
encryptedMessage = eaiBody.toString();
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return encryptedMessage;
|
|
|
|
|
//break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Map<String, Object> map = new HashMap<>();
|
|
|
|
|
map.put(encryptedJsonKey, encryptedMessage);
|
|
|
|
|
JSONObject json = new JSONObject();
|
|
|
|
|
json.putAll(map);
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
//return encryptedMessage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private byte[] doOutboundPostFilter(byte[] eaiBody, String decryptAlgorithm, String adapterName) {
|
|
|
|
|
private byte[] doOutboundPostFilter(byte[] eaiBody, String decryptAlgorithm, String adapterName, OAuth2AccessTokenVO niceAccessToken ) {
|
|
|
|
|
|
|
|
|
|
if ( !encryptResponseApply) {
|
|
|
|
|
return eaiBody;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong
|
|
|
|
|
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
|
|
|
|
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
|
|
|
|
//String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
|
|
|
|
//String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
|
|
|
|
String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID");
|
|
|
|
|
String encryptAES256Iv = properties.getProperty("ENCRYPT_AES256_IV");
|
|
|
|
|
String encryptAES256Key = properties.getProperty("ENCRYPT_AES256_KEY");
|
|
|
|
|
|
|
|
|
|
// outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다.
|
|
|
|
|
OAuth2Manager manager = OAuth2Manager.getInstance();
|
|
|
|
@@ -863,18 +1005,31 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
String clientSecret = "";
|
|
|
|
|
if ( clientDetail != null ) {
|
|
|
|
|
clientSecret = clientDetail.getClientSecret();
|
|
|
|
|
} else {
|
|
|
|
|
clientSecret = encryptClientId;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다.
|
|
|
|
|
byte[] resPostMessage = doOutboundPostDecrypt(eaiBody, decryptAlgorithm, clientSecret);
|
|
|
|
|
// Nice-auth , token 값을 substring 해서 사용한다. 나이스 지키미는 adapter token에서 추출된 token을 사용한다.
|
|
|
|
|
if (useAdapterToken && "AES256-NICEON".equals(decryptAlgorithm)) {
|
|
|
|
|
clientSecret = niceAccessToken.getAccessToken();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
byte[] resPostMessage = doOutboundPostDecrypt(eaiBody, decryptAlgorithm, clientSecret, encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
return resPostMessage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private byte[] doOutboundPostDecrypt(byte[] eaiBody, String decryptAlgorithm, String clientSecretKey) {
|
|
|
|
|
private byte[] doOutboundPostDecrypt(byte[] eaiBody, String decryptAlgorithm, String clientSecretKey, String encryptAES256Iv, String encryptAES256Key ) {
|
|
|
|
|
|
|
|
|
|
byte[] decryptedMessage = null;
|
|
|
|
|
String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8);
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
eaiStringBody = extractBodyMsg(decryptAlgorithm, eaiStringBody);
|
|
|
|
|
} catch (ParseException e) {
|
|
|
|
|
System.out.println("JSON 파싱 오류 발생 : " +e.getMessage());
|
|
|
|
|
return eaiBody;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//test source
|
|
|
|
|
System.out.println("eaiBody 바이트 배열 길이: " + eaiBody.length);
|
|
|
|
|
System.out.println("Base64 문자열: " + eaiStringBody);
|
|
|
|
@@ -897,7 +1052,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
case "AES128-TOSS":
|
|
|
|
|
try {
|
|
|
|
|
String key128 = clientSecretKey.substring(22,38);
|
|
|
|
|
//String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128);
|
|
|
|
|
String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128);
|
|
|
|
|
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
@@ -908,7 +1062,6 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
case "AES128-TOGETHER":
|
|
|
|
|
try {
|
|
|
|
|
String key128 = clientSecretKey.substring(44,60);
|
|
|
|
|
//String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128);
|
|
|
|
|
String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128);
|
|
|
|
|
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
@@ -926,6 +1079,34 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-KAKAO":
|
|
|
|
|
try {
|
|
|
|
|
String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-TOSS":
|
|
|
|
|
try {
|
|
|
|
|
String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, encryptAES256Iv, encryptAES256Key);
|
|
|
|
|
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-NICEON":
|
|
|
|
|
try {
|
|
|
|
|
String key = clientSecretKey.substring(10,42);
|
|
|
|
|
String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, key);
|
|
|
|
|
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "AES256GCM":
|
|
|
|
|
try {
|
|
|
|
|
byte[] key = AES256GCMCipher.generateKey();
|
|
|
|
@@ -952,6 +1133,57 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private String extractBodyMsg(String decryptAlgorithm, String eaiStringBody) throws ParseException {
|
|
|
|
|
|
|
|
|
|
String decryptedJsonKey = "";
|
|
|
|
|
String decryptedBodyMessage = "";
|
|
|
|
|
|
|
|
|
|
decryptedJsonKey = getJsonKey(decryptAlgorithm);
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
JSONParser parser = new JSONParser();
|
|
|
|
|
JSONObject jsonObject = (JSONObject) parser.parse(eaiStringBody);
|
|
|
|
|
decryptedBodyMessage = (String) jsonObject.get(decryptedJsonKey);
|
|
|
|
|
} catch (ParseException e) {
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
logger.error("HttpClient5AdapterServiceRest] extractBodyMsg error : " + e.getMessage());
|
|
|
|
|
throw e;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return decryptedBodyMessage;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private String getJsonKey(String Algorithm) {
|
|
|
|
|
|
|
|
|
|
String jsonKey = "";
|
|
|
|
|
|
|
|
|
|
switch (Algorithm) {
|
|
|
|
|
case "AES128-TOSS":
|
|
|
|
|
jsonKey = "preScreeningRequest";
|
|
|
|
|
break;
|
|
|
|
|
case "AES128-TOGETHER":
|
|
|
|
|
jsonKey = "obpTxData";
|
|
|
|
|
break;
|
|
|
|
|
case "AES256":
|
|
|
|
|
jsonKey = "preScreeningRequest";
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-KAKAO":
|
|
|
|
|
jsonKey = "encrypted_data";
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-TOSS":
|
|
|
|
|
jsonKey = "encryptedData";
|
|
|
|
|
break;
|
|
|
|
|
case "AES256-NICEON":
|
|
|
|
|
jsonKey = "preScreeningRequest";
|
|
|
|
|
break;
|
|
|
|
|
case "AES256GCM":
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return jsonKey;
|
|
|
|
|
}
|
|
|
|
|
// by jwhong
|
|
|
|
|
private String encrypt(String plainText) {
|
|
|
|
|
try {
|
|
|
|
|