OMC/be.ems
1
0
Fork 0
Code Issues Releases 3 Activity

fix: 中间件-接口加解密处理GET请求参数

Browse Source
This commit is contained in:
TsMask
2024-08-15 09:43:31 +08:00
parent cf1dbf4a0e
commit b27472f095
1 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/framework/middleware/crypto_api.go
View File

@@ -5,6 +5,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"strings"
"be.ems/src/framework/config" "be.ems/src/framework/config"
constResult "be.ems/src/framework/constants/result" constResult "be.ems/src/framework/constants/result"
@@ -25,10 +26,13 @@ func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
// 请求解密时对请求data注入 // 请求解密时对请求data注入
if requestDecrypt { if requestDecrypt {
method := c.Request.Method
contentType := c.ContentType()
contentDe := "" contentDe := ""
if c.Request.Method == "GET" { // 请求参数解析
if method == "GET" {
contentDe = c.Query("data") contentDe = c.Query("data")
} else if c.ContentType() == gin.MIMEJSON { } else if contentType == gin.MIMEJSON {
var body struct { var body struct {
Data string `json:"data" binding:"required"` Data string `json:"data" binding:"required"`
} }
@@ -36,6 +40,7 @@ func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
contentDe = body.Data contentDe = body.Data
} }
} }
// 是否存在data字段数据 // 是否存在data字段数据
if contentDe == "" { if contentDe == "" {
c.JSON(400, map[string]any{ c.JSON(400, map[string]any{
@@ -45,7 +50,8 @@ func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
c.Abort() // 停止执行后续的处理函数 c.Abort() // 停止执行后续的处理函数
return return
} }
// 解密
// 解密-原数据加密前含16位长度iv
apiKey := config.Get("aes.apiKey").(string) apiKey := config.Get("aes.apiKey").(string)
dataBodyStr, err := crypto.AESDecryptBase64(contentDe, apiKey) dataBodyStr, err := crypto.AESDecryptBase64(contentDe, apiKey)
if err != nil { if err != nil {
@@ -57,8 +63,19 @@ func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
c.Abort() // 停止执行后续的处理函数 c.Abort() // 停止执行后续的处理函数
return return
} }
// 分配回请求体 // 分配回请求体
c.Request.Body = io.NopCloser(bytes.NewBuffer([]byte(dataBodyStr))) if method == "GET" {
var urlParams map[string]any
json.Unmarshal([]byte(dataBodyStr), &urlParams)
rawQuery := []string{}
for k, v := range urlParams {
rawQuery = append(rawQuery, fmt.Sprintf("%s=%v", k, v))
}
c.Request.URL.RawQuery = strings.Join(rawQuery, "&")
} else if contentType == gin.MIMEJSON {
c.Request.Body = io.NopCloser(bytes.NewBuffer([]byte(dataBodyStr)))
}
} }
// 响应加密时替换原有的响应体 // 响应加密时替换原有的响应体
@@ -85,9 +102,9 @@ func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
if codeOk && dataOk { if codeOk && dataOk {
if parse.Number(codeV) == constResult.CODE_SUCCESS { if parse.Number(codeV) == constResult.CODE_SUCCESS {
byteBodyData, _ := json.Marshal(dataV) byteBodyData, _ := json.Marshal(dataV)
// 加密 // 加密-原数据头加入标记16位长度iv终止符
apiKey := config.Get("aes.apiKey").(string) apiKey := config.Get("aes.apiKey").(string)
contentEn, err := crypto.AESEncryptBase64(string(byteBodyData), apiKey) contentEn, err := crypto.AESEncryptBase64("=:)"+string(byteBodyData), apiKey)
if err != nil { if err != nil {
logger.Errorf("CryptoApi encrypt err => %v", err) logger.Errorf("CryptoApi encrypt err => %v", err)
rbw.ReplaceWrite([]byte(fmt.Sprintf(`{"code":"%d","msg":"encrypt err"}`, constResult.CODE_ERROR))) rbw.ReplaceWrite([]byte(fmt.Sprintf(`{"code":"%d","msg":"encrypt err"}`, constResult.CODE_ERROR)))