From c0a761d1374337840b20cc3d665801b8646a6f8b Mon Sep 17 00:00:00 2001
From: lulz1 <lulz1@chint.com>
Date: Wed, 27 Mar 2024 13:51:39 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9A=82=E6=97=B6=E5=85=B3=E9=97=AD=E8=AE=A2?=
 =?UTF-8?q?=E5=8D=95=E7=BB=93=E7=AE=97=E5=92=8C=E6=98=8E=E7=BB=86=E7=9A=84?=
 =?UTF-8?q?token=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../out/OrderDetailController.java            | 26 ++++++++++++++-----
 .../queryies/OrderDetailQuery.java            |  4 +++
 .../service/auth/AuthenticateServiceImpl.java | 20 +++++++-------
 .../webconfig/JwtTokenAdminInterceptor.java   |  3 ++-
 .../constant/AuthMessageConstant.java         |  2 ++
 5 files changed, 39 insertions(+), 16 deletions(-)

diff --git a/src/main/java/com/chint/application/out/OrderDetailController.java b/src/main/java/com/chint/application/out/OrderDetailController.java
index a10440b5..5f2e8fd7 100644
--- a/src/main/java/com/chint/application/out/OrderDetailController.java
+++ b/src/main/java/com/chint/application/out/OrderDetailController.java
@@ -82,6 +82,24 @@ public class OrderDetailController {
     @ApiOperation("订单明细查询接口")
     @PostMapping("/query")
     public Result<PageResult<Object>> query(@RequestBody AuthenticationSignDto authenticationDto) {
+        if (signCheck(authenticationDto)) {
+            return orderDetailPageQuery.orderDetailInfoPageQuery(authenticationDto);
+        } else {
+            return Result.error("签名错误");
+        }
+    }
+
+    @ApiOperation("订单结算查询接口")
+    @PostMapping("/record/query")
+    public Result<PageResult<Object>> queryRecord(@RequestBody AuthenticationSignDto authenticationDto) {
+        if (signCheck(authenticationDto)) {
+            return orderDetailPageQuery.orderDetailInfoPageQuery(authenticationDto);
+        } else {
+            return Result.error("签名错误");
+        }
+    }
+
+    private boolean signCheck(AuthenticationSignDto authenticationDto) {
         Integer productType = authenticationDto.getProductType();
         String systemType = authenticationDto.getSystemType();
         String startTime = authenticationDto.getStartTime();
@@ -89,12 +107,8 @@ public class OrderDetailController {
         Integer pageSize = authenticationDto.getPageSize();
         Integer pageNum = authenticationDto.getPageNum();
         String orgsign = authenticationDto.getSign();
-        String sign = Digest.md5(+productType + systemType + startTime + endTime + pageSize + pageNum);
-        if (StringUtils.isNotBlank(orgsign) && orgsign.equals(sign)) {
-            return orderDetailPageQuery.orderDetailInfoPageQuery(authenticationDto);
-        } else {
-            return Result.error("签名错误");
-        }
+        String sign = Digest.md5(productType + systemType + startTime + endTime + pageSize + pageNum);
+        return orgsign.equals(sign);
     }
 
     @ApiOperation("查询我的订单")
diff --git a/src/main/java/com/chint/application/queryies/OrderDetailQuery.java b/src/main/java/com/chint/application/queryies/OrderDetailQuery.java
index 56186dfb..ec23d125 100644
--- a/src/main/java/com/chint/application/queryies/OrderDetailQuery.java
+++ b/src/main/java/com/chint/application/queryies/OrderDetailQuery.java
@@ -139,6 +139,10 @@ public class OrderDetailQuery {
         return Result.Success(SUCCESS, PageResult.totalPageNum(res.size(), paginatedResults));
     }
 
+    public Result<PageResult<Object>> orderRecordInfoPageQuery(AuthenticationSignDto authenticationDto) {
+        return null;
+    }
+
     private Object processHotelOrderDetail(OrderDetail orderDetail, String systemType) {
         HotelOrderDetail hotelOrderDetail = orderDetail.getHotelOrderDetail();
 
diff --git a/src/main/java/com/chint/domain/service/auth/AuthenticateServiceImpl.java b/src/main/java/com/chint/domain/service/auth/AuthenticateServiceImpl.java
index dad843ea..10990efd 100644
--- a/src/main/java/com/chint/domain/service/auth/AuthenticateServiceImpl.java
+++ b/src/main/java/com/chint/domain/service/auth/AuthenticateServiceImpl.java
@@ -101,7 +101,6 @@ public class AuthenticateServiceImpl implements AuthenticateService {
 
     @Override
     public Token authenticateClient(AuthenticationDto authenticationDto)  {
-
         //区分测试环境还是正式环境
         String clientType;
         if (envMark.equals("prod")) {
@@ -110,16 +109,19 @@ public class AuthenticateServiceImpl implements AuthenticateService {
             clientType = "0";
         }
         Client client = clientRepository.findByClientIdAndEnv(authenticationDto.getClientid(), clientType);
-
         if (client != null) {
-            Map<String, Object> claims = new HashMap<>();
-            claims.put(AuthMessageConstant.CLIENT_ID, client.getClientId());
-            claims.put(AuthMessageConstant.CLIENT_SECRET, client.getClientSecret());
-            String jwt = JWTUtil.createJWT(AuthMessageConstant.SECRET, AuthMessageConstant.EXPIRATION_CLIENT_TIME_MS,
-                    AuthMessageConstant.HEADER_CLIENT_CASE, claims);
-            return Token.of(jwt);
+            if (client.getClientSecret().equals(authenticationDto.getSecretkey())) {
+                Map<String, Object> claims = new HashMap<>();
+                claims.put(AuthMessageConstant.CLIENT_ID, client.getClientId());
+                claims.put(AuthMessageConstant.CLIENT_SECRET, client.getClientSecret());
+                String jwt = JWTUtil.createJWT(AuthMessageConstant.SECRET, AuthMessageConstant.EXPIRATION_CLIENT_TIME_MS,
+                        AuthMessageConstant.HEADER_CLIENT_CASE, claims);
+                return Token.of(jwt);
+            } else {
+                throw new AuthException(CLIENT_SECRET_INVALID);
+            }
         } else {
-            throw new AuthException(AuthMessageConstant.JWT_INVALID);
+            throw new AuthException(CLIENT_ID_INVALID);
         }
     }
 }
\ No newline at end of file
diff --git a/src/main/java/com/chint/infrastructure/config/webconfig/JwtTokenAdminInterceptor.java b/src/main/java/com/chint/infrastructure/config/webconfig/JwtTokenAdminInterceptor.java
index 646bc06e..20a0a8b1 100644
--- a/src/main/java/com/chint/infrastructure/config/webconfig/JwtTokenAdminInterceptor.java
+++ b/src/main/java/com/chint/infrastructure/config/webconfig/JwtTokenAdminInterceptor.java
@@ -67,7 +67,8 @@ public class JwtTokenAdminInterceptor implements HandlerInterceptor {
         if (res) {
             return true;
         } else {
-            throw new AuthException(JWT_INVALID);
+//            throw new AuthException(JWT_INVALID);
+            return true;
         }
     }
 }
\ No newline at end of file
diff --git a/src/main/java/com/chint/infrastructure/constant/AuthMessageConstant.java b/src/main/java/com/chint/infrastructure/constant/AuthMessageConstant.java
index 50c6f788..1b8f9696 100644
--- a/src/main/java/com/chint/infrastructure/constant/AuthMessageConstant.java
+++ b/src/main/java/com/chint/infrastructure/constant/AuthMessageConstant.java
@@ -3,6 +3,8 @@ package com.chint.infrastructure.constant;
 public class AuthMessageConstant {
     // JWT 验证消息
     public static final String JWT_INVALID = "无效的 JWT 令牌";
+    public static final String CLIENT_ID_INVALID = "无效的 client_id";
+    public static final String CLIENT_SECRET_INVALID = "无效的 client_secret";
     public static final String JWT_EXPIRED = "登录信息已过期";
     public static final String JWT_REQUIRED = "需要 JWT 令牌";
     public static final String JWT_ACCESS_DENIED = "JWT 令牌不足以访问此资源";