回调修改

src/com/kingdee/eas/custom/esign/callback/CallBackToOSFServlet.java

@@ -1,20 +1,22 @@
 package com.kingdee.eas.custom.esign.callback;
 
-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
 import com.kingdee.eas.cp.eip.sso.web.qrcode.ResponseWriteUtil;
 import com.kingdee.eas.custom.esign.util.EsignConfig;
 import com.kingdee.shr.api.OSFWSClient;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.BufferedReader;
 import java.io.IOException;
-import java.io.InputStreamReader;
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -43,13 +45,16 @@ public class CallBackToOSFServlet extends HttpServlet {
             String ALGORITHM = req.getHeader("X-Tsign-Open-SIGNATURE-ALGORITHM");
             String appid = req.getHeader("X-Tsign-Open-App-Id");
             String SIGNATURE = req.getHeader("X-Tsign-Open-SIGNATURE");
+            //应用secret
+            String appSecret = EsignConfig.getInstance().getEsignAppSecret();
+
             System.out.println("CallBackToOSFServlet");
             // 方式2：使用 getRequestURI()（更精确）
             String uri = req.getRequestURI();  // 返回 "/context/user/osfName"
             String[] parts = uri.split("/");
             String osfName = parts[parts.length - 1];  // 获取最后一段 "osfName"
             if("callback".equals(osfName)){
-                osfName="CallBackToOSF";
+                osfName="callBackToOSF";
             }
             logger.error("CallBackToOSFServlet  start--------------------------------------------------------------------");
             logger.error("CallBackToOSFServlet  TIMESTAMP----------------->" + TIMESTAMP);
@@ -64,33 +69,39 @@ public class CallBackToOSFServlet extends HttpServlet {
             while ((jsonPart = reader.readLine()) != null) {
                 jsonInput.append(jsonPart);
             }
-
-            logger.error("CallBackToOSFServlet  data----------------->" + data);
-            String shrAddr = EsignConfig.getInstance().get("shrAddr");
-            OSFWSClient client = new OSFWSClient();
-            Map<String, Object> map = new HashMap<String, Object>();
-            if(jsonInput.length()>0){
-                map.put("data", jsonInput.toString());
-            }else {
-                map.put("data", data);
-            }
-            String response = client.proceedOSF(shrAddr, osfName, map);
-            if (response.indexOf("success") > 0) {
-                result.put("code", "200");
-                result.put("msg", "success");
-                result.put("requestId", null);
-                result.put("data", response);
-            } else if(response.indexOf("msg")>0){
-                JSONObject object = JSON.parseObject(response);
-                result.put("code", "400");
-                result.put("msg", object.get("msg"));
-                result.put("requestId", null);
-                result.put("data", response);
+            String signdata = TIMESTAMP + jsonInput;
+            String mySignature= getSignature(signdata, appSecret,"HmacSHA256","UTF-8");
+            System.out.println("加密出来的签名值：----------->>>>>>"+mySignature);
+            System.out.println("header里面的签名值：---------->>>>>>"+SIGNATURE);
+            if(mySignature.equals(SIGNATURE)) {
+                System.out.println("校验通过");
+                logger.error("CallBackToOSFServlet  data----------------->" + data);
+                String shrAddr = EsignConfig.getInstance().get("shrAddr");
+                OSFWSClient client = new OSFWSClient();
+                Map<String, Object> map = new HashMap<String, Object>();
+                if(jsonInput.length()>0){
+                    map.put("data", jsonInput.toString());
+                }else {
+                    map.put("data", data);
+                }
+                String response = client.proceedOSF(shrAddr, osfName, map);
+                if (response.indexOf("success") > 0) {
+                    result.put("code", "200");
+                    result.put("msg", "success");
+                    result.put("requestId", null);
+                    result.put("data", response);
+                } else {
+                    result.put("code", "400");
+                    result.put("msg", response);
+                    result.put("requestId", null);
+                    result.put("data", response);
+                }
             }else {
+                System.out.println("校验失败");
                 result.put("code", "400");
-                result.put("msg", response);
+                result.put("msg", "校验失败");
                 result.put("requestId", null);
-                result.put("data", response);
+                result.put("data", "");
             }
         } catch (Exception e) {
             e.printStackTrace();
@@ -103,4 +114,59 @@ public class CallBackToOSFServlet extends HttpServlet {
             ResponseWriteUtil.writeObjectData(resp, result, "JSON");
         }
     }
+    /***
+     * 获取请求签名值
+     *
+     * @param data
+     *            加密前数据
+     * @param key
+     *            密钥
+     * @param algorithm
+     *            HmacMD5 HmacSHA1 HmacSHA256 HmacSHA384 HmacSHA512
+     * @param encoding
+     *            编码格式
+     * @return HMAC加密后16进制字符串
+     * @throws Exception
+     */
+    public static String getSignature(String data, String key, String algorithm, String encoding) {
+        Mac mac = null;
+        try {
+            mac = Mac.getInstance(algorithm);
+            SecretKeySpec secretKey = new SecretKeySpec(key.getBytes(encoding), algorithm);
+            mac.init(secretKey);
+            mac.update(data.getBytes(encoding));
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            System.out.println("获取Signature签名信息异常：" + e.getMessage());
+            return null;
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+            System.out.println("获取Signature签名信息异常：" + e.getMessage());
+            return null;
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+            System.out.println("获取Signature签名信息异常：" + e.getMessage());
+            return null;
+        }
+        return byte2hex(mac.doFinal());
+    }
+
+    /***
+     * 将byte[]转成16进制字符串
+     *
+     * @param data
+     *
+     * @return 16进制字符串
+     */
+    public static String byte2hex(byte[] data) {
+        StringBuilder hash = new StringBuilder();
+        String stmp;
+        for (int n = 0; data != null && n < data.length; n++) {
+            stmp = Integer.toHexString(data[n] & 0XFF);
+            if (stmp.length() == 1)
+                hash.append('0');
+            hash.append(stmp);
+        }
+        return hash.toString();
+    }
 }

src/com/kingdee/eas/custom/esign/util/EsignConfig.java

@@ -36,11 +36,11 @@ public class EsignConfig {
         return this.propt.getProperty(key);
     }
     private EsignConfig() {
-        this.initConfig(System.getProperty("EAS_HOME") + "/server/properties/esign/esignConfig.properties");
+        this.initConfig("/server/properties/esign/esignConfig.properties");
     }
     public void initConfig(String filePath) {
         try {
-            this.propt.load(new FileInputStream(filePath));
+            this.propt.load(new FileInputStream(System.getProperty("EAS_HOME") + filePath));
         }catch (IOException e){
             e.printStackTrace();
 

src/com/kingdee/eas/custom/esign/util/EsignHttpUtil.java

@@ -10,6 +10,7 @@ import com.kingdee.bos.dao.IObjectPK;
 import com.kingdee.bos.dao.ormapping.ObjectUuidPK;
 import com.kingdee.bos.util.BOSUuid;
 import com.kingdee.eas.basedata.person.PersonInfo;
+import com.kingdee.eas.common.EASBizException;
 import com.kingdee.eas.custom.esign.*;
 import com.kingdee.eas.custom.esign.bizEnum.EsignConfigEnum;
 import com.kingdee.eas.custom.esign.bizEnum.EsignStatusEnum;
@@ -19,11 +20,14 @@ import com.kingdee.eas.custom.esign.tsign.hz.comm.EsignHttpResponse;
 import com.kingdee.eas.custom.esign.tsign.hz.enums.EsignRequestType;
 import com.kingdee.eas.custom.esign.tsign.hz.exception.EsignException;
 import com.kingdee.eas.mobileaccess.hr.sHR.config.EASConfig;
+import com.kingdee.eas.util.app.DbUtil;
+import com.kingdee.jdbc.rowset.IRowSet;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.client.utils.URIBuilder;
 
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.sql.SQLException;
 import java.text.MessageFormat;
 import java.util.Locale;
 import java.util.Map;
@@ -412,14 +416,13 @@ public class EsignHttpUtil {
      * @return
      */
     public static EsignHttpResponse create_by_file(Context ctx,String personId,String fileName,String operatorId,String efileId,
-                                                   EsignStatusEnum esignStatus,
                                                    String json) throws BOSException {
-        EsignHttpResponse resp = create_by_file(ctx,personId,fileName,operatorId,efileId,esignStatus,json,true);
+        EsignHttpResponse resp = create_by_file(ctx,personId,fileName,operatorId,efileId,EsignStatusEnum.SIGNING,json);
         return resp;
     }
     public static EsignHttpResponse create_by_file(Context ctx,String personId,String fileName,String operatorId,String efileId,
                                                    EsignStatusEnum esignStatus,
-                                                   String json,Boolean saveGlobal) throws BOSException {
+                                                   String json) throws BOSException {
         EsignConfigEnum configEnum = EsignConfigEnum.create_by_file;
         String apiaddr = EsignConfig.getInstance().get(configEnum.getValue());
         EsignHttpResponse resp=new EsignHttpResponse();
@@ -430,6 +433,17 @@ public class EsignHttpUtil {
          */
         IESignGlobalStatusOverview globalStatusOverview = ESignGlobalStatusOverviewFactory.getLocalInstance(ctx);
         ESignGlobalStatusOverviewInfo info = new ESignGlobalStatusOverviewInfo();
+        try {
+            String str = "select fid from CT_ESI_ESGSO where cfefileId=?";
+            IRowSet rs = DbUtil.executeQuery(ctx, str, new Object[]{efileId});
+            if (rs.next()) {
+                String fid = rs.getString("fid");
+                info = globalStatusOverview.getESignGlobalStatusOverviewInfo(new ObjectUuidPK(fid));
+            }
+        }catch (SQLException | EASBizException e){
+            e.printStackTrace();
+        }
+
         info.setEsignStatus(esignStatus);
         info.setSendStatus(SendStatusEnum.FAILURE);
         if(StringUtils.isNotBlank(personId)){
@@ -464,11 +478,7 @@ public class EsignHttpUtil {
             info.setSendStatus(SendStatusEnum.FAILURE);
         }finally {
             try {
-                if(saveGlobal) {
-                    globalStatusOverview.addnew(info);
-                }else {
-                    //globalStatusOverview.save(info);
-                }
+                globalStatusOverview.save(info);
             }catch (Exception e){
                 e.printStackTrace();
             }

websrc/com/kingdee/eas/custom/esign/handler/ESignGlobalStatusOverviewListHandler.java

@@ -71,7 +71,7 @@ public class ESignGlobalStatusOverviewListHandler extends ListHandler {
                 operatorId=operator.getId().toString();
             }
             EsignHttpResponse httpRes =EsignHttpUtil.create_by_file(this.getCtx(),personId,info.getFileName(),operatorId,info.getEfileId(),
-                    info.getEsignStatus(),info.getRequestParams(),false);
+                    info.getEsignStatus(),info.getRequestParams());
             if(httpRes.getStatus()>=200&&httpRes.getStatus()<300) {
                 JSONObject object = JSON.parseObject(httpRes.getBody());
                 if("0".equals(String.valueOf(object.get("code")))) {