chore(config): 更新开发环境数据库和Redis配置

- 将MySQL数据源地址更改为阿里云RDS实例
- 更新MySQL数据库用户名密码
- 修改Redis服务器地址为公网IP
- 更新Redis访问密码以匹配新环境配置

src/main/java/com/zsElectric/boot/charging/controller/LinkDataController.java

@@ -1,5 +1,7 @@
 package com.zsElectric.boot.charging.controller;
 
+import com.fasterxml.jackson.databind.MapperFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.gson.Gson;
 import com.zsElectric.boot.charging.service.ChargingReceptionService;
 import com.zsElectric.boot.common.annotation.Log;

src/main/java/com/zsElectric/boot/common/util/electric/ResponseParmsEntity.java

@@ -1,14 +1,10 @@
 package com.zsElectric.boot.common.util.electric;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
-import com.google.gson.annotations.SerializedName;
-import lombok.Data;
-import lombok.experimental.Accessors;
 
 import java.io.Serial;
 import java.io.Serializable;
 
-@Data
 public class ResponseParmsEntity implements Serializable {
 
     @Serial
@@ -25,28 +21,24 @@ public class ResponseParmsEntity implements Serializable {
      * 500：系统异常
      *
      */
-    @SerializedName("Ret")
     @JsonProperty("Ret")
     private Integer Ret;
 
     /**
      * 响应消息
      */
-    @SerializedName("Msg")
     @JsonProperty("Msg")
     private String Msg;
 
     /**
      * 响应加密数据
      */
-    @SerializedName("Data")
     @JsonProperty("Data")
     private String Data;
 
     /**
      * 响应签名
      */
-    @SerializedName("Sig")
     @JsonProperty("Sig")
     private String Sig;
 

src/main/java/com/zsElectric/boot/common/util/electric/queryToken/JwtAuthenticationEntryPoint.java

@@ -1,6 +1,6 @@
 package com.zsElectric.boot.common.util.electric.queryToken;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.gson.Gson;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.http.MediaType;
@@ -21,9 +21,9 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
         response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
         response.setContentType(MediaType.APPLICATION_JSON_VALUE);
         Map<String, Object> error = new HashMap<>();
-        error.put("ret", 401);
-        error.put("msg", authException.getMessage());
-        error.put("path", request.getRequestURI());
-        new ObjectMapper().writeValue(response.getWriter(), error);
+        error.put("Ret", 401);
+        error.put("Msg", authException.getMessage());
+        error.put("Path", request.getRequestURI());
+        new Gson().toJson(error, response.getWriter());
     }
 }

src/main/java/com/zsElectric/boot/config/SecurityConfig.java

@@ -21,6 +21,7 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.ProviderManager;
@@ -62,14 +63,53 @@ public class SecurityConfig {
     private final SecurityProperties securityProperties;
     private final ThirdPartyJwtAuthFilter thirdPartyAuthFilter;
 
+    // 仅针对第三方URL的安全过滤链，只挂第三方认证过滤器
+    @Bean
+    @Order(1)
+    public SecurityFilterChain thirdPartySecurityFilterChain(HttpSecurity http) throws Exception {
+
+        log.info("第三方认证过滤器: {}", thirdPartyAuthFilter);
+
+        String[] thirdPartyUrls = securityProperties.getThirdPartyUrls();
+        if (thirdPartyUrls == null || thirdPartyUrls.length == 0) {
+            log.warn("第三方URL未配置或为空，使用占位符避免匹配所有请求");
+            thirdPartyUrls = new String[]{"/__thirdparty_noop__"};
+        }
+        log.info("========== 配置第三方 SecurityFilterChain, urls: {} ==========", (Object) thirdPartyUrls);
+
+        http
+                .securityMatcher(thirdPartyUrls)  // 只匹配第三方URL
+                .authorizeHttpRequests(registry -> registry
+                        .anyRequest().authenticated()
+                )
+                .exceptionHandling(configurer ->
+                        configurer
+                                .authenticationEntryPoint(new MyAuthenticationEntryPoint())
+                                .accessDeniedHandler(new MyAccessDeniedHandler())
+                )
+                .sessionManagement(configurer ->
+                        configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                )
+                .csrf(AbstractHttpConfigurer::disable)
+                .formLogin(AbstractHttpConfigurer::disable)
+                .httpBasic(AbstractHttpConfigurer::disable)
+                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
+                // 只加第三方认证过滤器
+                .addFilterBefore(thirdPartyAuthFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+
+
     /**
      * 配置安全过滤链 SecurityFilterChain
      */
     @Bean
+    @Order(2)
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         
         log.info("========== 配置 SecurityFilterChain ==========");
-        log.info("第三方认证过滤器: {}", thirdPartyAuthFilter);
+
 
         return http
                 .authorizeHttpRequests(requestMatcherRegistry -> {
@@ -103,8 +143,6 @@ public class SecurityConfig {
                 .addFilterBefore(new CaptchaValidationFilter(redisTemplate, codeGenerator), UsernamePasswordAuthenticationFilter.class)
                 // 验证和解析过滤器
                 .addFilterBefore(new TokenAuthenticationFilter(tokenManager), UsernamePasswordAuthenticationFilter.class)
-                // 第三方认证过滤器
-                .addFilterBefore(thirdPartyAuthFilter, UsernamePasswordAuthenticationFilter.class)
                 .build();
     }
 

src/main/java/com/zsElectric/boot/config/property/SecurityProperties.java

@@ -41,6 +41,11 @@ public class SecurityProperties {
     @NotEmpty
     private String[] unsecuredUrls;
 
+    /**
+     * 只通过第三方认证过滤器的URL
+     */
+    private String[] thirdPartyUrls;
+
     /**
      * 会话配置嵌套类
      */

src/main/java/com/zsElectric/boot/security/filter/TokenAuthenticationFilter.java

@@ -12,9 +12,12 @@ import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.AntPathMatcher;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
 
 /**
  * Token 认证校验过滤器

src/main/resources/application-dev.yml

@@ -104,8 +104,7 @@ security:
     - /api/v1/auth/logout # 开放退出登录
     - /api/v1/auth/wx/miniapp/code-login # 微信小程序code登陆
     - /ws/** # WebSocket接口
-    - /api/third-party/query_token
-    - /api/third-party/v1/get
+
   # 非安全端点路径，完全绕过 Spring Security 的安全控制
   unsecured-urls:
     - ${springdoc.swagger-ui.path}
@@ -114,6 +113,14 @@ security:
     - /v3/api-docs/**
     - /webjars/**
     - /favicon.ico
+    - /dev/v1/linkData/**
+  # 只走第三方过滤器、不走其他安全链
+  third-party-urls:
+    - /dev/v1/linkData/notification_start_charge_result
+    - /dev/v1/linkData/notification_equip_charge_status
+    - /dev/v1/linkData/notification_stop_charge_result
+    - /dev/v1/linkData/notification_charge_order_info
+    - /dev/v1/linkData/notification_stationStatus
 
 okhttp:
   connect-timeout: 30s