feat(charging): 实现第三方token获取接口

- 新增getToken方法用于处理第三方token请求
- 验证请求签名及参数完整性
- 校验运营商ID与密钥正确性
- 使用JWT工具生成并管理token
- 返回加密后的token信息响应体
- 添加详细的日志记录和异常处理机制
- 更新第三方接口路径匹配规则以支持多端点验证

src/main/java/com/zsElectric/boot/auth/controller/ThirdPartyAuthController.java

@@ -1,131 +0,0 @@
-package com.zsElectric.boot.auth.controller;
-
-import com.google.gson.Gson;
-import com.zsElectric.boot.common.constant.ConnectivityConstants;
-import com.zsElectric.boot.common.util.AESCryptoUtils;
-import com.zsElectric.boot.common.util.HmacMD5Util;
-import com.zsElectric.boot.common.util.electric.QueryTokenResponseData;
-import com.zsElectric.boot.common.util.electric.RequestParmsEntity;
-import com.zsElectric.boot.common.util.electric.ResponseParmsEntity;
-import com.zsElectric.boot.common.util.electric.queryToken.*;
-
-import jakarta.annotation.Resource;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.web.bind.annotation.*;
-
-@Slf4j
-@RestController
-@RequestMapping("/api/third-party")
-public class ThirdPartyAuthController {
-
-    @Resource
-    private JwtTokenUtil jwtTokenUtil;
-
-    @PostMapping("/v1/get")
-//    @TokenRequired
-    public String get() {
-        return "get";
-    }
-
-    @PostMapping("/query_token")
-    public ResponseParmsEntity getToken(@RequestBody RequestParmsEntity request) throws Exception {
-        ResponseParmsEntity responseParmsEntity = new ResponseParmsEntity();
-        try {
-            //验证签名
-            if (!HmacMD5Util.verify(request.getOperatorID() + request.getData() + request.getTimeStamp() + request.getSeq(),
-                    ConnectivityConstants.SIG_SECRET, request.getSig())) {
-                return responseParmsEntity
-                        .setRet(4001)
-                        .setMsg("签名验证失败")
-                        .setData("")
-                        .setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
-                                ConnectivityConstants.SIG_SECRET));
-            }
-
-            String data = request.getData();
-            String string = AESCryptoUtils.decrypt(data, ConnectivityConstants.DATA_SECRET, ConnectivityConstants.DATA_SECRET_IV);
-            QueryTokenRequestParms queryTokenRequestParms = new Gson().fromJson(string, QueryTokenRequestParms.class);
-            if (queryTokenRequestParms == null || queryTokenRequestParms.getOperatorID() == null || queryTokenRequestParms.getOperatorSecret() == null) {
-                responseParmsEntity
-                        .setRet(4003)
-                        .setMsg("参数错误")
-                        .setData("");
-                responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
-                        ConnectivityConstants.SIG_SECRET));
-                return responseParmsEntity;
-            }
-
-            //判断运营商ID与密钥是否正确
-            if (!queryTokenRequestParms.getOperatorID().equals(ConnectivityConstants.PLATFORM_OPERATOR_ID) && !queryTokenRequestParms.getOperatorSecret().equals(ConnectivityConstants.PLATFORM_OPERATOR_SECRET)) {
-                responseParmsEntity
-                        .setRet(4004)
-                        .setMsg("OperatorID或OperatorSecret错误！")
-                        .setData("");
-                responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
-                        ConnectivityConstants.SIG_SECRET));
-            }
-
-            //redis获取token,不存在则创建
-            String accessToken = jwtTokenUtil.generateToken(queryTokenRequestParms.getOperatorID());
-            Integer remainingTTL = jwtTokenUtil.getRemainingTTL(accessToken).intValue();
-            //构建Data(token信息)
-            QueryTokenResponseData queryTokenResponseData = new QueryTokenResponseData();
-            queryTokenResponseData.setOperatorID(queryTokenRequestParms.getOperatorID());
-            queryTokenResponseData.setAccessToken(accessToken);
-            queryTokenResponseData.setTokenAvailableTime(remainingTTL);
-            queryTokenResponseData.setSuccStat(0);
-            queryTokenResponseData.setFailReason(0);
-
-            log.info("生成token信息:{}", new Gson().toJson(queryTokenResponseData));
-
-            String encodeData = AESCryptoUtils.encrypt(new Gson().toJson(queryTokenResponseData), ConnectivityConstants.PLATFORM_DATA_SECRET,
-                    ConnectivityConstants.PLATFORM_DATA_SECRET_IV);
-
-            responseParmsEntity
-                    .setRet(0)
-                    .setMsg("成功")
-                    .setData(encodeData)
-                    .setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
-                            ConnectivityConstants.SIG_SECRET));
-            return responseParmsEntity;
-        } catch (Exception e) {
-            log.error("系统错误:{}", e.getMessage());
-            responseParmsEntity
-                    .setRet(500)
-                    .setMsg("系统错误")
-                    .setData("");
-            responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
-                    ConnectivityConstants.SIG_SECRET));
-            return responseParmsEntity;
-        }
-    }
-}
-
-
-//    @GetMapping("/token/validate")
-//    public ResponseEntity<?> validateToken(@RequestHeader("Authorization") String authHeader) {
-//        if (authHeader == null || !authHeader.startsWith("Bearer ")) {
-//            return ResponseEntity.badRequest()
-//                    .body(ErrorResponse.badRequest("Authorization header格式不正确"));
-//        }
-//
-//        String token = authHeader.substring(7);
-//        boolean isValid = jwtUtil.validateToken(token);
-//
-//        if (!isValid) {
-//            return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
-//                    .body(ErrorResponse.unauthorized("Token无效或已过期"));
-//        }
-//
-//        String operatorId = jwtUtil.getOperatorIdFromToken(token);
-//        Long remainingTTL = jwtUtil.getRemainingTTL(token);
-//
-//        Map<String, Object> result = new HashMap<>();
-//        result.put("valid", true);
-//        result.put("operatorId", operatorId);
-//        result.put("remainingTTL", remainingTTL);
-//
-//        return null;
-//    }
-    
-

src/main/java/com/zsElectric/boot/charging/controller/LinkDataController.java

@@ -1,10 +1,17 @@
 package com.zsElectric.boot.charging.controller;
 
+import com.google.gson.Gson;
 import com.zsElectric.boot.charging.service.ChargingReceptionService;
 import com.zsElectric.boot.common.annotation.Log;
+import com.zsElectric.boot.common.constant.ConnectivityConstants;
 import com.zsElectric.boot.common.enums.LogModuleEnum;
+import com.zsElectric.boot.common.util.AESCryptoUtils;
+import com.zsElectric.boot.common.util.HmacMD5Util;
+import com.zsElectric.boot.common.util.electric.QueryTokenResponseData;
 import com.zsElectric.boot.common.util.electric.RequestParmsEntity;
 import com.zsElectric.boot.common.util.electric.ResponseParmsEntity;
+import com.zsElectric.boot.common.util.electric.queryToken.JwtTokenUtil;
+import com.zsElectric.boot.common.util.electric.queryToken.QueryTokenRequestParms;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
@@ -20,6 +27,89 @@ public class LinkDataController {
 
     private final ChargingReceptionService chargingReceptionService;
 
+    private final JwtTokenUtil jwtTokenUtil;
+
+    /**
+     *  获取token
+     * @author SheepHy
+     * @param request，参数为类则包含{@link RequestParmsEntity}
+     * @return 获取tokenVO
+     */
+    @Operation(summary = "获取token")
+    @PostMapping("/query_token")
+    public ResponseParmsEntity getToken(@RequestBody RequestParmsEntity request) throws Exception {
+        ResponseParmsEntity responseParmsEntity = new ResponseParmsEntity();
+        try {
+            //验证签名
+            if (!HmacMD5Util.verify(request.getOperatorID() + request.getData() + request.getTimeStamp() + request.getSeq(),
+                    ConnectivityConstants.SIG_SECRET, request.getSig())) {
+                return responseParmsEntity
+                        .setRet(4001)
+                        .setMsg("签名验证失败")
+                        .setData("")
+                        .setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
+                                ConnectivityConstants.SIG_SECRET));
+            }
+
+            String data = request.getData();
+            String string = AESCryptoUtils.decrypt(data, ConnectivityConstants.DATA_SECRET, ConnectivityConstants.DATA_SECRET_IV);
+            QueryTokenRequestParms queryTokenRequestParms = new Gson().fromJson(string, QueryTokenRequestParms.class);
+            if (queryTokenRequestParms == null || queryTokenRequestParms.getOperatorID() == null || queryTokenRequestParms.getOperatorSecret() == null) {
+                responseParmsEntity
+                        .setRet(4003)
+                        .setMsg("参数错误")
+                        .setData("");
+                responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
+                        ConnectivityConstants.SIG_SECRET));
+                return responseParmsEntity;
+            }
+
+            //判断运营商ID与密钥是否正确
+            if (!queryTokenRequestParms.getOperatorID().equals(ConnectivityConstants.PLATFORM_OPERATOR_ID) && !queryTokenRequestParms.getOperatorSecret().equals(ConnectivityConstants.PLATFORM_OPERATOR_SECRET)) {
+                responseParmsEntity
+                        .setRet(4004)
+                        .setMsg("OperatorID或OperatorSecret错误！")
+                        .setData("");
+                responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
+                        ConnectivityConstants.SIG_SECRET));
+            }
+
+            //redis获取token,不存在则创建
+            String accessToken = jwtTokenUtil.generateToken(queryTokenRequestParms.getOperatorID());
+            Integer remainingTTL = jwtTokenUtil.getRemainingTTL(accessToken).intValue();
+            //构建Data(token信息)
+            QueryTokenResponseData queryTokenResponseData = new QueryTokenResponseData();
+            queryTokenResponseData.setOperatorID(queryTokenRequestParms.getOperatorID());
+            queryTokenResponseData.setAccessToken(accessToken);
+            queryTokenResponseData.setTokenAvailableTime(remainingTTL);
+            queryTokenResponseData.setSuccStat(0);
+            queryTokenResponseData.setFailReason(0);
+
+            log.info("生成token信息:{}", new Gson().toJson(queryTokenResponseData));
+
+            String encodeData = AESCryptoUtils.encrypt(new Gson().toJson(queryTokenResponseData), ConnectivityConstants.PLATFORM_DATA_SECRET,
+                    ConnectivityConstants.PLATFORM_DATA_SECRET_IV);
+
+            responseParmsEntity
+                    .setRet(0)
+                    .setMsg("成功")
+                    .setData(encodeData)
+                    .setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
+                            ConnectivityConstants.SIG_SECRET));
+            return responseParmsEntity;
+        } catch (Exception e) {
+            log.error("系统错误:{}", e.getMessage());
+            responseParmsEntity
+                    .setRet(500)
+                    .setMsg("系统错误")
+                    .setData("");
+            responseParmsEntity.setSig(HmacMD5Util.genSign(responseParmsEntity.getRet(), responseParmsEntity.getMsg(), responseParmsEntity.getData(),
+                    ConnectivityConstants.SIG_SECRET));
+            return responseParmsEntity;
+        }
+    }
+
+
     /**
      * <p>2.4 推送启动充电结果</p>
      * @author SheepHy

src/main/java/com/zsElectric/boot/common/util/electric/queryToken/ThirdPartyJwtAuthFilter.java

@@ -16,6 +16,8 @@ import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
 
 @Component
 public class ThirdPartyJwtAuthFilter extends OncePerRequestFilter {
@@ -26,16 +28,25 @@ public class ThirdPartyJwtAuthFilter extends OncePerRequestFilter {
     private JwtAuthenticationEntryPoint authenticationEntryPoint; // 统一认证异常处理
 
     // 定义你的第三方接口路径模式，例如 /api/third-party/**
-    private final String thirdPartyApiPath = "/api/third-party/v1/**";
+    private final List<String> thirdPartyApiPaths = Arrays.asList(
+            "/dev/v1/linkData/notification_start_charge_result",
+            "/dev/v1/linkData/notification_equip_charge_status",
+            "/dev/v1/linkData/notification_stop_charge_result",
+            "/dev/v1/linkData/notification_charge_order_info",
+            "/dev/v1/linkData/notification_stationStatus"
+    );
     private final AntPathMatcher pathMatcher = new AntPathMatcher();
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         
         String requestUri = request.getRequestURI();
-        
+
+        boolean isThirdPartyRequest = thirdPartyApiPaths.stream()
+                .anyMatch(pattern -> pathMatcher.match(pattern, requestUri));
+
         // 检查当前请求是否是需要第三方Token验证的接口
-        if (pathMatcher.match(thirdPartyApiPath, requestUri)) {
+        if (isThirdPartyRequest) {
             String token = extractToken(request);
             
             if (token == null) {