diff --git a/framework/src/main/java/cn/lili/common/security/filter/XssFilter.java b/framework/src/main/java/cn/lili/common/security/filter/XssFilter.java index ead0a2b1..8bec61e9 100644 --- a/framework/src/main/java/cn/lili/common/security/filter/XssFilter.java +++ b/framework/src/main/java/cn/lili/common/security/filter/XssFilter.java @@ -1,10 +1,7 @@ package cn.lili.common.security.filter; -import org.springframework.stereotype.Component; - import javax.servlet.*; -import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; @@ -15,8 +12,8 @@ import java.io.IOException; * @version v1.0 * 2021-06-04 10:37 */ -@WebFilter -@Component +//@WebFilter +//@Component public class XssFilter implements Filter { FilterConfig filterConfig = null; diff --git a/framework/src/main/java/cn/lili/common/utils/BeanUtil.java b/framework/src/main/java/cn/lili/common/utils/BeanUtil.java index b525fa64..3ce1c762 100644 --- a/framework/src/main/java/cn/lili/common/utils/BeanUtil.java +++ b/framework/src/main/java/cn/lili/common/utils/BeanUtil.java @@ -1,5 +1,7 @@ package cn.lili.common.utils; +import cn.hutool.json.JSONUtil; +import cn.lili.modules.payment.kit.dto.PayParam; import org.springframework.beans.BeanUtils; import java.lang.reflect.Field; @@ -56,4 +58,75 @@ public class BeanUtil { return null; } } + + + /** + * 将对象转换为key value + * A=a&B=b&C=c 格式 + */ + public static String formatKeyValuePair(Object object) { + //准备接受的字符串 + StringBuilder stringBuffer = new StringBuilder(); + //获取对象字段 + String[] fieldNames = BeanUtil.getFiledName(object); + //遍历所有属性 + for (int j = 0; j < fieldNames.length; j++) { + //不是第一个并且不是最后一个,拼接& + if (j != 0) { + stringBuffer.append("&"); + } + //获取属性的名字 + String key = fieldNames[j]; + //获取值 + Object value = BeanUtil.getFieldValueByName(key, object); + stringBuffer.append(key).append("=").append(value.toString()); + } + return stringBuffer.toString(); + } + + /** + * key value键值对 转换为 对象 + * A=a&B=b&C=c 格式 转换为对象 + */ + public static T formatKeyValuePair(String str, T t) { + //填写对参数键值对 + String[] params = str.split("&"); + + //获取对象字段 + String[] fieldNames = BeanUtil.getFiledName(t); + + try { + //循环每个参数 + for (String param : params) { + String[] keyValues = param.split("="); + for (int i = 0; i < fieldNames.length; i++) { + if (fieldNames[i].equals(keyValues[0])) { + Field f = t.getClass().getDeclaredField(fieldNames[i]); + f.setAccessible(true); + //长度为2 才转换,否则不转 + if (keyValues.length == 2) { + f.set(t, keyValues[1]); + } + } + } + + } + } catch (Exception e) { + e.printStackTrace(); + } + return t; + } + + public static void main(String[] args) throws IllegalAccessException { + PayParam payParam = new PayParam(); + payParam.setClientType("client"); + payParam.setOrderType(""); + payParam.setSn("sn"); + String val = formatKeyValuePair(payParam); + System.out.println(val); + + PayParam param = formatKeyValuePair(val, new PayParam()); + System.out.println(JSONUtil.toJsonStr(param)); + } + } diff --git a/framework/src/main/java/cn/lili/common/utils/StringUtils.java b/framework/src/main/java/cn/lili/common/utils/StringUtils.java index 5fa90f30..e97c61c4 100644 --- a/framework/src/main/java/cn/lili/common/utils/StringUtils.java +++ b/framework/src/main/java/cn/lili/common/utils/StringUtils.java @@ -255,11 +255,12 @@ public class StringUtils extends StrUtil { /** * 过滤特殊字符串 + * * @param str * @return */ - public static String filterSpecialChart(String str){ - String regEx="[`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~!@#¥%……&*()——+|{}【】‘;:”“’。,、?]"; + public static String filterSpecialChart(String str) { + String regEx = "[`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~!@#¥%……&*()——+|{}【】‘;:”“’。,、?]"; Pattern p = Pattern.compile(regEx); Matcher m = p.matcher(str); return m.replaceAll("").trim(); diff --git a/framework/src/main/java/cn/lili/modules/payment/kit/plugin/alipay/AliPayPlugin.java b/framework/src/main/java/cn/lili/modules/payment/kit/plugin/alipay/AliPayPlugin.java index c622b008..e42f2d97 100644 --- a/framework/src/main/java/cn/lili/modules/payment/kit/plugin/alipay/AliPayPlugin.java +++ b/framework/src/main/java/cn/lili/modules/payment/kit/plugin/alipay/AliPayPlugin.java @@ -6,11 +6,11 @@ import cn.hutool.json.JSONUtil; import cn.lili.common.enums.ResultCode; import cn.lili.common.enums.ResultUtil; import cn.lili.common.exception.ServiceException; +import cn.lili.common.utils.BeanUtil; import cn.lili.common.utils.SnowFlake; import cn.lili.common.utils.StringUtils; import cn.lili.common.vo.ResultMessage; import cn.lili.config.properties.ApiProperties; -import cn.lili.config.properties.DomainProperties; import cn.lili.modules.payment.entity.RefundLog; import cn.lili.modules.payment.kit.CashierSupport; import cn.lili.modules.payment.kit.Payment; @@ -63,9 +63,6 @@ public class AliPayPlugin implements Payment { //API域名 @Autowired private ApiProperties apiProperties; - //域名配置 - @Autowired - private DomainProperties domainProperties; @Override public ResultMessage h5pay(HttpServletRequest request, HttpServletResponse response, PayParam payParam) { @@ -79,7 +76,7 @@ public class AliPayPlugin implements Payment { payModel.setSubject(cashierParam.getDetail()); payModel.setTotalAmount(cashierParam.getPrice() + ""); //回传数据 - payModel.setPassbackParams(URLEncoder.createAll().encode(JSONUtil.toJsonStr(payParam), StandardCharsets.UTF_8)); + payModel.setPassbackParams(URLEncoder.createAll().encode(BeanUtil.formatKeyValuePair(payParam), StandardCharsets.UTF_8)); //3分钟超时 payModel.setTimeoutExpress("3m"); payModel.setOutTradeNo(outTradeNo); @@ -118,7 +115,7 @@ public class AliPayPlugin implements Payment { //3分钟超时 payModel.setTimeoutExpress("3m"); //回传数据 - payModel.setPassbackParams(URLEncoder.createAll().encode(JSONUtil.toJsonStr(payParam), StandardCharsets.UTF_8)); + payModel.setPassbackParams(URLEncoder.createAll().encode(BeanUtil.formatKeyValuePair(payParam), StandardCharsets.UTF_8)); payModel.setOutTradeNo(outTradeNo); payModel.setProductCode("QUICK_MSECURITY_PAY"); @@ -151,7 +148,7 @@ public class AliPayPlugin implements Payment { payModel.setTotalAmount(cashierParam.getPrice() + ""); //回传数据 - payModel.setPassbackParams(URLEncoder.createAll().encode(JSONUtil.toJsonStr(payParam), StandardCharsets.UTF_8)); + payModel.setPassbackParams(URLEncoder.createAll().encode(BeanUtil.formatKeyValuePair(payParam), StandardCharsets.UTF_8)); // payModel.setStoreId("store_id"); payModel.setTimeoutExpress("3m"); payModel.setOutTradeNo(outTradeNo); @@ -256,7 +253,7 @@ public class AliPayPlugin implements Payment { String payParamStr = map.get("passback_params"); String payParamJson = URLDecoder.decode(payParamStr, StandardCharsets.UTF_8); - PayParam payParam = JSONUtil.toBean(payParamJson, PayParam.class); + PayParam payParam = BeanUtil.formatKeyValuePair(payParamJson, new PayParam()); if (verifyResult) {