преди 1 година · 2ca96482a6
--- a/framework-location/src/main/java/com/chelvc/framework/location/support/TencentLocationHandler.java
+++ b/framework-location/src/main/java/com/chelvc/framework/location/support/TencentLocationHandler.java
@@ -73,7 +73,7 @@ public class TencentLocationHandler implements LocationHandler {
 
				         }
			
 
				         TencentLocationResponse.Position position = response.getResult().getPosition();
			
 
				         if (!Region.isRegion(position.getAdcode())) {
			
 
				-            log.warn("Tencent locate adcode invalid: {}", position.getAdcode());
			
 
				+            log.warn("Invalid tencent locate adcode: {}", position.getAdcode());
			
 
				             return null;
			
 
				         }
			
 
				 
			
--- a/framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java
@@ -77,8 +77,8 @@ public class SecurityContextHolder {
 
				             return plaintext;
			
 
				         }
			
 
				         SecurityProperties properties = getProperties();
			
 
				-        String secret = Objects.requireNonNull(properties.getSecret(), "secret invalid");
			
 
				-        String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "device invalid");
			
 
				+        String secret = Objects.requireNonNull(properties.getSecret(), "Invalid secret");
			
 
				+        String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "Invalid device");
			
 
				         String iv = StringUtils.substring(device, 0, 16);
			
 
				         String ciphertext = AESUtils.encode(plaintext, secret, iv);
			
 
				         if (log.isDebugEnabled()) {
			
@@ -122,8 +122,8 @@ public class SecurityContextHolder {
 
				             return ciphertext;
			
 
				         }
			
 
				         SecurityProperties configuration = getProperties();
			
 
				-        String secret = Objects.requireNonNull(configuration.getSecret(), "secret invalid");
			
 
				-        String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "device invalid");
			
 
				+        String secret = Objects.requireNonNull(configuration.getSecret(), "Invalid secret");
			
 
				+        String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "Invalid device");
			
 
				         String iv = StringUtils.substring(device, 0, 16);
			
 
				         ciphertext = ciphertext.substring(
			
 
				                 CODEC_CHARACTERISTIC_PREFIX.length(), ciphertext.length() - CODEC_CHARACTERISTIC_SUFFIX.length()
			
--- a/framework-security/src/main/java/com/chelvc/framework/security/interceptor/RequestSecurityInterceptor.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/interceptor/RequestSecurityInterceptor.java
@@ -66,7 +66,7 @@ public class RequestSecurityInterceptor implements Filter {
 
				         }
			
 
				 
			
 
				         // 无效请求
			
 
				-        log.warn(SessionContextHolder.getLoggingMessage(request, HttpStatus.FORBIDDEN, "Request invalid"));
			
 
				+        log.warn(SessionContextHolder.getLoggingMessage(request, HttpStatus.FORBIDDEN, "Invalid request"));
			
 
				         if (SecurityContextHolder.isFailureIgnored()) {
			
 
				             return true;
			
 
				         }
			
--- a/framework-security/src/main/java/com/chelvc/framework/security/interceptor/SignatureValidateInterceptor.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/interceptor/SignatureValidateInterceptor.java
@@ -58,22 +58,17 @@ public class SignatureValidateInterceptor implements Filter {
 
				         String terminal = request.getHeader(SessionContextHolder.HEADER_TERMINAL);
			
 
				         String version = request.getHeader(SessionContextHolder.HEADER_VERSION);
			
 
				         String timestamp = request.getHeader(SessionContextHolder.HEADER_TIMESTAMP);
			
 
				-        String secret = Objects.requireNonNull(properties.getSecret(), "secret invalid");
			
 
				+        String secret = Objects.requireNonNull(properties.getSecret(), "Invalid secret");
			
 
				         String payload = HttpUtils.serialize(request, true);
			
 
				         String ciphertext = CodecUtils.md5(payload + secret + device + platform + terminal + version + timestamp);
			
 
				-        if (log.isDebugEnabled()) {
			
 
				-            log.debug("Data signature: {} -> {}", payload, ciphertext);
			
 
				-        }
			
 
				         String signature = request.getHeader(SessionContextHolder.HEADER_SIGNATURE);
			
 
				-        if (log.isDebugEnabled()) {
			
 
				-            log.debug("Client signature: {}", signature);
			
 
				-        }
			
 
				         if (Objects.equals(ciphertext, signature)) {
			
 
				             return true;
			
 
				         }
			
 
				 
			
 
				         // 签名无效
			
 
				-        log.warn(SessionContextHolder.getLoggingMessage(request, HttpStatus.FORBIDDEN, "Signature invalid"));
			
 
				+        String exception = String.format("Invalid signature: %s, %s, %s", signature, ciphertext, payload);
			
 
				+        log.warn(SessionContextHolder.getLoggingMessage(request, HttpStatus.FORBIDDEN, exception));
			
 
				         if (SecurityContextHolder.isFailureIgnored()) {
			
 
				             return true;
			
 
				         }