提供iot数据推送签名方法,接收数据

AutoSprout-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java

@@ -1,18 +1,5 @@
 package com.ruoyi.web.controller.common;
 
-import java.util.ArrayList;
-import java.util.List;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.MediaType;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.multipart.MultipartFile;
 import com.ruoyi.common.config.RuoYiConfig;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -20,6 +7,25 @@ import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.file.FileUploadUtils;
 import com.ruoyi.common.utils.file.FileUtils;
 import com.ruoyi.framework.config.ServerConfig;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.multipart.MultipartFile;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
 
 /**
  * 通用请求处理
@@ -37,6 +43,9 @@ public class CommonController
 
     private static final String FILE_DELIMETER = ",";
 
+    @Value(value = "${watering.token}")
+    private String token;
+
     /**
      * 通用下载请求
      * 
@@ -160,4 +169,65 @@ public class CommonController
             log.error("下载文件失败", e);
         }
     }
+
+    /**
+     * 功能描述 消息摘要计算
+     *
+     * @param msg   平台推送消息
+     * @param signature 根据token生成的签名
+     * @param nonce 平台生成的随机字符串
+     * @return
+     * @throws Exception
+     */
+    @RequestMapping("/signature")
+    public String signature(String msg, String nonce, String signature){
+        log.info("接收到参数：msg="+msg+",token="+token+",nonce="+nonce+",signature="+signature);
+        if(StringUtils.isNotEmpty(msg)){
+            // 第一步 计算 MD5 并编码为 Base64 字符串
+            String calculatedSignature = calculateBase64MD5(token + nonce + msg);
+
+            // 第二步 进行 URL 解码
+            calculatedSignature = urlDecode(calculatedSignature);
+
+            // 第三步 比较计算得到的签名与请求参数中的签名是否相等
+            if (calculatedSignature.equals(signature)) {
+                System.out.println("Token verification successful!");
+            } else {
+                System.out.println("Token verification failed!");
+            }
+
+            // 第4步 将URL Decode编码后的值与请求参数signature的值进行对比
+            if (StringUtils.isNotEmpty(signature) && signature.equals(calculatedSignature)) {
+                log.info("签名验证正确，返回msg=【{}】",msg);
+                return msg;
+            }
+            log.info("加密后的base64:【{}】，返回invalid token",calculatedSignature);
+            return "invalid token";
+        }else{
+            return msg;
+        }
+    }
+
+    // 计算 MD5 并编码为 Base64 字符串
+    private static String calculateBase64MD5(String input) {
+        try {
+            MessageDigest md = MessageDigest.getInstance("MD5");
+            byte[] md5Bytes = md.digest(input.getBytes(StandardCharsets.UTF_8));
+            // 编码为 Base64 字符串
+            return Base64.getEncoder().encodeToString(md5Bytes);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    // URL 解码
+    private static String urlDecode(String input) {
+        try {
+            return URLDecoder.decode(input, StandardCharsets.UTF_8.toString());
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
 }

AutoSprout-admin/src/main/resources/application.yml

@@ -29,6 +29,8 @@ watering:
   timeout: 10
   # token过期时间
   daysToExpire: 100
+  # 推送消息token
+  token: tVpNdGKrAFHfKZNgpIWQfZukrcYHNfFM
 # 开发环境配置
 server:
   # 服务器的HTTP端口，默认为8080

AutoSprout-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -111,7 +111,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                 // 过滤请求
                 .authorizeRequests()
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage").permitAll()
+                .antMatchers("/login", "/register", "/captchaImage","/common/signature").permitAll()
                 // 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()