Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
pms-dispatch-assistant
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
姜耀祖
pms-dispatch-assistant
Commits
5b4d3504
Commit
5b4d3504
authored
Mar 02, 2026
by
赵灿灿
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
修改依赖未经验证和完整性检查的cookie
parent
4f8df141
Pipeline
#24385
passed with stages
in 4 minutes and 57 seconds
Changes
4
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
8 deletions
+13
-8
MvcInterceptConfiguration.java
...stant/common/configuration/MvcInterceptConfiguration.java
+2
-1
DecodeJWTToken.java
...ch/pms/dispatchassistant/common/utils/DecodeJWTToken.java
+3
-2
ServletTool.java
...epoch/pms/dispatchassistant/common/utils/ServletTool.java
+2
-1
OaService.java
.../infoepoch/pms/dispatchassistant/domain/oa/OaService.java
+6
-4
No files found.
src/main/java/com/infoepoch/pms/dispatchassistant/common/configuration/MvcInterceptConfiguration.java
View file @
5b4d3504
package
com
.
infoepoch
.
pms
.
dispatchassistant
.
common
.
configuration
;
import
com.infoepoch.pms.commons.utils.ResponseUtils
;
import
com.infoepoch.pms.dispatchassistant.common.component.RedisTool
;
import
com.infoepoch.pms.dispatchassistant.common.constant.RedisKeys
;
import
com.infoepoch.pms.dispatchassistant.common.exception.NotLoginException
;
...
...
@@ -105,7 +106,7 @@ public class MvcInterceptConfiguration implements WebMvcConfigurer {
if
(
cookies
!=
null
)
{
for
(
Cookie
cookie
:
cookies
)
{
String
cookieName
=
cookie
.
getName
();
if
(
cookieName
.
equals
(
RedisKeys
.
SIGN
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
RedisKeys
.
SIGN
))
{
String
userStr
=
redisTool
.
get
(
RedisKeys
.
AUTHED_USER
+
cookie
.
getValue
());
if
(
userStr
==
null
)
{
throw
new
NotLoginException
(
"登录已失效,请重新登录"
);
...
...
src/main/java/com/infoepoch/pms/dispatchassistant/common/utils/DecodeJWTToken.java
View file @
5b4d3504
...
...
@@ -4,6 +4,7 @@ import com.auth0.jwt.JWT;
import
com.auth0.jwt.JWTVerifier
;
import
com.auth0.jwt.algorithms.Algorithm
;
import
com.auth0.jwt.interfaces.DecodedJWT
;
import
com.infoepoch.pms.commons.utils.ResponseUtils
;
import
com.infoepoch.pms.dispatchassistant.common.constant.StoreKeys
;
import
com.infoepoch.pms.dispatchassistant.common.exception.ValidationException
;
import
com.infoepoch.pms.dispatchassistant.domain.basic.store.KeyValueStoreService
;
...
...
@@ -68,10 +69,10 @@ public class DecodeJWTToken {
if
(
cookies
!=
null
&&
cookies
.
length
!=
0
)
{
Cookie
pmsWebCookie
=
Arrays
.
stream
(
cookies
).
filter
((
cookie
)
->
{
return
"pms-web"
.
equals
(
cookie
.
getName
()
);
return
ResponseUtils
.
isCkName
(
cookie
,
"pms-web"
);
}).
findAny
().
orElse
(
null
);
Cookie
ObSSOCookie
=
Arrays
.
stream
(
cookies
).
filter
((
cookie
)
->
{
return
"ObSSOCookie"
.
equals
(
cookie
.
getName
()
);
return
ResponseUtils
.
isCkName
(
cookie
,
"ObSSOCookie"
);
}).
findAny
().
orElse
(
null
);
if
(
pmsWebCookie
!=
null
)
{
String
token
=
pmsWebCookie
.
getValue
();
...
...
src/main/java/com/infoepoch/pms/dispatchassistant/common/utils/ServletTool.java
View file @
5b4d3504
package
com
.
infoepoch
.
pms
.
dispatchassistant
.
common
.
utils
;
import
com.infoepoch.pms.commons.utils.ResponseUtils
;
import
com.infoepoch.pms.dispatchassistant.common.constant.RedisKeys
;
import
org.springframework.web.context.request.RequestContextHolder
;
import
org.springframework.web.context.request.ServletRequestAttributes
;
...
...
@@ -20,7 +21,7 @@ public class ServletTool {
Cookie
[]
cookies
=
request
.
getCookies
();
if
(
cookies
!=
null
)
{
for
(
Cookie
cookie
:
cookies
)
{
if
(
cookie
.
getName
().
equals
(
cookieName
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
cookieName
))
{
return
cookie
.
getValue
();
}
}
...
...
src/main/java/com/infoepoch/pms/dispatchassistant/domain/oa/OaService.java
View file @
5b4d3504
...
...
@@ -238,12 +238,13 @@ public class OaService {
String
token
=
null
;
String
server
=
null
;
for
(
Cookie
cookie
:
cookies
)
{
if
(
"ObSSOCookie"
.
equals
(
cookie
.
getName
()
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
"ObSSOCookie"
))
{
token
=
cookie
.
getValue
();
}
if
(
"server"
.
equals
(
cookie
.
getName
()
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
"server"
))
{
server
=
cookie
.
getValue
();
}
}
if
(
StringUtils
.
isBlank
(
token
)
||
StringUtils
.
isBlank
(
server
))
{
logger
.
info
(
"微服务获取OA登陆信息异常,location:TodoService.computerTodoRedirect"
);
...
...
@@ -305,12 +306,13 @@ public class OaService {
String
token
=
null
;
String
server
=
null
;
for
(
Cookie
cookie
:
cookies
)
{
if
(
"ObSSOCookie"
.
equals
(
cookie
.
getName
()
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
"ObSSOCookie"
))
{
token
=
cookie
.
getValue
();
}
if
(
"server"
.
equals
(
cookie
.
getName
()
))
{
if
(
ResponseUtils
.
isCkName
(
cookie
,
"server"
))
{
server
=
cookie
.
getValue
();
}
}
if
(
StringUtils
.
isBlank
(
token
)
||
StringUtils
.
isBlank
(
server
))
{
logger
.
info
(
"微服务获取OA登陆信息异常,location:TodoService.moaTodoRedirect"
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
