【随机码不做格式校验】

src/main/java/com/uas/eis/core/support/ApiSignLoginInterceptor.java

@@ -34,7 +34,13 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
         String requestId = request.getHeader(RequestId);
 
         String accessSecret = tokenConfig.get(accessKey);
-
+        if (StringUtils.isEmpty(requestId)) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.REQUESTID_ILLEGAL.getCode());
+            apiResult.setMessage(ErrorMessage.REQUESTID_ILLEGAL.getMessage());
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
         if (!StringUtils.isNumeric(timestamp)) {
             ApiResult apiResult = new ApiResult();
             apiResult.setCode(ErrorMessage.TIMESTAMP_ILLEGAL.getCode());
@@ -62,15 +68,6 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
             throw new ApiSystemException(apiResult);
         }
 
-        String regex = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$";
-        if (!requestId.matches(regex)) {
-            ApiResult apiResult = new ApiResult();
-            apiResult.setCode(ErrorMessage.REQUESTID_ILLEGAL.getCode());
-            apiResult.setMessage(ErrorMessage.REQUESTID_ILLEGAL.getMessage());
-            apiResult.setRequestId(requestId);
-            throw new ApiSystemException(apiResult);
-        }
-
         if (!verificationSign(request, accessKey, accessSecret)) {
             ApiResult apiResult = new ApiResult();
             apiResult.setCode(ErrorMessage.SIGNATURE_ILLEGAL.getCode());
@@ -90,7 +87,6 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
         String originSign = request.getHeader(SIGN_KEY);
         String sign = createSign(params, accessSecret);
         System.out.println(sign);
-
         return sign.equals(originSign);
     }