8 years ago · efa88c72b1
--- a/src/main/java/com/uas/eis/UasEisApplication.java
+++ b/src/main/java/com/uas/eis/UasEisApplication.java
@@ -1,19 +1,23 @@
 
				-package com.uas.eis;
			
 
				-
			
 
				-import org.springframework.boot.SpringApplication;
			
 
				-import org.springframework.boot.autoconfigure.SpringBootApplication;
			
 
				-import org.springframework.cache.annotation.EnableCaching;
			
 
				-import org.springframework.context.annotation.Import;
			
 
				-
			
 
				-import com.uas.eis.core.config.DynamicDataSourceRegister;
			
 
				-
			
 
				+package com.uas.eis;

			
 
				+

			
 
				+import org.springframework.boot.SpringApplication;

			
 
				+import org.springframework.boot.autoconfigure.SpringBootApplication;

			
 
				+import org.springframework.cache.annotation.EnableCaching;

			
 
				+import org.springframework.context.annotation.Import;

			
 
				+import org.springframework.scheduling.annotation.EnableScheduling;

			
 
				+

			
 
				+import com.uas.eis.core.config.DynamicDataSourceRegister;

			
 
				+import com.uas.eis.core.support.TokenPropertiesListener;

			
 
				+

			
 
				 @SpringBootApplication
			
 
				-@EnableCaching
			
 
				+@EnableCaching

			
 
				+//@EnableScheduling		开启定时任务
			
 
				 @Import({DynamicDataSourceRegister.class})
			
 
				 public class UasEisApplication {
			
 
				-
			
 
				 	public static void main(String[] args) {
			
 
				-		SpringApplication.run(UasEisApplication.class, args);
			
 
				+		SpringApplication application = new SpringApplication(UasEisApplication.class);
			
 
				+		application.addListeners(new TokenPropertiesListener("token.properties"));
			
 
				+		application.run(args);
			
 
				 	}
			
 
				 	
			
 
				 }
			
--- a/src/main/java/com/uas/eis/controller/LoginController.java
+++ b/src/main/java/com/uas/eis/controller/LoginController.java
@@ -0,0 +1,49 @@
 
				+package com.uas.eis.controller;
			
 
				+
			
 
				+import java.util.HashMap;
			
 
				+import java.util.Map;
			
 
				+
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.web.bind.annotation.RequestMapping;
			
 
				+import org.springframework.web.bind.annotation.RestController;
			
 
				+
			
 
				+import com.uas.eis.service.QueryService;
			
 
				+import com.uas.eis.utils.BaseUtil;
			
 
				+
			
 
				+@RestController
			
 
				+@RequestMapping("/EIS")
			
 
				+public class LoginController {
			
 
				+
			
 
				+	@Autowired
			
 
				+	private QueryService queryService;
			
 
				+	
			
 
				+	/**
			
 
				+	 * 首次登录请求token
			
 
				+	 */
			
 
				+	@RequestMapping("/login")
			
 
				+	public Object login(HttpServletRequest request, String username, String password){
			
 
				+		Map<String, Object> res = new HashMap<String, Object>();
			
 
				+		String token = queryService.login(username, password);
			
 
				+		request.getSession().removeAttribute("token");
			
 
				+		if(token != null) {
			
 
				+			request.getSession().setAttribute("token", token);
			
 
				+			res.put("success", true);
			
 
				+			res.put("token", token);
			
 
				+		}else {
			
 
				+			BaseUtil.showError("账户名或密码错误", "BAD_USERINFO");
			
 
				+		}
			
 
				+		return res;
			
 
				+	}
			
 
				+	
			
 
				+	/**
			
 
				+	 * 退出登录
			
 
				+	 */
			
 
				+	@RequestMapping("/logout")
			
 
				+	public Object logout(HttpServletRequest request){
			
 
				+		Map<String, Object> res = new HashMap<String, Object>();
			
 
				+		request.getSession().removeAttribute("token");
			
 
				+		res.put("success", true);
			
 
				+		return res;
			
 
				+	}
			
 
				+}
			
--- a/src/main/java/com/uas/eis/controller/QueryController.java
+++ b/src/main/java/com/uas/eis/controller/QueryController.java
@@ -10,15 +10,22 @@ import org.springframework.web.bind.annotation.RestController;
 
				 import com.uas.eis.service.QueryService;
			
 
				 
			
 
				 @RestController
			
 
				+@RequestMapping("/EIS/")
			
 
				 public class QueryController {
			
 
				 
			
 
				 	@Autowired
			
 
				-	private QueryService userService;
			
 
				+	private QueryService queryService;
			
 
				 	
			
 
				 	@RequestMapping("/api/query")
			
 
				 	public Object query(String code, String param){
			
 
				 		Map<String, Object> map = new HashMap<String, Object>();
			
 
				-		return userService.query(code, param);
			
 
				+		return queryService.query(code, param);
			
 
				+	}
			
 
				+	
			
 
				+	@RequestMapping("/api/doAction")
			
 
				+	public Object doAction(String code, String param){
			
 
				+		Map<String, Object> map = new HashMap<String, Object>();
			
 
				+		return queryService.doAction(code, param);
			
 
				 	}
			
 
				 	
			
 
				 }
			
--- a/src/main/java/com/uas/eis/core/WebAppConfig.java
+++ b/src/main/java/com/uas/eis/core/WebAppConfig.java
@@ -16,19 +16,18 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupp
 
				 
			
 
				 import com.fasterxml.jackson.databind.ObjectMapper;
			
 
				 import com.uas.eis.core.support.DataSourceInterceptor;
			
 
				-import com.uas.eis.core.support.InterceptorConfig;
			
 
				+import com.uas.eis.core.support.LoginInterceptor;
			
 
				 
			
 
				 @Configuration
			
 
				 public class WebAppConfig extends WebMvcConfigurationSupport{
			
 
				 
			
 
				 	@Bean
			
 
				-	public InterceptorConfig interceptorConfig(){
			
 
				-		return new InterceptorConfig();
			
 
				+	public LoginInterceptor loginInterceptor(){
			
 
				+		return new LoginInterceptor();
			
 
				 	}
			
 
				 	
			
 
				 	public void addInterceptors(InterceptorRegistry registry){
			
 
				-		registry.addInterceptor(interceptorConfig()).addPathPatterns("/hello").excludePathPatterns("/login");
			
 
				-//		registry.addInterceptor(new InterceptorConfig()).addPathPatterns("/*").excludePathPatterns("/login");
			
 
				+		registry.addInterceptor(loginInterceptor()).addPathPatterns("/**").excludePathPatterns("/EIS/login");
			
 
				 		registry.addInterceptor(new DataSourceInterceptor()).addPathPatterns("/*/**");
			
 
				 	}
			
 
				 	
			
--- a/src/main/java/com/uas/eis/core/support/ActionConfig.java
+++ b/src/main/java/com/uas/eis/core/support/ActionConfig.java
@@ -0,0 +1,24 @@
 
				+package com.uas.eis.core.support;
			
 
				+
			
 
				+import org.springframework.boot.context.properties.ConfigurationProperties;
			
 
				+import org.springframework.stereotype.Component;
			
 
				+
			
 
				+@Component
			
 
				+@ConfigurationProperties(prefix = "action")
			
 
				+public class ActionConfig {
			
 
				+	private String apiAction;
			
 
				+	private String[] publicActions;
			
 
				+	
			
 
				+	public String getApiAction() {
			
 
				+		return apiAction == null ? "" : apiAction;
			
 
				+	}
			
 
				+	public void setApiAction(String apiAction) {
			
 
				+		this.apiAction = apiAction;
			
 
				+	}
			
 
				+	public String[] getPublicActions() {
			
 
				+		return publicActions == null ? new String[]{} : publicActions;
			
 
				+	}
			
 
				+	public void setPublicActions(String[] publicActions) {
			
 
				+		this.publicActions = publicActions;
			
 
				+	}
			
 
				+}
			
--- a/src/main/java/com/uas/eis/core/support/InterceptorConfig.java
+++ b/src/main/java/com/uas/eis/core/support/InterceptorConfig.java
@@ -15,43 +15,20 @@ import com.uas.eis.utils.BaseUtil;
 
				 
			
 
				 import io.jsonwebtoken.Claims;
			
 
				 
			
 
				-public class InterceptorConfig implements HandlerInterceptor{
			
 
				+public class LoginInterceptor implements HandlerInterceptor{
			
 
				 
			
 
				 	@Autowired
			
 
				 	private QueryService userService;
			
 
				 	
			
 
				-	private BaseDao baseDao;
			
 
				-	
			
 
				 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				-		//token认证
			
 
				-		String token = request.getParameter("token");
			
 
				-		boolean flag = false;
			
 
				-		String message = new String("程序错误");
			
 
				-		if(token != null && !token.isEmpty()) { // 验证是否包含token
			
 
				-			Claims claims = TokenHandler.parseToken(token); 
			
 
				-			if(claims != null && checkToken(claims)) { // 验证token信息是否合法
			
 
				-				String username = (String) claims.get("username");
			
 
				-				String password = (String) claims.get("password");
			
 
				-				if(checkUser(username, password)) { // 验证用户是否合法
			
 
				-					String actionUrl = request.getRequestURI();
			
 
				-					if(checkActionAccess(username, actionUrl)) { // 验证请求权限
			
 
				-						flag = true;
			
 
				-					}else {
			
 
				-						message = "访问权限受限";
			
 
				-					}
			
 
				-				}else {
			
 
				-					message = "请求用户无效";
			
 
				-				}
			
 
				-			}else {
			
 
				-				message = "Token未通过验证或已过期";
			
 
				-			}
			
 
				-		}else {
			
 
				-			message = "未授权的请求";
			
 
				-		}
			
 
				-		if(!flag) {
			
 
				-			BaseUtil.showError(message);
			
 
				-		}
			
 
				-		return flag;
			
 
				+		String token = (String) request.getSession().getAttribute("token");
			
 
				+		Claims claims = parseToken(token); // 验证并解析token
			
 
				+		String username = (String) claims.get("username");
			
 
				+		String password = (String) claims.get("password");
			
 
				+		checkUser(username, password); // 验证用户是否合法
			
 
				+		String actionUrl = request.getRequestURI();
			
 
				+		checkActionAccess(username, actionUrl); // 验证请求权限
			
 
				+		return true;
			
 
				 	}
			
 
				 	
			
 
				 	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			
@@ -62,16 +39,26 @@ public class InterceptorConfig implements HandlerInterceptor{
 
				 			Exception ex) throws Exception {
			
 
				 	}
			
 
				 	
			
 
				-	private boolean checkToken(Claims claims) {
			
 
				+	private Claims parseToken(String token) {
			
 
				+		if(token == null || token.isEmpty()) {
			
 
				+			BaseUtil.showError("缺失token", "NULL_TOKEN");
			
 
				+			return null;
			
 
				+		}
			
 
				+		Claims claims = TokenHandler.parseToken(token);
			
 
				+		if(claims == null) {
			
 
				+			BaseUtil.showError("无效的token", "INVALID_TOKEN");
			
 
				+			return null;
			
 
				+		}
			
 
				 		Date now = new Date();
			
 
				 		Date start = claims.getNotBefore();
			
 
				 		Date end = claims.getExpiration();
			
 
				 		
			
 
				-		boolean flag = false;
			
 
				 		if (now.after(start) && now.before(end)) {
			
 
				-			flag = true;
			
 
				+			return claims;
			
 
				+		}else {
			
 
				+			BaseUtil.showError("已过期的token", "OVERDUE_TOKEN");
			
 
				+			return null;
			
 
				 		}
			
 
				-		return flag;
			
 
				 	}
			
 
				 	
			
 
				 	private boolean checkUser(String username, String password) {
			
@@ -79,10 +66,17 @@ public class InterceptorConfig implements HandlerInterceptor{
 
				 		if(username != null && password != null) {
			
 
				 			enable = userService.checkUser(username, password);
			
 
				 		}
			
 
				+		if(!enable) {
			
 
				+			BaseUtil.showError("无效用户", "INVALID_USER");
			
 
				+		}
			
 
				 		return enable;
			
 
				 	}
			
 
				 	
			
 
				 	private boolean checkActionAccess(String username, String action) {
			
 
				-		return userService.checkAction(username, action);
			
 
				+		boolean enable = userService.checkAction(username, action);
			
 
				+		if(!enable) {
			
 
				+			BaseUtil.showError("受限的接口请求", "PERMISSION_DENIED_ACTION");
			
 
				+		}
			
 
				+		return enable;
			
 
				 	}
			
 
				 }
			
--- a/src/main/java/com/uas/eis/core/support/TokenProperties.java
+++ b/src/main/java/com/uas/eis/core/support/TokenProperties.java
@@ -0,0 +1,48 @@
 
				+package com.uas.eis.core.support;
			
 
				+
			
 
				+import java.io.IOException;
			
 
				+import java.io.UnsupportedEncodingException;
			
 
				+import java.util.HashMap;
			
 
				+import java.util.Map;
			
 
				+import java.util.Properties;
			
 
				+
			
 
				+import org.springframework.beans.BeansException;
			
 
				+import org.springframework.core.io.support.PropertiesLoaderUtils;
			
 
				+
			
 
				+public class TokenProperties {
			
 
				+	
			
 
				+	public static Map<String, String> propertiesMap = new HashMap<>();
			
 
				+
			
 
				+    private static void processProperties(Properties props) throws BeansException {
			
 
				+        propertiesMap = new HashMap<String, String>();
			
 
				+        for (Object key : props.keySet()) {
			
 
				+            String keyStr = key.toString();
			
 
				+            try {
			
 
				+                // PropertiesLoaderUtils的默认编码是ISO-8859-1,在这里转码一下
			
 
				+                propertiesMap.put(keyStr, new String(props.getProperty(keyStr).getBytes("ISO-8859-1"), "utf-8"));
			
 
				+            } catch (UnsupportedEncodingException e) {
			
 
				+                e.printStackTrace();
			
 
				+            } catch (java.lang.Exception e) {
			
 
				+                e.printStackTrace();
			
 
				+            }
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    public static void loadAllProperties(String propertyFileName) {
			
 
				+        try {
			
 
				+            Properties properties = PropertiesLoaderUtils.loadAllProperties(propertyFileName);
			
 
				+            processProperties(properties);
			
 
				+        } catch (IOException e) {
			
 
				+            e.printStackTrace();
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    public static String getProperty(String name) {
			
 
				+        return propertiesMap.get(name).toString();
			
 
				+    }
			
 
				+
			
 
				+    public static Map<String, String> getAllProperty() {
			
 
				+        return propertiesMap;
			
 
				+    }
			
 
				+
			
 
				+}
			
--- a/src/main/java/com/uas/eis/core/support/TokenPropertiesListener.java
+++ b/src/main/java/com/uas/eis/core/support/TokenPropertiesListener.java
@@ -0,0 +1,19 @@
 
				+package com.uas.eis.core.support;
			
 
				+
			
 
				+import org.springframework.boot.context.event.ApplicationStartedEvent;
			
 
				+import org.springframework.context.ApplicationListener;
			
 
				+
			
 
				+public class TokenPropertiesListener implements ApplicationListener<ApplicationStartedEvent> {
			
 
				+
			
 
				+	private String propertyFileName;
			
 
				+	
			
 
				+	public TokenPropertiesListener(String propertyFileName) {
			
 
				+        this.propertyFileName = propertyFileName;
			
 
				+    }
			
 
				+	
			
 
				+	@Override
			
 
				+	public void onApplicationEvent(ApplicationStartedEvent arg0) {
			
 
				+		TokenProperties.loadAllProperties(this.propertyFileName);
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/src/main/java/com/uas/eis/entity/TokenConfig.java
+++ b/src/main/java/com/uas/eis/entity/TokenConfig.java
@@ -1,8 +0,0 @@
 
				-package com.uas.eis.entity;
			
 
				-
			
 
				-public class TokenConfig {
			
 
				-	public static String SECURITY_KEY = "36762702385535371444397399"; // 秘钥
			
 
				-	public static String ISSUER = "UAS_EIS";
			
 
				-	public static String AUDIENCE = "UAS_EIS";
			
 
				-	public static long KEEP = 24*60*60*1000; // 保留时间1天
			
 
				-}
			
--- a/src/main/java/com/uas/eis/exception/ExceptionHandlerAdvice.java
+++ b/src/main/java/com/uas/eis/exception/ExceptionHandlerAdvice.java
@@ -47,6 +47,7 @@ public class ExceptionHandlerAdvice {
 
				 	@ResponseBody
			
 
				 	public ModelMap handleSystemError(SystemException ex, HttpServletRequest request) {
			
 
				 		ModelMap map = new ModelMap();
			
 
				+		map.put("exceptionCode", ex.getErrorCode());
			
 
				 		map.put("exceptionInfo", ex.getMessage());
			
 
				 		return map;
			
 
				 	}
			
--- a/src/main/java/com/uas/eis/exception/SystemException.java
+++ b/src/main/java/com/uas/eis/exception/SystemException.java
@@ -12,6 +12,8 @@ public class SystemException extends RuntimeException {
 
				 	 * 
			
 
				 	 */
			
 
				 	private static final long serialVersionUID = 4218425517031998401L;
			
 
				+	
			
 
				+	private String errorCode;
			
 
				 
			
 
				 	public SystemException() {
			
 
				 	}
			
@@ -19,13 +21,26 @@ public class SystemException extends RuntimeException {
 
				 	public SystemException(String paramString) {
			
 
				 		super(paramString);
			
 
				 	}
			
 
				+	
			
 
				+	public SystemException(String paramString, String errorCode) {
			
 
				+		super(paramString);
			
 
				+		this.errorCode = errorCode;
			
 
				+	}
			
 
				 
			
 
				-	public SystemException(String paramString, Throwable paramThrowable) {
			
 
				+	public SystemException(String paramString, String errorCode, Throwable paramThrowable) {
			
 
				 		super(paramString, paramThrowable);
			
 
				+		this.errorCode = errorCode;
			
 
				 	}
			
 
				 
			
 
				 	public SystemException(Throwable paramThrowable) {
			
 
				 		super(paramThrowable);
			
 
				 	}
			
 
				-
			
 
				+	
			
 
				+	public String getErrorCode() {
			
 
				+		return this.errorCode;
			
 
				+	}
			
 
				+	
			
 
				+	public void setErrorCode(String errorCode) {
			
 
				+		this.errorCode = errorCode;
			
 
				+	}
			
 
				 }
			
--- a/src/main/java/com/uas/eis/service/QueryService.java
+++ b/src/main/java/com/uas/eis/service/QueryService.java
@@ -9,5 +9,7 @@ public interface QueryService {
 
				 	public abstract boolean checkAction(String username, String action);
			
 
				 
			
 
				 	public Object query(String code, String param);
			
 
				+	
			
 
				+	public Object doAction(String code, String param);
			
 
				 
			
 
				 }
			
--- a/src/main/java/com/uas/eis/serviceImpl/QueryServiceImpl.java
+++ b/src/main/java/com/uas/eis/serviceImpl/QueryServiceImpl.java
@@ -15,6 +15,7 @@ import org.springframework.stereotype.Service;
 
				 import org.springframework.util.StringUtils;
			
 
				 
			
 
				 import com.alibaba.fastjson.JSON;
			
 
				+import com.uas.eis.core.support.ActionConfig;
			
 
				 import com.uas.eis.core.support.TokenHandler;
			
 
				 import com.uas.eis.dao.BaseDao;
			
 
				 import com.uas.eis.entity.QueryArgs;
			
@@ -30,10 +31,16 @@ public class QueryServiceImpl implements QueryService {
 
				 
			
 
				 	@Autowired
			
 
				 	private BaseDao baseDao;
			
 
				+	@Autowired
			
 
				+	private ActionConfig actionConfig;
			
 
				 	
			
 
				 	@Override
			
 
				 	public String login(String username, String password) {
			
 
				-		return TokenHandler.createToken(username, password);
			
 
				+		if(checkUser(username, password)) {
			
 
				+			return TokenHandler.createToken(username, password);
			
 
				+		}else {
			
 
				+			return null;
			
 
				+		}
			
 
				 	}
			
 
				 	
			
 
				 	@Override
			
@@ -46,16 +53,30 @@ public class QueryServiceImpl implements QueryService {
 
				 	@Cacheable(value="userActionEnableCache")
			
 
				 	public boolean checkAction(String username, String action) {
			
 
				 		boolean flag = false;
			
 
				+		
			
 
				 		String roles = baseDao.queryForObject("select eu_role from eis_user where eu_name='" + username + "'", String.class);
			
 
				-		String[] fields = {"er_reg","er_action"};
			
 
				 		if(roles == null) {
			
 
				 			return false;
			
 
				 		}
			
 
				+		// 开放公共API的权限
			
 
				+		String apiAction = actionConfig.getApiAction();
			
 
				+		if(action.startsWith(apiAction)) {
			
 
				+			return true;
			
 
				+		}
			
 
				+		// 判断是否在不需要权限控制的请求配置中
			
 
				+		String[] publicActions = actionConfig.getPublicActions();
			
 
				+		for(String publicAction : publicActions) {
			
 
				+			if(publicAction.equals(action)) {
			
 
				+				return true;
			
 
				+			}
			
 
				+		}
			
 
				+		String[] fields = {"er_reg","er_action"};
			
 
				 		List<JSONObject> res = baseDao.getFieldsJSONDatasByCondition("EIS_ROLE", fields, "er_id in (" + roles + ")");
			
 
				 		for(int o = 0; o< res.size(); o++) {
			
 
				 			JSONObject data = res.get(o);
			
 
				-			String reg = data.containsKey("er_reg")?data.getString("er_reg"):"";
			
 
				-			String act = data.containsKey("er_action")?data.getString("er_action"):"";
			
 
				+			String reg = data.containsKey("er_reg") ? data.getString("er_reg") : "(\\S)*";
			
 
				+			String act = data.containsKey("er_action") ? data.getString("er_action") : "";
			
 
				+			// 通过正则和预设接口校验请求权限
			
 
				 			if(action.matches(reg) || act.indexOf(action) != -1) {
			
 
				 				flag = true;
			
 
				 				break;
			
@@ -190,6 +211,10 @@ public class QueryServiceImpl implements QueryService {
 
				 		
			
 
				 	}
			
 
				 	
			
 
				+	public Object doAction() {
			
 
				+		return null;
			
 
				+	}
			
 
				+	
			
 
				 	/**
			
 
				 	 * 传入参数的合法性校验
			
 
				 	 * @param code
			
@@ -198,30 +223,35 @@ public class QueryServiceImpl implements QueryService {
 
				 	private void checkParam(String code, String param){
			
 
				 		com.alibaba.fastjson.JSONObject json = JSON.parseObject(param);
			
 
				 		if(StringUtils.isEmpty(code)){
			
 
				-			BaseUtil.showError("查询方案编号不能为空");
			
 
				+			BaseUtil.showError("查询方案编号不能为空", "NULL_QUERY_CODE");
			
 
				 		}
			
 
				 		if(json == null){
			
 
				-			BaseUtil.showError("传入的参数个数不正确");
			
 
				+			BaseUtil.showError("传入的参数个数不正确", "PARAM_AMOUNT_ERROR");
			
 
				 		}
			
 
				 		String getInParamsSql = "select * from queryArgs where qa_qccode = ? and qa_relation is null";
			
 
				 		List<QueryArgs> inParamList = baseDao.query(getInParamsSql,  QueryArgs.class, code);
			
 
				 		if(inParamList.size() != json.size()){
			
 
				-			BaseUtil.showError("传入的参数个数不正确");
			
 
				+			BaseUtil.showError("传入的参数个数不正确", "PARAM_AMOUNT_ERROR");
			
 
				 		}else{
			
 
				 			 for(QueryArgs queryArgs : inParamList){
			
 
				 				 if(json.getString(queryArgs.getQa_param()) == null){
			
 
				-					 BaseUtil.showError("传入的参数名不正确");
			
 
				+					 BaseUtil.showError("传入的参数名不正确", "PARAM_NAME_ERROR");
			
 
				 				 }else{
			
 
				 					 if("array".equals(queryArgs.getQa_paramtype())){
			
 
				 						 String stringArray = json.getString(queryArgs.getQa_param());
			
 
				 						 if(!(stringArray.contains("[") && stringArray.contains("]"))){
			
 
				-							 BaseUtil.showError("传入的参数："+queryArgs.getQa_param()+"格式不正确");
			
 
				+							 BaseUtil.showError("传入的参数："+queryArgs.getQa_param()+"格式不正确", "PARAM_FORMAT_ERROR");
			
 
				 						 }
			
 
				 					 }
			
 
				 				 }
			
 
				 			 }
			
 
				 		}
			
 
				 	}
			
 
				+
			
 
				+	@Override
			
 
				+	public Object doAction(String code, String param) {
			
 
				+		return null;
			
 
				+	}
			
 
				 	
			
 
				 	
			
 
				 	
			
--- a/src/main/java/com/uas/eis/utils/BaseUtil.java
+++ b/src/main/java/com/uas/eis/utils/BaseUtil.java
@@ -31,6 +31,11 @@ public class BaseUtil {
 
				 			throw new SystemException(error);
			
 
				 	}
			
 
				 	
			
 
				+	public static void showError(String error, String errorCode) {
			
 
				+		if (error != null && error.length() > 0)
			
 
				+			throw new SystemException(error, errorCode);
			
 
				+	}
			
 
				+	
			
 
				 	/**
			
 
				 	 * List集合转化成字符串, null和空字符自动去掉
			
 
				 	 * 
			
--- a/src/main/java/com/uas/eis/utils/HttpUtil.java
+++ b/src/main/java/com/uas/eis/utils/HttpUtil.java
@@ -16,6 +16,8 @@ import java.security.KeyManagementException;
 
				 import java.security.NoSuchAlgorithmException;
			
 
				 import java.security.cert.CertificateException;
			
 
				 import java.util.ArrayList;
			
 
				+import java.util.HashMap;
			
 
				+import java.util.Iterator;
			
 
				 import java.util.List;
			
 
				 import java.util.Map;
			
 
				 import java.util.Map.Entry;
			
@@ -26,6 +28,7 @@ import javax.net.ssl.TrustManager;
 
				 import javax.net.ssl.X509TrustManager;
			
 
				 
			
 
				 import org.apache.http.Consts;
			
 
				+import org.apache.http.Header;
			
 
				 import org.apache.http.HttpEntity;
			
 
				 import org.apache.http.HttpResponse;
			
 
				 import org.apache.http.NameValuePair;
			
@@ -110,8 +113,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendGetRequest(String url, Map<String, String> params) throws Exception {
			
 
				-		return sendGetRequest(url, params, false, null);
			
 
				+	public static Response sendGetRequest(String url, HashMap<String, String> header, Map<String, String> params) throws Exception {
			
 
				+		return sendGetRequest(url, header, params, false, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -124,8 +127,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendGetRequest(String url, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				-		return sendRequest(RequestMethod.GET, url, params, sign, signKey);
			
 
				+	public static Response sendGetRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				+		return sendRequest(RequestMethod.GET, url, header, params, sign, signKey);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -138,8 +141,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendGetRequest(String url, Map<String, String> params, boolean sign) throws Exception {
			
 
				-		return sendRequest(RequestMethod.GET, url, params, sign, null);
			
 
				+	public static Response sendGetRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign) throws Exception {
			
 
				+		return sendRequest(RequestMethod.GET, url, header, params, sign, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -150,8 +153,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendPostRequest(String url, Map<String, String> params) throws Exception {
			
 
				-		return sendPostRequest(url, params, false, null);
			
 
				+	public static Response sendPostRequest(String url, HashMap<String, String> header, Map<String, String> params) throws Exception {
			
 
				+		return sendPostRequest(url, header, params, false, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -176,8 +179,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendPostRequest(String url, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				-		return sendRequest(RequestMethod.POST, url, params, sign, signKey);
			
 
				+	public static Response sendPostRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				+		return sendRequest(RequestMethod.POST, url, header, params, sign, signKey);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -208,8 +211,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendPostRequest(String url, Map<String, String> params, boolean sign) throws Exception {
			
 
				-		return sendRequest(RequestMethod.POST, url, params, sign, null);
			
 
				+	public static Response sendPostRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign) throws Exception {
			
 
				+		return sendRequest(RequestMethod.POST, url, header, params, sign, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -350,8 +353,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendPutRequest(String url, Map<String, String> params, boolean sign) throws Exception {
			
 
				-		return sendRequest(RequestMethod.PUT, url, params, sign, null);
			
 
				+	public static Response sendPutRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign) throws Exception {
			
 
				+		return sendRequest(RequestMethod.PUT, url, header, params, sign, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -389,8 +392,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendDeleteRequest(String url, Map<String, String> params) throws Exception {
			
 
				-		return sendDeleteRequest(url, params, false, null);
			
 
				+	public static Response sendDeleteRequest(String url, HashMap<String, String> header, Map<String, String> params) throws Exception {
			
 
				+		return sendDeleteRequest(url, header, params, false, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -403,8 +406,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendDeleteRequest(String url, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				-		return sendRequest(RequestMethod.DELETE, url, params, sign, signKey);
			
 
				+	public static Response sendDeleteRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign, String signKey) throws Exception {
			
 
				+		return sendRequest(RequestMethod.DELETE, url, header, params, sign, signKey);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -417,8 +420,8 @@ public class HttpUtil {
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendDeleteRequest(String url, Map<String, String> params, boolean sign) throws Exception {
			
 
				-		return sendRequest(RequestMethod.DELETE, url, params, sign, null);
			
 
				+	public static Response sendDeleteRequest(String url, HashMap<String, String> header, Map<String, String> params, boolean sign) throws Exception {
			
 
				+		return sendRequest(RequestMethod.DELETE, url, header, params, sign, null);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -430,24 +433,51 @@ public class HttpUtil {
 
				 	 *            请求链接
			
 
				 	 * @param params
			
 
				 	 *            参数
			
 
				+	 *            
			
 
				 	 * @param sign
			
 
				 	 *            是否签名
			
 
				 	 * @return
			
 
				 	 * @throws Exception
			
 
				 	 */
			
 
				-	public static Response sendRequest(RequestMethod method, String url, Map<String, String> params, boolean sign, String signKey)
			
 
				+	public static Response sendRequest(RequestMethod method, String url, HashMap<String, String> header, Map<String, String> params, boolean sign, String signKey)
			
 
				 			throws Exception {
			
 
				+		
			
 
				 		switch (method) {
			
 
				-		case GET:
			
 
				-			return sendHttpUriRequest(new HttpGet(getRequestUrl(url, params, sign, signKey)));
			
 
				-		case POST:
			
 
				-			return sendHttpEntityEnclosingRequest(new HttpPost(getRequestUrl(url, sign, signKey)), params);
			
 
				-		case PUT:
			
 
				-			return sendHttpEntityEnclosingRequest(new HttpPut(getRequestUrl(url, sign, signKey)), params);
			
 
				-		case DELETE:
			
 
				-			return sendHttpUriRequest(new HttpDelete(getRequestUrl(url, params, sign, signKey)));
			
 
				-		default:
			
 
				-			return sendHttpUriRequest(new HttpGet(getRequestUrl(url, params, sign, signKey)));
			
 
				+		case GET: {
			
 
				+			HttpRequestBase request = new HttpGet(getRequestUrl(url, params, sign, signKey));
			
 
				+			for (Map.Entry<String, String> entry : header.entrySet()) {
			
 
				+				request.setHeader(entry.getKey(), entry.getValue());
			
 
				+			}
			
 
				+			return sendHttpUriRequest(request);
			
 
				+		}
			
 
				+		case POST: {
			
 
				+			HttpPost request = new HttpPost(getRequestUrl(url, sign, signKey));
			
 
				+			for (Map.Entry<String, String> entry : header.entrySet()) {
			
 
				+				request.setHeader(entry.getKey(), entry.getValue());
			
 
				+			}
			
 
				+			return sendHttpEntityEnclosingRequest(request, params);
			
 
				+		}
			
 
				+		case PUT: {
			
 
				+			HttpPut request = new HttpPut(getRequestUrl(url, sign, signKey));
			
 
				+			for (Map.Entry<String, String> entry : header.entrySet()) {
			
 
				+				request.setHeader(entry.getKey(), entry.getValue());
			
 
				+			}
			
 
				+			return sendHttpEntityEnclosingRequest(request, params);
			
 
				+		}
			
 
				+		case DELETE: {
			
 
				+			HttpDelete request = new HttpDelete(getRequestUrl(url, params, sign, signKey));
			
 
				+			for (Map.Entry<String, String> entry : header.entrySet()) {
			
 
				+				request.setHeader(entry.getKey(), entry.getValue());
			
 
				+			}
			
 
				+			return sendHttpUriRequest(request);
			
 
				+		}
			
 
				+		default: {
			
 
				+			HttpGet request = new HttpGet(getRequestUrl(url, params, sign, signKey));
			
 
				+			for (Map.Entry<String, String> entry : header.entrySet()) {
			
 
				+				request.setHeader(entry.getKey(), entry.getValue());
			
 
				+			}
			
 
				+			return sendHttpUriRequest(request);
			
 
				+		}
			
 
				 		}
			
 
				 	}
			
 
				 
			
--- a/src/main/java/com/uas/eis/utils/JwtUtil.java
+++ b/src/main/java/com/uas/eis/utils/JwtUtil.java
@@ -2,13 +2,12 @@ package com.uas.eis.utils;
 
				 
			
 
				 import java.security.Key;
			
 
				 import java.util.Date;
			
 
				-import java.util.UUID;
			
 
				+import java.util.Map;
			
 
				 
			
 
				 import javax.crypto.spec.SecretKeySpec;
			
 
				 import javax.xml.bind.DatatypeConverter;
			
 
				 
			
 
				-import com.fasterxml.jackson.databind.deser.impl.ExternalTypeHandler.Builder;
			
 
				-import com.uas.eis.entity.TokenConfig;
			
 
				+import com.uas.eis.core.support.TokenProperties;
			
 
				 
			
 
				 import io.jsonwebtoken.Claims;
			
 
				 import io.jsonwebtoken.JwtBuilder;
			
@@ -16,7 +15,8 @@ import io.jsonwebtoken.Jwts;
 
				 import io.jsonwebtoken.SignatureAlgorithm;
			
 
				 
			
 
				 public class JwtUtil {
			
 
				-	private static String base64Security = TokenConfig.SECURITY_KEY;
			
 
				+	private static Map<String,String> tokenConfig = TokenProperties.getAllProperty();
			
 
				+	private static String base64Security = tokenConfig.get("SECURITY_KEY");
			
 
				 	
			
 
				 	public static String createJWT(String username, String password) {
			
 
				 		SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
			
@@ -32,12 +32,12 @@ public class JwtUtil {
 
				 		JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
			
 
				 				.claim("username", username)
			
 
				 				.claim("password", password)
			
 
				-				.setIssuer(TokenConfig.ISSUER)
			
 
				-				.setAudience(TokenConfig.AUDIENCE)
			
 
				+				.setIssuer(tokenConfig.get("ISSUER"))
			
 
				+				.setAudience(tokenConfig.get("AUDIENCE"))
			
 
				 				.signWith(signatureAlgorithm, signingKey);
			
 
				 		
			
 
				 		// 添加Token过期时间
			
 
				-		long expMillis = nowMillis + TokenConfig.KEEP;
			
 
				+		long expMillis = nowMillis + Long.parseLong(tokenConfig.get("KEEP"));
			
 
				 		Date exp = new Date(expMillis);
			
 
				 		builder.setExpiration(exp).setNotBefore(now);
			
 
				 
			
--- a/src/main/java/com/uas/eis/utils/MD5Util.java
+++ b/src/main/java/com/uas/eis/utils/MD5Util.java
@@ -0,0 +1,35 @@
 
				+package com.uas.eis.utils;

			
 
				+

			
 
				+import java.security.MessageDigest;

			
 
				+import java.security.NoSuchAlgorithmException;

			
 
				+

			
 
				+public class MD5Util {

			
 
				+

			
 
				+	/**

			
 
				+	 * MD5加密

			
 
				+	 * @param message

			
 
				+	 * @return

			
 
				+	 */

			
 
				+	public static String getEncryption(String message){

			
 
				+		String result = "";

			
 
				+		if(message != null){

			
 
				+			try {

			
 
				+				MessageDigest md = MessageDigest.getInstance("MD5");		//指定加密方式

			
 
				+				//加密

			
 
				+				byte[] bytes = md.digest(message.getBytes());

			
 
				+				for(int i = 0; i < bytes.length; i++){

			
 
				+					// 将整数转换成十六进制形式的字符串 这里与0xff进行与运算的原因是保证转换结果为32位

			
 
				+					String str = Integer.toHexString(bytes[i] & 0xFF);

			
 
				+					if(str.length() == 1){

			
 
				+						str += "F";

			
 
				+					}

			
 
				+					result += str;

			
 
				+				}

			
 
				+			} catch (NoSuchAlgorithmException e) {

			
 
				+				e.printStackTrace();

			
 
				+			}	

			
 
				+		}

			
 
				+		return result;

			
 
				+		

			
 
				+	}

			
 
				+}

			
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -14,4 +14,13 @@ spring:
 
				         encoding: UTF-8
			
 
				 server:
			
 
				     tomcat:
			
 
				-        uri_encoding: UTF-8
			
 
				+        uri_encoding: UTF-8
			
 
				+token:
			
 
				+    properties:
			
 
				+        SECURITY_KEY: 435aMe9L5itTrckY35kfcOQvPkBGZtGo
			
 
				+        ISSUER: EIS_ISS
			
 
				+        AUDIENCE: EIS_AUD
			
 
				+        KEEP: 86400000
			
 
				+action:
			
 
				+    api_action: /EIS/api
			
 
				+    public_actions: /EIS/logout,/EIS/hello1
			
--- a/src/main/resources/token.properties
+++ b/src/main/resources/token.properties
@@ -0,0 +1,4 @@
 
				+SECURITY_KEY=435aMe9L5itTrckY35kfcOQvPkBGZtGo
			
 
				+ISSUER=EIS_ISS
			
 
				+AUDIENCE=EIS_AUD
			
 
				+KEEP=86400000