diff --git a/src/main/java/com/yolo/keyborad/Interceptor/SignInterceptor.java b/src/main/java/com/yolo/keyborad/Interceptor/SignInterceptor.java index e08c7b0..3660e0c 100644 --- a/src/main/java/com/yolo/keyborad/Interceptor/SignInterceptor.java +++ b/src/main/java/com/yolo/keyborad/Interceptor/SignInterceptor.java @@ -1,6 +1,7 @@ package com.yolo.keyborad.interceptor; import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; import com.yolo.keyborad.utils.SignUtils; import jakarta.servlet.DispatcherType; import jakarta.servlet.http.HttpServletRequest; @@ -21,6 +22,8 @@ public class SignInterceptor implements HandlerInterceptor { // appId -> secret 的映射(可从 DB 等处加载) private final Map appSecretMap; private final ObjectMapper objectMapper = new ObjectMapper(); + private final ObjectMapper signValueObjectMapper = new ObjectMapper() + .configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true); private final StringRedisTemplate redisTemplate; // 允许时间误差 5 分钟 @@ -103,7 +106,7 @@ public class SignInterceptor implements HandlerInterceptor { Map bodyMap = objectMapper.readValue(body, Map.class); bodyMap.forEach((k, v) -> { if (v != null) { - params.put(k, String.valueOf(v)); + params.put(k, stringifyForSign(v)); } }); } @@ -118,6 +121,23 @@ public class SignInterceptor implements HandlerInterceptor { return true; } + private String stringifyForSign(Object value) { + if (value == null) { + return null; + } + if (value instanceof CharSequence || value instanceof Number || value instanceof Boolean) { + return String.valueOf(value); + } + if (value.getClass().isArray() || value instanceof Collection || value instanceof Map) { + try { + return signValueObjectMapper.writeValueAsString(value); + } catch (Exception e) { + throw new RuntimeException("Sign body param serialize error", e); + } + } + return String.valueOf(value); + } + private String buildNonceKey(String appId, String nonce) { // 可以按需加上前缀,便于区分业务 return "sign:nonce:" + appId + ":" + nonce;