Example 6 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class BindCertWebController method getProjectByCertBase64.
/**
* 获取产品信息
*
* @param certBase64
* @return
* @throws UserInfoServiceException
*/
public Product getProjectByCertBase64(String certBase64) throws UserInfoServiceException {
UserCert userCert;
try {
userCert = userCertService.getUserCert(certBase64);
} catch (CertificateException e) {
throw new UserInfoServiceException(e.getMessage());
} catch (SigningServerException e) {
throw new UserInfoServiceException(e.getMessage());
}
Product product = null;
// 证书序列号
String CertSerialNumber = userCert.getCertSn();
if (userCert.getBill() == null) {
String accountHash = getRaInfo.getRaInfoByCertSerialNumber(CertSerialNumber);
if (StringUtils.isBlank(accountHash))
throw new UserInfoServiceException("获取AccountHash失败,请联系管理员");
// Ra
RaAccount raAccount = raAccountService.getRaByAccountHash(accountHash);
if (null == raAccount)
throw new UserInfoServiceException("获取RA信息失败,请联系管理员");
// 产品
// product = productService.getProductByRa(raAccount.getId());
product = productService.getRenewProduct(raAccount.getId(), null, null, userCert.getCertDn());
} else {
// 证书关联了订单,根据订单获得projectId和productId
Bill bill = sqlSession.selectOne("com.itrus.portal.db.BillMapper.selectByPrimaryKey", userCert.getBill());
if (null == bill) {
throw new UserInfoServiceException("获取产品信息失败,请联系管理员");
}
product = sqlSession.selectOne("com.itrus.portal.db.ProductMapper.selectByPrimaryKey", bill.getProduct());
}
if (null == product)
throw new UserInfoServiceException("获取对应产品信息失败");
userCert.setProduct(product.getId());
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
return product;
}
Also used :
RaAccount(com.itrus.portal.db.RaAccount)
Bill(com.itrus.portal.db.Bill)
SigningServerException(com.itrus.cryptorole.SigningServerException)
Product(com.itrus.portal.db.Product)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
UserCert(com.itrus.portal.db.UserCert)
Example 7 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class DownLoadCertWebController method downLoadCert.
@RequestMapping("/{id}")
@ResponseBody
public Map<String, Object> downLoadCert(@PathVariable(value = "id") Long id, @RequestParam(value = "uidIdx", required = true) Integer uidIdx, @RequestParam(value = "csr", required = true) String csr, @RequestParam(value = "keySn", required = false) String keySn, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
retMap.put("retCode", 0);
UserInfo webuserInfo = (UserInfo) session.getAttribute("webuserInfo");
Enterprise webenterprise = (Enterprise) session.getAttribute("webenterprise");
if (null == webuserInfo || null == webenterprise) {
// 2标识登录已经失效,需跳转到登录页面
retMap.put("retCode", 2);
retMap.put("retMsg", "登录状态失效");
return retMap;
}
Bill bill = billService.getBill(id);
if (null == bill) {
retMap.put("retMsg", "该订单不存在");
return retMap;
}
// 订单是否为当前用户当前企业
if (!webuserInfo.getId().equals(bill.getUniqueId()) || !webenterprise.getId().equals(bill.getEnterprise())) {
retMap.put("retMsg", "您不能操作该订单");
return retMap;
}
// 判断该订单状态是否为待下载,是否已经关联了证书
List<String> certStatus = new ArrayList<String>();
certStatus.add(ComNames.CERT_STATUS_1);
certStatus.add(ComNames.CERT_STATUS_2);
List<UserCert> userCerts = userCertService.getUserCertByBill(bill.getId(), certStatus);
if (!bill.getBillStatus().equals(ComNames.BILL_STATUS_13) || !userCerts.isEmpty()) {
retMap.put("retMsg", "该证书状态为已下载或订单还未审核");
return retMap;
}
Product product = productService.getProduct(bill.getProduct());
DigitalCert digitalCert = digitalCertService.getDigitalCert(product.getCert());
RaAccount ra = raAccountService.getRaAccount(product.getRa());
// 下载证书
String autoidType = "";
Integer autoidValue = 0;
try {
// 下载证书
CertInfo racertinfo = downLoadCertService.downLoadCert(product, ra, bill, digitalCert, uidIdx, csr, autoidType, autoidValue);
// 保存证书
downLoadCertService.saveCertInfo(racertinfo, bill, ra.getId(), uidIdx, keySn, autoidType, autoidValue);
// 返回数字证书
retMap.put("retCode", 1);
retMap.put("certChain", racertinfo.getCertSignBufP7());
retMap.put("certSn", racertinfo.getCertSerialNumber());
retMap.put("certSignBuf", racertinfo.getCertSignBuf());
retMap.put("certKmcRep1", racertinfo.getCertKmcRep1());
retMap.put("certKmcRep2", racertinfo.getCertKmcRep2());
// 加密证书
retMap.put("encUserCert", racertinfo.getCertSignBufKmc());
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(webuserInfo.getProject());
userlog.setType("用户下载证书");
userlog.setInfo(webenterprise.getEnterpriseName() + "下载证书成功");
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
} catch (Exception e) {
e.printStackTrace();
retMap.put("retMsg", e.getMessage());
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(webuserInfo.getProject());
userlog.setType("用户下载证书");
userlog.setInfo("url:downLoadCert,详细错误:" + e.getMessage());
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
return retMap;
}
return retMap;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Product(com.itrus.portal.db.Product)
UserInfo(com.itrus.portal.db.UserInfo)
UserLog(com.itrus.portal.db.UserLog)
GenP10Exception(com.itrus.Exception.GenP10Exception)
IOException(java.io.IOException)
DigitalCert(com.itrus.portal.db.DigitalCert)
RaAccount(com.itrus.portal.db.RaAccount)
Enterprise(com.itrus.portal.db.Enterprise)
Bill(com.itrus.portal.db.Bill)
JSONObject(com.alibaba.fastjson.JSONObject)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 8 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class APIService method lookup.
/**
* 证书查询接口
* @param authHmac
* @param appId
* @param billId
* @param request
* @return
*/
@PostMapping(value = "/cert/search")
@ResponseBody
public Map<String, Object> lookup(@RequestHeader("Content-Signature") String authHmac, @RequestParam(value = "appId", required = true) String appId, @RequestParam(value = "billId", required = true) String billId, HttpServletRequest request) {
Map<String, Object> result = new HashMap<String, Object>();
result.put("status", 0);
log.error("appId=" + appId + "billId=" + billId);
// 验证参数是否完整
if (StringUtils.isEmpty(authHmac) || StringUtils.isEmpty(appId) || StringUtils.isEmpty(billId)) {
result.put("status", 0);
result.put("message", "提交的参数信息不完整");
return result;
}
// 得到应用信息 改成service
Map<String, ApplicationInfo> appInfoMap = CacheCustomer.getAPP_INFO_MAP();
ApplicationInfo applicationInfo = appInfoMap.get(appId);
if (applicationInfo == null) {
ApplicationInfoExample applicationInfoExample = new ApplicationInfoExample();
ApplicationInfoExample.Criteria appInfoExampleCriteria = applicationInfoExample.createCriteria();
appInfoExampleCriteria.andAppIdEqualTo(appId);
applicationInfo = sqlSession.selectOne("com.itrus.portal.db.ApplicationInfoMapper.selectByExample", applicationInfoExample);
}
if (applicationInfo == null) {
result.put("message", "应用标识不存在");
return result;
}
if (!applicationInfo.getAccessIp().contains(request.getRemoteAddr()) && "1".equals(applicationInfo.getIsIpStatus())) {
result.put("status", -1);
result.put("message", "没有此服务权限");
log.error("APIService_AccsessIp : " + request.getRemoteAddr());
return result;
}
// 验证hmac有效性
try {
String macVal = CertService.hmacSha1(applicationInfo.getSecretKey().getBytes(), (appId + billId).getBytes("utf-8"));
if (!authHmac.equals("HMAC-SHA1 " + macVal)) {
result.put("status", -2);
result.put("message", "服务密钥错误");
return result;
}
} catch (Exception e) {
result.put("status", -3);
result.put("message", "Hmac验证错误");
e.printStackTrace();
return result;
}
BillExample billExample = new BillExample();
BillExample.Criteria criteria = billExample.or();
criteria.andBillIdEqualTo(billId);
Bill bill = sqlSession.selectOne("com.itrus.portal.db.BillMapper.selectByExample", billExample);
if (bill == null) {
result.put("message", "没有此订单");
return result;
}
Product product = productService.getProduct(bill.getProduct());
DigitalCert dcert = sqlSession.selectOne("com.itrus.portal.db.DigitalCertMapper.selectByPrimaryKey", product.getCert());
List<String> listcert = new ArrayList<String>();
if ("3".equals(dcert.getCertType())) {
Integer uidIdx = 1;
// 用户已经下载过了,再次下载
boolean downLoadFlag = bill.getBillStatus().equals(ComNames.BILL_STATUS_6) || bill.getBillStatus().equals(ComNames.BILL_STATUS_7) || bill.getBillStatus().equals(ComNames.BILL_STATUS_8);
if (downLoadFlag) {
// 根据订单号,找到订单对应的证书信息
CertBuf certBuf = sqlSession.selectOne("com.itrus.portal.db.CertBufMapper.selectPfxCertByBillId", bill.getId());
listcert.add(certBuf.getPfxCert());
result.put("status", 1);
result.put("pfxData", listcert);
} else {
// 用户未下载过,第一次下载
if (bill.getBillStatus().equals(ComNames.BILL_STATUS_13)) {
// 查询项目产品
// Product product = productService.getProduct(bill.getProduct());
// 企业
Enterprise enterprise = enterpriseService.getEnterpriseById(bill.getEnterprise());
// 获取产品、RA配置
RaAccount ra = raAccountService.getRaAccount(product.getRa());
// 证书配置
DigitalCert digitalcert = digitalCertService.getDigitalCert(product.getCert());
// 下载证书
String autoidType = "";
Integer autoidValue = 0;
String pfxCert = "";
// 用户ID,用来最终匹配公钥证书和密钥对
String userid = bill.getBillId() + (Math.random() * 1000 + 9000);
// TODO 20170410pfx私钥证书保护密码:需要根据产品配置的密码或获取
String certPass = product.getPassword();
// 产生CSR证书请求
String certReqBuf = "";
// 算法
String algorithm = digitalCertService.getAlgorithm(digitalcert);
// 下载证书
CertInfo racertinfo = null;
try {
certReqBuf = GenUtil.GenP10(userid, "", algorithm);
racertinfo = downLoadCertService.downLoadCert(product, ra, bill, digitalcert, uidIdx, certReqBuf, autoidType, autoidValue);
// pfxCert = GenUtil.GenPFX(userid, certPass,
// racertinfo.getCertSignBuf(), false);
// pfxCert = GenUtil2.GenPFX(userid, certPass, racertinfo.getCertSignBuf(), pfxCert, false, enterprise.getEnterpriseName());
pfxCert = GenUtil.GenPFX(userid, certPass, racertinfo.getCertSignBuf(), false, enterprise.getEnterpriseName());
// 保存证书
downLoadCertService.savePfxCertInfo(racertinfo, bill, ra.getId(), uidIdx, "", autoidType, autoidValue, pfxCert);
listcert.add(pfxCert);
result.put("status", 1);
result.put("pfxData", listcert);
} catch (Exception e) {
result.put("status", -1);
result.put("message", "pfx证书下载错误" + e.getMessage());
}
}
}
} else {
List<UserCert> certlist = userCertService.getUserCertByBill(bill.getId(), null);
for (UserCert uc : certlist) {
CertBuf cb = sqlSession.selectOne("com.itrus.portal.db.CertBufMapper.selectByPrimaryKey", uc.getCertBuf());
listcert.add(cb.getCertBuf());
}
if (listcert.size() > 0) {
result.put("status", 1);
result.put("cerData", listcert);
} else {
result.put("message", "没有查找到相应证书");
}
}
return result;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
ApplicationInfoExample(com.itrus.portal.db.ApplicationInfoExample)
HashMap(java.util.HashMap)
ApplicationInfo(com.itrus.portal.db.ApplicationInfo)
ArrayList(java.util.ArrayList)
Product(com.itrus.portal.db.Product)
JSONException(org.json.JSONException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
DigitalCert(com.itrus.portal.db.DigitalCert)
BillExample(com.itrus.portal.db.BillExample)
RaAccount(com.itrus.portal.db.RaAccount)
Bill(com.itrus.portal.db.Bill)
CertBuf(com.itrus.portal.db.CertBuf)
Enterprise(com.itrus.portal.db.Enterprise)
UserinfoEnterprise(com.itrus.portal.db.UserinfoEnterprise)
JSONObject(com.alibaba.fastjson.JSONObject)
UserCert(com.itrus.portal.db.UserCert)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 9 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class ProjectController method show.
// 显示详情
@RequestMapping(value = "/{id}", produces = "text/html")
public String show(@PathVariable("id") Long id, Model uiModel) {
Project project = sqlSession.selectOne("com.itrus.portal.db.ProjectMapper.selectByPrimaryKey", id);
uiModel.addAttribute("project", project);
if (project.getRaAccount() != null && project.getRaAccount() != 0) {
RaAccount raAccount = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", project.getRaAccount());
uiModel.addAttribute("raaccount", raAccount);
}
// orgCode
uiModel.addAttribute("orgCode", project.getOrgCode());
return "projects/show";
}
Also used :
Project(com.itrus.portal.db.Project)
RaAccount(com.itrus.portal.db.RaAccount)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 10 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class RaAccountController method show.
// 显示详情
@RequestMapping(value = "/{id}", produces = "text/html")
public String show(@PathVariable("id") Long id, Model uiModel) throws Exception {
RaAccount raAccount = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", id);
uiModel.addAttribute("raAccount", raAccount);
return "raaccount/show";
}
Also used :
RaAccount(com.itrus.portal.db.RaAccount)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
RaAccount (com.itrus.portal.db.RaAccount)19
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)12
CertInfo (cn.topca.tca.ra.service.CertInfo)8
JSONObject (com.alibaba.fastjson.JSONObject)6
Bill (com.itrus.portal.db.Bill)6
DigitalCert (com.itrus.portal.db.DigitalCert)6
Product (com.itrus.portal.db.Product)6
IOException (java.io.IOException)5
Date (java.util.Date)5
HashMap (java.util.HashMap)5
ApplicationInfo (com.itrus.portal.db.ApplicationInfo)4
CertBuf (com.itrus.portal.db.CertBuf)4
Enterprise (com.itrus.portal.db.Enterprise)4
UserCert (com.itrus.portal.db.UserCert)4
UserInfo (com.itrus.portal.db.UserInfo)4
ApplicationInfoExample (com.itrus.portal.db.ApplicationInfoExample)3
MobileApplyConfigManage (com.itrus.portal.db.MobileApplyConfigManage)3
CertUtlis (com.itrus.portal.utils.CertUtlis)3
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)3
RaServiceUnavailable_Exception (cn.topca.tca.ra.service.RaServiceUnavailable_Exception)2
