xc-mall.git - Gitblit

			@@ -1,5 +1,7 @@
			package cc.mrbird.febs.mall.controller.dependentStation;

			import cc.mrbird.febs.mall.entity.DataDictionaryCustom;
			import cc.mrbird.febs.mall.mapper.DataDictionaryCustomMapper;
			import cn.hutool.core.util.StrUtil;
			import com.alibaba.fastjson.JSON;
			import com.alibaba.fastjson.TypeReference;
			@@ -32,12 +34,28 @@
			@Resource
			private TokenviewWebhookService tokenviewWebhookService;

			@Resource
			private DataDictionaryCustomMapper dataDictionaryCustomMapper;

			/** 默认 Webhook 签名密钥（数据库未配置时回退使用） */
			private static final String DEFAULT_WEBHOOK_SECRET = "dd12521274e434115df5c4277755839766349007fb57936d9d5be0a7a4f0e42f";

			/** Webhook 配置字典 type */
			private static final String TOKENVIEW_DICT_TYPE = "TOKENVIEW_CONFIG";
			private static final String TOKENVIEW_DICT_CODE = "WEBHOOK_SECRET";

			/**
			* Webhook 签名密钥（HMAC-SHA256）
			* 需与 Tokenview 后台配置的 Secret Key 保持一致
			* TODO: 移至配置文件
			* 获取 Webhook 签名密钥（HMAC-SHA256）
			* 优先从数据库 data_dictionary_custom 读取，未配置则回退默认值
			*/
			private static final String WEBHOOK_SECRET = "your-webhook-secret-key-here";
			private String getWebhookSecret() {
			DataDictionaryCustom dict = dataDictionaryCustomMapper.selectDicDataByTypeAndCode(
			TOKENVIEW_DICT_TYPE, TOKENVIEW_DICT_CODE);
			if (dict != null && StrUtil.isNotBlank(dict.getValue())) {
			return dict.getValue();
			}
			return DEFAULT_WEBHOOK_SECRET;
			}

			/**
			* 接收 Tokenview 地址监控推送
			@@ -147,9 +165,10 @@
			*/
			private boolean verifySignature(String payload, String signature) {
			try {
			String secret = getWebhookSecret();
			Mac sha256Hmac = Mac.getInstance("HmacSHA256");
			SecretKeySpec secretKey = new SecretKeySpec(
			WEBHOOK_SECRET.getBytes(StandardCharsets.UTF_8),
			secret.getBytes(StandardCharsets.UTF_8),
			"HmacSHA256"
			);
			sha256Hmac.init(secretKey);