新舱单辅助管理-统一认证实体优化

@@ -135,6 +135,8 @@ customs:
   #生成报文文件夹路径,尾部要带斜杠/
   #生成报文文件夹路径,尾部要带斜杠/
   xml-path: customTemplate/
   xml-path: customTemplate/
   transport-number: 460470678920X
   transport-number: 460470678920X
+sso:
+  witheIP: 10.5.14.108,10.5.14.109,10.5.14.110
 info:
 info:
   version: 1.0
   version: 1.0
   description: "新舱单辅助管理服务-统一认证、转运管理、提前运抵等"
   description: "新舱单辅助管理服务-统一认证、转运管理、提前运抵等"

@@ -9,13 +9,12 @@ import com.tianbo.util.Date.DateUtil;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.*;
 
 
 import javax.annotation.Resource;
 import javax.annotation.Resource;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-import java.util.UUID;
+import javax.servlet.http.HttpServletRequest;
+import java.util.*;
 
 
 @Slf4j
 @Slf4j
 @RestController
 @RestController
@@ -31,6 +30,9 @@ public class NmmsController {
     @Resource
     @Resource
     COMPANYUSERMapper companyuserMapper;
     COMPANYUSERMapper companyuserMapper;
 
 
+    @Value("${sso.witheIP}")
+    private String whiteIP;
+
     @ApiOperation(value = "删除分单信息", notes = "awba主单号格式\\d{3}-\\d{8}，awbh分单号")
     @ApiOperation(value = "删除分单信息", notes = "awba主单号格式\\d{3}-\\d{8}，awbh分单号")
     @DeleteMapping("/delOriginAWBH")
     @DeleteMapping("/delOriginAWBH")
     public ResultJson getCustomMessageId(@RequestParam(value = "awba",required = true) String awba,
     public ResultJson getCustomMessageId(@RequestParam(value = "awba",required = true) String awba,
@@ -53,7 +55,10 @@ public class NmmsController {
     @ApiOperation(value = "统一认证平台同步资源接口", notes = "用户信息同步")
     @ApiOperation(value = "统一认证平台同步资源接口", notes = "用户信息同步")
     @PostMapping(value = "/userSynchronization")
     @PostMapping(value = "/userSynchronization")
     @ResponseBody
     @ResponseBody
-    public ResultMessage userSynchronization(@RequestBody UAM uam) throws Exception {
+    public ResultMessage userSynchronization(@RequestBody UAM uam, HttpServletRequest request) {
+        if(!witheIP(request)){
+            return new ResultMessage("401", "资源同步失败,来源IP非法");
+        };
         if ("user".equals(uam.getResType())){
         if ("user".equals(uam.getResType())){
 
 
             List<UserData> list = uam.getData();
             List<UserData> list = uam.getData();
@@ -89,4 +94,40 @@ public class NmmsController {
         return new ResultMessage("201","不是用户信息");
         return new ResultMessage("201","不是用户信息");
     }
     }
 
 
+    private boolean witheIP(HttpServletRequest request){
+
+        List<String> witheIPList = Arrays.asList(whiteIP.split(","));
+        // 优先取 X-Real-IP
+        String ip = request.getHeader("X-Real-IP");
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
+            log.info("X-Real-IP = [{}]",ip);
+            ip = request.getHeader("x-forwarded-for");
+            log.info("x-forwarded-for= [{}]",ip);
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
+            ip = request.getRemoteAddr();
+            log.info("RemoteAddr= [{}]",ip);
+            if ("0:0:0:0:0:0:0:1".equals(ip))
+            {
+                ip = "unknown";
+                log.info(ip);
+            }
+        }
+        if ("unknown".equalsIgnoreCase(ip)){
+            ip = "unknown";
+        }
+        int index = ip.indexOf(',');
+        if (index >= 0){
+            ip = ip.substring(0, index);
+        }
+        log.info("用户IP来源为:[{}]",ip);
+        for (String whitIp : witheIPList ) {
+            if(ip.contains(whitIp)){
+                return true;
+            }
+        }
+        log.info("用户IP[{}]来源非法",ip);
+        return false;
+    }
+
 }
 }

 package com.tianbo.analysis.model;
 package com.tianbo.analysis.model;
 
 
+import lombok.Data;
+
 import java.io.Serializable;
 import java.io.Serializable;
+import java.util.Date;
 
 
 /**
 /**
  *  统一认证返回实体
  *  统一认证返回实体
  */
  */
+@Data
 public class ResultMessage implements Serializable {
 public class ResultMessage implements Serializable {
     private static final long serialVersionUID = 1L;
     private static final long serialVersionUID = 1L;
 
 

@@ -87,6 +87,7 @@
         AND AGENT_NAME like  CONCAT('%',#{agentName,jdbcType=VARCHAR},'%')
         AND AGENT_NAME like  CONCAT('%',#{agentName,jdbcType=VARCHAR},'%')
       </if>
       </if>
     </where>
     </where>
+    order by CREATE_DATE desc
   </select>
   </select>
   <delete id="deleteByPrimaryKey" parameterType="java.lang.String" >
   <delete id="deleteByPrimaryKey" parameterType="java.lang.String" >
     delete from DOMTRANSIT
     delete from DOMTRANSIT