Skip to content

A
amos-boot-biz
Commit 6ed04012 authored by 张森's avatar 张森
Browse files
Options

扫描漏洞修改

parent ce851dbd
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 290 deletions
amos-boot-biz-common/src/main/java/com/yeejoin/amos/boot/biz/common/utils/HttpUtils.java
View file @ 6ed04012
......@@ -62,182 +62,7 @@ public class HttpUtils {
requestConfig = configBuilder.build();
}
/**
* 发送 GET 请求(HTTP),不带输入数据
*
* @param url
* @return
*/
public static String doGet(String url) {
return doGet(url, new HashMap<String, Object>());
}
/**
* 发送 GET 请求(HTTP),K-V形式
*
* @param url
* @param params
* @return
*/
public static String doGet(String url, Map<String, Object> params) {
String apiUrl = url;
StringBuffer param = new StringBuffer();
int i = 0;
for (String key : params.keySet()) {
if (i == 0)
param.append("?");
else
param.append("&");
param.append(key).append("=").append(params.get(key));
i++;
}
apiUrl += param;
String result = null;
HttpClient httpClient = null;
if (apiUrl.startsWith("https")) {
httpClient = HttpClients.custom().setSSLSocketFactory(createSSLConnSocketFactory())
.setConnectionManager(connMgr).setDefaultRequestConfig(requestConfig).build();
} else {
httpClient = HttpClients.createDefault();
}
try {
HttpGet httpGet = new HttpGet(apiUrl);
HttpResponse response = httpClient.execute(httpGet);
HttpEntity entity = response.getEntity();
if (entity != null) {
InputStream instream = entity.getContent();
result = IOUtils.toString(instream, "UTF-8");
}
} catch (IOException e) {
e.printStackTrace();
}
return result;
}
/**
* 发送 POST 请求(HTTP),不带输入数据
*
* @param apiUrl
* @return
*/
public static String doPost(String apiUrl) {
return doPost(apiUrl, new HashMap<String, Object>());
}
/**
* 发送 POST 请求,K-V形式
*
* @param apiUrl
* API接口URL
* @param params
* 参数map
* @return
*/
public static String doPost(String apiUrl, Map<String, Object> params) {
CloseableHttpClient httpClient = null;
if (apiUrl.startsWith("https")) {
httpClient = HttpClients.custom().setSSLSocketFactory(createSSLConnSocketFactory())
.setConnectionManager(connMgr).setDefaultRequestConfig(requestConfig).build();
} else {
httpClient = HttpClients.createDefault();
}
String httpStr = null;
HttpPost httpPost = new HttpPost(apiUrl);
CloseableHttpResponse response = null;
try {
httpPost.setConfig(requestConfig);
List<NameValuePair> pairList = new ArrayList<>(params.size());
for (Map.Entry<String, Object> entry : params.entrySet()) {
NameValuePair pair = new BasicNameValuePair(entry.getKey(), entry.getValue()!=null?entry.getValue().toString():"");
pairList.add(pair);
}
httpPost.setEntity(new UrlEncodedFormEntity(pairList, Charset.forName("UTF-8")));
response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
httpStr = EntityUtils.toString(entity, "UTF-8");
} catch (IOException e) {
e.printStackTrace();
} finally {
if (response != null) {
try {
EntityUtils.consume(response.getEntity());
} catch (IOException e) {
e.printStackTrace();
}
}
}
return httpStr;
}
/**
* 发送 POST 请求,JSON形式,接收端需要支持json形式,否则取不到数据
*
* @param apiUrl
* @param json
* json对象
* @return
*/
public static String doPost(String apiUrl, String json) {
CloseableHttpClient httpClient = null;
if (apiUrl.startsWith("https")) {
httpClient = HttpClients.custom().setSSLSocketFactory(createSSLConnSocketFactory()).setConnectionManager(connMgr).setDefaultRequestConfig(requestConfig).build();
} else {
httpClient = HttpClients.createDefault();
}
String httpStr = null;
HttpPost httpPost = new HttpPost(apiUrl);
CloseableHttpResponse response = null;
try {
httpPost.setConfig(requestConfig);
StringEntity stringEntity = new StringEntity(json, "UTF-8");// 解决中文乱码问题
stringEntity.setContentEncoding("UTF-8");
stringEntity.setContentType("application/json");
httpPost.setEntity(stringEntity);
response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
httpStr = EntityUtils.toString(entity, "UTF-8");
} catch (IOException e) {
e.printStackTrace();
} finally {
if (response != null) {
try {
EntityUtils.consume(response.getEntity());
} catch (IOException e) {
e.printStackTrace();
}
}
}
return httpStr;
}
/**
* 创建SSL安全连接
*
* @return
*/
private static SSLConnectionSocketFactory createSSLConnSocketFactory() {
SSLConnectionSocketFactory sslsf = null;
try {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
}).build();
sslsf = new SSLConnectionSocketFactory(sslContext, new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
return sslsf;
}
......
amos-boot-module/amos-boot-module-api/amos-boot-module-equip-api/src/main/java/com/yeejoin/equipmanage/common/utils/HttpUtil.java
View file @ 6ed04012
......@@ -324,47 +324,6 @@ public class HttpUtil {
return sb.toString();
}
/**
* 采用绕过验证的方式处理https请求
*
* @param url
* @param reqMap
* @param encoding
* @return
*/
public static String postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
String result;
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
// 添加参数
List<NameValuePair> params = buildParams(reqMap);
try {
//采用绕过验证的方式处理https请求
HostnameVerifier hostnameVerifier = (hostname, session) -> true;
SSLContext sslcontext = createIgnoreVerifySSL();
//设置协议http和https对应的处理socket链接工厂的对象
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.INSTANCE)
.register("https", new SSLConnectionSocketFactory(sslcontext, hostnameVerifier))
.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
//创建自定义的httpclient对象
httpClient = HttpClients.custom().setConnectionManager(connManager).build();
//创建post方式请求对象
HttpPost httpPost = new HttpPost(url);
httpPost.setEntity(new UrlEncodedFormEntity(params, encoding));
//指定报文头Content-type、User-Agent
httpPost.setHeader("Content-type", "application/x-www-form-urlencoded");
//执行请求操作,并拿到结果(同步阻塞)
response = httpClient.execute(httpPost);
result = handleResponse(url, encoding, response);
} finally {
ExtendedIOUtils.closeQuietly(httpClient);
ExtendedIOUtils.closeQuietly(response);
}
return result;
}
private static List<NameValuePair> buildParams(Map<String, Object> reqMap) {
List<NameValuePair> params = new ArrayList<>();
if (reqMap != null && reqMap.keySet().size() > 0) {
......
amos-boot-module/amos-boot-module-api/amos-boot-module-equip-api/src/main/java/com/yeejoin/equipmanage/common/utils/HttpUtils.java
View file @ 6ed04012
......@@ -342,45 +342,6 @@ public class HttpUtils {
}
/**
* 采用绕过验证的方式处理https请求
*
* @param url
* @param reqMap
* @param encoding
* @return
*/
public static ResponeVo postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
ResponeVo responeVo = null;
// 添加参数
List<NameValuePair> params = buildParams(reqMap);
try {
//采用绕过验证的方式处理https请求
HostnameVerifier hostnameVerifier = (hostname, session) -> true;
SSLContext sslcontext = createIgnoreVerifySSL();
//设置协议http和https对应的处理socket链接工厂的对象
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.INSTANCE)
.register("https", new SSLConnectionSocketFactory(sslcontext, hostnameVerifier))
.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
//创建自定义的httpclient对象
httpClient = HttpClients.custom().setConnectionManager(connManager).build();
//创建post方式请求对象
HttpPost httpPost = new HttpPost(url);
httpPost.setEntity(new UrlEncodedFormEntity(params, encoding));
//指定报文头Content-type、User-Agent
httpPost.setHeader("Content-type", "application/x-www-form-urlencoded");
//执行请求操作,并拿到结果(同步阻塞)
responeVo = baseRequest(httpClient, httpPost);
} finally {
ExtendedIOUtils.closeQuietly(httpClient);
ExtendedIOUtils.closeQuietly(response);
}
return responeVo;
}
private static List<NameValuePair> buildParams(Map<String, Object> reqMap) {
List<NameValuePair> params = new ArrayList<>();
......
amos-boot-module/amos-boot-module-biz/amos-boot-module-equip-biz/src/main/java/com/yeejoin/equipmanage/service/impl/EquipmentSpecificSerivceImpl.java
View file @ 6ed04012
......@@ -1971,8 +1971,6 @@ public class EquipmentSpecificSerivceImpl extends ServiceImpl<EquipmentSpecificM
Date now = new Date();
String scrapTime = new SimpleDateFormat(DateUtils.DATE_TIME_PATTERN).format(calendar.getTime());
int day = DateUtils.dateBetween(now, calendar.getTime());
log.info("报废时间:{}" , day);
log.info("报废时间ID:{}" , e.get("id").toString());
if (day < Integer.parseInt(equipmentScrapDay) && day > -1) {
syncSystemctlMsg(e, scrapTime, day);
} else if (day == -1) {
......
amos-boot-module/amos-boot-module-biz/amos-boot-module-equip-biz/src/main/java/com/yeejoin/equipmanage/service/impl/FireFightingSystemServiceImpl.java
View file @ 6ed04012
......@@ -2263,9 +2263,7 @@ public class FireFightingSystemServiceImpl extends ServiceImpl<FireFightingSyste
// 日告警设备数
listItem.put("alarmEquipNum", ObjectUtils.isEmpty(weekItem.get("alarmEquipNum")) ? "" : String.valueOf(weekItem.get("alarmEquipNum")));
// 日告警条数
log.info("==========sbco={}", weekItem.get("type_code").toString());
log.info("==========sbCC={}", weekItem.get("code").toString());
if (!ObjectUtils.isEmpty(weekItem.get("type_code")) && !ObjectUtils.isEmpty(weekItem.get("code"))) {
if (!ObjectUtils.isEmpty(weekItem.get("type_code")) && !ObjectUtils.isEmpty(weekItem.get("code"))) {
Integer integer = fireFightingSystemMapper.selectAlarms(valueOf(system.get("id")), valueOf(weekItem.get("type_code")), valueOf(weekItem.get("code")), startDate, endDate, new ArrayList<>());
listItem.put("trueNum", String.valueOf(integer));
} else {
......
amos-boot-module/amos-boot-module-biz/amos-boot-module-jcs-biz/src/main/java/com/yeejoin/amos/boot/module/jcs/biz/audioToText/util/SpeechTranscriberDemo.java
View file @ 6ed04012
......@@ -197,30 +197,4 @@ public class SpeechTranscriberDemo {
public void shutdown() {
client.shutdown();
}
public static void main(String[] args) throws Exception {
String appKey = "89KKwpGXXN37Pn1G";
String id = "LTAI5t8F2oYwmfoYXjCx5vbf";
String secret = "du6jOpdxlKNCkCo5QN6EVFiI5zSaAv";
String url = "wss://nls-gateway.cn-shanghai.aliyuncs.com/ws/v1"; // 默认值:wss://nls-gateway.cn-shanghai.aliyuncs.com/ws/v1。
/* if (args.length == 3) {
appKey = args[0];
id = args[1];
secret = args[2];
} else if (args.length == 4) {
appKey = args[0];
id = args[1];
secret = args[2];
url = args[3];
} else {
System.err.println("run error, need params(url is optional): " + "<app-key> <AccessKeyId> <AccessKeySecret> [url]");
System.exit(-1);
}*/
//本案例使用本地文件模拟发送实时流数据。您在实际使用时,可以实时采集或接收语音流并发送到ASR服务端。
String filepath = ""; // * 此处写的文件路径地址不要提交到git, 国网电科院SCA扫描会报告为漏洞: 存在“便携性缺陷”
SpeechTranscriberDemo demo = new SpeechTranscriberDemo(appKey, id, secret, url);
demo.process(filepath);
demo.shutdown();
}
}
\ No newline at end of file
amos-boot-system-jcs/src/main/resources/application.properties
View file @ 6ed04012
......@@ -135,9 +135,9 @@ fire-rescue=1432549862557130753
management.endpoints.enabled-by-default=false
#阿里云实时语音识别参数
speech-config.access-key-id=LTAI5t62oH95jgbjRiNXPsho
speech-config.access-key-secret=shy9SpogYgcdDoyTB3bvP21VSRmz8n
speech-config.app-key=FC84bGUpbNFrexoL
speech-config.access-key-id=ENC(bgO92hxidPL5U5gKK94aEHvWAQ9db9wjb/7XgkCsw6J+t9gTD20xsWrxF2tPY90Kw2fM/25m4ER7K5SQLsdi9g==)
speech-config.access-key-secret=ENC(GZthiafYoLwmNWRgT97aiVEBM6NkBnAx9tPyLKlUo/Qoh1r6A3R1u0x4WxSMcuGPqb1OlA/4DsZWpJ5kpONuQA==)
speech-config.app-key=ENC(AR74B7pRjlZVPInZ9RsZroQRHjuU/6rkGamtcp2O5XMLbEgk8NMEEAksnLrNaKFmrUlkfMnNkC5bIiwjVisx3w==)
mqtt.topic.command.car.jw=carCoordinates
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment