From 8e131906d850035458b4ad2b38f317fe50e41401 Mon Sep 17 00:00:00 2001 From: XuqmGroup Date: Sat, 23 May 2026 02:23:53 +0800 Subject: [PATCH] =?UTF-8?q?feat(license):=20=E6=B7=BB=E5=8A=A0=E5=BA=94?= =?UTF-8?q?=E7=94=A8=E4=BF=A1=E6=81=AF=E6=8E=A5=E5=8F=A3=E5=B9=B6=E5=A2=9E?= =?UTF-8?q?=E5=BC=BA=E9=AA=8C=E8=AF=81=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在 SecurityConfig 中为 /api/license/app-info 接口添加无需认证访问权限 - 优化 GlobalExceptionHandler 中的参数验证错误信息显示,提供详细的字段错误信息 - 移除 RegisterRequest 和 VerifyRequest 中的注解验证,改用代码手动验证 - 为 register 接口添加 deviceId 非空检查 - 为 verify 接口添加 deviceId 和 token 非空检查 - 移除 RegisterRequest 中对 deviceId 的 @NotBlank 注解验证 - 移除 VerifyRequest 中对 deviceId 和 token 的 @NotBlank 注解验证 --- .../xuqm/license/config/SecurityConfig.java | 2 +- .../controller/GlobalExceptionHandler.java | 6 +++++- .../controller/LicensePublicController.java | 21 ++++++++++++------- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/license-service/src/main/java/com/xuqm/license/config/SecurityConfig.java b/license-service/src/main/java/com/xuqm/license/config/SecurityConfig.java index 79a6a34..8e7caec 100644 --- a/license-service/src/main/java/com/xuqm/license/config/SecurityConfig.java +++ b/license-service/src/main/java/com/xuqm/license/config/SecurityConfig.java @@ -36,7 +36,7 @@ public class SecurityConfig { .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(auth -> auth .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .requestMatchers("/api/license/register", "/api/license/verify").permitAll() + .requestMatchers("/api/license/register", "/api/license/verify", "/api/license/app-info").permitAll() .requestMatchers("/api/license/internal/**", "/actuator/health", "/actuator/info").permitAll() .anyRequest().authenticated() ) diff --git a/license-service/src/main/java/com/xuqm/license/controller/GlobalExceptionHandler.java b/license-service/src/main/java/com/xuqm/license/controller/GlobalExceptionHandler.java index 00de2a0..920c744 100644 --- a/license-service/src/main/java/com/xuqm/license/controller/GlobalExceptionHandler.java +++ b/license-service/src/main/java/com/xuqm/license/controller/GlobalExceptionHandler.java @@ -17,6 +17,10 @@ public class GlobalExceptionHandler { @ExceptionHandler(MethodArgumentNotValidException.class) public ResponseEntity> handleValidationException(MethodArgumentNotValidException e) { - return ResponseEntity.badRequest().body(ApiResponse.badRequest("Invalid request")); + String detail = e.getBindingResult().getFieldErrors().stream() + .map(f -> f.getField() + ": " + f.getDefaultMessage()) + .reduce((a, b) -> a + "; " + b) + .orElse("Invalid request"); + return ResponseEntity.badRequest().body(ApiResponse.badRequest(detail)); } } diff --git a/license-service/src/main/java/com/xuqm/license/controller/LicensePublicController.java b/license-service/src/main/java/com/xuqm/license/controller/LicensePublicController.java index 543d110..ce2bb70 100644 --- a/license-service/src/main/java/com/xuqm/license/controller/LicensePublicController.java +++ b/license-service/src/main/java/com/xuqm/license/controller/LicensePublicController.java @@ -9,8 +9,6 @@ import com.xuqm.common.security.LicenseFileCrypto; import com.xuqm.license.entity.AppLicenseEntity; import com.xuqm.license.service.AppLicenseService; import com.xuqm.license.service.DeviceService; -import jakarta.validation.Valid; -import jakarta.validation.constraints.NotBlank; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; @@ -30,7 +28,10 @@ public class LicensePublicController { } @PostMapping("/register") - public ResponseEntity>> register(@Valid @RequestBody RegisterRequest req) { + public ResponseEntity>> register(@RequestBody RegisterRequest req) { + if (req.deviceId() == null || req.deviceId().isBlank()) { + throw new BusinessException(400, "deviceId 不能为空"); + } String resolvedAppKey = resolveAppKey(req.appKey(), req.licenseFile()); DeviceService.RegisterResult result = deviceService.register( resolvedAppKey, @@ -50,7 +51,13 @@ public class LicensePublicController { } @PostMapping("/verify") - public ResponseEntity>> verify(@Valid @RequestBody VerifyRequest req) { + public ResponseEntity>> verify(@RequestBody VerifyRequest req) { + if (req.deviceId() == null || req.deviceId().isBlank()) { + throw new BusinessException(400, "deviceId 不能为空"); + } + if (req.token() == null || req.token().isBlank()) { + throw new BusinessException(400, "token 不能为空"); + } String resolvedAppKey = resolveAppKey(req.appKey(), req.licenseFile()); DeviceService.VerifyResult result = deviceService.verify(resolvedAppKey, req.deviceId(), req.token(), req.userInfo()); Map data = new LinkedHashMap<>(); @@ -95,7 +102,7 @@ public class LicensePublicController { String appKey, @JsonProperty("packageName") @JsonAlias("package_name") String packageName, @JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile, - @NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId, + @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId, @JsonProperty("deviceName") @JsonAlias("device_name") String deviceName, @JsonProperty("deviceModel") @JsonAlias("device_model") String deviceModel, @JsonProperty("deviceVendor") @JsonAlias("device_vendor") String deviceVendor, @@ -107,8 +114,8 @@ public class LicensePublicController { String appKey, @JsonProperty("packageName") @JsonAlias("package_name") String packageName, @JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile, - @NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId, - @NotBlank String token, + @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId, + String token, @JsonProperty("userInfo") @JsonAlias("user_info") JsonNode userInfo ) {} }