Article directory Introduction practice HttpClientBuilder Customized chain of responsibility test Introduction HttpClientBuilder is an http client construction class of Apache. By inheriting the construction class, signature verification can be added, so that signature verification can be carried when sending requests uniformly. Customized MyHttpClientBuilder adds a new link to the chain of responsibility Practice HttpClientBuilder HttpClientBuilder […]
Tag: signature
[Java adds and verifies PDF digital signature]
Among the methods for setting up document content protection, in addition to encrypting documents and adding watermarks, applying digital signatures is also an effective means of document anti-counterfeiting and protection. Digitally signed documents are easy to verify and have high authority and credibility. In Adobe PDF documents, there are functions and methods to directly add […]
java downloads files to the local tool class by specifying the URL address (including https digital signature request)
java downloads files to the local tool class by specifying the URL address (including https digital signature request) XFileUtils public class XFileUtils {<!– –> /** * Download files from network Url * @param urlStr url path * @throwsIOException */ public static String downLoadByUrl(String urlStr,String savePath, String fileName) {<!– –> if (StrUtil.isBlank(fileName)) {<!– –> fileName = […]
How does the Spring Boot project elegantly implement interface signature verification?
1 Concept 1. Open interface Open interfaces refer to interfaces that are allowed to be called by third-party systems without requiring login credentials. In order to prevent open interfaces from being called maliciously, open interfaces generally require signature verification before they can be called. Systems that provide open interfaces are collectively referred to as “original […]
PDF file structure signature
Foreword Recently, I have seen that more and more contracts on the Internet are sent in the form of PDF, allowing users to feel the real legal effect. PDF contract documents will have signatures. It has two benefits. One is that it allows users to see a formal company signature when seeing the contract; the […]
Vue requirements: realize the function of free positioning of signatures/signatures on the page (essence: drag and drop of elements on the page)
Table of Contents Chapter 1 Effect Display Chapter 2 Understanding Tools 2.1 draggable 2.1.1 Understanding draggable 2.1.2 draggable method 2.1.3 Use examples to understand methods Chapter 3 Effect Realization 3.1 Implementation ideas 3.2 Code implementation 3.2.1 Points involved 3.2.2 Source generation Chapter 1 Effect Display Effect description: Click on the signature and seal in the […]
Java/springboot service third-party interface security signature (Signature) implementation plan
Foreword Sometimes, we need to open the interfaces in our system to third-party applications or enterprises. Then the third-party system is not within our own authentication and authorized user system. At this time, how to ensure the data security and identity of our interfaces? What about identification? When providing an interface for a third-party system, […]
Handwritten signature on horizontal screen signature pad and rotated 90° to horizontal screen display base64
Handwritten signature and rotated 90° to horizontal screen display base64 base64 data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAApsAAAF3CAYAAADq/IAAAAAAAXNSR0IArs4c6QAAIABJREFUeF7t3W3MPlldH/CvwLK7wEKNoiABZLvYiBqIdJGnQlor9gVBaAtJmzQsoI2wgKD4hqVNmrD7ohWhPF RSIg + + aKO0XTS8AVLb4AIVtFnaSiMPSktxoyVVWFxAFmwOzCwXF/d9/6 + 5rjkzc2Y + V/LPfwkz55z5/M593d//PJz5tvgQIECAAAECBAgQqCTwbZXa1SwBAgQIECBAgACBCJsmAQECBAgQIECAQDUBYbMarY YJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY1WwwQIECBAgAABAsKmOUCAAAECBAgQIFBNQNisRqthAgQIECBAgAABYdMcIECAAAECBAgQqCYgbFaj1TABAgQIECBAgICwaQ4QIECAAAECBAhUExA2q9FqmAABAgQIECBAQNg0BwgQIECAAAECBKo JCJvVaDVMgAABAgQIECAgbJoDBAgQIECAAAEC1QSEzWq0GiZAgAABAgQIEBA2zQECBAgQIECAAIFqAsJmNVoNEyBAgAABAgQICJvmAAECBAgQIECAQDUBYbMarYYJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY1WwwQIECBAgAABAsKmOUCAAA ECBAgQIFBNQNisRqthAgQIECBAgAABYdMcIECAAAECBAgQqCYgbFaj1TABAgQIECBAgICwaQ4QIECAAAECBAhUExA2q9FqmAABAgQIECBAQNg0BwgQIECAAAECBKoJCJvVaDVMgAABAgQIECAgbJoDBAgQIECAAAEC1QSEzWq0GiZAgAABAgQ IEBA2zQECBAgQIECAAIFqAsJmNVoNEyBAgAABAgQICJvmAAECBAgQIECAQDUBYbMarYYJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY1WwwQIECBAgAABAsKmOUCAAAECBAgQIFBNQNisRqthAgQIECBAgAABYdMcIECAAAECBAgQqCYgbFaj1TABAgQ IECBAgICwaQ4QIECAAAECBAhUExA2q9FqmAABAgQIECBAQNg0BwgQIECAAAECBKoJCJvVaDVMgAABAgQIECAgbJoDBAgQIECAAAEC1QSEzWq0GiZAgAABAgQIEBA2zQECBAgQIECAAIFqAsJmNVoNEyBAgAABAgQICJvmAAECBAgQIECAQDUb MarYYJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY1WwwQIECBAgAABAsKmOUCAAAECBAgQIFBNQNisRqthAgQIECBAgAABYdMcIECAAAECBAgQqCYgbFaj1TABAgQIECBAgICwaQ4QIECAAAECBAhUExA2q9FqmAABAgQIECBAQNg0BwgQIECAAAE CBKoJCJvVaDVMgAABAgQIECAgbJoDBAgQIECAAAEC1QSEzWq0GiZAgAABAgQIEBA2zQECBAgQIECAAIFqAsJmNVoNEyBAgAABAgQICJvmAAECBAgQIECAQDUBYbMarYYJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY1WwwQIECBAgAABAsKmOU CAAAECBAgQIFBNQNisRqthAgQIECBAgAABYdMcIECAAAECBAgQqCYgbFaj1TABAgQIECBAgICwaQ4QIECAAAECBAhUExA2q9FqmAABAgQIECBAQNg0BwgQIECAAAECBKoJCJvVaDVMgAABAgQIECAgbJoDBAgQIECAAAEC1QSEzWq0GiZAgAABA gQIEBA2zQECBAgQIECAAIFqAsJmNVoNEyBAgAABAgQICJvmAAECBAgQIECAQDUBYbMarYYJECBAgAABAgSETXOAAAECBAgQIECgmoCwWY0290hyXZLXJbnigm6 + mOQ1SX41ya31hqNlAgQIECBAgMD0AsLmuOafT3LvE5u8I8m1 ST5yYjt2J0CAAAECBAjMLiBsnlaCK5P8SJLHJnlckqftNVfOWr4oyduSfPmcrn44ybOS/MzOGdA7k7wyyY1Jyn/7ECBAgAABAgSaFBA2h5Xt6iSP74JlCZePTHK3vSZuT3LfYc3etXW59H5DklckX7sM/9k k35/ktiPbsxsBAgQIECBAYFYBYfNw/v + c5Ml7m381yX9L8oHuz/uTfOLwJs /d8lFJbukuyZezo492WX0E1a838cGupceM1qKGCBAgQIAAgXMFhM3DJ8dvJnlEF1b + Sxcuy99fOLyJQVs + IMnvd2dJXVYfRHfhxn/Z/b/m/nimWiJAgAABAsJmo3Pgsu6yerm07rL6OEUUNsdx1A oBAgQIEDhIwNmdg5hm32j3sno5k/pdScqT7z7DBYTN4Wb2IECAAAECRwsIm0fTTb5juaz + qe4MZznTedPkI1hHh8LmOuroKAgQIECgEQFhs5FCdcMsIbMsifSVJA/2lPpRxRM2j2KzEwECBAgQOE5A2D zOba697pPkM0ku7x5Mcjl9eCWEzeFm9iBAgAABAkcLCJtH0822o8vpp9ELm6f52ZsAAQIECAwSEDYHcS1m4/5yehlQeb3lNS6pH1wbYfNgKhsSIECAAIHTBYTN0w3naGH3cnrpvyz8Xl6d6XNpAWHz0ka2IECAAA ECowkIm6NRztJQuaTev8pSLQ8rgbB5mJOtCBAgQIDAKAICyiiMszbSh6errL15UB2EzYOYbESAAAECBMYREDbHcZyzlS9be3MQv7A5iMvGBAgQIEDgNAFh8zS/Jez98iQ3JinvTy + vt/S5WEDYXP8MeXeS + yZ57PoP1RESIEBg + QLC5vJrdKkRloeFbu82Us9LaSVfSnLPJD + Q5COX3twWDQqUV7pekeR + ST7X4PgNmQABAqsSEE7WUU5n6w6v479J8g […]
springweb flux intercepts requests to obtain parameters and methods for interface signature anti-replay verification
When doing interface signature and anti-replay for spring webflux, it is often necessary to obtain request parameters, request methods, etc., but spring webflux cannot be obtained as easily as spring mvc. Here is a special explanation based on previous practice: general idea: 1. Use filters to obtain information from the original request, cache it in […]
SpringBoot interface signature verification practice
Thisisacommunitythatmaybeusefultoyou One-to-onecommunication/interviewbrochure/resumeoptimization/jobsearchquestions,welcometojointhe”YudaoRapidDevelopmentPlatform“KnowledgePlanet.ThefollowingissomeinformationprovidedbyPlanet: “ProjectPractice(Video)”:Learnfrombooks,“practice”frompastevents “InternetHighFrequencyInterviewQuestions”:Studyingwithyourresume,springblossoms “ArchitecturexSystemDesign”:Overcomingdifficultiesandmasteringhigh-frequencyinterviewscenarioquestions “AdvancingJavaLearningGuide”:systematiclearning,themainstreamtechnologystackoftheInternet “Must-readJavaSourceCodeColumn”:Knowwhatitisandwhyitisso Thisisanopensourceprojectthatmaybeusefultoyou DomesticStarisa100,000+opensourceproject.Thefront-endincludesmanagementbackend+WeChatapplet,andtheback-endsupportsmonomerandmicroservicearchitecture. FunctionscoverRBACpermissions,SaaSmulti-tenancy,datapermissions,mall,payment,workflow,large-screenreports,WeChatpublicaccount,etc.: Bootaddress:https://gitee.com/zhijiantianya/ruoyi-vue-pro Cloudaddress:https://gitee.com/zhijiantianya/yudao-cloud Videotutorial:https://doc.iocoder.cn Source:blog.csdn.net/qq_43290318/article/details/131516099 1concept openinterface Verification 2Interfacesignatureverificationcallingprocess 1.Agreedsignaturealgorithm 2.Issueanasymmetrickeypair 3.Generaterequestparametersignature 4.Requesttocallwithsignature 3codedesign 1.Signatureconfigurationclass 2.Signaturemanagementclass 3.Customizesignatureverificationannotations 4.AOPimplementssignatureverificationlogic 5.Solvetheproblemthattherequestbodycanonlybereadonce 6.Customtoolclass 1Concept Openinterface Openinterfacesrefertointerfacesthatareallowedtobecalledbythird-partysystemswithoutrequiringlogincredentials.Inordertopreventopeninterfacesfrombeingcalledmaliciously,openinterfacesgenerallyrequiresignatureverificationbeforetheycanbecalled.Systemsthatprovideopeninterfacesarecollectivelyreferredtoas”originalsystems”below. Signatureverification Signatureverificationmeansthatbeforecallingtheinterface,thethird-partysystemneedstogenerateasignature(string)basedonallrequestparametersaccordingtotherulesoftheoriginalsystem,andcarrythesignaturewhencallingtheinterface.Theoriginalsystemwillverifythevalidityofthesignature.Onlyifthesignatureverificationisvalidcantheinterfacebecallednormally,otherwisetherequestwillberejected. Backendmanagementsystem+userappletimplementedbasedonSpringBoot+MyBatisPlus+Vue&Element,supportingRBACdynamicpermissions,multi-tenancy,datapermissions,workflow,three-partylogin,payment,SMS,mallandotherfunctions Projectaddress:https://github.com/YunaiV/ruoyi-vue-pro Videotutorial:https://doc.iocoder.cn/video/ 2Interfacesignatureverificationcallingprocess 1.Agreedsignaturealgorithm Asthecaller,thethird-partysystemneedstonegotiatethesignaturealgorithmwiththeoriginalsystem(theSHA256withRSAsignaturealgorithmisusedasanexamplebelow).Atthesametime,aname(callerID)isagreedupontouniquelyidentifythecallingsystemintheoriginalsystem. 2.Issuanceofasymmetrickeypair Afterthesignaturealgorithmisagreedupon,theoriginalsystemwillgenerateanexclusiveasymmetrickeypair(RSAkeypair)foreachcallersystem.Theprivatekeyisissuedtothecallingsystem,andthepublickeyisheldbytheoriginalsystem. Notethatthecallersystemneedstokeeptheprivatekey(storedinthebackendofthecallersystem).Becausefortheoriginalsystem,thecallersystemisthesenderofthemessage,andtheprivatekeyitholdsuniquelyidentifiesitasatrustedcalleroftheoriginalsystem.Oncetheprivatekeyofthecaller’ssystemisleaked,thecallerhasnotrustintheoriginalsystem. 3.Generaterequestparametersignature Afterthesignaturealgorithmisagreedupon,theprincipleofgeneratingsignaturesisasfollows(activitydiagram). Inordertoensurethattheprocessingdetailsofgeneratingsignaturesmatchthesignatureverificationlogicoftheoriginalsystem,theoriginalsystemgenerallyprovidesjarpackagesorcodesnippetstothecallertogeneratesignatures.Otherwise,thegeneratedsignaturesmaybeinvalidduetoinconsistenciesinsomeprocessingdetails.. 4.Requesttocallwithsignature PuttheagreedcallerIDinthepathparameter,andputthesignaturegeneratedbythecallerintherequestheader. Backendmanagementsystem+userappletimplementedbasedonSpringCloudAlibaba+Gateway+Nacos+RocketMQ+Vue&Element,supportingRBACdynamicpermissions,multi-tenancy,datapermissions,workflow,three-partylogin,payment,SMS,mallandotherfunctions Projectaddress:https://github.com/YunaiV/yudao-cloud Videotutorial:https://doc.iocoder.cn/video/ 3CodeDesign 1.Signatureconfigurationclass Therelevantcustomymlconfigurationisasfollows.ThepublicandprivatekeysofRSAcanbegeneratedusingtheSecureUtiltoolclassofhugool.Notethatthepublicandprivatekeysarebase64-encodedstrings. Defineaconfigurationclasstostoretheaboverelatedcustomymlconfiguration […]