コード例 #1
0
ファイル: GeetestLib.java プロジェクト: yaliyingwy/oauth2
  /**
   * 增强版的验证信息,提供了更多的验证返回结果信息,以让客户服务器端有不同的数据处理。
   *
   * @param challenge challenge
   * @param validate validate
   * @param seccode seccode
   * @return enhencedValidateRequest
   */
  public String enhencedValidateRequest(HttpServletRequest request) {
    final String body = extractRequestBody(request);
    if (objIsEmpty(body)) {
      return FAIL_RES;
    }

    final Geetest geetest = parseObject(body, Geetest.class);
    final String challenge = geetest.getGeetestChallenge();
    final String validate = geetest.getGeetestValidate();
    final String seccode = geetest.getGeetestSeccode();

    if (objIsEmpty(challenge) || objIsEmpty(validate) || objIsEmpty(seccode)) {
      return FAIL_RES;
    }

    // String gtuser = "";

    // Cookie[] cookies = request.getCookies();
    //
    // if (cookies != null) {
    // for (int i = 0; i < cookies.length; i++) {
    // Cookie cookie = cookies[i];
    // if ("GeeTestUser".equals(cookie.getName())) {
    // gtuser = cookie.getValue();
    // gtlog(String.format("GeeTestUser:%s", gtuser));
    // }
    // }
    // }

    final String host = BASE_URL;
    final String path = "/validate.php";
    final int port = 80;
    // String query = "seccode=" + seccode + "&sdk=" + this.sdkLang + "_"
    // + this.verName;

    final String query = format("seccode=%s&sdk=%s", seccode, (sdkLang + "_" + verName));

    String response = EMPTY;
    try {
      if (validate.length() <= 0) {
        return FAIL_RES;
      }

      if (!checkResultByPrivate(challenge, validate)) {
        return FAIL_RES;
      }

      response = postValidate(host, path, query, port);
    } catch (Exception ex) {
      if (logger.isErrorEnabled()) {
        logger.error("", ex);
      }
    }

    if (response.equals(md5Encode(seccode))) {
      return SUCCESS_RES;
    } else {
      return response;
    }
  }
コード例 #2
0
ファイル: GeetestLib.java プロジェクト: yaliyingwy/oauth2
  /**
   * failback使用的验证方式
   *
   * @param request request
   * @return failbackValidateRequest
   */
  public String failbackValidateRequest(HttpServletRequest request) {
    final String body = extractRequestBody(request);
    if (objIsEmpty(body)) {
      return FAIL_RES;
    }

    final Geetest geetest = parseObject(body, Geetest.class);
    final String challenge = geetest.getGeetestChallenge();
    final String validate = geetest.getGeetestValidate();

    if (objIsEmpty(challenge) || objIsEmpty(validate)) {
      return FAIL_RES;
    }

    if (!challenge.equals(getChallengeId())) {
      return FAIL_RES;
    }

    final String[] validateStr = validate.split("_");
    final String encodeAns = validateStr[0];
    final String encodeFullBgImgIndex = validateStr[1];
    final String encodeImgGrpIndex = validateStr[2];

    final int decodeAns = decodeResponse(getChallengeId(), encodeAns);
    final int decodeFullBgImgIndex = decodeResponse(getChallengeId(), encodeFullBgImgIndex);
    final int decodeImgGrpIndex = decodeResponse(getChallengeId(), encodeImgGrpIndex);

    final String validateResult =
        validateFailImage(decodeAns, decodeFullBgImgIndex, decodeImgGrpIndex);

    if (!validateResult.equals(FAIL_RES)) {
      // 使用一随机标识来丢弃掉此次验证,防止重放
      final Long rnd1 = round(random() * 100);
      final String md5Str1 = md5Encode(rnd1 + "");
      setChallengeId(md5Str1);
    }

    return validateResult;
  }