|
|
@@ -5,6 +5,7 @@ import kd.bos.cache.TempFileCache;
|
|
|
import kd.bos.dataentity.entity.DynamicObject;
|
|
|
import kd.bos.fileservice.FileService;
|
|
|
import kd.bos.fileservice.FileServiceFactory;
|
|
|
+import kd.bos.fileservice.utils.FileTimeoutUtil;
|
|
|
import kd.bos.logging.Log;
|
|
|
import kd.bos.logging.LogFactory;
|
|
|
import kd.bos.orm.query.QCP;
|
|
|
@@ -12,6 +13,7 @@ import kd.bos.orm.query.QFilter;
|
|
|
import kd.bos.servicehelper.AttachmentDto;
|
|
|
import kd.bos.servicehelper.AttachmentServiceHelper;
|
|
|
import kd.bos.servicehelper.BusinessDataServiceHelper;
|
|
|
+import kd.bos.util.FileUtils;
|
|
|
import org.apache.http.client.methods.CloseableHttpResponse;
|
|
|
import org.apache.http.client.methods.HttpPost;
|
|
|
import org.apache.http.conn.ssl.NoopHostnameVerifier;
|
|
|
@@ -33,10 +35,7 @@ import java.io.*;
|
|
|
import java.security.cert.CertificateException;
|
|
|
import java.security.cert.X509Certificate;
|
|
|
import java.text.DecimalFormat;
|
|
|
-import java.util.ArrayList;
|
|
|
-import java.util.Arrays;
|
|
|
-import java.util.List;
|
|
|
-import java.util.Map;
|
|
|
+import java.util.*;
|
|
|
|
|
|
|
|
|
public class FileSECUtils {
|
|
|
@@ -146,7 +145,7 @@ public class FileSECUtils {
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
- public static InputStream decodeFileForSEC(int fileSize,InputStream inputStream){
|
|
|
+ public static InputStream decodeFileForSEC(long fileSize,InputStream inputStream){
|
|
|
Map<String, String> mapentity = CommonHelperUtils.getCommonParams("SEC");
|
|
|
if(mapentity == null){
|
|
|
return null;
|
|
|
@@ -278,84 +277,63 @@ public class FileSECUtils {
|
|
|
}
|
|
|
|
|
|
public static InputStream processFileWithSEC(String path, InputStream inputStream) {
|
|
|
- InputStream tmpInputStream = inputStream;
|
|
|
+ File tempFile = null;
|
|
|
+ try {
|
|
|
+ String fileUuid = UUID.randomUUID().toString().replace("-", "");
|
|
|
+ String filepath = System.getProperty("java.io.tmpdir") + "/" + fileUuid;
|
|
|
+ // 1. 将 InputStream 写入本地临时文件
|
|
|
+ tempFile = File.createTempFile(filepath,"");
|
|
|
|
|
|
+ logger.info("--------------SEC附件检查,临时文件路径:" + filepath);
|
|
|
+
|
|
|
+ try (FileOutputStream fos = new FileOutputStream(tempFile)) {
|
|
|
+ byte[] buffer = new byte[1024];
|
|
|
+ int bytesRead;
|
|
|
+ while ((bytesRead = inputStream.read(buffer)) != -1) {
|
|
|
+ fos.write(buffer, 0, bytesRead);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ //返回临时文件输入流,不能使用的文件流
|
|
|
+ InputStream tmpInputStream = new FileInputStream(tempFile);
|
|
|
|
|
|
-//// File tempFile = null;
|
|
|
- try {
|
|
|
-// logger.info("--------------SEC附件解密 processFileWithSEC1 ----------------");
|
|
|
-//// String filename = getFileNameWithoutExtension(path);
|
|
|
-//// String filetype = getFileType(filename);
|
|
|
-//// /**
|
|
|
-//// * 判断是否是媒体文件,如果是媒体文件,则不进行处理
|
|
|
-//// */
|
|
|
-//// boolean isMedia = isMediaFile(filetype);
|
|
|
-//// if(isMedia){
|
|
|
-//// return inputStream;
|
|
|
-//// }
|
|
|
-//// String filepath = System.getProperty("java.io.tmpdir") + "/" + filename;
|
|
|
-//// // 1. 将 InputStream 写入本地临时文件
|
|
|
-//// tempFile = File.createTempFile(filepath,"."+filetype);
|
|
|
-//// logger.info("--------------SEC附件临时路径 "+filepath,"."+filetype+" ----------------");
|
|
|
-//// tempFile.deleteOnExit(); // 确保 JVM 退出时删除临时文件
|
|
|
-////
|
|
|
-//// try (FileOutputStream fos = new FileOutputStream(tempFile)) {
|
|
|
-//// byte[] buffer = new byte[1024];
|
|
|
-//// int bytesRead;
|
|
|
-//// while ((bytesRead = inputStream.read(buffer)) != -1) {
|
|
|
-//// fos.write(buffer, 0, bytesRead);
|
|
|
-//// }
|
|
|
-//// }
|
|
|
-//// //返回临时文件输入流,不能使用的文件流
|
|
|
-//
|
|
|
-// if(true){
|
|
|
-// return inputStream;
|
|
|
-// }
|
|
|
-//
|
|
|
-//
|
|
|
-// InputStream tmpInputStream = inputStream;//new FileInputStream(tempFile);
|
|
|
-//
|
|
|
-//
|
|
|
-//
|
|
|
// 2. 调用是否加密接口方法
|
|
|
- int isEncrypted = checkFileIsEncryptionRest(inputStream);
|
|
|
+ int isEncrypted = checkFileIsEncryptionRest(new FileInputStream(tempFile));
|
|
|
if (isEncrypted == -1) {
|
|
|
logger.info("--------------SEC附件检查,文件加密状态检查失败----------------");
|
|
|
+
|
|
|
+ String tempPath = FileUtils.checkFileUrl(filepath);
|
|
|
+ FileTimeoutUtil.removeFile(tempPath, null, 10 * 1000); // 定时 120 秒后删除文件
|
|
|
+
|
|
|
return tmpInputStream;
|
|
|
} else if (isEncrypted == 0) {
|
|
|
logger.info("--------------SEC附件检查,是明文无需解密----------------");
|
|
|
- return tmpInputStream;
|
|
|
- }
|
|
|
- int fileSize = 0;
|
|
|
|
|
|
- InputStream tmpInputStream1 = inputStream;
|
|
|
+ String tempPath = FileUtils.checkFileUrl(filepath);
|
|
|
+ FileTimeoutUtil.removeFile(tempPath, null, 10 * 1000); // 定时 120 秒后删除文件
|
|
|
|
|
|
- byte[] bytes = StreamUtils.copyToByteArray(tmpInputStream);
|
|
|
- fileSize = inputStream.read(bytes);
|
|
|
-
|
|
|
- logger.info("--------------SEC附件解密,文件大小:" + fileSize + "----------------");
|
|
|
+ return tmpInputStream;
|
|
|
+ }
|
|
|
|
|
|
// 3. 获取文件大小
|
|
|
-// int fileSize = tempFile.length();
|
|
|
+ long fileSize = tempFile.length();
|
|
|
|
|
|
// 4. 调用解密方法
|
|
|
- InputStream decryptedInputStream = decodeFileForSEC(fileSize, tmpInputStream);
|
|
|
+ InputStream decryptedInputStream = decodeFileForSEC(fileSize, new FileInputStream(tempFile));
|
|
|
if (decryptedInputStream == null) {
|
|
|
logger.info("--------------SEC附件解密,文件解密失败----------------");
|
|
|
- return tmpInputStream1;
|
|
|
+ return tmpInputStream;
|
|
|
}
|
|
|
|
|
|
-
|
|
|
-// // 5. 删除临时文件
|
|
|
-// if (!tempFile.delete()) {
|
|
|
-// logger.info("--------------SEC附件解密,无法删除临时文件----------------");
|
|
|
-// }
|
|
|
+ // 5. 删除临时文件
|
|
|
+ if (!tempFile.delete()) {
|
|
|
+ logger.info("--------------SEC附件加密,无法删除临时文件----------------");
|
|
|
+ }
|
|
|
|
|
|
// 返回解密后的输入流
|
|
|
return decryptedInputStream;
|
|
|
|
|
|
} catch (IOException e) {
|
|
|
- e.printStackTrace();
|
|
|
+ //e.printStackTrace();
|
|
|
logger.info("--------------SEC附件解密 处理过程中发生错误1: " + e.getMessage());
|
|
|
return null;
|
|
|
} finally {
|
wanghaiwu