微信群公告报告怎么读取?如何进行访问请求来源的验证
微信群公告报告怎么读取?如何进行访问请求来源的验证需要验证那几个地方可以直接调用验证方法组合即可可以进行自定义api验证规则比如phone端的验证,也可以对所有接口都进行验证。第二种在业务调用时可以根据具体业务选择几个维度进行验证。我们编写一个验证的实体:VerFifyFromModel/** * 是否是手机 */ private boolean isphone; private boolean isOurApp; /** * 是否是android手机 */ private boolean isAndoid; /** * 是否是isApple手机 */ private boolean isApple; /** * 是否是isWindowsPhone手机 */ private boolean isWindowsPhone; /** * 是否是微信电脑端手机 */ private boolean
关于接口安全的另一种安全验证,我们熟知的安全验证是基于token的签名验证,在本框架中涉及的多重验证功能前期几篇文章中已做过介绍,本次主要讲针对访问的请求来源验证,此次验证的方式是基于http请求的接口验证,验证内容主要包括ua,自定义ua http请求头和访问host,refer验证。
验证这个有什么用?比如有这样的需求,数据访问只能来自某个平台的某一种途径,比如只能来自android请求host为‘xxx.com’,自定义ua包含aaa_tttt字符串,请求只能来自微信群。那么以上就可以解决这个问题。除了解决这个问题外也增加了一些安全性。
那么这个在什么时候验证呢?为了满足差异性需求我个人建议设计成两种调用方式,
第一种在filter层进行全局验证,可以验证是否来自自己的客户端的请求,验证参数随时可调整。
第二种在业务调用时可以根据具体业务选择几个维度进行验证。
我们先看一下验证的结果:
我们编写一个验证的实体:VerFifyFromModel
/** * 是否是手机 */ private boolean isphone; private boolean isOurApp; /** * 是否是android手机 */ private boolean isAndoid; /** * 是否是isApple手机 */ private boolean isApple; /** * 是否是isWindowsPhone手机 */ private boolean isWindowsPhone; /** * 是否是微信电脑端手机 */ private boolean isWechatPC; /** * 是否是pc */ private boolean isPC; /** * 是否是手机端微信 * @return */ private boolean isWechatPhone; /** * 访问设备来源平台系统 */ public String from; /** * 访问来源是否来自本系统域名 */ public boolean isMyhost; /** * 是否包含ua自定义app信息 */ public boolean isMyUa; /** * 访问请求来自于那个应用如,手机qq */ private String formApp; /** * 来自电脑端微信群 */ private boolean wechatGroupmessagePc; /** * 来自手机端微信群 */ private boolean wechatGroupmessagePhone; /** * 来自电脑端微信个人分享 */ private boolean wechatSinglemessagePc; /** * 来自手机端微信个人分享 */ private boolean wechatSinglemessagePhone; /** * 微信PC端朋友圈的分享 */ private boolean wechatTimelinePC; /** * 微信手机端端朋友圈的分享 */ private boolean wechatTimelinePhone; public boolean isOurApp() { return isMyUa&&isMyhost&&isPhone(); } public boolean isMyUa() { return isMyUa; } public VerFifyFromModel setMyUa(boolean isMyUa) { this.isMyUa = isMyUa; return this; } public boolean isWechatTimelinePC() { return wechatTimelinePC; } public VerFifyFromModel setWechatTimelinePC(boolean wechatTimelinePC) { this.wechatTimelinePC = wechatTimelinePC; return this; } public boolean isWechatTimelinePhone() { return wechatTimelinePhone; } public VerFifyFromModel setWechatTimelinePhone(boolean wechatTimelinePhone) { this.wechatTimelinePhone = wechatTimelinePhone; return this; } public boolean isWechatGroupmessagePc() { return wechatGroupmessagePc; } public VerFifyFromModel setWechatGroupmessagePc(boolean wechatGroupmessagePc) { this.wechatGroupmessagePc = wechatGroupmessagePc; return this; } public boolean isWechatGroupmessagePhone() { return wechatGroupmessagePhone; } public VerFifyFromModel setWechatGroupmessagePhone(boolean wechatGroupmessagePhone) { this.wechatGroupmessagePhone = wechatGroupmessagePhone; return this; } public boolean isWechatSinglemessagePc() { return wechatSinglemessagePc; } public VerFifyFromModel setWechatSinglemessagePc(boolean wechatSinglemessagePc) { this.wechatSinglemessagePc = wechatSinglemessagePc; return this; } public boolean isWechatSinglemessagePhone() { return wechatSinglemessagePhone; } public VerFifyFromModel setWechatSinglemessagePhone(boolean wechatSinglemessagePhone) { this.wechatSinglemessagePhone = wechatSinglemessagePhone; return this; } public String isFormApp() { return formApp; } public VerFifyFromModel setFormApp(String formApp) { this.formApp = formApp; return this; } public boolean getIsMyhost() { return isMyhost; } public VerFifyFromModel setIsMyhost(boolean isMyhost) { this.isMyhost = isMyhost; return this; } public boolean isPhone() { return isAndoid||isApple||isWindowsPhone?true:false; } public boolean isAndoid() { return isAndoid; } public VerFifyFromModel setAndoid(boolean isAndoid) { this.isAndoid = isAndoid; return this; } public boolean isApple() { return isApple; } public VerFifyFromModel setApple(boolean isApple) { this.isApple = isApple; return this; } public boolean isWindowsPhone() { return isWindowsPhone; } public VerFifyFromModel setWindowsPhone(boolean isWindowsPhone) { this.isWindowsPhone = isWindowsPhone; return this; } public boolean isWechatPC() { return isWechatPC; } public VerFifyFromModel setWechatPC(boolean isWechatPC) { this.isWechatPC = isWechatPC; return this; } public boolean isPC() { return isPC; } public VerFifyFromModel setPC(boolean isPC) { this.isPC = isPC; return this; } public boolean isWechatPhone() { return isWechatPhone; } public VerFifyFromModel setWechatPhone(boolean isWechatPhone) { this.isWechatPhone = isWechatPhone; return this; } public String getFrom() { return from; } public VerFifyFromModel setFrom(String from) { this.from = from; return this; }
首先假设我们的项目要对所有接口的访问的请求来源做验证,所以我们直接定义一个过滤器,然后在过滤器里调用验证。
可以进行自定义api验证规则比如phone端的验证,也可以对所有接口都进行验证。
需要验证那几个地方可以直接调用验证方法组合即可
验证详细代码如下:
static String[] deviceArray = new String[] { "android" "mac os" "windows phone" "micromessenger" "yyb_d qq" "vivobrowser" "qzone" "baiduboxapp" "wkbrowser" "dingtalk" "(ap/" "samsungbrowser" "weibo" "windowswechat" "axxxxxx_data" }; public static VerFifyFromModel form(HttpServletRequest request) { VerFifyFromModel wm = new VerFifyFromModel(); String requestHeader = request.getHeader("User-Agent").toLowerCase(); String requestHeaderHost = request.getHeader("Host").toLowerCase(); if (requestHeader.indexOf(deviceArray[0]) != -1 ) { wm.setFrom("android device "); wm.setAndoid(true); } else if (requestHeader.indexOf(deviceArray[1]) != -1) { wm.setFrom("apple device "); wm.setApple(true); } else if (requestHeader.indexOf(deviceArray[2]) != -1 ) { wm.setFrom("windows phone "); wm.setWindowsPhone(true); } if(requestHeader.indexOf(deviceArray[14]) != -1) { wm.setMyUa(true); } if (requestHeaderHost.equals(ProJectUtils.projectURL(request))) { wm.setIsMyhost(true); } String result = null; if (requestHeader.indexOf(deviceArray[3]) > 0) { if (null != request.getParameter("from")) { if (request.getParameter("from").equals("timeline")) { if (requestHeader.indexOf(deviceArray[13]) > 0) { result = "来自 微信PC端朋友圈的分享链接"; wm.setWechatTimelinePC(true); } else { result = "来自 微信手机端朋友圈的分享链接"; wm.setWechatTimelinePhone(true); } } else if (request.getParameter("from").equals("groupmessage")) { if (requestHeader.indexOf(deviceArray[13]) > 0) { result = "来自 微信PC端群的分享"; wm.setWechatGroupmessagePc(true); } else { result = "来自 微信手机端群的分享"; wm.setWechatGroupmessagePhone(true); } } else if (request.getParameter("from").equals("singlemessage")) { if (requestHeader.indexOf(deviceArray[13]) > 0) { result = "来自微信PC端群个人的分享"; wm.setWechatSinglemessagePc(true); } else { result = "来自微信手机端群个人的分享"; wm.setWechatSinglemessagePhone(true); } } } else if (null != request.getParameter("winzoom")) { if (request.getParameter("winzoom").equals("1")) { result = "来自 微信电脑端浏览器客户端直接访问"; wm.setWechatPC(true); } } else { if (request.getHeader("referer")!=null&&request.getHeader("referer").contains("from=groupmessage")) { result = "来自微信手机端群的分享"; wm.setWechatGroupmessagePhone(true); } else if(requestHeader.indexOf(deviceArray[13]) > 0) { result = "来自PC端微信连接直接访问"; wm.setWechatPC(true);//需要测试 }else { result = "来自 微信连接直接访问"; wm.setWechatPhone(true);//需要测试 } } } else if (requestHeader.indexOf(deviceArray[4]) > 0) { result = "来自 qq客户端访问"; } else if (requestHeader.indexOf(deviceArray[5]) > 0) { result = "来自 vivo浏览器客户端"; } else if (requestHeader.indexOf(deviceArray[6]) > 0) { result = "来自 qq空间客户端"; } else if (requestHeader.indexOf(deviceArray[7]) > 0) { result = "来自 百度客户端"; } else if (requestHeader.indexOf(deviceArray[8]) > 0) { result = "来自 万能钥匙"; } else if (requestHeader.indexOf(deviceArray[9]) > 0) { result = "来自 钉钉"; } else if (requestHeader.indexOf(deviceArray[10]) > 0) { result = "来自 支付宝"; } else if (requestHeader.indexOf(deviceArray[11]) > 0) { result = "来自 三星浏览器"; } else if (requestHeader.indexOf(deviceArray[12]) > 0) { result = "来自 新浪微博客户端"; } else { result = "来自 PC端浏览器"; } wm.setFormApp(result); return wm; }
以上代码中我分析了一部分请求来源,自己可以根据实际需要进行删减、扩充。
