移除云片短信渠道,解决云片的安全风险

pull/13/MERGE
YunaiV 2022-11-25 21:07:56 +08:00
parent 3c244fd44d
commit 583cb9388a
8 changed files with 3 additions and 44 deletions

View File

@ -12,7 +12,7 @@
<packaging>jar</packaging> <packaging>jar</packaging>
<name>${project.artifactId}</name> <name>${project.artifactId}</name>
<description>短信拓展,支持阿里云、云片、腾讯云</description> <description>短信拓展,支持阿里云、腾讯云</description>
<url>https://github.com/YunaiV/ruoyi-vue-pro</url> <url>https://github.com/YunaiV/ruoyi-vue-pro</url>
<dependencies> <dependencies>

View File

@ -5,7 +5,6 @@ import cn.iocoder.yudao.framework.sms.core.client.SmsClientFactory;
import cn.iocoder.yudao.framework.sms.core.client.impl.aliyun.AliyunSmsClient; import cn.iocoder.yudao.framework.sms.core.client.impl.aliyun.AliyunSmsClient;
import cn.iocoder.yudao.framework.sms.core.client.impl.debug.DebugDingTalkSmsClient; import cn.iocoder.yudao.framework.sms.core.client.impl.debug.DebugDingTalkSmsClient;
import cn.iocoder.yudao.framework.sms.core.client.impl.tencent.TencentSmsClient; import cn.iocoder.yudao.framework.sms.core.client.impl.tencent.TencentSmsClient;
import cn.iocoder.yudao.framework.sms.core.client.impl.yunpian.YunpianSmsClient;
import cn.iocoder.yudao.framework.sms.core.enums.SmsChannelEnum; import cn.iocoder.yudao.framework.sms.core.enums.SmsChannelEnum;
import cn.iocoder.yudao.framework.sms.core.property.SmsChannelProperties; import cn.iocoder.yudao.framework.sms.core.property.SmsChannelProperties;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
@ -80,7 +79,6 @@ public class SmsClientFactoryImpl implements SmsClientFactory {
// 创建客户端 // 创建客户端
switch (channelEnum) { switch (channelEnum) {
case ALIYUN: return new AliyunSmsClient(properties); case ALIYUN: return new AliyunSmsClient(properties);
case YUN_PIAN: return new YunpianSmsClient(properties);
case DEBUG_DING_TALK: return new DebugDingTalkSmsClient(properties); case DEBUG_DING_TALK: return new DebugDingTalkSmsClient(properties);
case TENCENT: return new TencentSmsClient(properties); case TENCENT: return new TencentSmsClient(properties);
} }

View File

@ -15,7 +15,6 @@ import lombok.Getter;
public enum SmsChannelEnum { public enum SmsChannelEnum {
DEBUG_DING_TALK("DEBUG_DING_TALK", "调试(钉钉)"), DEBUG_DING_TALK("DEBUG_DING_TALK", "调试(钉钉)"),
YUN_PIAN("YUN_PIAN", "云片"),
ALIYUN("ALIYUN", "阿里云"), ALIYUN("ALIYUN", "阿里云"),
TENCENT("TENCENT", "腾讯云"), TENCENT("TENCENT", "腾讯云"),
// HUA_WEI("HUA_WEI", "华为云"), // HUA_WEI("HUA_WEI", "华为云"),

View File

@ -16,7 +16,6 @@ public interface SmsFrameworkErrorCodeConstants {
// ========== 权限 / 限流等相关 2001000100 ========== // ========== 权限 / 限流等相关 2001000100 ==========
ErrorCode SMS_PERMISSION_DENY = new ErrorCode(2001000100, "没有发送短信的权限"); ErrorCode SMS_PERMISSION_DENY = new ErrorCode(2001000100, "没有发送短信的权限");
// 云片:可以配置 IP 白名单,只有在白名单中才可以发送短信
ErrorCode SMS_IP_DENY = new ErrorCode(2001000100, "IP 不允许发送短信"); ErrorCode SMS_IP_DENY = new ErrorCode(2001000100, "IP 不允许发送短信");
// 阿里云:将短信发送频率限制在正常的业务限流范围内。默认短信验证码:使用同一签名,对同一个手机号验证码,支持 1 条 / 分钟5 条 / 小时,累计 10 条 / 天。 // 阿里云:将短信发送频率限制在正常的业务限流范围内。默认短信验证码:使用同一签名,对同一个手机号验证码,支持 1 条 / 分钟5 条 / 小时,累计 10 条 / 天。

View File

@ -28,17 +28,6 @@ public class SmsCallbackController {
@Resource @Resource
private SmsSendService smsSendService; private SmsSendService smsSendService;
@PostMapping("/yunpian")
@PermitAll
@ApiOperation(value = "云片短信的回调", notes = "参见 https://www.yunpian.com/official/document/sms/zh_cn/domestic_push_report 文档")
@ApiImplicitParam(name = "sms_status", value = "发送状态", required = true, example = "[{具体内容}]", dataTypeClass = String.class)
@OperateLog(enable = false)
public String receiveYunpianSmsStatus(@RequestParam("sms_status") String smsStatus) throws Throwable {
String text = URLUtil.decode(smsStatus); // decode 解码参数,因为它被 encode
smsSendService.receiveSmsStatus(SmsChannelEnum.YUN_PIAN.getCode(), text);
return "SUCCESS"; // 约定返回 SUCCESS 为成功
}
@PostMapping("/aliyun") @PostMapping("/aliyun")
@PermitAll @PermitAll
@ApiOperation(value = "阿里云短信的回调", notes = "参见 https://help.aliyun.com/document_detail/120998.html 文档") @ApiOperation(value = "阿里云短信的回调", notes = "参见 https://help.aliyun.com/document_detail/120998.html 文档")

View File

@ -30,22 +30,6 @@ public class SmsServiceIntegrationTest extends BaseDbAndRedisIntegrationTest {
@MockBean @MockBean
private AdminUserService userService; private AdminUserService userService;
@Test
public void testSendSingleSms_yunpianSuccess() {
// 参数准备
String mobile = "15601691399";
Long userId = 1L;
Integer userType = UserTypeEnum.ADMIN.getValue();
String templateCode = "test_01";
Map<String, Object> templateParams = MapUtil.<String, Object>builder()
.put("operation", "登录").put("code", "1234").build();
// 调用
smsService.sendSingleSms(mobile, userId, userType, templateCode, templateParams);
// 等待 MQ 消费
ThreadUtil.sleep(1, TimeUnit.HOURS);
}
@Test @Test
public void testSendSingleSms_aliyunSuccess() { public void testSendSingleSms_aliyunSuccess() {
// 参数准备 // 参数准备

View File

@ -51,7 +51,6 @@
<seata.version>1.1.0</seata.version> <seata.version>1.1.0</seata.version>
<!-- 云服务相关 --> <!-- 云服务相关 -->
<qiniu.version>7.2.18</qiniu.version> <qiniu.version>7.2.18</qiniu.version>
<yunpian-java-sdk.version>1.2.7</yunpian-java-sdk.version>
<aliyun-java-sdk-core.version>4.1.0</aliyun-java-sdk-core.version> <aliyun-java-sdk-core.version>4.1.0</aliyun-java-sdk-core.version>
<!-- 监控相关 --> <!-- 监控相关 -->
<skywalking.version>8.0.1</skywalking.version> <skywalking.version>8.0.1</skywalking.version>
@ -316,14 +315,9 @@
<version>${qiniu.version}</version> <version>${qiniu.version}</version>
</dependency> </dependency>
<dependency>
<groupId>com.yunpian.sdk</groupId>
<artifactId>yunpian-java-sdk</artifactId> <!-- 云片短信 -->
<version>${yunpian-java-sdk.version}</version>
</dependency>
<dependency> <dependency>
<groupId>com.aliyun</groupId> <groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-core</artifactId> <!-- 七牛短信 --> <artifactId>aliyun-java-sdk-core</artifactId> <!-- 阿里云文件服务 -->
<version>${aliyun-java-sdk-core.version}</version> <version>${aliyun-java-sdk-core.version}</version>
</dependency> </dependency>

View File

@ -50,11 +50,7 @@
<version>1.0-SNAPSHOT</version> <version>1.0-SNAPSHOT</version>
</dependency> </dependency>
<!-- 短信平台 阿里云、云片 --> <!-- 短信平台 阿里云 -->
<dependency>
<groupId>com.yunpian.sdk</groupId>
<artifactId>yunpian-java-sdk</artifactId>
</dependency>
<dependency> <dependency>
<groupId>com.aliyun</groupId> <groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-core</artifactId> <artifactId>aliyun-java-sdk-core</artifactId>