TASK:证书接收测试;

src/main/java/com/ai/da/controller/ThirdPartyController.java

@@ -7,11 +7,14 @@ import com.ai.da.service.AccountService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
+import java.security.cert.X509Certificate;
 
 
 @Api(tags = "Third Party Modules")
@@ -62,4 +65,22 @@ public class ThirdPartyController {
     public Response<Boolean> existNoLoginRequired(@RequestBody NoLoginRequiredDTO noLoginRequiredDTO) {
         return Response.success(accountService.existNoLoginRequired(noLoginRequiredDTO));
     }
+
+    @GetMapping("/your-secured-endpoint")
+//    @PreAuthorize("hasRole('ROLE_USER')")
+    public String securedEndpoint(HttpServletRequest request, @AuthenticationPrincipal PreAuthenticatedAuthenticationToken authenticationToken) {
+        // 从请求属性中获取证书
+        X509Certificate[] certificates = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
+        if (certificates != null && certificates.length > 0) {
+            X509Certificate clientCertificate = certificates[0];
+            // 可以从 clientCertificate 中获取证书信息，例如主题、颁发者等
+            String subject = clientCertificate.getSubjectX500Principal().getName();
+            String issuer = clientCertificate.getIssuerX500Principal().getName();
+            // 处理逻辑
+            return "Secured Endpoint. Client Subject: " + subject + ", Issuer: " + issuer;
+        } else {
+            // 证书不存在或获取失败
+            return "Failed to retrieve client certificate.";
+        }
+    }
 }