From 25d0be651443cecf5fdf015ce6c633b0c3e4648f Mon Sep 17 00:00:00 2001
From: Xiaoyu PENG <peng.xiaoyu@gmail.com>
Date: Fri, 6 Jan 2023 17:44:38 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8DAbstractSigner?=
 =?UTF-8?q?=E5=B9=B6=E5=8F=91=E9=94=99=E8=AF=AF=20(#115)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: 修复AbstractSigner并发错误

resolve #114

* bump version v0.2.5
---
 README.md                                     | 12 +++++-----
 buildSrc/src/main/groovy/common.gradle        |  2 +-
 .../pay/java/core/cipher/AbstractSigner.java  | 22 ++++++++++---------
 3 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index cb6a3e55..f37bdd9d 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 [![JavaDoc](http://img.shields.io/badge/javadoc-reference-blue.svg)](https://www.javadoc.io/doc/com.github.wechatpay-apiv3/wechatpay-java/latest/index.html)
-![Maven Central](https://img.shields.io/maven-central/v/com.github.wechatpay-apiv3/wechatpay-java?versionPrefix=0.2.4)
+![Maven Central](https://img.shields.io/maven-central/v/com.github.wechatpay-apiv3/wechatpay-java?versionPrefix=0.2.5)
 [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=wechatpay-apiv3_wechatpay-java&metric=security_rating)](https://sonarcloud.io/summary/overall?id=wechatpay-apiv3_wechatpay-java)
 [![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=wechatpay-apiv3_wechatpay-java&metric=sqale_rating)](https://sonarcloud.io/summary/overall?id=wechatpay-apiv3_wechatpay-java)
 [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=wechatpay-apiv3_wechatpay-java&metric=coverage)](https://sonarcloud.io/summary/overall?id=wechatpay-apiv3_wechatpay-java)
@@ -30,7 +30,7 @@
 #### Gradle
 在你的 build.gradle 文件中加入如下的依赖
 ```groovy
-implementation 'com.github.wechatpay-apiv3:wechatpay-java:0.2.4'
+implementation 'com.github.wechatpay-apiv3:wechatpay-java:0.2.5'
 ```
 
 #### Maven
@@ -39,7 +39,7 @@ implementation 'com.github.wechatpay-apiv3:wechatpay-java:0.2.4'
 <dependency>
   <groupId>com.github.wechatpay-apiv3</groupId>
   <artifactId>wechatpay-java</artifactId>
-  <version>0.2.4</version>
+  <version>0.2.5</version>
 </dependency>
 ```
 
@@ -174,9 +174,9 @@ Config config =
 同时，`RSAAutoCertificateProvider` 会启动一个后台线程，定时更新证书（目前设计为60分钟），以实现证书过期时的新老证书平滑切换。
 
 > **Note**
-> 
+>
 > 每个商户号只能创建一个 `RSAAutoCertificateConfig`。同一个商户号构造多个实例，会抛出 `IllegalStateException` 异常。
-> 
+>
 > 我们建议你将配置类作为全局变量。如果你的程序是多线程，建议使用**多线程安全**的单例模式。
 
 
@@ -268,7 +268,7 @@ inputStream.close();
 ```
 
 > **Warning**
-> 
+>
 > 开发者在下载文件之后，应使用第一步获取的账单摘要校验文件的完整性。
 
 ## 敏感信息加解密
diff --git a/buildSrc/src/main/groovy/common.gradle b/buildSrc/src/main/groovy/common.gradle
index 357b74de..0a7fa556 100644
--- a/buildSrc/src/main/groovy/common.gradle
+++ b/buildSrc/src/main/groovy/common.gradle
@@ -7,7 +7,7 @@ plugins {
     id "jacoco"
 }
 
-version "0.2.4"
+version "0.2.5"
 group "com.github.wechatpay-apiv3"
 compileJava.options.encoding = "UTF-8"
 compileTestJava.options.encoding = "UTF-8"
diff --git a/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractSigner.java b/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractSigner.java
index f7e3ca6f..d3f47763 100644
--- a/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractSigner.java
+++ b/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractSigner.java
@@ -14,7 +14,8 @@ public abstract class AbstractSigner implements Signer {
 
   private final String certificateSerialNumber;
   private final String algorithm;
-  private final Signature signature;
+  private final String algorithmName;
+  private final PrivateKey privateKey;
 
   /**
    * AbstractSigner 构造函数
@@ -30,25 +31,26 @@ protected AbstractSigner(
       String certificateSerialNumber,
       PrivateKey privateKey) {
     this.algorithm = requireNonNull(algorithm);
+    this.algorithmName = requireNonNull(algorithmName);
     this.certificateSerialNumber = requireNonNull(certificateSerialNumber);
-    try {
-      this.signature = Signature.getInstance(algorithmName);
-      this.signature.initSign(privateKey);
-    } catch (NoSuchAlgorithmException e) {
-      throw new UnsupportedOperationException(
-          "The current Java environment does not support " + algorithmName, e);
-    } catch (InvalidKeyException e) {
-      throw new IllegalArgumentException(algorithm + " signature uses an illegal privateKey.", e);
-    }
+    this.privateKey = requireNonNull(privateKey);
   }
 
   @Override
   public SignatureResult sign(String message) {
     requireNonNull(message);
+
     byte[] sign;
     try {
+      Signature signature = Signature.getInstance(algorithmName);
+      signature.initSign(privateKey);
       signature.update(message.getBytes(StandardCharsets.UTF_8));
       sign = signature.sign();
+    } catch (NoSuchAlgorithmException e) {
+      throw new UnsupportedOperationException(
+          "The current Java environment does not support " + algorithmName, e);
+    } catch (InvalidKeyException e) {
+      throw new IllegalArgumentException(algorithm + " signature uses an illegal privateKey.", e);
     } catch (SignatureException e) {
       throw new RuntimeException("An error occurred during the sign process.", e);
     }