验证token调整

a1e430eb · 严俊 · 68b865fe · a1e430eb · a1e430eb · a1e430eb
Commit a1e430eb authored Oct 09, 2024 by 严俊
4 changed files
--- a/src/main/java/com/afanticar/afantiopenapi/config/TokenInterceptor.java
+++ b/src/main/java/com/afanticar/afantiopenapi/config/TokenInterceptor.java
 package com.afanticar.afantiopenapi.config;

+import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.util.StrUtil;
+import com.afanticar.afantiopenapi.constant.Constant;
 import com.afanticar.afantiopenapi.controller.BaseController;
+import com.afanticar.afantiopenapi.feign.AfantiCasFeign;
+import com.afanticar.afantiopenapi.model.BaseResponse;
+import com.afanticar.afantiopenapi.model.vo.TokenCheckVO;
 import com.afanticar.afantiopenapi.utils.JWTUtils;
 import com.alibaba.fastjson.JSONObject;
+import feign.FeignException;
 import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
+import org.redisson.api.RBucket;
+import org.redisson.api.RLock;
+import org.redisson.api.RedissonClient;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.HandlerInterceptor;
@@ -13,6 +23,7 @@ import org.springframework.web.servlet.HandlerInterceptor;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.Set;
+import java.util.concurrent.TimeUnit;

 /**
 * @author chin
@@ -25,6 +36,12 @@ import java.util.Set;
 @ConfigurationProperties(prefix = "ignored")
 public class TokenInterceptor implements HandlerInterceptor {

+    @Autowired
+    private AfantiCasFeign casFeign;
+
+    @Autowired
+    RedissonClient redissonClient;
+
    private Set<String> uris;

    @Override
@@ -36,24 +53,60 @@ public class TokenInterceptor implements HandlerInterceptor {
        }
        String token = request.getHeader("authorization");
        if (StrUtil.isNotBlank(token)) {
+            // 红旗旧接口不进行验证
+            if(Constant.EXCLUDE_PATH.contains(requestUri)){
+                return true;
+            }
            try{
                String clientId = JWTUtils.getClientId(token);
                request.setAttribute("clientId", clientId);
+                TokenCheckVO tokenCheckVO = this.getCasToken(clientId,token);
+                if(tokenCheckVO == null || DateUtil.currentSeconds() > Long.valueOf(tokenCheckVO.getExp()).longValue()){
+                    this.writeResponse(response,"token已过期");
+                    return false;
+                }
+            }catch (FeignException e){
+                if(e.status()==HttpServletResponse.SC_UNAUTHORIZED){
+                    this.writeResponse(response,"Unauthorized");
+                    return false;
+                }
            }catch (Exception e){
-                response.setCharacterEncoding("UTF-8");
-                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-                response.setContentType("application/json");
-                response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token")));
+                this.writeResponse(response,"认证失败,无效的token");
                return false;
            }
        } else {
-            response.setCharacterEncoding("UTF-8");
-            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-            response.setContentType("application/json");
-            response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token")));
+            this.writeResponse(response,"认证失败,无效的token");
            return false;
        }
        return true;
    }

+    private void writeResponse(HttpServletResponse response, String msg) throws Exception {
+        response.setCharacterEncoding("UTF-8");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        response.setContentType("application/json");
+        response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", msg)));
+    }
+
+    private TokenCheckVO getCasToken(String clientId,String token) {
+//        RBucket<TokenCheckVO> rBucket = redissonClient.getBucket(Constant.TOKEN_REDIS_KEY+clientId);
+//        if(!rBucket.isExists()){
+//            RLock lock = redissonClient.getLock(Constant.TOKEN_REDIS_LOCK+clientId);
+//            lock.lock(5,TimeUnit.SECONDS);
+//            try{
+                TokenCheckVO checkVO = casFeign.checkToken(token);
+//                rBucket.set(checkVO,24, TimeUnit.HOURS);
+                return checkVO;
+//            }catch (Exception e){
+//                throw e;
+//            }finally {
+//                if(lock.isLocked()){
+//                    lock.unlock();
+//                }
+//            }
+//        }else{
+//            return rBucket.get();
+//        }
+    }
+
 }
--- a/src/main/java/com/afanticar/afantiopenapi/constant/Constant.java
+++ b/src/main/java/com/afanticar/afantiopenapi/constant/Constant.java
@@ -12,6 +12,12 @@ public class Constant {

    public static final String SUCCESS_CODE = "200";

+    public static final String TOKEN_REDIS_KEY = "TOKEN_";
+
+    public static final String TOKEN_REDIS_LOCK = "TOKEN_LOCK_";
+
+    public static final String EXCLUDE_PATH = "/faw/live,/faw/aweme";
+
    // key=车系name，value=车系code
    public static Map<String, String> seriesMap = new HashMap();


--- a/src/main/java/com/afanticar/afantiopenapi/feign/AfantiCasFeign.java
+++ b/src/main/java/com/afanticar/afantiopenapi/feign/AfantiCasFeign.java
 package com.afanticar.afantiopenapi.feign;

 import com.afanticar.afantiopenapi.model.BaseResponse;
+import com.afanticar.afantiopenapi.model.vo.TokenCheckVO;
 import com.afanticar.afantiopenapi.model.vo.TokenVO;
 import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;

@@ -15,11 +17,19 @@ import java.util.Map;
 public interface AfantiCasFeign {

    /**
-     * 分类标签
+     * 获取token
     * @param request 参数
     * @return JSONObject结果
     */
    @PostMapping(value = "/oauth/token")
    BaseResponse<TokenVO> predict(@RequestParam Map<String, Object> request);

+
+    /**
+     * 分类标签
+     * @param token 参数
+     * @return JSONObject结果
+     */
+    @GetMapping(value = "/oauth/check_token")
+    TokenCheckVO checkToken(@RequestParam("token") String token);
 }
--- a/src/main/java/com/afanticar/afantiopenapi/model/vo/TokenCheckVO.java
+++ b/src/main/java/com/afanticar/afantiopenapi/model/vo/TokenCheckVO.java
+package com.afanticar.afantiopenapi.model.vo;
+
+import com.alibaba.fastjson.annotation.JSONType;
+import com.fasterxml.jackson.databind.annotation.JsonNaming;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author chin
+ * @contact chenyan@afanticar.com
+ * @since 2023/4/27/027
+ */
+@Data
+@JsonNaming(value = com.fasterxml.jackson.databind.PropertyNamingStrategy.SnakeCaseStrategy.class)
+@JSONType(naming = com.alibaba.fastjson.PropertyNamingStrategy.SnakeCase)
+public class TokenCheckVO {
+
+    @ApiModelProperty(value = "", example = "wastehh")
+    private Boolean active;
+
+    @ApiModelProperty(value = "过期时间-秒")
+    private String exp;
+
+    private String jti;
+
+    @ApiModelProperty(value = "客服端id")
+    private String clientId;
+
+}