Commit c5975f1d authored by 严俊's avatar 严俊

Merge branch 'dev-activity-faw' of...

Merge branch 'dev-activity-faw' of http://gitlab.afanticar.com:13140/java-ms/afanti-open-api into develop
parents 6a5e4989 2f2fae1b
package com.afanticar.afantiopenapi.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import java.util.Set;
@Data
@Configuration
@ConfigurationProperties(prefix = "ignored")
public class IgnoredUri {
private Set<String> uris;
}
package com.afanticar.afantiopenapi.config; package com.afanticar.afantiopenapi.config;
import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.afanticar.afantiopenapi.constant.Constant;
import com.afanticar.afantiopenapi.controller.BaseController; import com.afanticar.afantiopenapi.controller.BaseController;
import com.afanticar.afantiopenapi.feign.AfantiCasFeign;
import com.afanticar.afantiopenapi.model.BaseResponse;
import com.afanticar.afantiopenapi.model.vo.TokenCheckVO;
import com.afanticar.afantiopenapi.utils.JWTUtils; import com.afanticar.afantiopenapi.utils.JWTUtils;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import feign.FeignException;
import lombok.Setter; import lombok.Setter;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.redisson.api.RBucket;
import org.redisson.api.RLock;
import org.redisson.api.RedissonClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.HandlerInterceptor;
...@@ -13,6 +23,7 @@ import org.springframework.web.servlet.HandlerInterceptor; ...@@ -13,6 +23,7 @@ import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.Set; import java.util.Set;
import java.util.concurrent.TimeUnit;
/** /**
* @author chin * @author chin
...@@ -22,38 +33,80 @@ import java.util.Set; ...@@ -22,38 +33,80 @@ import java.util.Set;
@Slf4j @Slf4j
@Setter @Setter
@Component @Component
@ConfigurationProperties(prefix = "ignored")
public class TokenInterceptor implements HandlerInterceptor { public class TokenInterceptor implements HandlerInterceptor {
private Set<String> uris; @Autowired
private AfantiCasFeign casFeign;
@Autowired
RedissonClient redissonClient;
@Autowired
private IgnoredUri ignoredUri;
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String requestUri = request.getRequestURI(); String requestUri = request.getRequestURI();
log.info("请求uri" + requestUri); log.info("请求uri" + requestUri);
if (uris.contains(requestUri)) { if (ignoredUri.getUris().contains(requestUri)) {
return true; return true;
} }
String token = request.getHeader("authorization"); String token = request.getHeader("authorization");
if (StrUtil.isNotBlank(token)) { if (StrUtil.isNotBlank(token)) {
// 红旗旧接口不进行验证
if(Constant.EXCLUDE_PATH.contains(requestUri)){
return true;
}
try{ try{
String clientId = JWTUtils.getClientId(token); String clientId = JWTUtils.getClientId(token);
request.setAttribute("clientId", clientId); request.setAttribute("clientId", clientId);
TokenCheckVO tokenCheckVO = this.getCasToken(clientId,token);
if(tokenCheckVO == null || DateUtil.currentSeconds() > Long.valueOf(tokenCheckVO.getExp()).longValue()){
this.writeResponse(response,"token已过期");
return false;
}
}catch (FeignException e){
if(e.status()==HttpServletResponse.SC_UNAUTHORIZED){
this.writeResponse(response,"Unauthorized");
return false;
}
}catch (Exception e){ }catch (Exception e){
response.setCharacterEncoding("UTF-8"); this.writeResponse(response,"认证失败,无效的token");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType("application/json");
response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token")));
return false; return false;
} }
} else { } else {
this.writeResponse(response,"认证失败,无效的token");
return false;
}
return true;
}
private void writeResponse(HttpServletResponse response, String msg) throws Exception {
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType("application/json"); response.setContentType("application/json");
response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token"))); response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", msg)));
return false;
} }
return true;
private TokenCheckVO getCasToken(String clientId,String token) {
// RBucket<TokenCheckVO> rBucket = redissonClient.getBucket(Constant.TOKEN_REDIS_KEY+clientId);
// if(!rBucket.isExists()){
// RLock lock = redissonClient.getLock(Constant.TOKEN_REDIS_LOCK+clientId);
// lock.lock(5,TimeUnit.SECONDS);
// try{
TokenCheckVO checkVO = casFeign.checkToken(token);
// rBucket.set(checkVO,24, TimeUnit.HOURS);
return checkVO;
// }catch (Exception e){
// throw e;
// }finally {
// if(lock.isLocked()){
// lock.unlock();
// }
// }
// }else{
// return rBucket.get();
// }
} }
} }
...@@ -12,6 +12,12 @@ public class Constant { ...@@ -12,6 +12,12 @@ public class Constant {
public static final String SUCCESS_CODE = "200"; public static final String SUCCESS_CODE = "200";
public static final String TOKEN_REDIS_KEY = "TOKEN_";
public static final String TOKEN_REDIS_LOCK = "TOKEN_LOCK_";
public static final String EXCLUDE_PATH = "/faw/live,/faw/aweme";
// key=车系name,value=车系code // key=车系name,value=车系code
public static Map<String, String> seriesMap = new HashMap(); public static Map<String, String> seriesMap = new HashMap();
......
package com.afanticar.afantiopenapi.feign; package com.afanticar.afantiopenapi.feign;
import com.afanticar.afantiopenapi.model.BaseResponse; import com.afanticar.afantiopenapi.model.BaseResponse;
import com.afanticar.afantiopenapi.model.vo.TokenCheckVO;
import com.afanticar.afantiopenapi.model.vo.TokenVO; import com.afanticar.afantiopenapi.model.vo.TokenVO;
import org.springframework.cloud.openfeign.FeignClient; import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
...@@ -15,11 +17,19 @@ import java.util.Map; ...@@ -15,11 +17,19 @@ import java.util.Map;
public interface AfantiCasFeign { public interface AfantiCasFeign {
/** /**
* 分类标签 * 获取token
* @param request 参数 * @param request 参数
* @return JSONObject结果 * @return JSONObject结果
*/ */
@PostMapping(value = "/oauth/token") @PostMapping(value = "/oauth/token")
BaseResponse<TokenVO> predict(@RequestParam Map<String, Object> request); BaseResponse<TokenVO> predict(@RequestParam Map<String, Object> request);
/**
* 分类标签
* @param token 参数
* @return JSONObject结果
*/
@GetMapping(value = "/oauth/check_token")
TokenCheckVO checkToken(@RequestParam("token") String token);
} }
package com.afanticar.afantiopenapi.model.vo;
import com.alibaba.fastjson.annotation.JSONType;
import com.fasterxml.jackson.databind.annotation.JsonNaming;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
/**
* @author chin
* @contact chenyan@afanticar.com
* @since 2023/4/27/027
*/
@Data
@JsonNaming(value = com.fasterxml.jackson.databind.PropertyNamingStrategy.SnakeCaseStrategy.class)
@JSONType(naming = com.alibaba.fastjson.PropertyNamingStrategy.SnakeCase)
public class TokenCheckVO {
@ApiModelProperty(value = "", example = "wastehh")
private Boolean active;
@ApiModelProperty(value = "过期时间-秒")
private String exp;
private String jti;
@ApiModelProperty(value = "客服端id")
private String clientId;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment