|
@ -4,13 +4,16 @@ import com.epmet.commons.tools.exception.EpmetErrorCode; |
|
|
import com.epmet.commons.tools.exception.ExceptionUtils; |
|
|
import com.epmet.commons.tools.exception.ExceptionUtils; |
|
|
import com.epmet.commons.tools.exception.RenException; |
|
|
import com.epmet.commons.tools.exception.RenException; |
|
|
import com.epmet.commons.tools.utils.Result; |
|
|
import com.epmet.commons.tools.utils.Result; |
|
|
|
|
|
import com.epmet.filter.CpProperty; |
|
|
import org.apache.commons.lang3.StringUtils; |
|
|
import org.apache.commons.lang3.StringUtils; |
|
|
import org.slf4j.Logger; |
|
|
import org.slf4j.Logger; |
|
|
import org.slf4j.LoggerFactory; |
|
|
import org.slf4j.LoggerFactory; |
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
import org.springframework.cloud.gateway.filter.GatewayFilterChain; |
|
|
import org.springframework.cloud.gateway.filter.GatewayFilterChain; |
|
|
import org.springframework.http.HttpHeaders; |
|
|
import org.springframework.http.HttpHeaders; |
|
|
|
|
|
import org.springframework.http.server.reactive.ServerHttpRequest; |
|
|
import org.springframework.stereotype.Component; |
|
|
import org.springframework.stereotype.Component; |
|
|
|
|
|
import org.springframework.util.AntPathMatcher; |
|
|
import org.springframework.web.server.ServerWebExchange; |
|
|
import org.springframework.web.server.ServerWebExchange; |
|
|
import reactor.core.publisher.Mono; |
|
|
import reactor.core.publisher.Mono; |
|
|
|
|
|
|
|
@ -41,9 +44,30 @@ public class ExternalAuthProcessor extends AuthProcessor { |
|
|
@Autowired |
|
|
@Autowired |
|
|
private ExtAppMD5AuthProcessor md5AuthProcessor; |
|
|
private ExtAppMD5AuthProcessor md5AuthProcessor; |
|
|
|
|
|
|
|
|
|
|
|
private final AntPathMatcher antPathMatcher = new AntPathMatcher(); |
|
|
|
|
|
|
|
|
|
|
|
@Autowired |
|
|
|
|
|
private CpProperty cpProperty; |
|
|
|
|
|
|
|
|
@Override |
|
|
@Override |
|
|
public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) { |
|
|
public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) { |
|
|
HttpHeaders headers = exchange.getRequest().getHeaders(); |
|
|
ServerHttpRequest request = exchange.getRequest(); |
|
|
|
|
|
|
|
|
|
|
|
// 只有在外部应用urls中的url才会允许外部应用访问,否则不允许访问
|
|
|
|
|
|
String requestUri = request.getPath().pathWithinApplication().value(); |
|
|
|
|
|
|
|
|
|
|
|
boolean inPaths = false; |
|
|
|
|
|
for (String url : cpProperty.getExternalOpenUrls()) { |
|
|
|
|
|
if (antPathMatcher.match(url, requestUri)) { |
|
|
|
|
|
inPaths = true; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (!inPaths) { |
|
|
|
|
|
throw new RenException(EpmetErrorCode.ERR401.getCode(), "所请求的url并未对外部应用开放"); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
HttpHeaders headers = request.getHeaders(); |
|
|
|
|
|
|
|
|
String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY); |
|
|
String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY); |
|
|
String appId = headers.getFirst(APP_ID_HEADER_KEY); |
|
|
String appId = headers.getFirst(APP_ID_HEADER_KEY); |
|
@ -52,7 +76,7 @@ public class ExternalAuthProcessor extends AuthProcessor { |
|
|
String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY); |
|
|
String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY); |
|
|
|
|
|
|
|
|
if (StringUtils.isAnyBlank(token, appId)) { |
|
|
if (StringUtils.isAnyBlank(token, appId)) { |
|
|
throw new RenException("请求头中的AccessToken和AppId不能为空"); |
|
|
throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空"); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}, ts:{}, customerId:{}, authType:{}", |
|
|
logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}, ts:{}, customerId:{}, authType:{}", |
|
@ -65,7 +89,7 @@ public class ExternalAuthProcessor extends AuthProcessor { |
|
|
} else if (APP_AUTH_TYPE_MD5.equals(authType)) { |
|
|
} else if (APP_AUTH_TYPE_MD5.equals(authType)) { |
|
|
md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange); |
|
|
md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange); |
|
|
} else { |
|
|
} else { |
|
|
throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的认证类型"); |
|
|
throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的外部认证类型"); |
|
|
} |
|
|
} |
|
|
} catch (RenException e) { |
|
|
} catch (RenException e) { |
|
|
return response(exchange, new Result<>().error(e.getCode(), e.getMsg())); |
|
|
return response(exchange, new Result<>().error(e.getCode(), e.getMsg())); |
|
|