48 changed files with 606 additions and 275 deletions
			
			
		| @ -0,0 +1,263 @@ | |||||
|  | package com.epmet.filter; | ||||
|  | 
 | ||||
|  | import com.alibaba.fastjson.JSON; | ||||
|  | import com.epmet.auth.ExternalAuthProcessor; | ||||
|  | import com.epmet.auth.InternalAuthProcessor; | ||||
|  | import com.epmet.commons.tools.constant.AppClientConstant; | ||||
|  | import com.epmet.commons.tools.exception.EpmetErrorCode; | ||||
|  | import com.epmet.commons.tools.exception.ExceptionUtils; | ||||
|  | import com.epmet.commons.tools.exception.RenException; | ||||
|  | import com.epmet.commons.tools.utils.IpUtils; | ||||
|  | import com.epmet.commons.tools.utils.Result; | ||||
|  | import com.epmet.constant.AuthTypeConstant; | ||||
|  | import com.epmet.constant.TokenHeaderKeyConstant; | ||||
|  | import com.epmet.openapi.constant.AuthTypes; | ||||
|  | import com.epmet.openapi.constant.RequestParamKeys; | ||||
|  | import com.epmet.utils.ServerHttpRequestUtils; | ||||
|  | import lombok.extern.slf4j.Slf4j; | ||||
|  | import org.apache.commons.collections4.CollectionUtils; | ||||
|  | import org.apache.commons.lang3.StringUtils; | ||||
|  | import org.springframework.cloud.gateway.filter.GatewayFilter; | ||||
|  | import org.springframework.cloud.gateway.filter.GatewayFilterChain; | ||||
|  | import org.springframework.core.io.buffer.DataBuffer; | ||||
|  | import org.springframework.http.HttpHeaders; | ||||
|  | import org.springframework.http.HttpStatus; | ||||
|  | import org.springframework.http.MediaType; | ||||
|  | import org.springframework.http.server.reactive.ServerHttpRequest; | ||||
|  | import org.springframework.util.MultiValueMap; | ||||
|  | import org.springframework.web.server.ServerWebExchange; | ||||
|  | import reactor.core.publisher.Flux; | ||||
|  | import reactor.core.publisher.Mono; | ||||
|  | 
 | ||||
|  | import java.nio.charset.StandardCharsets; | ||||
|  | import java.util.List; | ||||
|  | import java.util.Map; | ||||
|  | 
 | ||||
|  | /** | ||||
|  |  * @Description Gateway过滤器,可用于认证,请求相关日志打印 | ||||
|  |  * @author wxz | ||||
|  |  * @date 2021.10.12 09:10:02 | ||||
|  | */ | ||||
|  | @Slf4j | ||||
|  | public class EpmetGatewayFilter implements GatewayFilter { | ||||
|  | 
 | ||||
|  |     private CpAuthGatewayFilterFactory.CpAuthConfig config; | ||||
|  | 
 | ||||
|  |     private InternalAuthProcessor internalAuthProcessor; | ||||
|  | 
 | ||||
|  |     private ExternalAuthProcessor externalAuthProcessor; | ||||
|  | 
 | ||||
|  |     public EpmetGatewayFilter(CpAuthGatewayFilterFactory.CpAuthConfig config, | ||||
|  |                               InternalAuthProcessor internalAuthProcessor, | ||||
|  |                               ExternalAuthProcessor externalAuthProcessor) { | ||||
|  |         this.config = config; | ||||
|  |         this.internalAuthProcessor = internalAuthProcessor; | ||||
|  |         this.externalAuthProcessor = externalAuthProcessor; | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     @Override | ||||
|  |     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { | ||||
|  |         try { | ||||
|  |             if (!config.isEnabled()) { | ||||
|  |                 return chain.filter(exchange); | ||||
|  |             } | ||||
|  | 
 | ||||
|  |             return doFilter(exchange, chain); | ||||
|  |         } catch (RenException re) { | ||||
|  |             // 人为抛出,则携带错误码和错误信息响应给前端
 | ||||
|  |             log.error("EpmetGatewayFilter认证出错RenException,错误信息:{}", ExceptionUtils.getErrorStackTrace(re)); | ||||
|  |             return response(exchange, new Result<>().error(re.getCode(), re.getMessage())); | ||||
|  |         } catch (Exception t) { | ||||
|  |             // 其他非人为抛出异常,打印日志,返回"服务器开小差..."给前端
 | ||||
|  |             log.error("EpmetGatewayFilter认证出错Exception,错误信息:{}", ExceptionUtils.getErrorStackTrace(t)); | ||||
|  |             return response(exchange, new Result<>().error(EpmetErrorCode.SERVER_ERROR.getCode())); | ||||
|  |         } | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * @description 执行请求过滤和验证 | ||||
|  |      * | ||||
|  |      * @param exchange | ||||
|  |      * @param chain | ||||
|  |      * @return | ||||
|  |      * @author wxz | ||||
|  |      * @date 2021.10.12 09:16:15 | ||||
|  |      */ | ||||
|  |     private Mono<Void> doFilter(ServerWebExchange exchange, GatewayFilterChain chain) { | ||||
|  | 
 | ||||
|  |         ServerHttpRequest request = exchange.getRequest(); | ||||
|  | 
 | ||||
|  |         //0.添加流水号
 | ||||
|  |         String tranSerial = getTranserialFromRequestHeader(request); | ||||
|  |         if (StringUtils.isBlank(tranSerial)) { | ||||
|  |             tranSerial = generateTransactionSerial(); | ||||
|  |             // 设置当前线程名
 | ||||
|  |             request.mutate().header(AppClientConstant.TRANSACTION_SERIAL_KEY, new String[]{tranSerial}); | ||||
|  |         } | ||||
|  |         Thread.currentThread().setName(tranSerial); | ||||
|  | 
 | ||||
|  |         //1.打印请求信息
 | ||||
|  |         logRequest(request); | ||||
|  | 
 | ||||
|  |         //2.获取请求路径,参数
 | ||||
|  |         String requestUri = request.getPath().pathWithinApplication().value(); | ||||
|  |         MultiValueMap<String, String> queryParams = request.getQueryParams(); | ||||
|  |         String queryParamsStr = convertQueryParams2String(queryParams); | ||||
|  |         log.info("当前requestUri=[" + requestUri.concat(queryParamsStr) + "],客户端Id:{}", IpUtils.getClientIp(request)); | ||||
|  | 
 | ||||
|  |         //3.认证
 | ||||
|  |         String authType = getAuthType(request); | ||||
|  |         log.info("认证类型为:{}", authType); | ||||
|  | 
 | ||||
|  |         switch (authType) { | ||||
|  |             case AuthTypeConstant.AUTH_TYPE_ALL: | ||||
|  |                 externalAuthProcessor.auth(exchange, chain); | ||||
|  |                 internalAuthProcessor.auth(exchange, chain); | ||||
|  |                 break; | ||||
|  |             case AuthTypeConstant.AUTH_TYPE_EXTERNAL: | ||||
|  |                 externalAuthProcessor.auth(exchange, chain); | ||||
|  |                 break; | ||||
|  |             case AuthTypeConstant.AUTH_TYPE_INTERNAL: | ||||
|  |                 internalAuthProcessor.auth(exchange, chain); | ||||
|  |                 break; | ||||
|  |         } | ||||
|  | 
 | ||||
|  |         return chain.filter(exchange); | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * @param exchange | ||||
|  |      * @param object | ||||
|  |      * @return | ||||
|  |      * @description 产生Response对象 | ||||
|  |      * @author wxz | ||||
|  |      * @date 2021.10.12 09:00:20 | ||||
|  |      */ | ||||
|  |     protected Mono<Void> response(ServerWebExchange exchange, Object object) { | ||||
|  |         String json = JSON.toJSONString(object); | ||||
|  |         DataBuffer buffer = exchange.getResponse().bufferFactory().wrap(json.getBytes(StandardCharsets.UTF_8)); | ||||
|  |         exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON_UTF8); | ||||
|  |         exchange.getResponse().setStatusCode(HttpStatus.OK); | ||||
|  |         return exchange.getResponse().writeWith(Flux.just(buffer)); | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * @param request 请求 | ||||
|  |      * @return void | ||||
|  |      * @Description 打印请求头 | ||||
|  |      * @author wxz | ||||
|  |      * @date 2021.08.18 11:18:00 | ||||
|  |      */ | ||||
|  |     private void logRequest(ServerHttpRequest request) { | ||||
|  |         HttpHeaders headers = request.getHeaders(); | ||||
|  |         StringBuilder sb = new StringBuilder("请求头:"); | ||||
|  |         for (Map.Entry<String, List<String>> entry : headers.entrySet()) { | ||||
|  |             String headerKey = entry.getKey(); | ||||
|  |             List<String> headerValue = entry.getValue(); | ||||
|  |             sb.append(headerKey).append(":").append(headerValue).append(","); | ||||
|  |         } | ||||
|  |         log.info(sb.toString()); | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * @param request | ||||
|  |      * @return java.lang.String | ||||
|  |      * @Description 从request请求头中获取传递过来的流水号 | ||||
|  |      * @author wxz | ||||
|  |      * @date 2021.08.18 15:55:30 | ||||
|  |      */ | ||||
|  |     private String getTranserialFromRequestHeader(ServerHttpRequest request) { | ||||
|  |         List<String> tranSerials = request.getHeaders().get(AppClientConstant.TRANSACTION_SERIAL_KEY); | ||||
|  |         return CollectionUtils.isEmpty(tranSerials) ? null : tranSerials.get(0); | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * @return | ||||
|  |      * @Description 将url参数转化为String | ||||
|  |      * @author wxz | ||||
|  |      * @date 2021.08.11 23:12 | ||||
|  |      */ | ||||
|  |     private String convertQueryParams2String(MultiValueMap<String, String> queryParams) { | ||||
|  |         try { | ||||
|  |             if (queryParams == null || queryParams.size() == 0) { | ||||
|  |                 return ""; | ||||
|  |             } | ||||
|  |             StringBuilder sb = new StringBuilder(""); | ||||
|  |             queryParams.entrySet().forEach(entry -> { | ||||
|  |                 String key = entry.getKey(); | ||||
|  |                 List<String> values = entry.getValue(); | ||||
|  | 
 | ||||
|  |                 String value = ""; | ||||
|  |                 if (values != null && values.size() > 0) { | ||||
|  |                     value = values.get(0); | ||||
|  |                 } | ||||
|  | 
 | ||||
|  |                 sb.append("&").append(key).append("=").append(value); | ||||
|  |             }); | ||||
|  |             String result = sb.toString(); | ||||
|  |             if (result.startsWith("&")) { | ||||
|  |                 result = result.substring(1); | ||||
|  |                 return "?".concat(result); | ||||
|  |             } | ||||
|  |             return ""; | ||||
|  |         } catch (Exception e) { | ||||
|  |             log.warn("gateway中将url参数转化为String失败,程序继续执行,错误信息:".concat(ExceptionUtils.getErrorStackTrace(e))); | ||||
|  |             return ""; | ||||
|  |         } | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * 判断需要执行的认证方式(内部应用认证还是外部应用认证) | ||||
|  |      * | ||||
|  |      * @return | ||||
|  |      */ | ||||
|  |     private String getAuthType(ServerHttpRequest request) { | ||||
|  |         //String requestUri = request.getPath().pathWithinApplication().value();
 | ||||
|  | 
 | ||||
|  |         // 是否在外部认证列表中(外部认证列表中的url,是对外部应用开放的,只有在这个列表中的url才对外部应用开放)
 | ||||
|  |         //boolean inExtAuthPaths = false;
 | ||||
|  |         //
 | ||||
|  |         //for (String url : cpProperty.getExternalAuthUrls()) {
 | ||||
|  |         //	if (antPathMatcher.match(url, requestUri)) {
 | ||||
|  |         //		inExtAuthPaths = true;
 | ||||
|  |         //	}
 | ||||
|  |         //}
 | ||||
|  | 
 | ||||
|  |         String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE); | ||||
|  |         if (StringUtils.isNotBlank(authType) && AuthTypes.TAKE_TOKEN.equals(authType)) { | ||||
|  |             return AuthTypeConstant.AUTH_TYPE_EXTERNAL; | ||||
|  |         } | ||||
|  | 
 | ||||
|  |         boolean needExternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY)); | ||||
|  |         boolean needInternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.AUTHORIZATION_TOKEN_HEADER_KEY)); | ||||
|  | 
 | ||||
|  |         if (needExternal && needInternal) { | ||||
|  |             return AuthTypeConstant.AUTH_TYPE_ALL; | ||||
|  |         } | ||||
|  | 
 | ||||
|  |         if (needExternal) { | ||||
|  |             // url对外部应用开放,并且头里面有AccessToken,那么走外部应用认证
 | ||||
|  |             return AuthTypeConstant.AUTH_TYPE_EXTERNAL; | ||||
|  |         } | ||||
|  | 
 | ||||
|  |         return AuthTypeConstant.AUTH_TYPE_INTERNAL; | ||||
|  |     } | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * 获取事务流水号 | ||||
|  |      * | ||||
|  |      * @return | ||||
|  |      */ | ||||
|  |     public String generateTransactionSerial() { | ||||
|  |         String[] letterPool = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n" | ||||
|  |                 , "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"}; | ||||
|  | 
 | ||||
|  |         StringBuilder sb = new StringBuilder(); | ||||
|  |         for (int i = 0; i < 2; i++) { | ||||
|  |             sb.append(letterPool[(int) (Math.random() * 25)]); | ||||
|  |         } | ||||
|  | 
 | ||||
|  |         sb.append(System.currentTimeMillis()); | ||||
|  |         return sb.toString(); | ||||
|  |     } | ||||
|  | } | ||||
| @ -0,0 +1,27 @@ | |||||
|  | package com.epmet.healthcheck; | ||||
|  | 
 | ||||
|  | import com.epmet.commons.tools.utils.Result; | ||||
|  | import org.springframework.stereotype.Component; | ||||
|  | import org.springframework.web.bind.annotation.PostMapping; | ||||
|  | import org.springframework.web.bind.annotation.RequestMapping; | ||||
|  | import org.springframework.web.bind.annotation.RestController; | ||||
|  | 
 | ||||
|  | /** | ||||
|  |  * @Description 健康检查。gateway中的/api前缀只用于匹配转发路由,自身的Controller的前缀为/ | ||||
|  |  * @author wxz | ||||
|  |  * @date 2021.10.11 17:56:34 | ||||
|  | */ | ||||
|  | @RestController | ||||
|  | @RequestMapping("/gateway/healthcheck") | ||||
|  | public class HealthCheckController { | ||||
|  | 
 | ||||
|  |     /** | ||||
|  |      * http健康检查 | ||||
|  |      * @return | ||||
|  |      */ | ||||
|  |     @PostMapping("http") | ||||
|  |     public Result httpHealthCheck() { | ||||
|  |         return new Result(); | ||||
|  |     } | ||||
|  | 
 | ||||
|  | } | ||||
					Loading…
					
					
				
		Reference in new issue