1.在请求header中加了customer，通过@LoginUser TokenDto获取

5 years ago · ff56818878
5 changed files with 181 additions and 123 deletions
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/AppClientConstant.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/AppClientConstant.java
@ -41,6 +41,11 @@ public interface AppClientConstant {
     * */
    String CLIENT = "client";
    /**
     * 客户ID
     */
    String CUSTOMER_ID = "customerId";
    /**
     * 事务流水号，每次请求串起来的多个服务拥有相同的流水号,便于日志追踪
     */
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/TokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/TokenDto.java
@ -40,6 +40,11 @@ public class TokenDto extends BaseTokenDto implements Serializable {
 	 */
 	private long updateTime;
 	/**
 	 * 当前工作人员进入的客户id
 	 */
 	private String customerId;
 	@Override
 	public String toString() {
 		return JSON.toJSONString(this);
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/resolver/LoginUserHandlerMethodArgumentResolver.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/resolver/LoginUserHandlerMethodArgumentResolver.java
@ -10,6 +10,7 @@ package com.epmet.commons.tools.security.resolver;
 import com.alibaba.fastjson.JSON;
 import com.epmet.commons.tools.annotation.LoginUser;
 import com.epmet.commons.tools.constant.AppClientConstant;
 import com.epmet.commons.tools.constant.Constant;
 import com.epmet.commons.tools.exception.ErrorCode;
 import com.epmet.commons.tools.exception.RenException;
@ -77,10 +78,12 @@ public class LoginUserHandlerMethodArgumentResolver implements HandlerMethodArgu
 //        String client=keyArray[1];
 //        String userId=keyArray[2];
 //        TokenDto tokenDto = cpUserDetailRedis.get(app,client,userId);
        TokenDto tokenDto = new TokenDto();
-        tokenDto.setUserId(request.getHeader("userId"));
+        tokenDto.setUserId(request.getHeader(AppClientConstant.USER_ID));
-        tokenDto.setApp(request.getHeader("app"));
+        tokenDto.setApp(request.getHeader(AppClientConstant.APP));
-        tokenDto.setClient(request.getHeader("client"));
+        tokenDto.setClient(request.getHeader(AppClientConstant.CLIENT));
        tokenDto.setCustomerId(request.getHeader(AppClientConstant.CUSTOMER_ID));
        logger.info("resolveArgument TokenDto:"+ JSON.toJSONString(tokenDto));
        logger.info("CURRENT-REDIS-DATABASE---------！！！！！！:"+redisDb);
        return tokenDto;
--- a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
@ -70,43 +70,41 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 			ServerHttpRequest request = exchange.getRequest();
 			String requestUri = request.getPath().pathWithinApplication().value();
 			//请求放行，无需验证权限
 			if (!pathMatcher(requestUri)) {
 				return chain.filter(exchange);
 			}
 			logger.info("CpAuthGatewayFilterFactory当前requestUri=[" + requestUri + "]CpAuthGatewayFilterFactory拦截成功");
-			HttpHeaders headers = request.getHeaders();
+			String token = getTokenFromRequest(request);
-			String token = headers.getFirst(Constant.AUTHORIZATION_HEADER);
+			BaseTokenDto baseTokenDto = StringUtils.isNotBlank(token) ? getBaseTokenDto(token, jwtTokenUtils) : null;
-			if (StringUtils.isBlank(token)) {
+
-				token = headers.getFirst(Constant.TOKEN_HEADER);
+			String customerId = "";
-				logger.info("token=" + token);
+
-			} else {
+			//需要认证
-				logger.info("authorization=" + token);
+			if (needAuth(requestUri)) {
-			}
+				if (StringUtils.isBlank(token)) {
-			if (StringUtils.isBlank(token)) {
+					return response(exchange,new Result<>().error(EpmetErrorCode.ERR10005.getCode(),EpmetErrorCode.ERR10005.getMsg()));
 				token = request.getQueryParams().getFirst(Constant.AUTHORIZATION_HEADER);
 				logger.info("params token：" + token);
 			}
 			if (StringUtils.isBlank(token)) {
 				return response(exchange,new Result<>().error(EpmetErrorCode.ERR10005.getCode(),EpmetErrorCode.ERR10005.getMsg()));
 			}
 			try {
 				BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
 				if (AppClientConstant.APP_RESI.equals(baseTokenDto.getApp())) {
 					// 居民端
 					TokenDto resiTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, TokenDto.class);
 					validateTokenDto(resiTokenDto, token);
 				} else if (AppClientConstant.APP_GOV.equals(baseTokenDto.getApp())) {
 					// 政府端
 					GovTokenDto govTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, GovTokenDto.class);
 					validateTokenDto(govTokenDto, token);
 				} else if(AppClientConstant.APP_OPER.equals(baseTokenDto.getApp())){
 					//运营端
 					TokenDto resiTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, TokenDto.class);
 					validateTokenDto(resiTokenDto, token);
 				}
 				// 校验token
 				try {
 					if (AppClientConstant.APP_RESI.equals(baseTokenDto.getApp())) {
 						// 居民端
 						TokenDto resiTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, TokenDto.class);
 						validateTokenDto(resiTokenDto, token);
 						customerId = resiTokenDto.getCustomerId();
 					} else if (AppClientConstant.APP_GOV.equals(baseTokenDto.getApp())) {
 						// 政府端
 						GovTokenDto govTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, GovTokenDto.class);
 						validateTokenDto(govTokenDto, token);
 						customerId = govTokenDto.getCustomerId();
 					} else if(AppClientConstant.APP_OPER.equals(baseTokenDto.getApp())){
 						//运营端
 						TokenDto resiTokenDto = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis, TokenDto.class);
 						validateTokenDto(resiTokenDto, token);
 						customerId = resiTokenDto.getCustomerId();
 					}
 				} catch (RenException e) {
 					return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
 				}
 			}
-				//当前登录用户userId，添加到header中
+			if (baseTokenDto != null) {
 				String redisKey = baseTokenDto.getApp() + "-" + baseTokenDto.getClient() + "-" + baseTokenDto.getUserId();
 				logger.info("redisKey=" + redisKey);
 				ServerHttpRequest build = exchange.getRequest().mutate()
@ -114,14 +112,33 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 						.header(AppClientConstant.APP,baseTokenDto.getApp())
 						.header(AppClientConstant.CLIENT,baseTokenDto.getClient())
 						.header(AppClientConstant.USER_ID,baseTokenDto.getUserId())
 						.header(AppClientConstant.CUSTOMER_ID,customerId)
 						.header(AppClientConstant.TRANSACTION_SERIAL_KEY, new String[]{getTransactionSerial()})
 						.build();
 				return chain.filter(exchange.mutate().request(build).build());
 			}catch(RenException e){
 				return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
 			}
 			return chain.filter(exchange);
 		};
 	}
 	/**
 	 * 获取事务流水号
 	 * @return
 	 */
 	public static String getTransactionSerial() {
 		String[] letterPool = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n"
 				, "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"};
 		StringBuilder sb = new StringBuilder();
 		for (int i = 0; i < 2; i++) {
 			sb.append(letterPool[(int) (Math.random() * 25)]);
 		}
 		sb.append(System.currentTimeMillis());
 		return sb.toString();
 	}
 	//public TokenDto getLoginUserInfo(String token) {
 	//	//是否过期
 	//	Claims claims = jwtTokenUtils.getClaimByToken(token);
@ -160,7 +177,12 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 		return exchange.getResponse().writeWith(Flux.just(buffer));
 	}
-	private boolean pathMatcher(String requestUri) {
+	/**
 	 * 是否需要认证
 	 * @param requestUri
 	 * @return
 	 */
 	private boolean needAuth(String requestUri) {
 		for (String url : cpProperty.getSwaggerUrls()) {
 			if (antPathMatcher.match(url, requestUri)) {
 				return false;
@ -213,4 +235,25 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 		    }
 		}
 	}
 	/**
 	 * 从请求中获取token
 	 * @param request
 	 * @return
 	 */
 	private String getTokenFromRequest(ServerHttpRequest request) {
 		HttpHeaders headers = request.getHeaders();
 		String token = headers.getFirst(Constant.AUTHORIZATION_HEADER);
 		if (StringUtils.isBlank(token)) {
 			token = headers.getFirst(Constant.TOKEN_HEADER);
 			logger.info("token=" + token);
 		} else {
 			logger.info("authorization=" + token);
 		}
 		if (StringUtils.isBlank(token)) {
 			token = request.getQueryParams().getFirst(Constant.AUTHORIZATION_HEADER);
 			logger.info("params token：" + token);
 		}
 		return token;
 	}
 }
--- a/epmet-gateway/src/main/java/com/epmet/filter/FeignRequestFilter.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/FeignRequestFilter.java
@ -1,83 +1,85 @@
-package com.epmet.filter;
+//package com.epmet.filter;
-
+//
-import com.epmet.commons.tools.constant.AppClientConstant;
+//import com.epmet.commons.tools.constant.AppClientConstant;
-import com.epmet.commons.tools.constant.Constant;
+//import com.epmet.commons.tools.constant.Constant;
-import com.epmet.commons.tools.security.dto.BaseTokenDto;
+//import com.epmet.commons.tools.security.dto.BaseTokenDto;
-import com.epmet.commons.tools.utils.CpUserDetailRedis;
+//import com.epmet.commons.tools.utils.CpUserDetailRedis;
-import com.epmet.jwt.JwtTokenUtils;
+//import com.epmet.jwt.JwtTokenUtils;
-import org.apache.commons.lang3.StringUtils;
+//import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
+//import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+//import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+//import org.springframework.cloud.gateway.filter.GatewayFilterChain;
-import org.springframework.cloud.gateway.filter.GlobalFilter;
+//import org.springframework.cloud.gateway.filter.GlobalFilter;
-import org.springframework.http.HttpHeaders;
+//import org.springframework.http.HttpHeaders;
-import org.springframework.http.server.reactive.ServerHttpRequest;
+//import org.springframework.http.server.reactive.ServerHttpRequest;
-import org.springframework.stereotype.Component;
+//import org.springframework.stereotype.Component;
-import org.springframework.web.server.ServerWebExchange;
+//import org.springframework.web.server.ServerWebExchange;
-import reactor.core.publisher.Mono;
+//import reactor.core.publisher.Mono;
-
+//
-/**
+///**
- * Feign调用发送请求的Filter
+// * Feign调用发送请求的Filter
- * 目前用于封装用户相关信息到request，供上游微服务使用
+// * 目前用于封装用户相关信息到request，供上游微服务使用
- */
+// * 已过时，功能移入CpAuthGatewayFilterFacotry
-@Component
+// */
-public class FeignRequestFilter implements GlobalFilter, UserTokenFilter {
+//@Component
-
+//@Deprecated
-    private Logger logger = LoggerFactory.getLogger(getClass());
+//public class FeignRequestFilter implements GlobalFilter, UserTokenFilter {
-
+//
-    @Autowired
+//    private Logger logger = LoggerFactory.getLogger(getClass());
-    private JwtTokenUtils jwtTokenUtils;
+//
-    @Autowired
+//    @Autowired
-    private CpUserDetailRedis cpUserDetailRedis;
+//    private JwtTokenUtils jwtTokenUtils;
-
+//    @Autowired
-    @Override
+//    private CpUserDetailRedis cpUserDetailRedis;
-    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+//
-        ServerHttpRequest request = exchange.getRequest();
+//    @Override
-        HttpHeaders headers = request.getHeaders();
+//    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
-        String token = headers.getFirst(Constant.AUTHORIZATION_HEADER);
+//        ServerHttpRequest request = exchange.getRequest();
-        if (StringUtils.isBlank(token)) {
+//        HttpHeaders headers = request.getHeaders();
-            token = headers.getFirst(Constant.TOKEN_HEADER);
+//        String token = headers.getFirst(Constant.AUTHORIZATION_HEADER);
-            logger.info("token=" + token);
+//        if (StringUtils.isBlank(token)) {
-        } else {
+//            token = headers.getFirst(Constant.TOKEN_HEADER);
-            logger.info("authorization=" + token);
+//            logger.info("token=" + token);
-        }
+//        } else {
-        if (StringUtils.isBlank(token)) {
+//            logger.info("authorization=" + token);
-            token = request.getQueryParams().getFirst(Constant.AUTHORIZATION_HEADER);
+//        }
-            logger.info("params token：" + token);
+//        if (StringUtils.isBlank(token)) {
-        }
+//            token = request.getQueryParams().getFirst(Constant.AUTHORIZATION_HEADER);
-
+//            logger.info("params token：" + token);
-        if (StringUtils.isBlank(token)) {
+//        }
-            return chain.filter(exchange);
+//
-        }
+//        if (StringUtils.isBlank(token)) {
-
+//            return chain.filter(exchange);
-        BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
+//        }
-
+//
-        if (baseTokenDto != null) {
+//        BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
-            ServerHttpRequest build = exchange.getRequest().mutate()
+//
-                    .header(AppClientConstant.USER_ID, new String[]{baseTokenDto.getUserId()})
+//        if (baseTokenDto != null) {
-                    .header(AppClientConstant.TRANSACTION_SERIAL_KEY, new String[]{getTransactionSerial()})
+//            ServerHttpRequest build = exchange.getRequest().mutate()
-                    .build();
+//                    .header(AppClientConstant.USER_ID, new String[]{baseTokenDto.getUserId()})
-            return chain.filter(exchange.mutate().request(build).build());
+//                    .header(AppClientConstant.TRANSACTION_SERIAL_KEY, new String[]{getTransactionSerial()})
-        }
+//                    .build();
-
+//            return chain.filter(exchange.mutate().request(build).build());
-        return chain.filter(exchange);
+//        }
-    }
+//
-
+//        return chain.filter(exchange);
-    /**
+//    }
-     * 获取事务流水号
+//
-     * @return
+//    /**
-     */
+//     * 获取事务流水号
-    public static String getTransactionSerial() {
+//     * @return
-        String[] letterPool = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n"
+//     */
-                , "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"};
+//    public static String getTransactionSerial() {
-
+//        String[] letterPool = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n"
-        StringBuilder sb = new StringBuilder();
+//                , "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"};
-        for (int i = 0; i < 2; i++) {
+//
-            sb.append(letterPool[(int) (Math.random() * 25)]);
+//        StringBuilder sb = new StringBuilder();
-        }
+//        for (int i = 0; i < 2; i++) {
-
+//            sb.append(letterPool[(int) (Math.random() * 25)]);
-        sb.append(System.currentTimeMillis());
+//        }
-        return sb.toString();
+//
-    }
+//        sb.append(System.currentTimeMillis());
-}
+//        return sb.toString();
 //    }
 //}