|
|
|
|
package com.epmet.auth;
|
|
|
|
|
|
|
|
|
|
import com.epmet.commons.tools.exception.EpmetErrorCode;
|
|
|
|
|
import com.epmet.commons.tools.exception.ExceptionUtils;
|
|
|
|
|
import com.epmet.commons.tools.exception.RenException;
|
|
|
|
|
import com.epmet.commons.tools.utils.Result;
|
|
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
|
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
|
|
|
|
|
import org.springframework.http.HttpHeaders;
|
|
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
import org.springframework.web.server.ServerWebExchange;
|
|
|
|
|
import reactor.core.publisher.Mono;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 外部应用认证
|
|
|
|
|
*/
|
|
|
|
|
@Component
|
|
|
|
|
public class ExternalAuthProcessor extends AuthProcessor {
|
|
|
|
|
|
|
|
|
|
private Logger logger = LoggerFactory.getLogger(getClass());
|
|
|
|
|
|
|
|
|
|
// 头s
|
|
|
|
|
public static final String AUTHORIZATION_TOKEN_HEADER_KEY = "Authorization";
|
|
|
|
|
public static final String ACCESS_TOKEN_HEADER_KEY = "AccessToken";
|
|
|
|
|
public static final String APP_ID_HEADER_KEY = "appId";
|
|
|
|
|
public static final String APP_ID_TIMESTAMP_KEY = "ts";
|
|
|
|
|
public static final String APP_ID_CUSTOMER_ID_KEY = "CustomerId";
|
|
|
|
|
public static final String APP_ID_AUTY_TYPE_KEY = "AuthType";
|
|
|
|
|
|
|
|
|
|
// 认证方式
|
|
|
|
|
public static final String APP_AUTH_TYPE_JWT = "jwt";
|
|
|
|
|
public static final String APP_AUTH_TYPE_MD5 = "md5";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
|
private ExtAppJwtAuthProcessor jwtAuthProcessor;
|
|
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
|
private ExtAppMD5AuthProcessor md5AuthProcessor;
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) {
|
|
|
|
|
HttpHeaders headers = exchange.getRequest().getHeaders();
|
|
|
|
|
|
|
|
|
|
String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY);
|
|
|
|
|
String appId = headers.getFirst(APP_ID_HEADER_KEY);
|
|
|
|
|
String ts = headers.getFirst(APP_ID_TIMESTAMP_KEY);
|
|
|
|
|
String customerId = headers.getFirst(APP_ID_CUSTOMER_ID_KEY);
|
|
|
|
|
String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
|
|
|
|
|
|
|
|
|
|
if (StringUtils.isAnyBlank(token, appId)) {
|
|
|
|
|
throw new RenException("请求头中的AccessToken和AppId不能为空");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}, ts:{}, customerId:{}, authType:{}",
|
|
|
|
|
appId, token, ts, customerId, authType);
|
|
|
|
|
|
|
|
|
|
// 没传authType或者传的jwt都用jwtprocessor处理
|
|
|
|
|
try {
|
|
|
|
|
if (StringUtils.isBlank(authType) || APP_AUTH_TYPE_JWT.equals(authType)) {
|
|
|
|
|
jwtAuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
|
|
|
|
|
} else if (APP_AUTH_TYPE_MD5.equals(authType)) {
|
|
|
|
|
md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
|
|
|
|
|
} else {
|
|
|
|
|
throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的认证类型");
|
|
|
|
|
}
|
|
|
|
|
} catch (RenException e) {
|
|
|
|
|
return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
logger.error("外部应用请求认证发生未知错误:" + ExceptionUtils.getErrorStackTrace(e));
|
|
|
|
|
return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return chain.filter(exchange);
|
|
|
|
|
}
|
|
|
|
|
}
|
