From 0195e7ec548b7e8d11d809c88a5e727ea08657f7 Mon Sep 17 00:00:00 2001
From: wxz <wangxianzhang1992@163.com>
Date: Wed, 28 Oct 2020 11:17:21 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E6=95=B4=E5=86=85=E5=A4=96=E9=83=A8?=
 =?UTF-8?q?=E8=AE=A4=E8=AF=81=EF=BC=8C=E6=94=AF=E6=8C=81=E5=90=8C=E6=97=B6?=
 =?UTF-8?q?=E4=BD=BF=E7=94=A8=E5=86=85=E5=A4=96=E9=83=A8=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../main/java/com/epmet/auth/AuthProcessor.java  | 10 +---------
 .../com/epmet/auth/ExternalAuthProcessor.java    | 10 ++++++----
 .../com/epmet/auth/InternalAuthProcessor.java    | 15 +++++++++------
 .../com/epmet/constant/AuthTypeConstant.java     |  1 +
 .../epmet/filter/CpAuthGatewayFilterFactory.java | 16 +++++++++++++---
 5 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java b/epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java
index 4ef47a2eae..e5a2027e56 100644
--- a/epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java
@@ -13,14 +13,6 @@ import java.nio.charset.StandardCharsets;
 
 public abstract class AuthProcessor {
 
-    abstract Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain);
-
-    protected Mono<Void> response(ServerWebExchange exchange, Object object) {
-        String json = JSON.toJSONString(object);
-        DataBuffer buffer = exchange.getResponse().bufferFactory().wrap(json.getBytes(StandardCharsets.UTF_8));
-        exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON_UTF8);
-        exchange.getResponse().setStatusCode(HttpStatus.OK);
-        return exchange.getResponse().writeWith(Flux.just(buffer));
-    }
+    abstract ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain);
 
 }
diff --git a/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java b/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
index baf5151766..18854a8776 100644
--- a/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
@@ -50,7 +50,7 @@ public class ExternalAuthProcessor extends AuthProcessor {
     private CpProperty cpProperty;
 
     @Override
-    public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) {
+    public ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain) {
         ServerHttpRequest request = exchange.getRequest();
 
         // 只有在外部应用urls中的url才会允许外部应用访问，否则不允许访问
@@ -92,12 +92,14 @@ public class ExternalAuthProcessor extends AuthProcessor {
                 throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的外部认证类型");
             }
         } catch (RenException e) {
-            return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
+            //return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
+            throw new RenException(e.getCode(),e.getMsg());
         } catch (Exception e) {
             logger.error("外部应用请求认证发生未知错误:" + ExceptionUtils.getErrorStackTrace(e));
-            return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
+            //return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
+            throw new RenException("外部应用请求认证发生未知错误");
         }
 
-        return chain.filter(exchange);
+        return exchange;
     }
 }
diff --git a/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java b/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
index c87f9dbe6b..6690bb2374 100644
--- a/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
@@ -44,7 +44,7 @@ public class InternalAuthProcessor extends AuthProcessor {
     private CpProperty cpProperty;
 
     @Override
-    public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) {
+    public ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain) {
         ServerHttpRequest request = exchange.getRequest();
         String requestUri = request.getPath().pathWithinApplication().value();
 
@@ -56,7 +56,8 @@ public class InternalAuthProcessor extends AuthProcessor {
             try{
                 baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
             }catch(RenException e){
-                return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
+                //return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
+                throw new RenException(e.getCode(), e.getMsg());
             }
         }else{
             baseTokenDto = null;
@@ -92,12 +93,14 @@ public class InternalAuthProcessor extends AuthProcessor {
         if (needAuth(requestUri)) {
             // 校验token
             if (StringUtils.isBlank(token)) {
-                return response(exchange, new Result<>().error(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg()));
+                //return response(exchange, new Result<>().error(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg()));
+                throw new RenException(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg());
             }
             try {
                 validateTokenDto(baseTokenDto, token);
             } catch (RenException e) {
-                return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
+                //return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
+                throw new RenException(e.getCode(), e.getMsg());
             }
         }
 
@@ -119,10 +122,10 @@ public class InternalAuthProcessor extends AuthProcessor {
                 exchange.getRequest().mutate().header(AppClientConstant.CUSTOMER_ID, customerId);
             }
             ServerHttpRequest build = exchange.getRequest().mutate().build();
-            return chain.filter(exchange.mutate().request(build).build());
+            return exchange.mutate().request(build).build();
         }
 
-        return chain.filter(exchange);
+        return exchange;
     }
 
     /**
diff --git a/epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java b/epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java
index d2123966f6..5b75030ae7 100644
--- a/epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java
+++ b/epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java
@@ -1,6 +1,7 @@
 package com.epmet.constant;
 
 public class AuthTypeConstant {
+    public static final String AUTH_TYPE_ALL = "all";
     public static final String AUTH_TYPE_INTERNAL = "internal";
     public static final String AUTH_TYPE_EXTERNAL = "external";
     public static final String AUTH_TYPE_NO_NEED = "no_need";
diff --git a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
index 971f4938b1..9051c001d8 100644
--- a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
@@ -74,10 +74,13 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 
 			try {
 				switch (authType) {
+					case AuthTypeConstant.AUTH_TYPE_ALL:
+						externalAuthProcessor.auth(exchange, chain);
+						internalAuthProcessor.auth(exchange, chain);
 					case AuthTypeConstant.AUTH_TYPE_EXTERNAL:
-						return externalAuthProcessor.auth(exchange, chain);
+						externalAuthProcessor.auth(exchange, chain);
 					case AuthTypeConstant.AUTH_TYPE_INTERNAL:
-						return internalAuthProcessor.auth(exchange, chain);
+						internalAuthProcessor.auth(exchange, chain);
 				}
 			} catch (RenException e) {
 				return response(exchange, new Result<>().error(e.getCode(), e.getMessage()));
@@ -105,7 +108,14 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 		//	}
 		//}
 
-		if (StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY))) {
+		boolean needExternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY));
+		boolean needInternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.AUTHORIZATION_TOKEN_HEADER_KEY));
+
+		if (needExternal && needInternal) {
+			return AuthTypeConstant.AUTH_TYPE_ALL;
+		}
+
+		if (needExternal) {
 			// url对外部应用开放，并且头里面有AccessToken，那么走外部应用认证
 			return AuthTypeConstant.AUTH_TYPE_EXTERNAL;
 		}