elink-star
/
epmet-cloud-lingshan
forked from luyan/epmet-cloud-lingshan
12
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

调整内外部认证,支持同时使用内外部认证

master
wxz 5 years ago
parent
01b9373440
commit
0195e7ec54
5 changed files with 30 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java
  2. 10
      epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
  3. 15
      epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
  4. 1
      epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java
  5. 16
      epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java

10
epmet-gateway/src/main/java/com/epmet/auth/AuthProcessor.java
View File

@ -13,14 +13,6 @@ import java.nio.charset.StandardCharsets;
public abstract class AuthProcessor {
abstract Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain);
protected Mono<Void> response(ServerWebExchange exchange, Object object) {
String json = JSON.toJSONString(object);
DataBuffer buffer = exchange.getResponse().bufferFactory().wrap(json.getBytes(StandardCharsets.UTF_8));
exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON_UTF8);
exchange.getResponse().setStatusCode(HttpStatus.OK);
return exchange.getResponse().writeWith(Flux.just(buffer));
}
abstract ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain);
}

10
epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java
View File

@ -50,7 +50,7 @@ public class ExternalAuthProcessor extends AuthProcessor {
private CpProperty cpProperty;
@Override
public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) {
public ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
// 只有在外部应用urls中的url才会允许外部应用访问,否则不允许访问
@ -92,12 +92,14 @@ public class ExternalAuthProcessor extends AuthProcessor {
throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的外部认证类型");
}
} catch (RenException e) {
return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
//return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
throw new RenException(e.getCode(),e.getMsg());
} catch (Exception e) {
logger.error("外部应用请求认证发生未知错误:" + ExceptionUtils.getErrorStackTrace(e));
return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
//return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
throw new RenException("外部应用请求认证发生未知错误");
}
return chain.filter(exchange);
return exchange;
}
}

15
epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
View File

@ -44,7 +44,7 @@ public class InternalAuthProcessor extends AuthProcessor {
private CpProperty cpProperty;
@Override
public Mono<Void> auth(ServerWebExchange exchange, GatewayFilterChain chain) {
public ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
String requestUri = request.getPath().pathWithinApplication().value();
@ -56,7 +56,8 @@ public class InternalAuthProcessor extends AuthProcessor {
try{
baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
}catch(RenException e){
return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
//return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
throw new RenException(e.getCode(), e.getMsg());
}
}else{
baseTokenDto = null;
@ -92,12 +93,14 @@ public class InternalAuthProcessor extends AuthProcessor {
if (needAuth(requestUri)) {
// 校验token
if (StringUtils.isBlank(token)) {
return response(exchange, new Result<>().error(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg()));
//return response(exchange, new Result<>().error(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg()));
throw new RenException(EpmetErrorCode.ERR10005.getCode(), EpmetErrorCode.ERR10005.getMsg());
}
try {
validateTokenDto(baseTokenDto, token);
} catch (RenException e) {
return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
//return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
throw new RenException(e.getCode(), e.getMsg());
}
}
@ -119,10 +122,10 @@ public class InternalAuthProcessor extends AuthProcessor {
exchange.getRequest().mutate().header(AppClientConstant.CUSTOMER_ID, customerId);
}
ServerHttpRequest build = exchange.getRequest().mutate().build();
return chain.filter(exchange.mutate().request(build).build());
return exchange.mutate().request(build).build();
}
return chain.filter(exchange);
return exchange;
}
/**

1
epmet-gateway/src/main/java/com/epmet/constant/AuthTypeConstant.java
View File

@ -1,6 +1,7 @@
package com.epmet.constant;
public class AuthTypeConstant {
public static final String AUTH_TYPE_ALL = "all";
public static final String AUTH_TYPE_INTERNAL = "internal";
public static final String AUTH_TYPE_EXTERNAL = "external";
public static final String AUTH_TYPE_NO_NEED = "no_need";

16
epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
View File

@ -74,10 +74,13 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
try {
switch (authType) {
case AuthTypeConstant.AUTH_TYPE_ALL:
externalAuthProcessor.auth(exchange, chain);
internalAuthProcessor.auth(exchange, chain);
case AuthTypeConstant.AUTH_TYPE_EXTERNAL:
return externalAuthProcessor.auth(exchange, chain);
externalAuthProcessor.auth(exchange, chain);
case AuthTypeConstant.AUTH_TYPE_INTERNAL:
return internalAuthProcessor.auth(exchange, chain);
internalAuthProcessor.auth(exchange, chain);
}
} catch (RenException e) {
return response(exchange, new Result<>().error(e.getCode(), e.getMessage()));
@ -105,7 +108,14 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
// }
//}
if (StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY))) {
boolean needExternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY));
boolean needInternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.AUTHORIZATION_TOKEN_HEADER_KEY));
if (needExternal && needInternal) {
return AuthTypeConstant.AUTH_TYPE_ALL;
}
if (needExternal) {
// url对外部应用开放,并且头里面有AccessToken,那么走外部应用认证
return AuthTypeConstant.AUTH_TYPE_EXTERNAL;
}

Write Preview
Loading…
Cancel
Save