elink-star
/
epmet-cloud-lingshan
forked from luyan/epmet-cloud-lingshan
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5929 Commits
1 Branch
0 Tags
147 MiB
 
 
 
 
 
Tree: 6c9e667e87
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6c9e667e87'
${ noResults }
epmet-cloud-lingshan/epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java

105 lines
4.3 KiB
Raw Blame History

package com.epmet.auth;
import com.epmet.commons.tools.exception.EpmetErrorCode;
import com.epmet.commons.tools.exception.ExceptionUtils;
import com.epmet.commons.tools.exception.RenException;
import com.epmet.commons.tools.utils.Result;
import com.epmet.filter.CpProperty;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
/**
* 外部应用认证
*/
@Component
public class ExternalAuthProcessor extends AuthProcessor {
private Logger logger = LoggerFactory.getLogger(getClass());
// 头s
public static final String AUTHORIZATION_TOKEN_HEADER_KEY = "Authorization";
public static final String ACCESS_TOKEN_HEADER_KEY = "AccessToken";
public static final String APP_ID_HEADER_KEY = "appId";
public static final String APP_ID_TIMESTAMP_KEY = "ts";
public static final String APP_ID_CUSTOMER_ID_KEY = "CustomerId";
public static final String APP_ID_AUTY_TYPE_KEY = "AuthType";
// 认证方式
public static final String APP_AUTH_TYPE_JWT = "jwt";
public static final String APP_AUTH_TYPE_MD5 = "md5";
@Autowired
private ExtAppJwtAuthProcessor jwtAuthProcessor;
@Autowired
private ExtAppMD5AuthProcessor md5AuthProcessor;
private final AntPathMatcher antPathMatcher = new AntPathMatcher();
@Autowired
private CpProperty cpProperty;
@Override
public ServerWebExchange auth(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
// 只有在外部应用urls中的url才会允许外部应用访问,否则不允许访问
String requestUri = request.getPath().pathWithinApplication().value();
boolean inPaths = false;
for (String url : cpProperty.getExternalOpenUrls()) {
if (antPathMatcher.match(url, requestUri)) {
inPaths = true;
}
}
if (!inPaths) {
throw new RenException(EpmetErrorCode.ERR401.getCode(), "所请求的url并未对外部应用开放");
}
HttpHeaders headers = request.getHeaders();
String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY);
String appId = headers.getFirst(APP_ID_HEADER_KEY);
String ts = headers.getFirst(APP_ID_TIMESTAMP_KEY);
String customerId = headers.getFirst(APP_ID_CUSTOMER_ID_KEY);
String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
if (StringUtils.isAnyBlank(token, appId)) {
throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空");
}
logger.info("外部应用请求认证拦截Aspect执行,appId:{}, token:{}, ts:{}, customerId:{}, authType:{}",
appId, token, ts, customerId, authType);
// 没传authType或者传的jwt都用jwtprocessor处理
try {
if (StringUtils.isBlank(authType) || APP_AUTH_TYPE_JWT.equals(authType)) {
jwtAuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
} else if (APP_AUTH_TYPE_MD5.equals(authType)) {
md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
} else {
throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的外部认证类型");
}
} catch (RenException e) {
//return response(exchange, new Result<>().error(e.getCode(), e.getMsg()));
throw new RenException(e.getCode(),e.getMsg());
} catch (Exception e) {
logger.error("外部应用请求认证发生未知错误:" + ExceptionUtils.getErrorStackTrace(e));
//return response(exchange, new Result<>().error("外部应用请求认证发生未知错误"));
throw new RenException("外部应用请求认证发生未知错误");
}
return exchange;
}
}