forked from rongchao/epmet-cloud-rizhao
3 changed files with 295 additions and 209 deletions
@ -0,0 +1,263 @@ |
|||||
|
package com.epmet.filter; |
||||
|
|
||||
|
import com.alibaba.fastjson.JSON; |
||||
|
import com.epmet.auth.ExternalAuthProcessor; |
||||
|
import com.epmet.auth.InternalAuthProcessor; |
||||
|
import com.epmet.commons.tools.constant.AppClientConstant; |
||||
|
import com.epmet.commons.tools.exception.EpmetErrorCode; |
||||
|
import com.epmet.commons.tools.exception.ExceptionUtils; |
||||
|
import com.epmet.commons.tools.exception.RenException; |
||||
|
import com.epmet.commons.tools.utils.IpUtils; |
||||
|
import com.epmet.commons.tools.utils.Result; |
||||
|
import com.epmet.constant.AuthTypeConstant; |
||||
|
import com.epmet.constant.TokenHeaderKeyConstant; |
||||
|
import com.epmet.openapi.constant.AuthTypes; |
||||
|
import com.epmet.openapi.constant.RequestParamKeys; |
||||
|
import com.epmet.utils.ServerHttpRequestUtils; |
||||
|
import lombok.extern.slf4j.Slf4j; |
||||
|
import org.apache.commons.collections4.CollectionUtils; |
||||
|
import org.apache.commons.lang3.StringUtils; |
||||
|
import org.springframework.cloud.gateway.filter.GatewayFilter; |
||||
|
import org.springframework.cloud.gateway.filter.GatewayFilterChain; |
||||
|
import org.springframework.core.io.buffer.DataBuffer; |
||||
|
import org.springframework.http.HttpHeaders; |
||||
|
import org.springframework.http.HttpStatus; |
||||
|
import org.springframework.http.MediaType; |
||||
|
import org.springframework.http.server.reactive.ServerHttpRequest; |
||||
|
import org.springframework.util.MultiValueMap; |
||||
|
import org.springframework.web.server.ServerWebExchange; |
||||
|
import reactor.core.publisher.Flux; |
||||
|
import reactor.core.publisher.Mono; |
||||
|
|
||||
|
import java.nio.charset.StandardCharsets; |
||||
|
import java.util.List; |
||||
|
import java.util.Map; |
||||
|
|
||||
|
/** |
||||
|
* @Description Gateway过滤器,可用于认证,请求相关日志打印 |
||||
|
* @author wxz |
||||
|
* @date 2021.10.12 09:10:02 |
||||
|
*/ |
||||
|
@Slf4j |
||||
|
public class EpmetGatewayFilter implements GatewayFilter { |
||||
|
|
||||
|
private CpAuthGatewayFilterFactory.CpAuthConfig config; |
||||
|
|
||||
|
private InternalAuthProcessor internalAuthProcessor; |
||||
|
|
||||
|
private ExternalAuthProcessor externalAuthProcessor; |
||||
|
|
||||
|
public EpmetGatewayFilter(CpAuthGatewayFilterFactory.CpAuthConfig config, |
||||
|
InternalAuthProcessor internalAuthProcessor, |
||||
|
ExternalAuthProcessor externalAuthProcessor) { |
||||
|
this.config = config; |
||||
|
this.internalAuthProcessor = internalAuthProcessor; |
||||
|
this.externalAuthProcessor = externalAuthProcessor; |
||||
|
} |
||||
|
|
||||
|
@Override |
||||
|
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { |
||||
|
try { |
||||
|
if (!config.isEnabled()) { |
||||
|
return chain.filter(exchange); |
||||
|
} |
||||
|
|
||||
|
return doFilter(exchange, chain); |
||||
|
} catch (RenException re) { |
||||
|
// 人为抛出,则携带错误码和错误信息响应给前端
|
||||
|
log.error("EpmetGatewayFilter认证出错RenException,错误信息:{}", ExceptionUtils.getErrorStackTrace(re)); |
||||
|
return response(exchange, new Result<>().error(re.getCode(), re.getMessage())); |
||||
|
} catch (Exception t) { |
||||
|
// 其他非人为抛出异常,打印日志,返回"服务器开小差..."给前端
|
||||
|
log.error("EpmetGatewayFilter认证出错Exception,错误信息:{}", ExceptionUtils.getErrorStackTrace(t)); |
||||
|
return response(exchange, new Result<>().error(EpmetErrorCode.SERVER_ERROR.getCode())); |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* @description 执行请求过滤和验证 |
||||
|
* |
||||
|
* @param exchange |
||||
|
* @param chain |
||||
|
* @return |
||||
|
* @author wxz |
||||
|
* @date 2021.10.12 09:16:15 |
||||
|
*/ |
||||
|
private Mono<Void> doFilter(ServerWebExchange exchange, GatewayFilterChain chain) { |
||||
|
|
||||
|
ServerHttpRequest request = exchange.getRequest(); |
||||
|
|
||||
|
//0.添加流水号
|
||||
|
String tranSerial = getTranserialFromRequestHeader(request); |
||||
|
if (StringUtils.isBlank(tranSerial)) { |
||||
|
tranSerial = generateTransactionSerial(); |
||||
|
// 设置当前线程名
|
||||
|
request.mutate().header(AppClientConstant.TRANSACTION_SERIAL_KEY, new String[]{tranSerial}); |
||||
|
} |
||||
|
Thread.currentThread().setName(tranSerial); |
||||
|
|
||||
|
//1.打印请求信息
|
||||
|
logRequest(request); |
||||
|
|
||||
|
//2.获取请求路径,参数
|
||||
|
String requestUri = request.getPath().pathWithinApplication().value(); |
||||
|
MultiValueMap<String, String> queryParams = request.getQueryParams(); |
||||
|
String queryParamsStr = convertQueryParams2String(queryParams); |
||||
|
log.info("当前requestUri=[" + requestUri.concat(queryParamsStr) + "],客户端Id:{}", IpUtils.getClientIp(request)); |
||||
|
|
||||
|
//3.认证
|
||||
|
String authType = getAuthType(request); |
||||
|
log.info("认证类型为:{}", authType); |
||||
|
|
||||
|
switch (authType) { |
||||
|
case AuthTypeConstant.AUTH_TYPE_ALL: |
||||
|
externalAuthProcessor.auth(exchange, chain); |
||||
|
internalAuthProcessor.auth(exchange, chain); |
||||
|
break; |
||||
|
case AuthTypeConstant.AUTH_TYPE_EXTERNAL: |
||||
|
externalAuthProcessor.auth(exchange, chain); |
||||
|
break; |
||||
|
case AuthTypeConstant.AUTH_TYPE_INTERNAL: |
||||
|
internalAuthProcessor.auth(exchange, chain); |
||||
|
break; |
||||
|
} |
||||
|
|
||||
|
return chain.filter(exchange); |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* @param exchange |
||||
|
* @param object |
||||
|
* @return |
||||
|
* @description 产生Response对象 |
||||
|
* @author wxz |
||||
|
* @date 2021.10.12 09:00:20 |
||||
|
*/ |
||||
|
protected Mono<Void> response(ServerWebExchange exchange, Object object) { |
||||
|
String json = JSON.toJSONString(object); |
||||
|
DataBuffer buffer = exchange.getResponse().bufferFactory().wrap(json.getBytes(StandardCharsets.UTF_8)); |
||||
|
exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON_UTF8); |
||||
|
exchange.getResponse().setStatusCode(HttpStatus.OK); |
||||
|
return exchange.getResponse().writeWith(Flux.just(buffer)); |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* @param request 请求 |
||||
|
* @return void |
||||
|
* @Description 打印请求头 |
||||
|
* @author wxz |
||||
|
* @date 2021.08.18 11:18:00 |
||||
|
*/ |
||||
|
private void logRequest(ServerHttpRequest request) { |
||||
|
HttpHeaders headers = request.getHeaders(); |
||||
|
StringBuilder sb = new StringBuilder("请求头:"); |
||||
|
for (Map.Entry<String, List<String>> entry : headers.entrySet()) { |
||||
|
String headerKey = entry.getKey(); |
||||
|
List<String> headerValue = entry.getValue(); |
||||
|
sb.append(headerKey).append(":").append(headerValue).append(","); |
||||
|
} |
||||
|
log.info(sb.toString()); |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* @param request |
||||
|
* @return java.lang.String |
||||
|
* @Description 从request请求头中获取传递过来的流水号 |
||||
|
* @author wxz |
||||
|
* @date 2021.08.18 15:55:30 |
||||
|
*/ |
||||
|
private String getTranserialFromRequestHeader(ServerHttpRequest request) { |
||||
|
List<String> tranSerials = request.getHeaders().get(AppClientConstant.TRANSACTION_SERIAL_KEY); |
||||
|
return CollectionUtils.isEmpty(tranSerials) ? null : tranSerials.get(0); |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* @return |
||||
|
* @Description 将url参数转化为String |
||||
|
* @author wxz |
||||
|
* @date 2021.08.11 23:12 |
||||
|
*/ |
||||
|
private String convertQueryParams2String(MultiValueMap<String, String> queryParams) { |
||||
|
try { |
||||
|
if (queryParams == null || queryParams.size() == 0) { |
||||
|
return ""; |
||||
|
} |
||||
|
StringBuilder sb = new StringBuilder(""); |
||||
|
queryParams.entrySet().forEach(entry -> { |
||||
|
String key = entry.getKey(); |
||||
|
List<String> values = entry.getValue(); |
||||
|
|
||||
|
String value = ""; |
||||
|
if (values != null && values.size() > 0) { |
||||
|
value = values.get(0); |
||||
|
} |
||||
|
|
||||
|
sb.append("&").append(key).append("=").append(value); |
||||
|
}); |
||||
|
String result = sb.toString(); |
||||
|
if (result.startsWith("&")) { |
||||
|
result = result.substring(1); |
||||
|
return "?".concat(result); |
||||
|
} |
||||
|
return ""; |
||||
|
} catch (Exception e) { |
||||
|
log.warn("gateway中将url参数转化为String失败,程序继续执行,错误信息:".concat(ExceptionUtils.getErrorStackTrace(e))); |
||||
|
return ""; |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 判断需要执行的认证方式(内部应用认证还是外部应用认证) |
||||
|
* |
||||
|
* @return |
||||
|
*/ |
||||
|
private String getAuthType(ServerHttpRequest request) { |
||||
|
//String requestUri = request.getPath().pathWithinApplication().value();
|
||||
|
|
||||
|
// 是否在外部认证列表中(外部认证列表中的url,是对外部应用开放的,只有在这个列表中的url才对外部应用开放)
|
||||
|
//boolean inExtAuthPaths = false;
|
||||
|
//
|
||||
|
//for (String url : cpProperty.getExternalAuthUrls()) {
|
||||
|
// if (antPathMatcher.match(url, requestUri)) {
|
||||
|
// inExtAuthPaths = true;
|
||||
|
// }
|
||||
|
//}
|
||||
|
|
||||
|
String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE); |
||||
|
if (StringUtils.isNotBlank(authType) && AuthTypes.TAKE_TOKEN.equals(authType)) { |
||||
|
return AuthTypeConstant.AUTH_TYPE_EXTERNAL; |
||||
|
} |
||||
|
|
||||
|
boolean needExternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY)); |
||||
|
boolean needInternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.AUTHORIZATION_TOKEN_HEADER_KEY)); |
||||
|
|
||||
|
if (needExternal && needInternal) { |
||||
|
return AuthTypeConstant.AUTH_TYPE_ALL; |
||||
|
} |
||||
|
|
||||
|
if (needExternal) { |
||||
|
// url对外部应用开放,并且头里面有AccessToken,那么走外部应用认证
|
||||
|
return AuthTypeConstant.AUTH_TYPE_EXTERNAL; |
||||
|
} |
||||
|
|
||||
|
return AuthTypeConstant.AUTH_TYPE_INTERNAL; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 获取事务流水号 |
||||
|
* |
||||
|
* @return |
||||
|
*/ |
||||
|
public String generateTransactionSerial() { |
||||
|
String[] letterPool = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n" |
||||
|
, "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"}; |
||||
|
|
||||
|
StringBuilder sb = new StringBuilder(); |
||||
|
for (int i = 0; i < 2; i++) { |
||||
|
sb.append(letterPool[(int) (Math.random() * 25)]); |
||||
|
} |
||||
|
|
||||
|
sb.append(System.currentTimeMillis()); |
||||
|
return sb.toString(); |
||||
|
} |
||||
|
} |
@ -0,0 +1,27 @@ |
|||||
|
package com.epmet.healthcheck; |
||||
|
|
||||
|
import com.epmet.commons.tools.utils.Result; |
||||
|
import org.springframework.stereotype.Component; |
||||
|
import org.springframework.web.bind.annotation.PostMapping; |
||||
|
import org.springframework.web.bind.annotation.RequestMapping; |
||||
|
import org.springframework.web.bind.annotation.RestController; |
||||
|
|
||||
|
/** |
||||
|
* @Description 健康检查。gateway中的/api前缀只用于匹配转发路由,自身的Controller的前缀为/ |
||||
|
* @author wxz |
||||
|
* @date 2021.10.11 17:56:34 |
||||
|
*/ |
||||
|
@RestController |
||||
|
@RequestMapping("/gateway/healthcheck") |
||||
|
public class HealthCheckController { |
||||
|
|
||||
|
/** |
||||
|
* http健康检查 |
||||
|
* @return |
||||
|
*/ |
||||
|
@PostMapping("http") |
||||
|
public Result httpHealthCheck() { |
||||
|
return new Result(); |
||||
|
} |
||||
|
|
||||
|
} |
Loading…
Reference in new issue