Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzdisk
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzdisk
提交
f6993985
提交
f6993985
编写于
9月 09, 2020
作者:
ibizdev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ibiz4j 发布系统代码
上级
c46e8db4
变更
12
隐藏空白字符变更
内嵌
并排
正在显示
12 个修改的文件
包含
267 行增加
和
21 行删除
+267
-21
DevBootSecurityConfig.java
...rc/main/java/cn/ibizlab/config/DevBootSecurityConfig.java
+14
-2
apiSecurityConfig.java
...rc/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
+15
-3
IBZNotifyFallback.java
...c/main/java/cn/ibizlab/util/client/IBZNotifyFallback.java
+17
-2
IBZNotifyFeignClient.java
...ain/java/cn/ibizlab/util/client/IBZNotifyFeignClient.java
+14
-4
IBZOUFeignClient.java
...rc/main/java/cn/ibizlab/util/client/IBZOUFeignClient.java
+1
-1
IBZPayFallback.java
.../src/main/java/cn/ibizlab/util/client/IBZPayFallback.java
+29
-0
IBZPayFeignClient.java
...c/main/java/cn/ibizlab/util/client/IBZPayFeignClient.java
+24
-0
IBZUAAFeignClient.java
...c/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+1
-1
IBZWFFeignClient.java
...rc/main/java/cn/ibizlab/util/client/IBZWFFeignClient.java
+1
-1
MsgBody.java
...sk-util/src/main/java/cn/ibizlab/util/domain/MsgBody.java
+63
-0
PayTrade.java
...k-util/src/main/java/cn/ibizlab/util/domain/PayTrade.java
+51
-0
AuthorizationTokenFilter.java
...va/cn/ibizlab/util/security/AuthorizationTokenFilter.java
+37
-7
未找到文件。
ibzdisk-boot/src/main/java/cn/ibizlab/config/DevBootSecurityConfig.java
浏览文件 @
f6993985
...
@@ -3,6 +3,7 @@ package cn.ibizlab.config;
...
@@ -3,6 +3,7 @@ package cn.ibizlab.config;
import
cn.ibizlab.util.security.AuthenticationEntryPoint
;
import
cn.ibizlab.util.security.AuthenticationEntryPoint
;
import
cn.ibizlab.util.security.AuthorizationTokenFilter
;
import
cn.ibizlab.util.security.AuthorizationTokenFilter
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Bean
;
...
@@ -52,6 +53,9 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -52,6 +53,9 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
@Value
(
"${ibiz.file.previewpath:ibizutil/preview}"
)
@Value
(
"${ibiz.file.previewpath:ibizutil/preview}"
)
private
String
previewpath
;
private
String
previewpath
;
@Value
(
"${ibiz.auth.excludesPattern:}"
)
private
String
excludesPattern
;
@Autowired
@Autowired
public
void
configureGlobal
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
public
void
configureGlobal
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
...
@@ -113,8 +117,16 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -113,8 +117,16 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
// 文件操作
// 文件操作
.
antMatchers
(
"/"
+
downloadpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
downloadpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
uploadpath
).
permitAll
()
.
antMatchers
(
"/"
+
uploadpath
).
permitAll
()
.
antMatchers
(
"/"
+
previewpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
previewpath
+
"/**"
).
permitAll
();
.
anyRequest
().
authenticated
()
if
(
StringUtils
.
isNotBlank
(
excludesPattern
))
{
for
(
String
excludePattern
:
excludesPattern
.
split
(
"\\s*,\\s*"
))
{
authenticationTokenFilter
.
addExcludePattern
(
excludePattern
);
httpSecurity
.
authorizeRequests
().
antMatchers
(
excludePattern
).
permitAll
();
}
}
httpSecurity
.
authorizeRequests
().
anyRequest
().
authenticated
()
// 防止iframe 造成跨域
// 防止iframe 造成跨域
.
and
().
headers
().
frameOptions
().
disable
();
.
and
().
headers
().
frameOptions
().
disable
();
httpSecurity
httpSecurity
...
...
ibzdisk-provider/ibzdisk-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
浏览文件 @
f6993985
...
@@ -3,6 +3,7 @@ package cn.ibizlab.api.config;
...
@@ -3,6 +3,7 @@ package cn.ibizlab.api.config;
import
cn.ibizlab.util.security.AuthenticationEntryPoint
;
import
cn.ibizlab.util.security.AuthenticationEntryPoint
;
import
cn.ibizlab.util.security.AuthorizationTokenFilter
;
import
cn.ibizlab.util.security.AuthorizationTokenFilter
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Bean
;
...
@@ -54,6 +55,9 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -54,6 +55,9 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
@Value
(
"${ibiz.file.previewpath:ibizutil/preview}"
)
@Value
(
"${ibiz.file.previewpath:ibizutil/preview}"
)
private
String
previewpath
;
private
String
previewpath
;
@Value
(
"${ibiz.auth.excludesPattern:}"
)
private
String
excludesPattern
;
@Autowired
@Autowired
public
void
configureGlobal
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
public
void
configureGlobal
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
...
@@ -118,9 +122,17 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -118,9 +122,17 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
// 文件操作
// 文件操作
.
antMatchers
(
"/"
+
downloadpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
downloadpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
uploadpath
).
permitAll
()
.
antMatchers
(
"/"
+
uploadpath
).
permitAll
()
.
antMatchers
(
"/"
+
previewpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/"
+
previewpath
+
"/**"
).
permitAll
();
// 所有请求都需要认证
.
anyRequest
().
authenticated
()
if
(
StringUtils
.
isNotBlank
(
excludesPattern
))
{
for
(
String
excludePattern
:
excludesPattern
.
split
(
"\\s*,\\s*"
))
{
authenticationTokenFilter
.
addExcludePattern
(
excludePattern
);
httpSecurity
.
authorizeRequests
().
antMatchers
(
excludePattern
).
permitAll
();
}
}
// 所有请求都需要认证
httpSecurity
.
authorizeRequests
().
anyRequest
().
authenticated
()
// 防止iframe 造成跨域
// 防止iframe 造成跨域
.
and
().
headers
().
frameOptions
().
disable
();
.
and
().
headers
().
frameOptions
().
disable
();
...
...
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZNotifyFallback.java
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
client
;
package
cn
.
ibizlab
.
util
.
client
;
import
c
om.alibaba.fastjson.JSONArra
y
;
import
c
n.ibizlab.util.domain.MsgBod
y
;
import
com.alibaba.fastjson.JSONObject
;
import
com.alibaba.fastjson.JSONObject
;
import
org.springframework.stereotype.Component
;
import
org.springframework.stereotype.Component
;
...
@@ -8,7 +8,7 @@ import org.springframework.stereotype.Component;
...
@@ -8,7 +8,7 @@ import org.springframework.stereotype.Component;
public
class
IBZNotifyFallback
implements
IBZNotifyFeignClient
{
public
class
IBZNotifyFallback
implements
IBZNotifyFeignClient
{
@Override
@Override
public
Boolean
SendMsg
(
JSONObject
msg
)
{
public
Boolean
sendMsg
(
MsgBody
msg
)
{
return
null
;
return
null
;
}
}
...
@@ -16,4 +16,19 @@ public class IBZNotifyFallback implements IBZNotifyFeignClient {
...
@@ -16,4 +16,19 @@ public class IBZNotifyFallback implements IBZNotifyFeignClient {
public
Boolean
createMsgTemplate
(
JSONObject
template
)
{
public
Boolean
createMsgTemplate
(
JSONObject
template
)
{
return
null
;
return
null
;
}
}
@Override
public
Boolean
sendDingTalkLinkMsg
(
MsgBody
msg
)
{
return
null
;
}
@Override
public
String
createDingTalkWorkRecord
(
MsgBody
msg
)
{
return
null
;
}
@Override
public
Boolean
finishDingTalkWorkRecord
(
String
msgId
)
{
return
null
;
}
}
}
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZNotifyFeignClient.java
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
client
;
package
cn
.
ibizlab
.
util
.
client
;
import
cn.ibizlab.util.domain.MsgBody
;
import
com.alibaba.fastjson.JSONObject
;
import
com.alibaba.fastjson.JSONObject
;
import
org.springframework.cloud.openfeign.FeignClient
;
import
org.springframework.cloud.openfeign.FeignClient
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
@FeignClient
(
value
=
"${ibiz.ref.service.notify:ibznotify-api}"
,
fallback
=
IBZNotifyFallback
.
class
)
@FeignClient
(
value
=
"${ibiz.ref.service.notify:ibznotify-api}"
,
contextId
=
"notify"
,
fallback
=
IBZNotifyFallback
.
class
)
public
interface
IBZNotifyFeignClient
public
interface
IBZNotifyFeignClient
{
{
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/
SendM
sg"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/
notify/sendm
sg"
)
Boolean
SendMsg
(
@RequestBody
JSONObject
msg
);
Boolean
sendMsg
(
@RequestBody
MsgBody
msg
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/
createMsgTemplate
"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/
notify/createmsgtempl
"
)
Boolean
createMsgTemplate
(
@RequestBody
JSONObject
template
);
Boolean
createMsgTemplate
(
@RequestBody
JSONObject
template
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/notify/dingtalk/sendlinkmsg"
)
Boolean
sendDingTalkLinkMsg
(
@RequestBody
MsgBody
msg
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/notify/dingtalk/createworkrecord"
)
String
createDingTalkWorkRecord
(
@RequestBody
MsgBody
msg
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/notify/dingtalk/finishworkrecord/{msgid}"
)
Boolean
finishDingTalkWorkRecord
(
@PathVariable
(
"msgid"
)
String
msgId
);
}
}
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZOUFeignClient.java
浏览文件 @
f6993985
...
@@ -7,7 +7,7 @@ import org.springframework.web.bind.annotation.PathVariable;
...
@@ -7,7 +7,7 @@ import org.springframework.web.bind.annotation.PathVariable;
import
java.util.Map
;
import
java.util.Map
;
import
java.util.Set
;
import
java.util.Set
;
@FeignClient
(
value
=
"${ibiz.ref.service.ou:ibzou-api}"
,
fallback
=
IBZOUFallback
.
class
)
@FeignClient
(
value
=
"${ibiz.ref.service.ou:ibzou-api}"
,
contextId
=
"ou"
,
fallback
=
IBZOUFallback
.
class
)
public
interface
IBZOUFeignClient
public
interface
IBZOUFeignClient
{
{
/**
/**
...
...
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZPayFallback.java
0 → 100644
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
client
;
import
cn.ibizlab.util.domain.PayTrade
;
import
com.alibaba.fastjson.JSONObject
;
import
org.springframework.stereotype.Component
;
@Component
public
class
IBZPayFallback
implements
IBZPayFeignClient
{
@Override
public
JSONObject
preCreate
(
PayTrade
trade
)
{
return
null
;
}
@Override
public
JSONObject
query
(
PayTrade
trade
)
{
return
null
;
}
@Override
public
JSONObject
cancel
(
PayTrade
trade
)
{
return
null
;
}
@Override
public
String
pagePay
(
PayTrade
trade
)
{
return
null
;
}
}
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZPayFeignClient.java
0 → 100644
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
client
;
import
cn.ibizlab.util.domain.PayTrade
;
import
com.alibaba.fastjson.JSONObject
;
import
org.springframework.cloud.openfeign.FeignClient
;
import
org.springframework.web.bind.annotation.RequestBody
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RequestMethod
;
@FeignClient
(
value
=
"${ibiz.ref.service.pay:ibzpay-api}"
,
contextId
=
"pay"
,
fallback
=
IBZPayFallback
.
class
)
public
interface
IBZPayFeignClient
{
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/pay/trade/precreate"
)
JSONObject
preCreate
(
@RequestBody
PayTrade
trade
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/pay/trade/query"
)
JSONObject
query
(
@RequestBody
PayTrade
trade
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/pay/trade/cancel"
)
JSONObject
cancel
(
@RequestBody
PayTrade
trade
);
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/pay/trade/pagepay"
)
String
pagePay
(
@RequestBody
PayTrade
trade
);
}
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
浏览文件 @
f6993985
...
@@ -7,7 +7,7 @@ import org.springframework.cloud.openfeign.FeignClient;
...
@@ -7,7 +7,7 @@ import org.springframework.cloud.openfeign.FeignClient;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
import
com.alibaba.fastjson.JSONObject
;
import
com.alibaba.fastjson.JSONObject
;
@FeignClient
(
value
=
"${ibiz.ref.service.uaa:ibzuaa-api}"
,
fallback
=
IBZUAAFallback
.
class
)
@FeignClient
(
value
=
"${ibiz.ref.service.uaa:ibzuaa-api}"
,
contextId
=
"uaa"
,
fallback
=
IBZUAAFallback
.
class
)
public
interface
IBZUAAFeignClient
public
interface
IBZUAAFeignClient
{
{
/**
/**
...
...
ibzdisk-util/src/main/java/cn/ibizlab/util/client/IBZWFFeignClient.java
浏览文件 @
f6993985
...
@@ -5,7 +5,7 @@ import org.springframework.web.bind.annotation.*;
...
@@ -5,7 +5,7 @@ import org.springframework.web.bind.annotation.*;
import
com.alibaba.fastjson.JSONObject
;
import
com.alibaba.fastjson.JSONObject
;
import
java.util.*
;
import
java.util.*
;
@FeignClient
(
value
=
"${ibiz.ref.service.wf:ibzwf-api}"
,
fallback
=
IBZWFFallback
.
class
)
@FeignClient
(
value
=
"${ibiz.ref.service.wf:ibzwf-api}"
,
contextId
=
"wf"
,
fallback
=
IBZWFFallback
.
class
)
public
interface
IBZWFFeignClient
public
interface
IBZWFFeignClient
{
{
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/{system}-app-{appname}/{entity}/process-definitions/{processDefinitionKey}/usertasks/{taskDefinitionKey}/tasks"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/{system}-app-{appname}/{entity}/process-definitions/{processDefinitionKey}/usertasks/{taskDefinitionKey}/tasks"
)
...
...
ibzdisk-util/src/main/java/cn/ibizlab/util/domain/MsgBody.java
0 → 100644
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
domain
;
import
com.alibaba.fastjson.annotation.JSONField
;
import
com.fasterxml.jackson.annotation.JsonProperty
;
import
lombok.Data
;
import
java.io.Serializable
;
/**
* 消息对象
*/
@Data
public
class
MsgBody
{
/**
* 接收用户
*/
@JSONField
(
name
=
"to_users"
)
@JsonProperty
(
"to_users"
)
private
String
toUsers
;
/**
* 标题
*/
@JSONField
(
name
=
"subject"
)
@JsonProperty
(
"subject"
)
private
String
subject
;
/**
* 内容
*/
@JSONField
(
name
=
"content"
)
@JsonProperty
(
"content"
)
private
String
content
;
/**
* 类型
*/
@JSONField
(
name
=
"msg_type"
)
@JsonProperty
(
"msg_type"
)
private
Integer
msgType
;
/**
* 模板标识
*/
@JSONField
(
name
=
"template_id"
)
@JsonProperty
(
"template_id"
)
private
String
templateId
;
/**
* 模板参数
*/
@JSONField
(
name
=
"template_params"
)
@JsonProperty
(
"template_params"
)
private
String
templateParams
;
/**
* 消息链接
*/
@JSONField
(
name
=
"msg_link"
)
@JsonProperty
(
"msg_link"
)
private
String
msgLink
;
/**
* 消息链接(pc)
*/
@JSONField
(
name
=
"msg_link_pc"
)
@JsonProperty
(
"msg_link_pc"
)
private
String
msgLinkPc
;
}
ibzdisk-util/src/main/java/cn/ibizlab/util/domain/PayTrade.java
0 → 100644
浏览文件 @
f6993985
package
cn
.
ibizlab
.
util
.
domain
;
import
com.alibaba.fastjson.annotation.JSONField
;
import
com.baomidou.mybatisplus.annotation.TableField
;
import
com.fasterxml.jackson.annotation.JsonProperty
;
import
lombok.Data
;
/**
* 实体[支付交易]
*/
@Data
public
class
PayTrade
{
/**
* 订单标题
*/
@TableField
(
value
=
"subject"
)
@JSONField
(
name
=
"subject"
)
@JsonProperty
(
"subject"
)
private
String
subject
;
/**
* 订单金额
*/
@JSONField
(
name
=
"total_amount"
)
@JsonProperty
(
"total_amount"
)
private
String
totalAmount
;
/**
* 支付类型
*/
@JSONField
(
name
=
"trade_type"
)
@JsonProperty
(
"trade_type"
)
private
String
tradeType
;
/**
* 订单号
*/
@JSONField
(
name
=
"out_trade_no"
)
@JsonProperty
(
"out_trade_no"
)
private
String
outTradeNo
;
/**
* 应用标识
*/
@JSONField
(
name
=
"app_id"
)
@JsonProperty
(
"app_id"
)
private
String
appId
;
/**
* 支付平台接入标识
*/
@JSONField
(
name
=
"access_id"
)
@JsonProperty
(
"access_id"
)
private
String
accessId
;
}
ibzdisk-util/src/main/java/cn/ibizlab/util/security/AuthorizationTokenFilter.java
浏览文件 @
f6993985
...
@@ -10,6 +10,8 @@ import org.springframework.security.core.userdetails.UserDetails;
...
@@ -10,6 +10,8 @@ import org.springframework.security.core.userdetails.UserDetails;
import
org.springframework.security.core.userdetails.UserDetailsService
;
import
org.springframework.security.core.userdetails.UserDetailsService
;
import
org.springframework.security.web.authentication.WebAuthenticationDetailsSource
;
import
org.springframework.security.web.authentication.WebAuthenticationDetailsSource
;
import
org.springframework.stereotype.Component
;
import
org.springframework.stereotype.Component
;
import
org.springframework.util.AntPathMatcher
;
import
org.springframework.util.PathMatcher
;
import
org.springframework.web.filter.OncePerRequestFilter
;
import
org.springframework.web.filter.OncePerRequestFilter
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.beans.factory.annotation.Qualifier
;
...
@@ -18,6 +20,10 @@ import javax.servlet.ServletException;
...
@@ -18,6 +20,10 @@ import javax.servlet.ServletException;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
java.io.IOException
;
import
java.io.IOException
;
import
java.util.Arrays
;
import
java.util.HashSet
;
import
java.util.Iterator
;
import
java.util.Set
;
@Slf4j
@Slf4j
@Component
@Component
...
@@ -26,6 +32,8 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
...
@@ -26,6 +32,8 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
private
final
UserDetailsService
userDetailsService
;
private
final
UserDetailsService
userDetailsService
;
private
final
AuthTokenUtil
authTokenUtil
;
private
final
AuthTokenUtil
authTokenUtil
;
private
final
String
tokenHeader
;
private
final
String
tokenHeader
;
private
Set
<
String
>
excludesPattern
=
new
HashSet
<
String
>();
private
PathMatcher
pathMatcher
=
new
AntPathMatcher
();
public
AuthorizationTokenFilter
(
AuthenticationUserService
userDetailsService
,
AuthTokenUtil
authTokenUtil
,
@Value
(
"${ibiz.jwt.header:Authorization}"
)
String
tokenHeader
)
{
public
AuthorizationTokenFilter
(
AuthenticationUserService
userDetailsService
,
AuthTokenUtil
authTokenUtil
,
@Value
(
"${ibiz.jwt.header:Authorization}"
)
String
tokenHeader
)
{
this
.
userDetailsService
=
userDetailsService
;
this
.
userDetailsService
=
userDetailsService
;
...
@@ -35,7 +43,11 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
...
@@ -35,7 +43,11 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
@Override
@Override
protected
void
doFilterInternal
(
HttpServletRequest
request
,
HttpServletResponse
response
,
FilterChain
chain
)
throws
ServletException
,
IOException
{
protected
void
doFilterInternal
(
HttpServletRequest
request
,
HttpServletResponse
response
,
FilterChain
chain
)
throws
ServletException
,
IOException
{
if
(
isExclusion
(
request
.
getRequestURI
()))
{
chain
.
doFilter
(
request
,
response
);
return
;
}
final
String
requestHeader
=
request
.
getHeader
(
this
.
tokenHeader
);
final
String
requestHeader
=
request
.
getHeader
(
this
.
tokenHeader
);
String
username
=
null
;
String
username
=
null
;
...
@@ -50,20 +62,38 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
...
@@ -50,20 +62,38 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
}
}
if
(
username
!=
null
&&
SecurityContextHolder
.
getContext
().
getAuthentication
()
==
null
)
{
if
(
username
!=
null
&&
SecurityContextHolder
.
getContext
().
getAuthentication
()
==
null
)
{
// It is not compelling necessary to load the use details from the database. You could also store the information
// in the token and read it from it. It's up to you ;)
UserDetails
userDetails
=
this
.
userDetailsService
.
loadUserByUsername
(
username
);
UserDetails
userDetails
=
this
.
userDetailsService
.
loadUserByUsername
(
username
);
// For simple validation it is completely sufficient to just check the token integrity. You don't have to call
// the database compellingly. Again it's up to you ;)
if
(
authTokenUtil
.
validateToken
(
authToken
,
userDetails
))
{
if
(
authTokenUtil
.
validateToken
(
authToken
,
userDetails
))
{
UsernamePasswordAuthenticationToken
authentication
=
new
UsernamePasswordAuthenticationToken
(
userDetails
,
null
,
userDetails
.
getAuthorities
());
UsernamePasswordAuthenticationToken
authentication
=
new
UsernamePasswordAuthenticationToken
(
userDetails
,
null
,
userDetails
.
getAuthorities
());
authentication
.
setDetails
(
new
WebAuthenticationDetailsSource
().
buildDetails
(
request
));
authentication
.
setDetails
(
new
WebAuthenticationDetailsSource
().
buildDetails
(
request
));
// log.info("authorizated user '{}', setting security context", username);
SecurityContextHolder
.
getContext
().
setAuthentication
(
authentication
);
SecurityContextHolder
.
getContext
().
setAuthentication
(
authentication
);
}
}
}
}
chain
.
doFilter
(
request
,
response
);
chain
.
doFilter
(
request
,
response
);
}
}
public
void
setExcludesPattern
(
String
excludesPattern
)
{
this
.
excludesPattern
=
new
HashSet
(
Arrays
.
asList
(
excludesPattern
.
split
(
"\\s*,\\s*"
)));
}
public
void
addExcludePattern
(
String
excludePattern
)
{
excludesPattern
.
add
(
excludePattern
);
}
private
boolean
isExclusion
(
String
requestURI
)
{
if
(
this
.
excludesPattern
==
null
)
{
return
false
;
}
else
{
Iterator
excludeIterator
=
this
.
excludesPattern
.
iterator
();
String
pattern
;
do
{
if
(!
excludeIterator
.
hasNext
())
{
return
false
;
}
pattern
=
(
String
)
excludeIterator
.
next
();
}
while
(!
pathMatcher
.
match
(
pattern
,
requestURI
));
return
true
;
}
}
}
}
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录