diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/UserTokenManager.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/UserTokenManager.java new file mode 100644 index 00000000..6ae61569 --- /dev/null +++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/UserTokenManager.java @@ -0,0 +1,48 @@ +package ink.wgink.login.oauth2.client.auth; + +import ink.wgink.login.oauth2.client.auth.manager.UserToken; +import ink.wgink.pojo.bos.LoginUser; +import ink.wgink.pojo.bos.UserInfoBO; +import org.springframework.security.core.GrantedAuthority; + +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; + +public class UserTokenManager { + + private static final UserTokenManager USER_TOKEN_MANAGER = Builder.USER_TOKEN_MANAGER; + private static final Map LOGIN_USER_MAP = new ConcurrentHashMap<>(); + + private UserTokenManager() { + } + + public static UserTokenManager getInstance() { + return USER_TOKEN_MANAGER; + } + + public UserToken get(String userId) { + return LOGIN_USER_MAP.get(userId); + } + + + public void refresh(UserInfoBO userInfo, Set grantedAuthorities) { + LOGIN_USER_MAP.put(userInfo.getUserId(), new UserToken(userInfo.getUserId(), userInfo, grantedAuthorities, System.currentTimeMillis())); + } + + + public void removeTimeout() { + Set keySet = LOGIN_USER_MAP.keySet(); + keySet.forEach(key -> { + UserToken userToken = LOGIN_USER_MAP.get(key); + if (userToken != null && userToken.getLastUpdateTime() + 3600 * 1000 < System.currentTimeMillis()) { + LOGIN_USER_MAP.remove(key); + } + }); + } + + private static class Builder { + public static UserTokenManager USER_TOKEN_MANAGER = new UserTokenManager(); + } + +} diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/filter/UserTokenFilter.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/filter/UserTokenFilter.java new file mode 100644 index 00000000..cc34793e --- /dev/null +++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/filter/UserTokenFilter.java @@ -0,0 +1,54 @@ +package ink.wgink.login.oauth2.client.auth.filter; + +import com.alibaba.excel.util.StringUtils; +import ink.wgink.exceptions.SearchException; +import ink.wgink.login.oauth2.client.auth.UserTokenManager; +import ink.wgink.login.oauth2.client.auth.manager.UserToken; +import ink.wgink.pojo.bos.UserInfoBO; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.context.SecurityContextHolderStrategy; +import org.springframework.security.web.context.SecurityContextRepository; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebFilter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +@Order(value = Ordered.HIGHEST_PRECEDENCE) +@Component +@WebFilter(filterName = "ContentCachingFilter", urlPatterns = "/*") +public class UserTokenFilter extends OncePerRequestFilter { + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + String userId = request.getHeader("X-USER-ID"); + if (StringUtils.isBlank(userId)) { + filterChain.doFilter(request, response); + return; + } + UserTokenManager userTokenManager = UserTokenManager.getInstance(); + UserToken userToken = userTokenManager.get(userId); + if (userToken == null) { + throw new SearchException("用户未登录,userId异常"); + } + UserInfoBO userInfo = userToken.getUserInfo(); + userTokenManager.refresh(userInfo, userToken.getGrantedAuthorities()); + UsernamePasswordAuthenticationToken userAuthenticationTokenResult = new UsernamePasswordAuthenticationToken(userInfo, null, userToken.getGrantedAuthorities()); + SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder.getContextHolderStrategy(); + SecurityContext context = securityContextHolderStrategy.createEmptyContext(); + context.setAuthentication(userAuthenticationTokenResult); + securityContextHolderStrategy.setContext(context); + request.getSession().setAttribute("SPRING_SECURITY_CONTEXT", context); + filterChain.doFilter(request, response); + } + + +} diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/manager/UserToken.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/manager/UserToken.java new file mode 100644 index 00000000..3892351e --- /dev/null +++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/manager/UserToken.java @@ -0,0 +1,58 @@ +package ink.wgink.login.oauth2.client.auth.manager; + +import ink.wgink.pojo.bos.LoginUser; +import ink.wgink.pojo.bos.UserInfoBO; +import org.springframework.security.core.GrantedAuthority; + +import java.util.Set; + +public class UserToken { + + private String userId; + private UserInfoBO userInfo; + private Set grantedAuthorities; + private long lastUpdateTime; + + public UserToken() { + } + + public UserToken(String userId, UserInfoBO userInfo, Set grantedAuthorities, long lastUpdateTime) { + this.userId = userId; + this.userInfo = userInfo; + this.grantedAuthorities = grantedAuthorities; + this.lastUpdateTime = lastUpdateTime; + } + + public String getUserId() { + return userId == null ? "" : userId.trim(); + } + + public void setUserId(String userId) { + this.userId = userId; + } + + public UserInfoBO getUserInfo() { + return userInfo; + } + + public void setUserInfo(UserInfoBO userInfo) { + this.userInfo = userInfo; + } + + public Set getGrantedAuthorities() { + return grantedAuthorities; + } + + public void setGrantedAuthorities(Set grantedAuthorities) { + this.grantedAuthorities = grantedAuthorities; + } + + public long getLastUpdateTime() { + return lastUpdateTime; + } + + public void setLastUpdateTime(long lastUpdateTime) { + this.lastUpdateTime = lastUpdateTime; + } + +} diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/converter/OAuth2ClientUserAuthConverter.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/converter/OAuth2ClientUserAuthConverter.java index faaf294e..030d3427 100644 --- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/converter/OAuth2ClientUserAuthConverter.java +++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/converter/OAuth2ClientUserAuthConverter.java @@ -1,6 +1,8 @@ package ink.wgink.login.oauth2.client.converter; import com.alibaba.fastjson.JSONObject; +import ink.wgink.login.oauth2.client.auth.UserTokenManager; +import ink.wgink.pojo.bos.LoginUser; import ink.wgink.pojo.bos.RoleGrantedAuthorityBO; import ink.wgink.pojo.bos.UserInfoBO; import org.slf4j.Logger; @@ -51,6 +53,7 @@ public class OAuth2ClientUserAuthConverter implements UserAuthenticationConverte (List) authMap.get("queries")); grantedAuthorities.add(roleGrantedAuthorityBO); }); + UserTokenManager.getInstance().refresh((UserInfoBO) principal, grantedAuthorities); return new UsernamePasswordAuthenticationToken(principal, "N/A", grantedAuthorities); } return null;