Tenlion/wg-basic
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 增加access_token过滤器

Browse Source
This commit is contained in:
TS-QD1 2025-03-28 11:13:03 +08:00
parent fb1a5b0211
commit 56f821d534
3 changed files with 88 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common/pom.xml
View File

@ -77,6 +77,11 @@
<artifactId>spring-security-web</artifactId> <artifactId>spring-security-web</artifactId>
</dependency> </dependency>
<!-- spring end --> <!-- spring end -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>4.2.1</version>
</dependency>
</dependencies> </dependencies>

4
login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/filter/UserTokenFilter.java
View File

@ -28,7 +28,7 @@ import java.io.IOException;
@Order(value = Ordered.HIGHEST_PRECEDENCE) @Order(value = Ordered.HIGHEST_PRECEDENCE)
@Component @Component
@WebFilter(filterName = "ContentCachingFilter", urlPatterns = "/*") @WebFilter(filterName = "UserTokenFilter", urlPatterns = "/*")
public class UserTokenFilter extends OncePerRequestFilter { public class UserTokenFilter extends OncePerRequestFilter {
private static final Logger LOG = LoggerFactory.getLogger(UserTokenFilter.class); private static final Logger LOG = LoggerFactory.getLogger(UserTokenFilter.class);
private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher(); private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();
@ -39,7 +39,7 @@ public class UserTokenFilter extends OncePerRequestFilter {
String source = request.getHeader("X-SOURCE"); String source = request.getHeader("X-SOURCE");
if (StringUtils.isBlank(userId)) { if (StringUtils.isBlank(userId)) {
Object springSecurityContext = request.getSession().getAttribute("SPRING_SECURITY_CONTEXT"); Object springSecurityContext = request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
if(!StringUtils.equals(source, "page")) { if (!StringUtils.equals(source, "page")) {
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
return; return;
} }

81
module-oauth2-client/src/main/java/ink/wgink/module/oauth2/filter/AccessTokenFilter.java Normal file
View File

@ -0,0 +1,81 @@
package ink.wgink.module.oauth2.filter;
import ink.wgink.exceptions.SearchException;
import ink.wgink.pojo.bos.RoleGrantedAuthorityBO;
import ink.wgink.pojo.bos.UserInfoBO;
import org.jsoup.internal.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
@Order(value = Ordered.HIGHEST_PRECEDENCE)
@Component
@WebFilter(filterName = "AccessTokenFilter", urlPatterns = "/*")
public class AccessTokenFilter extends OncePerRequestFilter {
private static final Logger LOG = LoggerFactory.getLogger(AccessTokenFilter.class);
@Autowired(required = false)
private IAccessTokenCheckFilter accessTokenCheckFilter;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if (accessTokenCheckFilter == null) {
filterChain.doFilter(request, response);
return;
}
String authorization = request.getHeader("Auth");
if (StringUtil.isBlank(authorization)) {
filterChain.doFilter(request, response);
return;
}
if (!authorization.startsWith("Bearer ")) {
LOG.error("用户未登录authorization异常");
response.setStatus(HttpStatus.UNAUTHORIZED.value());
}
String accessToken = authorization.replace("Bearer ", "");
UserInfoBO userInfo = accessTokenCheckFilter.getUserInfo(accessToken);
Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
userInfo.getRoles().forEach(role -> {
RoleGrantedAuthorityBO roleGrantedAuthorityBO = new RoleGrantedAuthorityBO(role.getRoleId(), role.getRoleName(), Collections.emptyList(), Collections.emptyList(), Collections.emptyList(), Collections.emptyList(), Collections.emptyList());
grantedAuthorities.add(roleGrantedAuthorityBO);
});
UsernamePasswordAuthenticationToken userAuthenticationTokenResult = new UsernamePasswordAuthenticationToken(userInfo, null, grantedAuthorities);
SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder.getContextHolderStrategy();
SecurityContext context = securityContextHolderStrategy.createEmptyContext();
context.setAuthentication(userAuthenticationTokenResult);
securityContextHolderStrategy.setContext(context);
request.getSession().setAttribute("SPRING_SECURITY_CONTEXT", context);
filterChain.doFilter(request, response);
}
/**
* AccessToken校验过滤器
*/
public interface IAccessTokenCheckFilter {
UserInfoBO getUserInfo(String accessToken);
}
}