4 years ago · 1bec23bfc2
--- a/spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/filter/JwtAuthWithoutRefreshFilter.java
+++ b/spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/filter/JwtAuthWithoutRefreshFilter.java
@@ -0,0 +1,60 @@
 
				+package com.yaozhitech.spring5.filter;
			
 
				+
			
 
				+
			
 
				+import java.io.IOException;
			
 
				+
			
 
				+import javax.servlet.ServletRequest;
			
 
				+import javax.servlet.ServletResponse;
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+
			
 
				+import org.apache.shiro.web.filter.authz.AuthorizationFilter;
			
 
				+import org.apache.shiro.web.util.WebUtils;
			
 
				+
			
 
				+import com.yaozhitech.spring5.utils.JwtUtils;
			
 
				+
			
 
				+import lombok.extern.slf4j.Slf4j;
			
 
				+
			
 
				+@Slf4j
			
 
				+public class JwtAuthWithoutRefreshFilter extends AuthorizationFilter {
			
 
				+	
			
 
				+	private String jwtSalt;
			
 
				+
			
 
				+	@Override
			
 
				+    protected void postHandle(ServletRequest request, ServletResponse response){
			
 
				+	}
			
 
				+
			
 
				+    @Override
			
 
				+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse servletResponse, Object mappedValue) throws Exception {
			
 
				+        String headerName = (String) mappedValue;
			
 
				+        String token = getAuthzHeader(request, headerName);
			
 
				+        
			
 
				+        if (JwtUtils.isTokenExpired(token)) {
			
 
				+        	log.error(headerName + " " + token + " 已过期");
			
 
				+			return false;
			
 
				+		}
			
 
				+        
			
 
				+        if (!JwtUtils.verifyToken(token, jwtSalt)) {
			
 
				+			return false;
			
 
				+		}
			
 
				+        
			
 
				+        return true;
			
 
				+    }
			
 
				+    
			
 
				+    protected String getAuthzHeader(ServletRequest request, String headerName) {
			
 
				+        HttpServletRequest httpRequest = WebUtils.toHttp(request);
			
 
				+        String header = httpRequest.getHeader(headerName);
			
 
				+        return header;
			
 
				+    }
			
 
				+
			
 
				+    @Override
			
 
				+    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
			
 
				+        HttpServletResponse httpResponse = WebUtils.toHttp(response);
			
 
				+        httpResponse.setCharacterEncoding("UTF-8");
			
 
				+        httpResponse.setContentType("application/json;charset=utf-8");
			
 
				+        httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
			
 
				+        httpResponse.getOutputStream().println("401 UNAUTHORIZED");
			
 
				+        return false;
			
 
				+    }
			
 
				+
			
 
				+}
			
--- a/spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/utils/JwtUtils.java
+++ b/spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/utils/JwtUtils.java
@@ -53,6 +53,19 @@ public class JwtUtils {
 
				         }
			
 
				         return jwt.getClaim("username").asString();
			
 
				     }
			
 
				+    
			
 
				+    public static boolean verifyToken(String token, String secret) {
			
 
				+        DecodedJWT jwt = null;
			
 
				+        try {
			
 
				+            JWTVerifier verifier = JWT.require(Algorithm.HMAC256(secret)).build();
			
 
				+            jwt = verifier.verify(token);
			
 
				+            
			
 
				+        } catch (Exception e) {
			
 
				+        	log.error(e.getMessage(), e);
			
 
				+            return false;
			
 
				+        }
			
 
				+        return true;
			
 
				+    }
			
 
				 
			
 
				     /**
			
 
				      * 生成签名,expireTime后过期