Selaa lähdekoodia

新建一个不用刷新的filter

yufeng0528 4 vuotta sitten
vanhempi
commit
1bec23bfc2

+ 60 - 0
spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/filter/JwtAuthWithoutRefreshFilter.java

@@ -0,0 +1,60 @@
1
+package com.yaozhitech.spring5.filter;
2
+
3
+
4
+import java.io.IOException;
5
+
6
+import javax.servlet.ServletRequest;
7
+import javax.servlet.ServletResponse;
8
+import javax.servlet.http.HttpServletRequest;
9
+import javax.servlet.http.HttpServletResponse;
10
+
11
+import org.apache.shiro.web.filter.authz.AuthorizationFilter;
12
+import org.apache.shiro.web.util.WebUtils;
13
+
14
+import com.yaozhitech.spring5.utils.JwtUtils;
15
+
16
+import lombok.extern.slf4j.Slf4j;
17
+
18
+@Slf4j
19
+public class JwtAuthWithoutRefreshFilter extends AuthorizationFilter {
20
+	
21
+	private String jwtSalt;
22
+
23
+	@Override
24
+    protected void postHandle(ServletRequest request, ServletResponse response){
25
+	}
26
+
27
+    @Override
28
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse servletResponse, Object mappedValue) throws Exception {
29
+        String headerName = (String) mappedValue;
30
+        String token = getAuthzHeader(request, headerName);
31
+        
32
+        if (JwtUtils.isTokenExpired(token)) {
33
+        	log.error(headerName + " " + token + " 已过期");
34
+			return false;
35
+		}
36
+        
37
+        if (!JwtUtils.verifyToken(token, jwtSalt)) {
38
+			return false;
39
+		}
40
+        
41
+        return true;
42
+    }
43
+    
44
+    protected String getAuthzHeader(ServletRequest request, String headerName) {
45
+        HttpServletRequest httpRequest = WebUtils.toHttp(request);
46
+        String header = httpRequest.getHeader(headerName);
47
+        return header;
48
+    }
49
+
50
+    @Override
51
+    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
52
+        HttpServletResponse httpResponse = WebUtils.toHttp(response);
53
+        httpResponse.setCharacterEncoding("UTF-8");
54
+        httpResponse.setContentType("application/json;charset=utf-8");
55
+        httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
56
+        httpResponse.getOutputStream().println("401 UNAUTHORIZED");
57
+        return false;
58
+    }
59
+
60
+}

+ 13 - 0
spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/utils/JwtUtils.java

@@ -53,6 +53,19 @@ public class JwtUtils {
53 53
         }
54 54
         return jwt.getClaim("username").asString();
55 55
     }
56
+    
57
+    public static boolean verifyToken(String token, String secret) {
58
+        DecodedJWT jwt = null;
59
+        try {
60
+            JWTVerifier verifier = JWT.require(Algorithm.HMAC256(secret)).build();
61
+            jwt = verifier.verify(token);
62
+            
63
+        } catch (Exception e) {
64
+        	log.error(e.getMessage(), e);
65
+            return false;
66
+        }
67
+        return true;
68
+    }
56 69
 
57 70
     /**
58 71
      * 生成签名,expireTime后过期