|
@@ -47,41 +47,44 @@ public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter {
|
47
|
47
|
return super.preHandle(request, response, handler);
|
48
|
48
|
}
|
49
|
49
|
|
50
|
|
- return super.preHandle(request, response, handler);
|
|
50
|
+ if (request.getServletPath().startsWith("/actuator")) {
|
|
51
|
+ return super.preHandle(request, response, handler);
|
|
52
|
+ }
|
|
53
|
+
|
51
|
54
|
|
52
|
|
-// String clientToken = request.getHeader("x-auth-client-" + applicationName);
|
53
|
|
-// String client = request.getHeader("x-auth-client");
|
54
|
|
-//
|
55
|
|
-// try {
|
56
|
|
-// if (StringUtils.isEmpty(clientToken)) {
|
57
|
|
-// String clientName = JwtUtils.getUsername(client);
|
58
|
|
-// // authServer校验 客户端是否合法&能否有权限访问
|
59
|
|
-// if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0],
|
60
|
|
-// clientName.split("\\.")[1]))) {
|
61
|
|
-// // 给该客户端签名
|
62
|
|
-// String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr",
|
63
|
|
-// 3600 * 12);
|
64
|
|
-// response.addHeader("x-auth-client-response", signToken);
|
65
|
|
-//
|
66
|
|
-// log.info("auth-server verify success, sign with {}", signToken);
|
67
|
|
-//
|
68
|
|
-// return super.preHandle(request, response, handler);
|
69
|
|
-// }
|
70
|
|
-//
|
71
|
|
-// } else {
|
72
|
|
-// // jwt校验
|
73
|
|
-// if (!JwtUtils.isTokenExpired(clientToken)
|
74
|
|
-// && JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
|
75
|
|
-// log.info("local service jwt verify success");
|
76
|
|
-// return super.preHandle(request, response, handler);
|
77
|
|
-// }
|
78
|
|
-// }
|
79
|
|
-//
|
80
|
|
-// } catch (Exception e) {
|
81
|
|
-// log.error(e.getMessage(), e);
|
82
|
|
-// throw new ClientForbiddenException("Client verfy error");
|
83
|
|
-// }
|
84
|
|
-//
|
85
|
|
-// throw new ClientForbiddenException("Client is Forbidden!");
|
|
55
|
+ String clientToken = request.getHeader("x-auth-client-" + applicationName);
|
|
56
|
+ String client = request.getHeader("x-auth-client");
|
|
57
|
+
|
|
58
|
+ try {
|
|
59
|
+ if (StringUtils.isEmpty(clientToken)) {
|
|
60
|
+ String clientName = JwtUtils.getUsername(client);
|
|
61
|
+ // authServer校验 客户端是否合法&能否有权限访问
|
|
62
|
+ if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0],
|
|
63
|
+ clientName.split("\\.")[1]))) {
|
|
64
|
+ // 给该客户端签名
|
|
65
|
+ String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr",
|
|
66
|
+ 3600 * 12);
|
|
67
|
+ response.addHeader("x-auth-client-response", signToken);
|
|
68
|
+
|
|
69
|
+ log.info("auth-server verify success, sign with {}", signToken);
|
|
70
|
+
|
|
71
|
+ return super.preHandle(request, response, handler);
|
|
72
|
+ }
|
|
73
|
+
|
|
74
|
+ } else {
|
|
75
|
+ // jwt校验
|
|
76
|
+ if (!JwtUtils.isTokenExpired(clientToken)
|
|
77
|
+ && JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
|
|
78
|
+ log.info("local service jwt verify success");
|
|
79
|
+ return super.preHandle(request, response, handler);
|
|
80
|
+ }
|
|
81
|
+ }
|
|
82
|
+
|
|
83
|
+ } catch (Exception e) {
|
|
84
|
+ log.error(e.getMessage(), e);
|
|
85
|
+ throw new ClientForbiddenException("Client verfy error");
|
|
86
|
+ }
|
|
87
|
+
|
|
88
|
+ throw new ClientForbiddenException("Client is Forbidden!");
|
86
|
89
|
}
|
87
|
90
|
}
|