Startsida Utforska Hjälp
Registrera dig Logga in
yufeng
/
spring5_demo1
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Pull-förfrågningar 0 Wiki
Träd: c4f51f4cfb
Grenar Taggar
spring5_demo1
/
spring5-auth
/
spring5-auth-client
/
src
/
main
/
java
/
com
/
yaozhitech
/
spring5
/
intercept
/
ServiceAuthRestInterceptor.java

ServiceAuthRestInterceptor.java 2.2 KB
Historik

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. package com.yaozhitech.spring5.intercept;
    2. 

  2. 

  3. import javax.servlet.http.HttpServletRequest;
    4. 

  4. import javax.servlet.http.HttpServletResponse;
    5. 

  5. 

  6. import org.slf4j.Logger;
    7. 

  7. import org.slf4j.LoggerFactory;
    8. 

  8. import org.springframework.beans.factory.annotation.Autowired;
    9. 

  9. import org.springframework.beans.factory.annotation.Value;
    10. 

  10. import org.springframework.web.method.HandlerMethod;
    11. 

  11. import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
    12. 

  12. 

  13. import com.yaozhitech.spring5.annotation.IgnoreClientToken;
    14. 

  14. import com.yaozhitech.spring5.common.exception.auth.ClientForbiddenException;
    15. 

  15. import com.yaozhitech.spring5.provider.AuthServerProvider;
    16. 

  16. import com.yaozhitech.spring5.utils.JwtUtils;
    17. 

  17. 

  18. import lombok.extern.slf4j.Slf4j;
    19. 

  19. 

  20. /**
    21. 

  21.  * 微服务之间的认证
    22. 

  22.  * @author EDZ
    23. 

  23.  *
    24. 

  24.  */
    25. 

  25. @Slf4j
    26. 

  26. public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter {
    27. 

  27.     private Logger logger = LoggerFactory.getLogger(ServiceAuthRestInterceptor.class);
    28. 

  28. 

  29.   @Autowired
    30. 

  30.   private AuthServerProvider clientAuthProvider;
    31. 

  31.   
    32. 

  32.   @Value("${spring.application.name}")
    33. 

  33.   private String applicationName;
    34. 

  34. 

  35.   @Override
    36. 

  36.   public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    37. 

  37. 		HandlerMethod handlerMethod = (HandlerMethod) handler;
    38. 

  38. 		// ip
    39. 

  39. //		if (ClientUtil.isLocalhost(request)) {
    40. 

  40. //			return super.preHandle(request, response, handler);
    41. 

  41. //		}
    42. 

  42. 		
    43. 

  43.       // 配置该注解,说明不进行服务拦截
    44. 

  44.       IgnoreClientToken annotation = handlerMethod.getBeanType().getAnnotation(IgnoreClientToken.class);
    45. 

  45.       if (annotation == null) {
    46. 

  46.           annotation = handlerMethod.getMethodAnnotation(IgnoreClientToken.class);
    47. 

  47.       }
    48. 

  48.       if(annotation != null) {
    49. 

  49.           return super.preHandle(request, response, handler);
    50. 

  50.       }
    51. 

  51. 

  52. 		String client = request.getHeader("x-auth-client");
    53. 

  53. 		
    54. 

  54. 		try {
    55. 

  55. 			String uniqueName = JwtUtils.getUsername(client);
    56. 

  56. 			if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, uniqueName.split("\\.")[0], uniqueName.split("\\.")[1]))) {
    57. 

  57. 				return super.preHandle(request, response, handler);
    58. 

  58. 			}
    59. 

  59. 			
    60. 

  60. 		} catch (Exception e) {
    61. 

  61. 			log.error(e.getMessage(), e);
    62. 

  62. 			throw new ClientForbiddenException("Client verfy error");
    63. 

  63. 		}
    64. 

  64.       
    65. 

  65.       throw new ClientForbiddenException("Client is Forbidden!");
    66. 

  66.   }
    67. 

  67. }
    68. 

  68.