diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java index 6ff648c..6a5bf4e 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java @@ -5,26 +5,34 @@ import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants. import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.CURRENT_ROLE_CODE; import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.TOKEN_PREFIX; +import java.util.List; +import java.util.Objects; import java.util.Optional; import java.util.stream.Stream; import org.apache.commons.lang3.RegExUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import feign.RequestInterceptor; import feign.RequestTemplate; +import lombok.Setter; /** * 通过拦截器来为header注入token */ @Configuration +@ConfigurationProperties(prefix = "ebtp.cloud") @ConditionalOnProperty(name = "ebtp.universal.feign.token.interceptor", havingValue = "true", matchIfMissing = true) public class FeignConfig implements RequestInterceptor { + /* 白名单(名单内请求不注入token) */ + private @Setter List tokenWhiteList; + /** * @param template */ @@ -33,22 +41,10 @@ public class FeignConfig implements RequestInterceptor { ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); if (null != attributes) { - final String header = attributes.getRequest().getHeader(AUTHORIZATION_HEADER);// 提取request头信息 - - // 检查请求头是否包含 Bearer 前缀 - if (StringUtils.startsWith(header, TOKEN_PREFIX)) { - String authToken = RegExUtils.replaceAll(header, TOKEN_PREFIX, "");// 提取 token 信息 - - template.header(AUTHORIZATION_HEADER, String.format("%s%s", TOKEN_PREFIX, authToken)); - } else {// 检查cookie - Optional.ofNullable(attributes.getRequest().getCookies()).ifPresent(cookies -> { - Stream.of(cookies).filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)).findFirst() - .ifPresent(token -> { - template.header(AUTHORIZATION_HEADER, - String.format("%s%s", TOKEN_PREFIX, token.getValue())); - }); - }); + if (isNonExistsWhiteList(template.url())) { + injectToken(template, attributes); } + final String currentRoleCode = attributes.getRequest().getHeader(CURRENT_ROLE_CODE);// 提取request头信息 // 检查请求头是否包含 currentRoleCode @@ -58,4 +54,42 @@ public class FeignConfig implements RequestInterceptor { } } + /** + * 非白名单内的请求都需要注入token + * + * @param url + * @return + */ + private boolean isNonExistsWhiteList(String url) { + if (Objects.nonNull(tokenWhiteList)) { + return tokenWhiteList.stream().filter(rule -> StringUtils.contains(url, rule)).count() == 0; + } + return true; + } + + /** + * 请求中注入token + * + * @param template + * @param attributes + */ + private void injectToken(RequestTemplate template, ServletRequestAttributes attributes) { + final String header = attributes.getRequest().getHeader(AUTHORIZATION_HEADER);// 提取request头信息 + + // 检查请求头是否包含 Bearer 前缀 + if (StringUtils.startsWith(header, TOKEN_PREFIX)) { + String authToken = RegExUtils.replaceAll(header, TOKEN_PREFIX, "");// 提取 token 信息 + + template.header(AUTHORIZATION_HEADER, String.format("%s%s", TOKEN_PREFIX, authToken)); + } else {// 检查cookie + Optional.ofNullable(attributes.getRequest().getCookies()).ifPresent(cookies -> { + Stream.of(cookies).filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)).findFirst() + .ifPresent(token -> { + template.header(AUTHORIZATION_HEADER, + String.format("%s%s", TOKEN_PREFIX, token.getValue())); + }); + }); + } + } + }