增加token注入白名单功能

uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java

@@ -5,26 +5,34 @@ import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.
 import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.CURRENT_ROLE_CODE;
 import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.TOKEN_PREFIX;
 
+import java.util.List;
+import java.util.Objects;
 import java.util.Optional;
 import java.util.stream.Stream;
 
 import org.apache.commons.lang3.RegExUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import feign.RequestInterceptor;
 import feign.RequestTemplate;
+import lombok.Setter;
 
 /**
  * 通过拦截器来为header注入token
  */
 @Configuration
+@ConfigurationProperties(prefix = "ebtp.cloud")
 @ConditionalOnProperty(name = "ebtp.universal.feign.token.interceptor", havingValue = "true", matchIfMissing = true)
 public class FeignConfig implements RequestInterceptor {
 
+	/* 白名单（名单内请求不注入token） */
+	private @Setter List<String> tokenWhiteList;
+
 	/**
 	 * @param template
 	 */
@@ -33,22 +41,10 @@ public class FeignConfig implements RequestInterceptor {
 		ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
 
 		if (null != attributes) {
-			final String header = attributes.getRequest().getHeader(AUTHORIZATION_HEADER);// 提取request头信息
+			if (isNonExistsWhiteList(template.url())) {
-
+				injectToken(template, attributes);
-			// 检查请求头是否包含 Bearer 前缀
-			if (StringUtils.startsWith(header, TOKEN_PREFIX)) {
-				String authToken = RegExUtils.replaceAll(header, TOKEN_PREFIX, "");// 提取 token 信息
-
-				template.header(AUTHORIZATION_HEADER, String.format("%s%s", TOKEN_PREFIX, authToken));
-			} else {// 检查cookie
-				Optional.ofNullable(attributes.getRequest().getCookies()).ifPresent(cookies -> {
-					Stream.of(cookies).filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)).findFirst()
-							.ifPresent(token -> {
-								template.header(AUTHORIZATION_HEADER,
-										String.format("%s%s", TOKEN_PREFIX, token.getValue()));
-							});
-				});
 			}
+
 			final String currentRoleCode = attributes.getRequest().getHeader(CURRENT_ROLE_CODE);// 提取request头信息
 
 			// 检查请求头是否包含 currentRoleCode
@@ -58,4 +54,42 @@ public class FeignConfig implements RequestInterceptor {
 		}
 	}
 
+	/**
+	 * 非白名单内的请求都需要注入token
+	 * 
+	 * @param url
+	 * @return
+	 */
+	private boolean isNonExistsWhiteList(String url) {
+		if (Objects.nonNull(tokenWhiteList)) {
+			return tokenWhiteList.stream().filter(rule -> StringUtils.contains(url, rule)).count() == 0;
+		}
+		return true;
+	}
+
+	/**
+	 * 请求中注入token
+	 * 
+	 * @param template
+	 * @param attributes
+	 */
+	private void injectToken(RequestTemplate template, ServletRequestAttributes attributes) {
+		final String header = attributes.getRequest().getHeader(AUTHORIZATION_HEADER);// 提取request头信息
+
+		// 检查请求头是否包含 Bearer 前缀
+		if (StringUtils.startsWith(header, TOKEN_PREFIX)) {
+			String authToken = RegExUtils.replaceAll(header, TOKEN_PREFIX, "");// 提取 token 信息
+
+			template.header(AUTHORIZATION_HEADER, String.format("%s%s", TOKEN_PREFIX, authToken));
+		} else {// 检查cookie
+			Optional.ofNullable(attributes.getRequest().getCookies()).ifPresent(cookies -> {
+				Stream.of(cookies).filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)).findFirst()
+						.ifPresent(token -> {
+							template.header(AUTHORIZATION_HEADER,
+									String.format("%s%s", TOKEN_PREFIX, token.getValue()));
+						});
+			});
+		}
+	}
+
 }