diff --git a/README.md b/README.md index a6bd1ed..ebae60a 100644 --- a/README.md +++ b/README.md @@ -11,4 +11,5 @@ - add:日志添加事务排除、try/catch拦截异常 `common.log.service.impl.OperationLogServiceImpl` - add: kafka日志发送service添加@Async注解 `common.log.producer.OperationLogKafkaProducer` - add: 文件sdk新增修改文件名称接口 `cloud.attachment.sdk.api.AttachmentClient` - - add: 新增角色-审查人员 `common.constant.EbtpRoleEnum` \ No newline at end of file + - add: 新增角色-审查人员 `common.constant.EbtpRoleEnum` + - update-20220630-fuqj:修改SpringSecurity过滤器中获取人员信息接口,调用extend服务,extend服务实现在山分接口基础上扩展本地角色信息。 `cloud.security.starter.filter.TokenAuthenticationFilter` \ No newline at end of file diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java index 4234885..b9173e7 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java @@ -15,4 +15,5 @@ public interface Constants { String ACTUATOR_HEALTH = "actuator/health"; String ACTUATOR_PROMETHEUS = "actuator/prometheus"; + String GET_USERINFO_API = "/v1/userinfo/get"; } diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java index d7b7d90..fb9adce 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java @@ -1,11 +1,11 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.filter; import cn.hutool.core.bean.BeanUtil; -import cn.hutool.core.util.StrUtil; import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser; +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient; import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService; import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser; import lombok.extern.slf4j.Slf4j; @@ -40,6 +40,8 @@ import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants. public class TokenAuthenticationFilter extends OncePerRequestFilter { @Autowired private UserInfoService client; + @Autowired + private EbtpUserInfoClient ebtpClient; @Autowired @@ -68,6 +70,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { isNullThenAssignDefault(); } + if (GET_USERINFO_API.equals(api)) { + filterChain.doFilter(request, response); + return; + } + // 提取request头信息 final String header = request.getHeader(AUTHORIZATION_HEADER); final String currentRoleCode = request.getHeader(CURRENT_ROLE_CODE); @@ -88,7 +95,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { if (optionalCookie.isPresent()) { setAuthentication(currentRoleCode, optionalCookie.get().getValue(), isWhite); } else if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)) { - log.warn("cookie中没有token信息:{}",api); + log.warn("cookie中没有token信息:{}", api); } } @@ -110,7 +117,8 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { return Optional.ofNullable(allows.getApis()).orElseGet(ArrayList::new) .parallelStream().anyMatch(reg -> Pattern.compile(reg).matcher(methodType + "." + method).matches()) || method.contains(ACTUATOR_HEALTH) //服务的就绪检测 - || method.contains(ACTUATOR_PROMETHEUS); //prometheus检测 + || method.contains(ACTUATOR_PROMETHEUS) //prometheus检测 + || method.contains(GET_USERINFO_API); //获取用户信息接口 } @@ -132,8 +140,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { */ private Authentication getAuthentication(final String token, final String currentRoleCode, final boolean isWhite) { - BaseCacheUser userInfo = client.getUserInfo(token); - log.debug("getUserInfo:{}",userInfo.toString()); +// BaseCacheUser userInfo = client.getUserInfo(token); + BaseCacheUser userInfo = ebtpClient.get(); + log.debug("getUserInfo:{}", userInfo.toString()); // 对象为空, 则说明网络异常feign已熔断 if (Objects.isNull(userInfo)) { if (!isWhite) { diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java new file mode 100644 index 0000000..b65f4d7 --- /dev/null +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java @@ -0,0 +1,20 @@ +package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client; + +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback.EbtpUserInfoClientFallbackFactory; +import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser; +import org.springframework.cloud.openfeign.FeignClient; +import org.springframework.web.bind.annotation.GetMapping; + +/** + * 文档中心数据服务客户端 + * + * @author Ajaxfan + */ +@FeignClient(value = "biz-service-ebtp-extend", + fallbackFactory = EbtpUserInfoClientFallbackFactory.class) +public interface EbtpUserInfoClient { + + @GetMapping("/v1/userinfo/get") + BaseCacheUser get(); + +} diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java index c626ee7..2e69096 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java @@ -1,7 +1,6 @@ package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityEntity; -import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.config.UnifastOAuthFeignConfig; import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback.UnifastOAuthClientFallbackFactory; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.web.bind.annotation.GetMapping; diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java new file mode 100644 index 0000000..39734ab --- /dev/null +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java @@ -0,0 +1,17 @@ +package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback; + +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient; +import feign.hystrix.FallbackFactory; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Component; + +@Slf4j +@Component +public class EbtpUserInfoClientFallbackFactory implements FallbackFactory { + + @Override + public EbtpUserInfoClient create(Throwable throwable) { + log.error("EbtpUserInfoClient error : " + throwable.getMessage()); + return () -> null; + } +}