From 2bff91ac81cbd80b2e611ef870f70baf1b87e9d2 Mon Sep 17 00:00:00 2001 From: fuqingji <51312040@qq.com> Date: Thu, 30 Jun 2022 10:48:02 +0800 Subject: [PATCH] =?UTF-8?q?update-20220630-fuqj=EF=BC=9A=E4=BF=AE=E6=94=B9?= =?UTF-8?q?SpringSecurity=E8=BF=87=E6=BB=A4=E5=99=A8=E4=B8=AD=E8=8E=B7?= =?UTF-8?q?=E5=8F=96=E4=BA=BA=E5=91=98=E4=BF=A1=E6=81=AF=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=EF=BC=8C=E8=B0=83=E7=94=A8extend=E6=9C=8D=E5=8A=A1,extend?= =?UTF-8?q?=E6=9C=8D=E5=8A=A1=E5=AE=9E=E7=8E=B0=E5=9C=A8=E5=B1=B1=E5=88=86?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E5=9F=BA=E7=A1=80=E4=B8=8A=E6=89=A9=E5=B1=95?= =?UTF-8?q?=E6=9C=AC=E5=9C=B0=E8=A7=92=E8=89=B2=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 3 ++- .../security/starter/common/Constants.java | 1 + .../filter/TokenAuthenticationFilter.java | 19 +++++++++++++----- .../starter/client/EbtpUserInfoClient.java | 20 +++++++++++++++++++ .../starter/client/UnifastOAuthClient.java | 1 - .../EbtpUserInfoClientFallbackFactory.java | 17 ++++++++++++++++ 6 files changed, 54 insertions(+), 7 deletions(-) create mode 100644 uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java create mode 100644 uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java diff --git a/README.md b/README.md index a6bd1ed..ebae60a 100644 --- a/README.md +++ b/README.md @@ -11,4 +11,5 @@ - add:日志添加事务排除、try/catch拦截异常 `common.log.service.impl.OperationLogServiceImpl` - add: kafka日志发送service添加@Async注解 `common.log.producer.OperationLogKafkaProducer` - add: 文件sdk新增修改文件名称接口 `cloud.attachment.sdk.api.AttachmentClient` - - add: 新增角色-审查人员 `common.constant.EbtpRoleEnum` \ No newline at end of file + - add: 新增角色-审查人员 `common.constant.EbtpRoleEnum` + - update-20220630-fuqj:修改SpringSecurity过滤器中获取人员信息接口,调用extend服务,extend服务实现在山分接口基础上扩展本地角色信息。 `cloud.security.starter.filter.TokenAuthenticationFilter` \ No newline at end of file diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java index 4234885..b9173e7 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java @@ -15,4 +15,5 @@ public interface Constants { String ACTUATOR_HEALTH = "actuator/health"; String ACTUATOR_PROMETHEUS = "actuator/prometheus"; + String GET_USERINFO_API = "/v1/userinfo/get"; } diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java index d7b7d90..fb9adce 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java @@ -1,11 +1,11 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.filter; import cn.hutool.core.bean.BeanUtil; -import cn.hutool.core.util.StrUtil; import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser; +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient; import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService; import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser; import lombok.extern.slf4j.Slf4j; @@ -40,6 +40,8 @@ import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants. public class TokenAuthenticationFilter extends OncePerRequestFilter { @Autowired private UserInfoService client; + @Autowired + private EbtpUserInfoClient ebtpClient; @Autowired @@ -68,6 +70,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { isNullThenAssignDefault(); } + if (GET_USERINFO_API.equals(api)) { + filterChain.doFilter(request, response); + return; + } + // 提取request头信息 final String header = request.getHeader(AUTHORIZATION_HEADER); final String currentRoleCode = request.getHeader(CURRENT_ROLE_CODE); @@ -88,7 +95,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { if (optionalCookie.isPresent()) { setAuthentication(currentRoleCode, optionalCookie.get().getValue(), isWhite); } else if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)) { - log.warn("cookie中没有token信息:{}",api); + log.warn("cookie中没有token信息:{}", api); } } @@ -110,7 +117,8 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { return Optional.ofNullable(allows.getApis()).orElseGet(ArrayList::new) .parallelStream().anyMatch(reg -> Pattern.compile(reg).matcher(methodType + "." + method).matches()) || method.contains(ACTUATOR_HEALTH) //服务的就绪检测 - || method.contains(ACTUATOR_PROMETHEUS); //prometheus检测 + || method.contains(ACTUATOR_PROMETHEUS) //prometheus检测 + || method.contains(GET_USERINFO_API); //获取用户信息接口 } @@ -132,8 +140,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { */ private Authentication getAuthentication(final String token, final String currentRoleCode, final boolean isWhite) { - BaseCacheUser userInfo = client.getUserInfo(token); - log.debug("getUserInfo:{}",userInfo.toString()); +// BaseCacheUser userInfo = client.getUserInfo(token); + BaseCacheUser userInfo = ebtpClient.get(); + log.debug("getUserInfo:{}", userInfo.toString()); // 对象为空, 则说明网络异常feign已熔断 if (Objects.isNull(userInfo)) { if (!isWhite) { diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java new file mode 100644 index 0000000..b65f4d7 --- /dev/null +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java @@ -0,0 +1,20 @@ +package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client; + +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback.EbtpUserInfoClientFallbackFactory; +import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser; +import org.springframework.cloud.openfeign.FeignClient; +import org.springframework.web.bind.annotation.GetMapping; + +/** + * 文档中心数据服务客户端 + * + * @author Ajaxfan + */ +@FeignClient(value = "biz-service-ebtp-extend", + fallbackFactory = EbtpUserInfoClientFallbackFactory.class) +public interface EbtpUserInfoClient { + + @GetMapping("/v1/userinfo/get") + BaseCacheUser get(); + +} diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java index c626ee7..2e69096 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java @@ -1,7 +1,6 @@ package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityEntity; -import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.config.UnifastOAuthFeignConfig; import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback.UnifastOAuthClientFallbackFactory; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.web.bind.annotation.GetMapping; diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java new file mode 100644 index 0000000..39734ab --- /dev/null +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/fallback/EbtpUserInfoClientFallbackFactory.java @@ -0,0 +1,17 @@ +package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback; + +import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient; +import feign.hystrix.FallbackFactory; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Component; + +@Slf4j +@Component +public class EbtpUserInfoClientFallbackFactory implements FallbackFactory { + + @Override + public EbtpUserInfoClient create(Throwable throwable) { + log.error("EbtpUserInfoClient error : " + throwable.getMessage()); + return () -> null; + } +}