2.3.1
This commit is contained in:
zhangqinbin
@ -7,13 +7,13 @@
|
||||
<parent>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-parent</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<relativePath>../mall-ebtp-cloud-parent</relativePath>
|
||||
</parent>
|
||||
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-jpa-starter</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<name>mall-ebtp-cloud-jpa-starter</name>
|
||||
|
||||
|
||||
|
||||
@ -8,13 +8,13 @@
|
||||
<parent>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-parent</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<relativePath>../mall-ebtp-cloud-parent</relativePath>
|
||||
</parent>
|
||||
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-kafka-starter</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<name>mall-ebtp-cloud-kafka-starter</name>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@ -7,12 +7,12 @@
|
||||
<parent>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-parent</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>mall-ebtp-cloud-parent</name>
|
||||
|
||||
@ -24,22 +24,22 @@
|
||||
<dependency>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-jpa-starter</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-kafka-starter</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.chinaunicom.mall.ebtp</groupId>
|
||||
<artifactId>uboot-common</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.chinaunicom.mall.ebtp</groupId>
|
||||
<artifactId>uboot-core</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
|
||||
2
pom.xml
2
pom.xml
@ -13,7 +13,7 @@
|
||||
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<packaging>pom</packaging>
|
||||
|
||||
<name>mall-ebtp-cloud</name>
|
||||
|
||||
@ -6,13 +6,13 @@
|
||||
<parent>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-parent</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<relativePath>../mall-ebtp-cloud-parent</relativePath>
|
||||
</parent>
|
||||
|
||||
<groupId>com.chinaunicom.mall.ebtp</groupId>
|
||||
<artifactId>uboot-common</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<name>uboot-common</name>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@ -48,18 +48,26 @@ public class JasyptStarterConfiguration {
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
// PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
|
||||
// SimpleStringPBEConfig config = new SimpleStringPBEConfig();
|
||||
// config.setPassword("uniom-ebtp");
|
||||
// config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
|
||||
// config.setKeyObtentionIterations("1000");
|
||||
// config.setPoolSize("1");
|
||||
// config.setProviderName("SunJCE");
|
||||
// config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
|
||||
// config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
|
||||
// config.setStringOutputType("base64");
|
||||
// encryptor.setConfig(config);
|
||||
// String decrypt = encryptor.decrypt("VwMRvAmu9rP0TGa1REZL5khiOOZtI47GoRJeHBN9LRDkJ+heZ4vXQ82/scobMGKW");
|
||||
JasyptStarterConfiguration.encryptStr("ProdMall3_0531portal","uniom-ebtp");
|
||||
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
|
||||
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
|
||||
config.setPassword("unicom");// unicom uniom-ebtp
|
||||
config.setAlgorithm("PBEWithMD5AndDES");// PBEWithMD5AndDES PBEWITHMD5ANDDES
|
||||
config.setKeyObtentionIterations("1000");
|
||||
config.setPoolSize("1");
|
||||
config.setProviderName("SunJCE");
|
||||
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
|
||||
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
|
||||
config.setStringOutputType("base64");
|
||||
encryptor.setConfig(config);
|
||||
// String decrypt = encryptor.decrypt("Ecrp94gdEbYqQnnHDq/ILoRM9cs44vT02BvmZMqHaUphaYuAPSciSqM/loGvFcrQMjwXuoMJD6jYSSiycgzcwnav29alP7intVCpiIhM/p6fjYGevVUp0O0H0VpRF0TvSAZjVIndW4g=");
|
||||
// System.out.println("解密1的字符串:" + decrypt);
|
||||
// String decrypt2 = encryptor.decrypt("O9X+0wfOxV2/dyHDM7kzHYjOfBIB/cwmfr3ICH+HgfIY92v36o/MiMa2PWsjc4rn");
|
||||
// System.out.println("解密2的字符串:" + decrypt2);
|
||||
String decrypt3 = encryptor.decrypt("umDA2Ec6BEYPBQ4o6X/4G0hUmtFYQF8YH121MBgoqJE=");
|
||||
System.out.println("解密3的字符串:" + decrypt3);
|
||||
//JasyptStarterConfiguration.encryptStr("org.apache.kafka.common.security.scram.ScramLoginModule required username=\"kafka-gjgs\" password=\"Gjgs#2023\";","uniom-ebtp");
|
||||
//JasyptStarterConfiguration.encryptStr("7i6O36#eol8!","uniom-ebtp");
|
||||
//JasyptStarterConfiguration.encryptStr("hzfsftpuser","uniom-ebtp");
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -22,4 +22,5 @@ public interface Constants {
|
||||
String ACTUATOR_HEALTH = "actuator/health";
|
||||
String ACTUATOR_PROMETHEUS = "actuator/prometheus";
|
||||
String GET_USERINFO_API = "/v1/userinfo/refresh";
|
||||
String CHECK_TOKEN_CONFIG = "/v1/checkToken/getCheckTokenVo";
|
||||
}
|
||||
|
||||
@ -8,8 +8,11 @@ import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.ExternalAllows;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
|
||||
import com.chinaunicom.mall.ebtp.common.exception.common.CommonExceptionEnum;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.RegExUtils;
|
||||
@ -19,6 +22,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.remoting.RemoteTimeoutException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
@ -51,24 +55,13 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
@Autowired
|
||||
private UserInfoService client;
|
||||
|
||||
//@Value("${http.rsa.privateKey}")
|
||||
private String privateKey="MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCIbZigdtFhreIKKBesIrgPhZoRgbMALpTjnNtAibPjmJJMSuWDnHgvSLpCaqNuCEm2GG5dRcZHTc2HWqGz00AJBxmMvrY8H2OqSAF0DuHGlMFZ4k2rpwY1VK9EJbN1/dTm9ZHxEvCRrUgZAQ1In3pUwflNgriou0/2MMoCL9i22TrAd/x835MCA0H0SxSGr02GhZRVmQMYo7axprr4/7RBUpynwh2ERKyZ6kzPF2qk4NW6lWXQSitOytVHagfxDfIEGjti1t4cnbD8n1DfjmBBpaUrJ2x9JX3Vxp6Gc0OCuqKJSxP73roibop1OXlXFJNn3Ansa0tiEkWuyPIqDAcnAgMBAAECggEAJeFwcJWtO5cBXVqWgBg/zSeGiPffUNyeQLjr8/aIOVjCvmZJZgrLIC3sccaUTFgGx4XvFvzpuiCzQbL7lSfB7v/Gq1rE1NrOXJiTtrrvG6lwKln4wQGmaqZx59UkCE4LkHl9JVfh7kET9MVi/9gwKlqVs1zpkwg3gp83Z/YLEXHFwlgMadDe7vxf/gTTdgH2mPYxI304hUj/lKlomFLiNx1Tn1KGphdklYa+Vx8fjfzmxp+aoxbLrLqnV90udDCQPHy7WzjW2+cYR8rbZmzR/zIbJxz1iIvG0GDVgJti9aJi3qujCAJ84fhG5yHpImIP6VjyHLwv61duPD3zla0bKQKBgQDEa3H2STgfwecK5T4gY72tNf1ZAtv7QajAkRcVoYEuUVSMtSvGZA3XLOjZKF1B8AOjdnxrIs2xh2ig+36EfpMTEwzkB/DBEIbnzCCdCedj+THysUImpdiHrhXpYO6GzvZMUgBtQvPLx2H3hosz0VS0/RiUYCMhIC7gWkp2lSLF6wKBgQCxz6GNW33MMSMjD/CAOwI333f0DtNtWWK+rMeQRXO2EKMg+aIk3Yez3C62EcQYgysm4J2Y0r84BDXKL795sVKWZBMY67qSMntfD2PxI9rHYttKd2sCttrZUB0Btr8j+hp0nd7EGhDVHFvWFqMgMfv+DQAoP1ah0Oa1Mzvto2RItQKBgCc1M2hwMS3VrOL147LfdgtPTaUo9vRupNrbm3oL5Rdz0KbNu1E8w66CHnDKp+LzoCZPDoLsTZb0aqRHz3dvNLiIAvi5xQsk22kFzDTMt02zfo7tZ0EDtfdPfrw5RyPNyEhvzfoBdVzmDd41EzBixr/iDbgAgMKqA/Fw1JBbMLfFAoGBAIFaBrCK6kztQh5zrgXa55Y131GQp4ZZDFih4Nu3aqH8IHAQqkAfWGUjvGd/LSSX54B0zrEqPylFBsx7R9QDh40YaDws4KESUGWrEI2QA8wgwl692P80fqiweymQBCTsAOrtHe2S+MPPyY9JEIqPUj5SvtaInUFCc1NGXkZWItIxAoGACKFRZOwxSUgGiK3YkQILO7Jy7jS0EMG8Bo0tuxjgBRCB2QgUe5TzFpkjSOjgqID5NRaFmthsfpOWmLgANne59tCozjmbGhLKSb+py/j3r5w2uWnDDVrZ0hcPqIFR+8y6c1sus5VnaKfDd/Sm4Tc4DFPNld+CKnJPtMxZUE51m78=";
|
||||
@Value("${check.tokentime.timeLimit}")
|
||||
private String kswTimeLimit;// = "20";
|
||||
@Value("${check.tokentime.onof}")
|
||||
private String onof;// = "0";
|
||||
@Value("${check.tokentime.checkprivateKey}")
|
||||
private String checkprivateKey;//="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc=";
|
||||
@Value("${check.tokentime.checkpublicKey}")
|
||||
private String checkpublicKey;//"MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJOzdznkEvViWv7+XV/7PfwwiqSfJDo0dWa4dV/kxffLnahmxgVposlZNkqhjwOEPZFAlsOOgqHIxNOO4MeQBa0CAwEAAQ==";
|
||||
|
||||
@Autowired
|
||||
private AuthAllows allows;
|
||||
@Autowired
|
||||
private ExternalAllows eAllows;
|
||||
|
||||
|
||||
//private String checkprivateKey="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc=";
|
||||
@Autowired
|
||||
private EbtpUserInfoClient ebtpClient;
|
||||
|
||||
@Autowired(required = false)
|
||||
@Qualifier("userinfoRedisTemplate")
|
||||
@ -91,12 +84,22 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
if (!StringUtils.contains(api, ACTUATOR_PROMETHEUS)) {
|
||||
log.info("--------" + method + " - " + api + "?" + Optional.ofNullable(request.getQueryString()).orElse(""));
|
||||
}
|
||||
String check_header = request.getHeader(HEADER_CHECK_TOKEN);
|
||||
//String check_header = request.getHeader(HEADER_CHECK_TOKEN);
|
||||
if(api.contains(CHECK_TOKEN_CONFIG)){
|
||||
isNullThenAssignDefault();
|
||||
// 过滤链调用
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
CheckTokenVo checkTokenVo = client.getCheckTokenByRedis();
|
||||
|
||||
//校验是否是fegin请求
|
||||
String isFeginKey = request.getHeader("isFegin");
|
||||
String isFegin = null;
|
||||
if(isFeginKey!=null&&!"".equals(isFeginKey)) {
|
||||
try {
|
||||
isFegin = RSAcheck.decrypt(isFeginKey, checkprivateKey);
|
||||
isFegin = RSAcheck.decrypt(isFeginKey, checkTokenVo.getCheckprivateKey());//checkprivateKey
|
||||
} catch (Exception e) {
|
||||
log.error("isFegin 解密异常", e);
|
||||
}
|
||||
@ -148,7 +151,6 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
boolean isExternal = externalCheckWhiteList(api, method);
|
||||
log.info(api+"|"+isExternal);
|
||||
log.info("check白名单|"+eAllows.getApis());
|
||||
//校验token 时间戳
|
||||
if(tokenCheckB&&!isExternal&&!isWhite) {
|
||||
if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)
|
||||
@ -157,7 +159,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
|
||||
log.info("获取用户信息:" + buser);
|
||||
if (buser != null && buser.getUserId() != null && !"".equals(buser.getUserId())) {
|
||||
if (!checkTokenTime(request, response, filterChain)) {
|
||||
if (!checkTokenTime(request, response, filterChain,checkTokenVo)) {
|
||||
request.getSession().setAttribute("code", "90501");
|
||||
CommonExceptionEnum.FRAME_EXCEPTION_COMMON_DATA_OTHER_ERROR.customValidName("无效请求", true);
|
||||
}
|
||||
@ -173,18 +175,15 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
* 校验请求唯一性
|
||||
* @param request
|
||||
*/
|
||||
public Boolean checkTokenTime(HttpServletRequest request,HttpServletResponse response,FilterChain filterChain){
|
||||
public Boolean checkTokenTime(HttpServletRequest request,HttpServletResponse response,FilterChain filterChain,CheckTokenVo checkTokenVo){
|
||||
|
||||
Boolean b = true;
|
||||
String check_header = request.getHeader(HEADER_CHECK_TOKEN);
|
||||
log.info("request check_header:"+check_header);
|
||||
if("1".equals(onof)){
|
||||
if("1".equals(checkTokenVo.getOnof())){//onof
|
||||
return true;
|
||||
}
|
||||
// Optional<Cookie> optionalCookie = Optional.ofNullable(request.getCookies())
|
||||
// .flatMap(cookies ->
|
||||
// Stream.of(cookies)
|
||||
// .filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE))
|
||||
// .findFirst());
|
||||
|
||||
if (check_header!=null&&!"".equals(check_header)) {
|
||||
String cookieKey = check_header;//optionalCookie.get().getValue();
|
||||
log.info("cookieKey:"+cookieKey);
|
||||
@ -198,9 +197,6 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
}else{
|
||||
redisTemplate.opsForValue().set(HEADER_CHECK_TOKEN+":"+cookieKey, 2, 20, TimeUnit.SECONDS);
|
||||
}
|
||||
//request.getSession().setAttribute("code", "90501");
|
||||
//throw new RemoteTimeoutException(REMOTE_ACCESS_CHECK);//REMOTE_ACCESS_CHECK
|
||||
//throw new BusinessException(CommonExceptionEnum.LOGIN_CHECK_TOKEN_EXPIRATION, "无效请求 h!");
|
||||
}else{
|
||||
redisTemplate.opsForValue().set(HEADER_CHECK_TOKEN+":"+cookieKey, 1, 20, TimeUnit.SECONDS);
|
||||
}
|
||||
@ -209,11 +205,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
header = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");
|
||||
String cookieValue = "";
|
||||
try {
|
||||
cookieValue = RSAcheck.decrypt(cookieKey, checkprivateKey);
|
||||
cookieValue = RSAcheck.decrypt(cookieKey, checkTokenVo.getCheckprivateKey());//checkprivateKey
|
||||
}catch (Exception e){
|
||||
b = false;
|
||||
//request.getSession().setAttribute("code", "90501");
|
||||
//throw new RemoteTimeoutException(REMOTE_ACCESS_CHECK);//REMOTE_ACCESS_CHECK
|
||||
}
|
||||
log.info("header :"+header);
|
||||
log.info("cookieValue :"+cookieValue);
|
||||
@ -221,33 +215,24 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
if (!header.equals(checkValues[0])) {
|
||||
log.error("请求连接token不一致");
|
||||
b = false;
|
||||
//request.getSession().setAttribute("code", "90501");
|
||||
//throw new RemoteTimeoutException(REMOTE_ACCESS_CHECK);//REMOTE_ACCESS_CHECK
|
||||
//throw new BusinessException(CommonExceptionEnum.LOGIN_CHECK_TOKEN_EXPIRATION, "无效请求 token!");
|
||||
}
|
||||
//SimpleDateFormat format = new SimpleDateFormat("yyyyMMddHHmmss");
|
||||
long newDateLong = System.currentTimeMillis();
|
||||
long inDateLong = Long.valueOf(checkValues[1]).longValue();
|
||||
|
||||
log.info("newDateLong:"+newDateLong);
|
||||
log.info("inDateLong:"+inDateLong);
|
||||
log.info("kswTimeLimit:"+kswTimeLimit);
|
||||
log.info("newDateLong - inDateLong :"+(newDateLong - inDateLong));
|
||||
log.info("newDateLong - inDateLong 结果 :"+((newDateLong - inDateLong) > Long.valueOf(kswTimeLimit).longValue()));
|
||||
if ((newDateLong - inDateLong) > Long.valueOf(kswTimeLimit).longValue()) {//
|
||||
// log.info("newDateLong:"+newDateLong);
|
||||
// log.info("inDateLong:"+inDateLong);
|
||||
// log.info("kswTimeLimit:"+checkTokenVo.getTimeLimit());//kswTimeLimit
|
||||
// log.info("newDateLong - inDateLong :"+(newDateLong - inDateLong));
|
||||
// log.info("newDateLong - inDateLong 结果 :"+((newDateLong - inDateLong) > Long.valueOf(checkTokenVo.getTimeLimit()).longValue()));
|
||||
if ((newDateLong - inDateLong) > Long.valueOf(checkTokenVo.getTimeLimit()).longValue()) {//
|
||||
log.error("请求已超时");
|
||||
//request.getSession().setAttribute("code", "90501");
|
||||
b = false;
|
||||
//throw new RemoteTimeoutException(REMOTE_ACCESS_CHECK);//REMOTE_ACCESS_CHECK
|
||||
//throw new BusinessException(CommonExceptionEnum.LOGIN_CHECK_TOKEN_EXPIRATION, "无效请求!time out");
|
||||
}
|
||||
|
||||
} else {
|
||||
log.error("请求未授权");
|
||||
//request.getSession().setAttribute("code", "90501");
|
||||
b = false;
|
||||
//throw new RemoteTimeoutException(REMOTE_ACCESS_CHECK);//REMOTE_ACCESS_CHECK
|
||||
//throw new BusinessException(CommonExceptionEnum.LOGIN_CHECK_TOKEN_EXPIRATION, "无效请求!");
|
||||
}
|
||||
return b;
|
||||
}
|
||||
@ -335,4 +320,5 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -1,17 +1,21 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client;
|
||||
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback.EbtpUserInfoClientFallbackFactory;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
|
||||
import org.springframework.cloud.openfeign.FeignClient;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
|
||||
/**
|
||||
* 文档中心数据服务客户端
|
||||
*
|
||||
* @author Ajaxfan
|
||||
*/
|
||||
@FeignClient(value = "core-service-ebtp-userinfo",
|
||||
fallbackFactory = EbtpUserInfoClientFallbackFactory.class)
|
||||
@FeignClient(value = "core-service-ebtp-userinfo")
|
||||
public interface EbtpUserInfoClient {
|
||||
|
||||
/**
|
||||
@ -21,4 +25,11 @@ public interface EbtpUserInfoClient {
|
||||
*/
|
||||
@PostMapping("/v1/userinfo/refresh")
|
||||
public ResponseEntity<Boolean> refreshToken();
|
||||
|
||||
/**
|
||||
* 获取配置信息
|
||||
* @return
|
||||
*/
|
||||
@GetMapping("/v1/checkToken/getCheckTokenVo")
|
||||
public BaseResponse<CheckTokenVo> getCheckTokenVo(@RequestParam("ps") String ps);
|
||||
}
|
||||
|
||||
@ -0,0 +1,24 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
@ApiModel
|
||||
public class CheckTokenVo {
|
||||
|
||||
@ApiModelProperty(value = "时限")
|
||||
private String timeLimit;
|
||||
|
||||
@ApiModelProperty(value = "开关")
|
||||
private String onof;
|
||||
|
||||
@ApiModelProperty(value = "秘钥")
|
||||
private String checkprivateKey;
|
||||
|
||||
@ApiModelProperty(value = "公钥")
|
||||
private String checkpublicKey;
|
||||
}
|
||||
@ -0,0 +1,22 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback;
|
||||
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class EbtpUserInfoClientFallback implements EbtpUserInfoClient {
|
||||
|
||||
|
||||
@Override
|
||||
public ResponseEntity<Boolean> refreshToken() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public BaseResponse<CheckTokenVo> getCheckTokenVo(String ps) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.fallback;
|
||||
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityEntity;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
|
||||
import feign.hystrix.FallbackFactory;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@ -9,10 +10,16 @@ import org.springframework.stereotype.Component;
|
||||
@Slf4j
|
||||
@Component
|
||||
public class EbtpUserInfoClientFallbackFactory implements FallbackFactory<EbtpUserInfoClient> {
|
||||
|
||||
@Override
|
||||
public EbtpUserInfoClient create(Throwable throwable) {
|
||||
log.error("EbtpUserInfoClient error : " + throwable.getMessage());
|
||||
return () -> ResponseEntity.ok(false);
|
||||
return new EbtpUserInfoClientFallback();
|
||||
}
|
||||
|
||||
// @Override
|
||||
// public EbtpUserInfoClient create(Throwable throwable) {
|
||||
// log.error("EbtpUserInfoClient error : " + throwable.getMessage());
|
||||
// return () -> ResponseEntity.ok(null);
|
||||
// }
|
||||
|
||||
}
|
||||
|
||||
@ -1,10 +1,12 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service;
|
||||
|
||||
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
|
||||
|
||||
public interface UserInfoService {
|
||||
|
||||
BaseCacheUser getUserInfo(String token);
|
||||
|
||||
|
||||
CheckTokenVo getCheckTokenByRedis();
|
||||
}
|
||||
|
||||
@ -7,8 +7,10 @@ import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClien
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.UnifastOAuthClient;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheRole;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheUser;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
|
||||
import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
|
||||
import com.chinaunicom.mall.ebtp.common.util.JsonUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -198,4 +200,20 @@ public class UserInfoServiceImpl implements UserInfoService {
|
||||
.orElseGet(() -> list);
|
||||
}
|
||||
|
||||
@Override
|
||||
public CheckTokenVo getCheckTokenByRedis(){
|
||||
Object o = redisTemplate.opsForValue().get(HEADER_CHECK_TOKEN+":ebtpRedisCheckTokenVo");
|
||||
//log.info("getCheckTokenByRedis:"+o);
|
||||
if (o != null) {
|
||||
return (CheckTokenVo)o;
|
||||
}else{
|
||||
BaseResponse<CheckTokenVo> baseResponse = ebtpClient.getCheckTokenVo("eshop@2024");
|
||||
//log.info("responseEntity:" + baseResponse);
|
||||
if (baseResponse.getData() != null) {
|
||||
//log.info("responseEntity.getBody():" + baseResponse.getData());
|
||||
redisTemplate.opsForValue().set(HEADER_CHECK_TOKEN + ":ebtpRedisCheckTokenVo", baseResponse.getData(), 30, TimeUnit.MINUTES);
|
||||
}
|
||||
return baseResponse.getData();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,6 +4,8 @@ import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.common.RSAcheck;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
|
||||
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
import lombok.Setter;
|
||||
@ -44,11 +46,12 @@ public class FeignConfig implements RequestInterceptor {
|
||||
List<String> tokenWhiteList;
|
||||
@Autowired
|
||||
private AuthAllows allows;
|
||||
@Value("${check.tokentime.checkprivateKey}")
|
||||
private String checkprivateKey;//="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc=";
|
||||
@Value("${check.tokentime.checkpublicKey}")
|
||||
private String checkpublicKey;//"MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJOzdznkEvViWv7+XV/7PfwwiqSfJDo0dWa4dV/kxffLnahmxgVposlZNkqhjwOEPZFAlsOOgqHIxNOO4MeQBa0CAwEAAQ==";
|
||||
|
||||
// @Value("${check.tokentime.checkprivateKey}")
|
||||
// private String checkprivateKey;//="MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAk7N3OeQS9WJa/v5dX/s9/DCKpJ8kOjR1Zrh1X+TF98udqGbGBWmiyVk2SqGPA4Q9kUCWw46CocjE047gx5AFrQIDAQABAkAIHG/stvCvlxImNLPOBI8X3VaPycmEhML5vCF9/aM9g1SuFa298Q5W8FqAmm8SE5lRpw2yyToWtLbufJtAa7wFAiEAxViJBkLU4wfPCwiPiAn17owXbocC9rj3fAzEH9DYDdcCIQC/mZp4ujO035Qqw2QQeFWpDc/vITx1OTWaxq6/LvvwGwIgXTZLSmzItw9aKOD7QotJ4UnES41zxetp4er5u/leA3MCIGcRw2ZEjII1b+hdOdweT75kfsId9/77apm7Xc/c/4yXAiEAnBrCiVXRNN+slO0MYaxynr4eIiPG/EjYBYxXlwBpeOc=";
|
||||
// @Value("${check.tokentime.checkpublicKey}")
|
||||
// private String checkpublicKey;//"MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJOzdznkEvViWv7+XV/7PfwwiqSfJDo0dWa4dV/kxffLnahmxgVposlZNkqhjwOEPZFAlsOOgqHIxNOO4MeQBa0CAwEAAQ==";
|
||||
@Autowired
|
||||
private UserInfoService client;
|
||||
/**
|
||||
* @param template
|
||||
*/
|
||||
@ -58,13 +61,8 @@ public class FeignConfig implements RequestInterceptor {
|
||||
log.info("--------feign url- " + template.url());
|
||||
String method = template.method();
|
||||
|
||||
try {
|
||||
//long newDateLong = System.currentTimeMillis();
|
||||
String key = RSAcheck.encrypt("isFegin", checkpublicKey);
|
||||
String key = "BCXskxKtXZdbfcA1jN1ERGF76Pkvf5tLhSW/42X1mcfjcvu5pH6TmshFeFWbC46bQoM/0ROpbNd6Xh3nj78SEA==";
|
||||
template.header("isFegin", key);
|
||||
}catch (Exception e){
|
||||
log.error("fegin加密异常");
|
||||
}
|
||||
|
||||
if (Objects.nonNull(attributes)) {
|
||||
if (isNonExistsWhiteList(template.url())) {
|
||||
|
||||
@ -6,13 +6,13 @@
|
||||
<parent>
|
||||
<groupId>com.chinaunicom.ebtp</groupId>
|
||||
<artifactId>mall-ebtp-cloud-parent</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<relativePath>../mall-ebtp-cloud-parent</relativePath>
|
||||
</parent>
|
||||
|
||||
<groupId>com.chinaunicom.mall.ebtp</groupId>
|
||||
<artifactId>uboot-core</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
<name>uboot-core</name>
|
||||
|
||||
<dependencies>
|
||||
@ -20,7 +20,7 @@
|
||||
<dependency>
|
||||
<groupId>com.chinaunicom.mall.ebtp</groupId>
|
||||
<artifactId>uboot-common</artifactId>
|
||||
<version>2.3.0-SNAPSHOT</version>
|
||||
<version>2.3.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
|
||||
Reference in New Issue
Block a user