增加山东用户中心token接口的引用

2020-12-30 15:10:34 +08:00
parent 4c41e73ab1
commit e821e2b0ad
7 changed files with 142 additions and 8 deletions
--- a/mall-ebtp-cloud-security-starter/pom.xml
+++ b/mall-ebtp-cloud-security-starter/pom.xml
@ -4,33 +4,31 @@
 	xmlns="http://maven.apache.org/POM/4.0.0"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 	<modelVersion>4.0.0</modelVersion>
+
 	<parent>
 		<groupId>com.chinaunicom.ebtp</groupId>
 		<artifactId>mall-ebtp-cloud-parent</artifactId>
 		<version>0.0.1</version>
 		<relativePath>../mall-ebtp-cloud-parent</relativePath>
 	</parent>
+
 	<groupId>com.chinaunicom.ebtp</groupId>
 	<artifactId>mall-ebtp-cloud-security-starter</artifactId>
 	<version>0.0.1</version>
 	<name>mall-ebtp-cloud-security-starter</name>

 	<dependencies>
-		<dependency>
-			<groupId>cn.chinaunicom.sdsi</groupId>
-			<artifactId>unifast-security</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.springframework.cloud</groupId>
 			<artifactId>spring-cloud-security</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.cloud</groupId>
-			<artifactId>spring-cloud-starter-oauth2</artifactId>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.security.oauth</groupId>
-			<artifactId>spring-security-oauth2</artifactId>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-lang3</artifactId>
 		</dependency>
 	</dependencies>
 </project>
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
@ -1,10 +1,17 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter;

+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.web.client.RestTemplate;

@Configuration
@PropertySource("classpath:security-configuration.properties")
 public class SecurityStarterConfiguration {

+	@Bean
+	public RestTemplate restTemplate() {
+		return new RestTemplate();
+	}
+
 }
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
@ -0,0 +1,11 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.common;
+
+/**
+ * @author Ajaxfan
+ */
+public interface Constants {
+
+	public static final String AUTHORIZATION_HEADER = "Authorization";
+	public static final String TOKEN_PREFIX = "Bearer ";
+	
+}
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java
@ -0,0 +1,37 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.TokenAuthenticationFilter;
+
+/**
+ * 安全设置
+ * 
+ * @author Ajaxfan
+ */
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true, securedEnabled = true)
+public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {
+
+	@Bean
+	public TokenAuthenticationFilter authenticationTokenFilterBean() {
+		return new TokenAuthenticationFilter();
+	}
+
+	/**
+	 * 向Filter链中插入自定义TokenFilter
+	 * 
+	 * @param http
+	 * @throws Exception
+	 */
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
+	}
+
+}
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@ -0,0 +1,76 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.RegExUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants;
+
+/**
+ * 请求Token拦截
+ * 
+ * @author Ajaxfan
+ */
+public class TokenAuthenticationFilter extends OncePerRequestFilter {
+
+	private @Autowired RestTemplate restTemplate;
+	private @Value("${user.auth.resource.token-info-uri}") String token_uri;
+
+	/**
+	 * @param request
+	 * @param response
+	 * @param filterChain
+	 * @throws ServletException
+	 * @throws IOException
+	 */
+	@Override
+	protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response,
+			final FilterChain filterChain) throws ServletException, IOException {
+		// 提取request头信息
+		final String header = request.getHeader(Constants.AUTHORIZATION_HEADER);
+
+		// 检查请求头是否包含 Bearer 前缀
+		if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) {
+			// 提取 token 信息
+			String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");
+
+			// 通过token读取用户信息
+			SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken));
+		}
+		filterChain.doFilter(request, response);
+	}
+
+	/**
+	 * @param token
+	 * @return
+	 */
+	private Authentication getAuthentication(String token) {
+		ResponseEntity<Map> entity = restTemplate.getForEntity(createRequestUri(token), Map.class);
+		
+		return new UsernamePasswordAuthenticationToken(entity.getBody(), token);
+	}
+
+	/**
+	 * @param token
+	 * @return
+	 */
+	private String createRequestUri(String token) {
+		return new StringBuilder(token_uri).append("?token=").append(token).toString();
+	}
+
+}
--- a/mall-ebtp-cloud-security-starter/src/main/resources/META-INF/spring.factories
+++ b/mall-ebtp-cloud-security-starter/src/main/resources/META-INF/spring.factories
@ -0,0 +1,4 @@
+# AutoConfiguration
+org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
+com.chinaunicom.mall.ebtp.cloud.security.starter.SecurityStarterConfiguration,\
+com.chinaunicom.mall.ebtp.cloud.security.starter.config.BrowserSecurityConfig
--- a/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
+++ b/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
@ -0,0 +1 @@
+user.auth.resource.token-info-uri=http://125.32.114.204:18091/oauth/check_token
				`@ -0,0 +1 @@`
				`user.auth.resource.token-info-uri=http://125.32.114.204:18091/oauth/check_token`