diff --git a/uboot-common/pom.xml b/uboot-common/pom.xml
index ad87de6..aeb3de6 100644
--- a/uboot-common/pom.xml
+++ b/uboot-common/pom.xml
@@ -122,7 +122,7 @@
poi-ooxml-schemas
-
+
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java
new file mode 100644
index 0000000..f6f74e0
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java
@@ -0,0 +1,31 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+
+public class BearerTokenFilter implements Filter {
+ private static final String AUTHORIZATION_HEADER = "Authorization";
+ private static final String BEARER_PREFIX = "Bearer ";
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ try {
+ if (request instanceof HttpServletRequest) {
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ String authHeader = httpRequest.getHeader(AUTHORIZATION_HEADER);
+ if (authHeader != null && authHeader.startsWith(BEARER_PREFIX)) {
+ String token = authHeader.substring(BEARER_PREFIX.length());
+ BearerTokenHolder.setToken(token);
+ }
+ }
+ chain.doFilter(request, response);
+ } finally {
+ BearerTokenHolder.clear();
+ }
+ }
+}
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java
new file mode 100644
index 0000000..94dca89
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java
@@ -0,0 +1,18 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class BearerTokenFilterConfig {
+ @Bean
+ public FilterRegistrationBean bearerTokenFilterRegistration() {
+ FilterRegistrationBean registration = new FilterRegistrationBean<>();
+ registration.setFilter(new BearerTokenFilter());
+ registration.addUrlPatterns("/*");
+ registration.setName("bearerTokenFilter");
+ registration.setOrder(-100); // 优先级高于 Spring Security
+ return registration;
+ }
+}
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java
new file mode 100644
index 0000000..4f36ada
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java
@@ -0,0 +1,17 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+public class BearerTokenHolder {
+ private static final ThreadLocal TOKEN_HOLDER = new ThreadLocal<>();
+
+ public static void setToken(String token) {
+ TOKEN_HOLDER.set(token);
+ }
+
+ public static String getToken() {
+ return TOKEN_HOLDER.get();
+ }
+
+ public static void clear() {
+ TOKEN_HOLDER.remove();
+ }
+}
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
index 43fd794..3a99a48 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
@@ -1,31 +1,35 @@
package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.impl;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.HEADER_CHECK_TOKEN;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REDIS_USER_KEY;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REMOTE_ACCESS_FAILURE;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.TOKEN_PREFIX;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.remoting.RemoteTimeoutException;
+import org.springframework.stereotype.Service;
+
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthorityEntity;
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityEntity;
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.UnifastOAuthClient;
-import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheRole;
-import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheUser;
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
-import com.chinaunicom.mall.ebtp.common.util.JsonUtils;
+
import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.http.ResponseEntity;
-import org.springframework.remoting.RemoteTimeoutException;
-import org.springframework.stereotype.Service;
-
-import java.util.*;
-import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
-
-import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.*;
@Slf4j
@Service
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
index 7d0ef14..4c50b6a 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
@@ -4,8 +4,13 @@ import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
import com.chinaunicom.mall.ebtp.common.base.service.IBaseCacheUserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.BearerTokenHolder;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REDIS_USER_KEY;
/**
* 缓存用户service实现层 获取缓存用户信息
@@ -18,18 +23,29 @@ import org.springframework.stereotype.Service;
@Slf4j
public class BaseCacheUserServiceImpl implements IBaseCacheUserService {
+ @Autowired
+ @Qualifier("userinfoRedisTemplate")
+ private RedisTemplate redisTemplate;
@Override
public BaseCacheUser getCacheUser() {
- BaseCacheUser buser = new BaseCacheUser();
try {
- BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
+ String token = BearerTokenHolder.getToken();
+ if (token == null || token.isEmpty()) {
+ log.warn("未获取到token");
+ return null;
+ }
+ Object o = redisTemplate.opsForValue().get(REDIS_USER_KEY + token);
+ if (o instanceof BaseCacheUser) {
+ return (BaseCacheUser) o;
+ } else {
+ log.warn("redis中未找到用户信息,token:{}", token);
+ return null;
+ }
} catch (Exception e) {
- log.error(e.getMessage());
+ log.error("获取缓存用户信息异常", e);
+ return null;
}
- log.debug("Current user principal: " + buser);
-
- return buser;
}
}
diff --git a/uboot-common/src/main/resources/application-common.yml b/uboot-common/src/main/resources/application-common.yml
index 36cab29..fa6c82a 100644
--- a/uboot-common/src/main/resources/application-common.yml
+++ b/uboot-common/src/main/resources/application-common.yml
@@ -83,7 +83,7 @@ spring:
password: Unicom#135
# 天宫Eureka配置
-eureka:asdf
+eureka:
client:
service-url:
defaultZone: http://10.242.37.148:5001/eureka
@@ -154,4 +154,4 @@ management:
http:
rsa:
publicKey: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNR+qWwx1SFELNYCk3vqqQ9wAgr7il6/yRPnwk/Vq+7UAlUyOrlTb9ZAKAxJE7OjoqQHpPJkXYypqlNkkpYrRHKc3lTeSXFL1AOU6idtidTC1W7STwNNYJ1RtFA7qqVd4C/+pbU0GHZ2OMsMbFr+b40pienLBg0FGGGCoRVbOSxwIDAQAB
- privateKey: MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM1H6pbDHVIUQs1gKTe+qpD3ACCvuKXr/JE+fCT9Wr7tQCVTI6uVNv1kAoDEkTs6OipAek8mRdjKmqU2SSlitEcpzeVN5JcUvUA5TqJ22J1MLVbtJPA01gnVG0UDuqpV3gL/6ltTQYdnY4ywxsWv5vjSmJ6csGDQUYYYKhFVs5LHAgMBAAECgYBJsk/d4B5eoTd6U9N4V9MUSBibo3o+1wHNgwk+nlY9xR8KR1a++srLHWRopikdgkHveUZvs+XPdq0eMucBHJZrcVT9ZT4ehPmCyRZzILjKqZugP5MpTj1CtM5SfQtxsfuJmM5LYvVX2lmYQw2k+MyWNfyrVfH6HVvu19l1sBqpAQJBAOW2LlqTACRPD3+IOFrHlRQvuUrLq38eRFZCRte2UEq0fMv8VKlgwZdMynD40LwAeO0Cz9huQkNFx4WGxOXthnECQQDkxf43WY6MltfTATYQy4h/TKHznKG+9dMNVFf3SkNECGh5IcW21v44s5X6zOl6zbPVtiySq/c2t9/IbbSc2/i3AkAa3q6ZZayUkrLrZhHBfKsRi2uPNje/TNkNhf8naGoH8wjOC5wTm//JJPBhOpmgBCYhAz0wweT6XYUzN0p84sXhAkEAh7ak7nTkSaaadgQ77I6xdMMjN/9tPHlcMIYegQa/DLboMyPDxImZ2k0+5b91qnIpAtjFbGUzjHRb/uyFvqAH1QJBAJsS6/GhMoCDyPdGQAMA+KylB1s6o8sowLx92q6oBs03idtvFxAocIej1m1UuCW+EpT+ZoFwOn+sdCm5VKfVoLQ=
\ No newline at end of file
+ privateKey: MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM1H6pbDHVIUQs1gKTe+qpD3ACCvuKXr/JE+fCT9Wr7tQCVTI6uVNv1kAoDEkTs6OipAek8mRdjKmqU2SSlitEcpzeVN5JcUvUA5TqJ22J1MLVbtJPA01gnVG0UDuqpV3gL/6ltTQYdnY4ywxsWv5vjSmJ6csGDQUYYYKhFVs5LHAgMBAAECgYBJsk/d4B5eoTd6U9N4V9MUSBibo3o+1wHNgwk+nlY9xR8KR1a++srLHWRopikdgkHveUZvs+XPdq0eMucBHJZrcVT9ZT4ehPmCyRZzILjKqZugP5MpTj1CtM5SfQtxsfuJmM5LYvVX2lmYQw2k+MyWNfyrVfH6HVvu19l1sBqpAQJBAOW2LlqTACRPD3+IOFrHlRQvuUrLq38eRFZCRte2UEq0fMv8VKlgwZdMynD40LwAeO0Cz9huQkNFx4WGxOXthnECQQDkxf43WY6MltfTATYQy4h/TKHznKG+9dMNVFf3SkNECGh5IcW21v44s5X6zOl6zbPVtiySq/c2t9/IbbSc2/i3AkAa3q6ZZayUkrLrZhHBfKsRi2uPNje/TNkNhf8naGoH8wjOC5wTm//JJPBhOpmgBCYhAz0wweT6XYUzN0p84sXhAkEAh7ak7nTkSaaadgQ77I6xdMMjN/9tPHlcMIYegQa/DLboMyPDxImZ2k0+5b91qnIpAtjFbGUzjHRb/uyFvqAH1QJBAJsS6/GhMoCDyPdGQAMA+KylB1s6o8sowLx92q6oBs03idtvFxAocIej1m1UuCW+EpT+ZoFwOn+sdCm5VKfVoLQ=