From f37496a35162b1a5dc6e1991914a5cfe2d7c292b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=80=A1?= <jl-liuc59@chinaunicom.cn>
Date: Thu, 10 Jul 2025 10:10:46 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=BB=A3=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 uboot-common/pom.xml                          |  2 +-
 .../starter/filter/BearerTokenFilter.java     | 31 ++++++++++++++++
 .../filter/BearerTokenFilterConfig.java       | 18 ++++++++++
 .../starter/filter/BearerTokenHolder.java     | 17 +++++++++
 .../service/impl/UserInfoServiceImpl.java     | 36 ++++++++++---------
 .../impl/BaseCacheUserServiceImpl.java        | 28 +++++++++++----
 .../src/main/resources/application-common.yml |  4 +--
 7 files changed, 111 insertions(+), 25 deletions(-)
 create mode 100644 uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java
 create mode 100644 uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java
 create mode 100644 uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java

diff --git a/uboot-common/pom.xml b/uboot-common/pom.xml
index ad87de6..aeb3de6 100644
--- a/uboot-common/pom.xml
+++ b/uboot-common/pom.xml
@@ -122,7 +122,7 @@
             <artifactId>poi-ooxml-schemas</artifactId>
         </dependency>
 
-        <!--security-->
+<!--        &lt;!&ndash;security&ndash;&gt;-->
 <!--        <dependency>-->
 <!--            <groupId>org.springframework.cloud</groupId>-->
 <!--            <artifactId>spring-cloud-security</artifactId>-->
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java
new file mode 100644
index 0000000..f6f74e0
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilter.java
@@ -0,0 +1,31 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+
+public class BearerTokenFilter implements Filter {
+    private static final String AUTHORIZATION_HEADER = "Authorization";
+    private static final String BEARER_PREFIX = "Bearer ";
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        try {
+            if (request instanceof HttpServletRequest) {
+                HttpServletRequest httpRequest = (HttpServletRequest) request;
+                String authHeader = httpRequest.getHeader(AUTHORIZATION_HEADER);
+                if (authHeader != null && authHeader.startsWith(BEARER_PREFIX)) {
+                    String token = authHeader.substring(BEARER_PREFIX.length());
+                    BearerTokenHolder.setToken(token);
+                }
+            }
+            chain.doFilter(request, response);
+        } finally {
+            BearerTokenHolder.clear();
+        }
+    }
+} 
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java
new file mode 100644
index 0000000..94dca89
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenFilterConfig.java
@@ -0,0 +1,18 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class BearerTokenFilterConfig {
+    @Bean
+    public FilterRegistrationBean<BearerTokenFilter> bearerTokenFilterRegistration() {
+        FilterRegistrationBean<BearerTokenFilter> registration = new FilterRegistrationBean<>();
+        registration.setFilter(new BearerTokenFilter());
+        registration.addUrlPatterns("/*");
+        registration.setName("bearerTokenFilter");
+        registration.setOrder(-100); // 优先级高于 Spring Security
+        return registration;
+    }
+} 
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java
new file mode 100644
index 0000000..4f36ada
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/BearerTokenHolder.java
@@ -0,0 +1,17 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+public class BearerTokenHolder {
+    private static final ThreadLocal<String> TOKEN_HOLDER = new ThreadLocal<>();
+
+    public static void setToken(String token) {
+        TOKEN_HOLDER.set(token);
+    }
+
+    public static String getToken() {
+        return TOKEN_HOLDER.get();
+    }
+
+    public static void clear() {
+        TOKEN_HOLDER.remove();
+    }
+} 
\ No newline at end of file
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
index 43fd794..3a99a48 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
@@ -1,31 +1,35 @@
 
 package com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.impl;
 
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.HEADER_CHECK_TOKEN;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REDIS_USER_KEY;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REMOTE_ACCESS_FAILURE;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.TOKEN_PREFIX;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.remoting.RemoteTimeoutException;
+import org.springframework.stereotype.Service;
+
 import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthorityEntity;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityEntity;
 import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
 import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.UnifastOAuthClient;
-import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheRole;
-import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CacheUser;
 import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
 import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
 import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
 import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
-import com.chinaunicom.mall.ebtp.common.util.JsonUtils;
+
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.http.ResponseEntity;
-import org.springframework.remoting.RemoteTimeoutException;
-import org.springframework.stereotype.Service;
-
-import java.util.*;
-import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
-
-import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.*;
 
 @Slf4j
 @Service
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
index 7d0ef14..4c50b6a 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
@@ -4,8 +4,13 @@ import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
 import com.chinaunicom.mall.ebtp.common.base.service.IBaseCacheUserService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.BearerTokenHolder;
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REDIS_USER_KEY;
 
 /**
  * 缓存用户service实现层 获取缓存用户信息
@@ -18,18 +23,29 @@ import org.springframework.stereotype.Service;
 @Slf4j
 public class BaseCacheUserServiceImpl implements IBaseCacheUserService {
 
+    @Autowired
+    @Qualifier("userinfoRedisTemplate")
+    private RedisTemplate<String, Object> redisTemplate;
 
     @Override
     public BaseCacheUser getCacheUser() {
-        BaseCacheUser buser = new BaseCacheUser();
         try {
-            BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
+            String token = BearerTokenHolder.getToken();
+            if (token == null || token.isEmpty()) {
+                log.warn("未获取到token");
+                return null;
+            }
+            Object o = redisTemplate.opsForValue().get(REDIS_USER_KEY + token);
+            if (o instanceof BaseCacheUser) {
+                return (BaseCacheUser) o;
+            } else {
+                log.warn("redis中未找到用户信息，token:{}", token);
+                return null;
+            }
         } catch (Exception e) {
-            log.error(e.getMessage());
+            log.error("获取缓存用户信息异常", e);
+            return null;
         }
-        log.debug("Current user principal: " + buser);
-
-        return buser;
     }
 
 }
diff --git a/uboot-common/src/main/resources/application-common.yml b/uboot-common/src/main/resources/application-common.yml
index 36cab29..fa6c82a 100644
--- a/uboot-common/src/main/resources/application-common.yml
+++ b/uboot-common/src/main/resources/application-common.yml
@@ -83,7 +83,7 @@ spring:
     password: Unicom#135
 
 # 天宫Eureka配置
-eureka:asdf
+eureka:
   client:
     service-url:
       defaultZone: http://10.242.37.148:5001/eureka
@@ -154,4 +154,4 @@ management:
 http:
   rsa:
     publicKey: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNR+qWwx1SFELNYCk3vqqQ9wAgr7il6/yRPnwk/Vq+7UAlUyOrlTb9ZAKAxJE7OjoqQHpPJkXYypqlNkkpYrRHKc3lTeSXFL1AOU6idtidTC1W7STwNNYJ1RtFA7qqVd4C/+pbU0GHZ2OMsMbFr+b40pienLBg0FGGGCoRVbOSxwIDAQAB
-    privateKey: MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM1H6pbDHVIUQs1gKTe+qpD3ACCvuKXr/JE+fCT9Wr7tQCVTI6uVNv1kAoDEkTs6OipAek8mRdjKmqU2SSlitEcpzeVN5JcUvUA5TqJ22J1MLVbtJPA01gnVG0UDuqpV3gL/6ltTQYdnY4ywxsWv5vjSmJ6csGDQUYYYKhFVs5LHAgMBAAECgYBJsk/d4B5eoTd6U9N4V9MUSBibo3o+1wHNgwk+nlY9xR8KR1a++srLHWRopikdgkHveUZvs+XPdq0eMucBHJZrcVT9ZT4ehPmCyRZzILjKqZugP5MpTj1CtM5SfQtxsfuJmM5LYvVX2lmYQw2k+MyWNfyrVfH6HVvu19l1sBqpAQJBAOW2LlqTACRPD3+IOFrHlRQvuUrLq38eRFZCRte2UEq0fMv8VKlgwZdMynD40LwAeO0Cz9huQkNFx4WGxOXthnECQQDkxf43WY6MltfTATYQy4h/TKHznKG+9dMNVFf3SkNECGh5IcW21v44s5X6zOl6zbPVtiySq/c2t9/IbbSc2/i3AkAa3q6ZZayUkrLrZhHBfKsRi2uPNje/TNkNhf8naGoH8wjOC5wTm//JJPBhOpmgBCYhAz0wweT6XYUzN0p84sXhAkEAh7ak7nTkSaaadgQ77I6xdMMjN/9tPHlcMIYegQa/DLboMyPDxImZ2k0+5b91qnIpAtjFbGUzjHRb/uyFvqAH1QJBAJsS6/GhMoCDyPdGQAMA+KylB1s6o8sowLx92q6oBs03idtvFxAocIej1m1UuCW+EpT+ZoFwOn+sdCm5VKfVoLQ=
\ No newline at end of file
+    privateKey: MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM1H6pbDHVIUQs1gKTe+qpD3ACCvuKXr/JE+fCT9Wr7tQCVTI6uVNv1kAoDEkTs6OipAek8mRdjKmqU2SSlitEcpzeVN5JcUvUA5TqJ22J1MLVbtJPA01gnVG0UDuqpV3gL/6ltTQYdnY4ywxsWv5vjSmJ6csGDQUYYYKhFVs5LHAgMBAAECgYBJsk/d4B5eoTd6U9N4V9MUSBibo3o+1wHNgwk+nlY9xR8KR1a++srLHWRopikdgkHveUZvs+XPdq0eMucBHJZrcVT9ZT4ehPmCyRZzILjKqZugP5MpTj1CtM5SfQtxsfuJmM5LYvVX2lmYQw2k+MyWNfyrVfH6HVvu19l1sBqpAQJBAOW2LlqTACRPD3+IOFrHlRQvuUrLq38eRFZCRte2UEq0fMv8VKlgwZdMynD40LwAeO0Cz9huQkNFx4WGxOXthnECQQDkxf43WY6MltfTATYQy4h/TKHznKG+9dMNVFf3SkNECGh5IcW21v44s5X6zOl6zbPVtiySq/c2t9/IbbSc2/i3AkAa3q6ZZayUkrLrZhHBfKsRi2uPNje/TNkNhf8naGoH8wjOC5wTm//JJPBhOpmgBCYhAz0wweT6XYUzN0p84sXhAkEAh7ak7nTkSaaadgQ77I6xdMMjN/9tPHlcMIYegQa/DLboMyPDxImZ2k0+5b91qnIpAtjFbGUzjHRb/uyFvqAH1QJBAJsS6/GhMoCDyPdGQAMA+KylB1s6o8sowLx92q6oBs03idtvFxAocIej1m1UuCW+EpT+ZoFwOn+sdCm5VKfVoLQ=