lyfO_o
2022-07-04 9f62720587d7efc656f33c4301c6b5d897e60703
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -9,6 +9,8 @@
import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
import com.gkhy.safePlatform.commons.enums.ResultCodes;
import com.gkhy.safePlatform.commons.exception.BusinessException;
import com.gkhy.safePlatform.commons.utils.RPCUtils;
import com.gkhy.safePlatform.commons.utils.RedisUtils;
import com.gkhy.safePlatform.commons.utils.StringUtils;
import com.gkhy.safePlatform.commons.vo.ResultVO;
import org.apache.dubbo.config.annotation.DubboReference;
@@ -39,6 +41,8 @@
    private TokenConfig tokenConfig;
    @DubboReference(check = false)
    private AccountAuthService userAccountService;
    @Autowired
    private RedisUtils redisUtils;
@@ -55,7 +59,7 @@
            chain.doFilter(req, resp);
        } catch (BusinessException e) {
            // 返回异常
            this.writeJSON(req, resp, new ResultVO<>(e.getError()));
            this.writeJSON(req, resp, new ResultVO<>(e.getCode(),e.getMessage()));
        }
    }
@@ -75,14 +79,14 @@
            // 这里是验证获取权限信息
            // 1.从redis中获取对应该用户的权限信息
            String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
            String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
            Object o = redisUtils.get(accessTokenKey);
            // 2.token是否存在
            if (o == null) {
                // 是否存在
                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
            }else{
                Long userId = Long.valueOf(loginUserId);
                CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
                CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
                assert userId.equals(cacheUser.getUserId());
                if ( !authToken.equals(cacheUser.getAccessToken())) {
                    throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
@@ -90,23 +94,51 @@
                // 3.redis获取权限
                String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
                String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
                Object oo = redisUtils.get(authoritiesKey);
                List<GrantedAuthority> authorities = new ArrayList<>();
                // 4.redis中是否存在
                if (oo != null) {
                    // 5.存在
                    List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo, CacheAuthority.class);
                    List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo.toString(), CacheAuthority.class);
                    for (CacheAuthority cacheAuthority: cacheAuthorities) {
                        authorities.add(new SimpleGrantedAuthority(cacheAuthority.getAuthority()));
                    }
                }else {
                    // 6.不存在=>数据库查询
                    String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
                    ResultVO<String> rpcResultRole = userAccountService.getUserRoleCodeByUserId(userId);
                    if (rpcResultRole == null) {
                        throw new BusinessException(ResultCodes.RPC_RESULT_NULL);
                    }
                    if (!ResultCodes.OK.getCode().equals(rpcResultRole.getCode())) {
                        throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg());
                    }
                    if (rpcResultRole.getData() == null) {
                        throw new BusinessException(ResultCodes.RPC_DATA_NULL);
                    }
                    if (!(rpcResultRole.getData() instanceof String)) {
                        throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH);
                    }
                    // role
                    authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));
                    authorities.add(new SimpleGrantedAuthority("ROLE_" + rpcResultRole.getData().toString()));
                    // permission
                    List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
                    ResultVO<List<String>> rpcResultPermission = userAccountService.getUserPermissionByUserId(userId);
                    if (rpcResultPermission == null) {
                        throw new BusinessException(ResultCodes.RPC_RESULT_NULL);
                    }
                    if (!ResultCodes.OK.getCode().equals(rpcResultPermission.getCode())) {
                        throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg());
                    }
                    if (rpcResultPermission.getData() == null) {
                        throw new BusinessException(ResultCodes.RPC_DATA_NULL);
                    }
                    if (!(rpcResultPermission.getData() instanceof List)) {
                        throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH);
                    }
                    List<String> permissions = RPCUtils.castList(rpcResultPermission.getData(), String.class);
                    for (String permission : permissions) {
                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
                        authorities.add(simpleGrantedAuthority);