| | |
|---|
| | | import com.gkhy.safePlatform.commons.enums.RedisKeyEnum; |
|---|
| | | import com.gkhy.safePlatform.commons.enums.ResultCodes; |
|---|
| | | import com.gkhy.safePlatform.commons.exception.BusinessException; |
|---|
| | | import com.gkhy.safePlatform.commons.utils.RPCUtils; |
|---|
| | | import com.gkhy.safePlatform.commons.utils.RedisUtils; |
|---|
| | | import com.gkhy.safePlatform.commons.utils.StringUtils; |
|---|
| | | import com.gkhy.safePlatform.commons.vo.ResultVO; |
|---|
| | | import org.apache.dubbo.config.annotation.DubboReference; |
|---|
| | |
|---|
| | | private TokenConfig tokenConfig; |
|---|
| | | @DubboReference(check = false) |
|---|
| | | private AccountAuthService userAccountService; |
|---|
| | | @Autowired |
|---|
| | | private RedisUtils redisUtils; |
|---|
| | | |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | chain.doFilter(req, resp); |
|---|
| | | } catch (BusinessException e) { |
|---|
| | | // 返回异常 |
|---|
| | | this.writeJSON(req, resp, new ResultVO<>(e.getError())); |
|---|
| | | this.writeJSON(req, resp, new ResultVO<>(e.getCode(),e.getMessage())); |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
| | |
|---|
| | | // 这里是验证获取权限信息 |
|---|
| | | // 1.从redis中获取对应该用户的权限信息 |
|---|
| | | String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId); |
|---|
| | | String o = userAccountService.getValueByKeyFromRedis(accessTokenKey); |
|---|
| | | Object o = redisUtils.get(accessTokenKey); |
|---|
| | | // 2.token是否存在 |
|---|
| | | if (o == null) { |
|---|
| | | // 是否存在 |
|---|
| | | throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID); |
|---|
| | | throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID); |
|---|
| | | }else{ |
|---|
| | | Long userId = Long.valueOf(loginUserId); |
|---|
| | | CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class); |
|---|
| | | CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class); |
|---|
| | | assert userId.equals(cacheUser.getUserId()); |
|---|
| | | if ( !authToken.equals(cacheUser.getAccessToken())) { |
|---|
| | | throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID); |
|---|
| | |
|---|
| | | |
|---|
| | | // 3.redis获取权限 |
|---|
| | | String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId); |
|---|
| | | String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey); |
|---|
| | | Object oo = redisUtils.get(authoritiesKey); |
|---|
| | | List<GrantedAuthority> authorities = new ArrayList<>(); |
|---|
| | | // 4.redis中是否存在 |
|---|
| | | if (oo != null) { |
|---|
| | | // 5.存在 |
|---|
| | | List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo, CacheAuthority.class); |
|---|
| | | List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo.toString(), CacheAuthority.class); |
|---|
| | | for (CacheAuthority cacheAuthority: cacheAuthorities) { |
|---|
| | | authorities.add(new SimpleGrantedAuthority(cacheAuthority.getAuthority())); |
|---|
| | | } |
|---|
| | | }else { |
|---|
| | | // 6.不存在=>数据库查询 |
|---|
| | | String roleCode = userAccountService.getUserRoleCodeByUserId(userId); |
|---|
| | | ResultVO<String> rpcResultRole = userAccountService.getUserRoleCodeByUserId(userId); |
|---|
| | | |
|---|
| | | if (rpcResultRole == null) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_RESULT_NULL); |
|---|
| | | } |
|---|
| | | if (!ResultCodes.OK.getCode().equals(rpcResultRole.getCode())) { |
|---|
| | | throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg()); |
|---|
| | | } |
|---|
| | | if (rpcResultRole.getData() == null) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_DATA_NULL); |
|---|
| | | } |
|---|
| | | if (!(rpcResultRole.getData() instanceof String)) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH); |
|---|
| | | } |
|---|
| | | // role |
|---|
| | | authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode)); |
|---|
| | | authorities.add(new SimpleGrantedAuthority("ROLE_" + rpcResultRole.getData().toString())); |
|---|
| | | |
|---|
| | | // permission |
|---|
| | | List<String> permissions = userAccountService.getUserPermissionByUserId(userId); |
|---|
| | | ResultVO<List<String>> rpcResultPermission = userAccountService.getUserPermissionByUserId(userId); |
|---|
| | | |
|---|
| | | if (rpcResultPermission == null) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_RESULT_NULL); |
|---|
| | | } |
|---|
| | | if (!ResultCodes.OK.getCode().equals(rpcResultPermission.getCode())) { |
|---|
| | | throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg()); |
|---|
| | | } |
|---|
| | | if (rpcResultPermission.getData() == null) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_DATA_NULL); |
|---|
| | | } |
|---|
| | | if (!(rpcResultPermission.getData() instanceof List)) { |
|---|
| | | throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH); |
|---|
| | | } |
|---|
| | | |
|---|
| | | List<String> permissions = RPCUtils.castList(rpcResultPermission.getData(), String.class); |
|---|
| | | for (String permission : permissions) { |
|---|
| | | SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission); |
|---|
| | | authorities.add(simpleGrantedAuthority); |
|---|
