From 43105be63e02a447916c56d1b9707e02f7fa4d62 Mon Sep 17 00:00:00 2001
From: songhuangfeng123 <shf18767906695@163.com>
Date: 星期二, 05 七月 2022 09:10:53 +0800
Subject: [PATCH] Merge branches 'genchuang' and 'master' of https://sinanoaq.cn:8888/r/safePlatform-out into genchuang
---
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java | 66 ++++++++++++++++++++++++--------
1 files changed, 49 insertions(+), 17 deletions(-)
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
index 874b46f..46b5c97 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -2,11 +2,15 @@
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
-import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
+import com.gkhy.safePlatform.account.rpc.apimodel.AccountAuthService;
+import com.gkhy.safePlatform.account.rpc.apimodel.AccountAuthService;
+import com.gkhy.safePlatform.commons.co.CacheAuthority;
import com.gkhy.safePlatform.commons.co.CacheUser;
import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
import com.gkhy.safePlatform.commons.enums.ResultCodes;
import com.gkhy.safePlatform.commons.exception.BusinessException;
+import com.gkhy.safePlatform.commons.utils.RPCUtils;
+import com.gkhy.safePlatform.commons.utils.RedisUtils;
import com.gkhy.safePlatform.commons.utils.StringUtils;
import com.gkhy.safePlatform.commons.vo.ResultVO;
import org.apache.dubbo.config.annotation.DubboReference;
@@ -36,7 +40,9 @@
@Autowired
private TokenConfig tokenConfig;
@DubboReference(check = false)
- private UserAccountService userAccountService;
+ private AccountAuthService userAccountService;
+ @Autowired
+ private RedisUtils redisUtils;
@@ -53,12 +59,8 @@
chain.doFilter(req, resp);
} catch (BusinessException e) {
// 返回异常
- this.writeJSON(req, resp, new ResultVO<>(e.getError()));
- } catch (Exception e) {
- e.printStackTrace();
- this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
+ this.writeJSON(req, resp, new ResultVO<>(e.getCode(),e.getMessage()));
}
-
}
@@ -77,14 +79,14 @@
// 这里是验证获取权限信息
// 1.从redis中获取对应该用户的权限信息
String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
- String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
+ Object o = redisUtils.get(accessTokenKey);
// 2.token是否存在
if (o == null) {
// 是否存在
- throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
+ throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
}else{
Long userId = Long.valueOf(loginUserId);
- CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
+ CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
assert userId.equals(cacheUser.getUserId());
if ( !authToken.equals(cacheUser.getAccessToken())) {
throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
@@ -92,21 +94,51 @@
// 3.redis获取权限
String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
- String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
- List<GrantedAuthority> authorities;
+ Object oo = redisUtils.get(authoritiesKey);
+ List<GrantedAuthority> authorities = new ArrayList<>();
// 4.redis中是否存在
if (oo != null) {
// 5.存在
- authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
+ List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo.toString(), CacheAuthority.class);
+ for (CacheAuthority cacheAuthority: cacheAuthorities) {
+ authorities.add(new SimpleGrantedAuthority(cacheAuthority.getAuthority()));
+ }
}else {
- authorities = new ArrayList<>();
// 6.不存在=>数据库查询
- String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
+ ResultVO<String> rpcResultRole = userAccountService.getUserRoleCodeByUserId(userId);
+
+ if (rpcResultRole == null) {
+ throw new BusinessException(ResultCodes.RPC_RESULT_NULL);
+ }
+ if (!ResultCodes.OK.getCode().equals(rpcResultRole.getCode())) {
+ throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg());
+ }
+ if (rpcResultRole.getData() == null) {
+ throw new BusinessException(ResultCodes.RPC_DATA_NULL);
+ }
+ if (!(rpcResultRole.getData() instanceof String)) {
+ throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH);
+ }
// role
- authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));
+ authorities.add(new SimpleGrantedAuthority("ROLE_" + rpcResultRole.getData().toString()));
// permission
- List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
+ ResultVO<List<String>> rpcResultPermission = userAccountService.getUserPermissionByUserId(userId);
+
+ if (rpcResultPermission == null) {
+ throw new BusinessException(ResultCodes.RPC_RESULT_NULL);
+ }
+ if (!ResultCodes.OK.getCode().equals(rpcResultPermission.getCode())) {
+ throw new BusinessException(rpcResultRole.getCode(), rpcResultRole.getMsg());
+ }
+ if (rpcResultPermission.getData() == null) {
+ throw new BusinessException(ResultCodes.RPC_DATA_NULL);
+ }
+ if (!(rpcResultPermission.getData() instanceof List)) {
+ throw new BusinessException(ResultCodes.RPC_DATA_TYPE_NOT_MATCH);
+ }
+
+ List<String> permissions = RPCUtils.castList(rpcResultPermission.getData(), String.class);
for (String permission : permissions) {
SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
authorities.add(simpleGrantedAuthority);
--
Gitblit v1.9.2