//package com.gkhy.safePlatform.config.security; // //import com.alibaba.fastjson.JSONArray; //import com.alibaba.fastjson.JSONObject; //import com.gkhy.safePlatform.account.model.cache.CacheUser; //import com.gkhy.safePlatform.account.rpc.apimodel.NameService; //import com.gkhy.safePlatform.commons.config.token.TokenConfig; //import com.gkhy.safePlatform.commons.enums.RedisKeyEnum; //import com.gkhy.safePlatform.commons.enums.ResultCodes; //import com.gkhy.safePlatform.commons.exception.BusinessException; //import com.gkhy.safePlatform.commons.utils.RedisUtils; //import com.gkhy.safePlatform.commons.utils.StringUtils; //import com.gkhy.safePlatform.commons.vo.ResultVO; //import org.apache.dubbo.config.annotation.DubboReference; //import org.springframework.beans.factory.annotation.Autowired; //import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; //import org.springframework.security.core.GrantedAuthority; //import org.springframework.security.core.authority.SimpleGrantedAuthority; //import org.springframework.security.core.context.SecurityContextHolder; //import org.springframework.stereotype.Component; //import org.springframework.web.filter.OncePerRequestFilter; // //import javax.servlet.FilterChain; //import javax.servlet.ServletException; //import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletResponse; //import java.io.IOException; //import java.io.PrintWriter; //import java.util.ArrayList; //import java.util.List; // ///** //* @Description: token登录过滤器 //*/ //@Component //public class TokenAuthenticationFilter extends OncePerRequestFilter { // // @Autowired // private TokenConfig tokenConfig; // @Autowired // private RedisUtils redisUtil; // @DubboReference(check = false) // private NameService nameService; // // // // @Override // protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException { // // try { // //获取当前认证成功用户权限信息 // UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp); // if (authRequest != null) { // SecurityContextHolder.getContext().setAuthentication(authRequest); // } // // 执行下一个 filter 过滤器链 // chain.doFilter(req, resp); // } catch (BusinessException e) { // // 返回异常 // this.writeJSON(req, resp, new ResultVO<>(e.getError())); // } catch (Exception e) { // e.printStackTrace(); // this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR)); // } // // // } // // // private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) { // // header获取token // String authToken = req.getHeader(tokenConfig.getHeader()); // String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader()); // // if(authToken != null) { // // header 传入 userId // if (StringUtils.isBlank(loginUserId)) { // throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK); // } // // 登录成功时,会将权限数据存入redis // // 这里是验证获取权限信息 // // 1.从redis中获取对应该用户的权限信息 // String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId); // Object o = redisUtil.get(accessTokenKey); // // 2.token是否存在 // if (o == null) { // // 是否存在 // throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID); // }else{ // Long userId = Long.valueOf(loginUserId); // CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class); // assert userId.equals(cacheUser.getUserId()); // if ( !authToken.equals(cacheUser.getAccessToken())) { // throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID); // } // // // 3.redis获取权限 // String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId); // Object oo = redisUtil.get(authoritiesKey); // List authorities; // // 4.redis中是否存在 // if (oo != null) { // // 5.存在 // String json = oo.toString(); // authorities = JSONArray.parseArray(json, GrantedAuthority.class); // }else { // authorities = new ArrayList<>(); // // 6.不存在=>数据库查询 // List roleCodes = nameService.getUserRoleCodeByUserId(userId); // // role // for (String roleCode : roleCodes) { // SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_" + roleCode); // authorities.add(simpleGrantedAuthority); // } // // // permission // List permissions = nameService.getUserPermissionByUserId(userId); // for (String permission : permissions) { // SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission); // authorities.add(simpleGrantedAuthority); // } // } // // // security对象中存入登陆者信息 // return new UsernamePasswordAuthenticationToken(userId,authToken,authorities); // // } // // // // // // // } // return null; // } // // // // protected void writeJSON(HttpServletRequest req, // HttpServletResponse resp, // ResultVO resultVO) throws IOException { // // 设置编码格式 // resp.setContentType("text/json;charset=utf-8"); // // 处理跨域问题 // resp.setHeader("Access-Control-Allow-Origin", "*"); // resp.setHeader("Access-Control-Allow-Methods", "POST, GET"); // // //输出JSON // PrintWriter out = resp.getWriter(); // out.write(JSONObject.toJSONString(resultVO)); // out.flush(); // out.close(); // } //}