| | |
|---|
| | | package com.vincent.rsf.openApi.security.filter; |
|---|
| | | |
|---|
| | | import com.vincent.rsf.openApi.entity.app.App; |
|---|
| | | import com.vincent.rsf.openApi.entity.constant.Constants; |
|---|
| | | import com.vincent.rsf.openApi.security.service.AppAuthService; |
|---|
| | | import com.vincent.rsf.openApi.security.utils.TokenUtils; |
|---|
| | | import com.vincent.rsf.openApi.service.TokenService; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | | import org.springframework.core.annotation.Order; |
|---|
| | | import org.springframework.stereotype.Component; |
|---|
| | |
|---|
| | | |
|---|
| | | @Resource |
|---|
| | | private AppAuthService appAuthService; |
|---|
| | | @Resource |
|---|
| | | private TokenService tokenService; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) |
|---|
| | |
|---|
| | | String authHeader = request.getHeader(Constants.HEADER_AUTHORIZATION); |
|---|
| | | if (authHeader != null) { |
|---|
| | | String token = TokenUtils.extractTokenFromHeader(authHeader); |
|---|
| | | if (token != null && TokenUtils.validateTokenTime(token)) { |
|---|
| | | String tokenAppId = TokenUtils.getAppIdFromToken(token); |
|---|
| | | String tokenAppSecret = TokenUtils.getSecretFromToken(token); |
|---|
| | | if (!StringUtils.hasText(tokenAppId) || !StringUtils.hasText(tokenAppSecret) |
|---|
| | | || !appAuthService.validateApp(tokenAppId, tokenAppSecret)) { |
|---|
| | | log.warn("Token验证失败"); |
|---|
| | | sendErrorResponse(response, Constants.UNAUTHENTICATED_CODE, "认证失败,请提供有效的Token"); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | request.setAttribute(Constants.REQUEST_ATTR_APP_ID, tokenAppId); |
|---|
| | | } else { |
|---|
| | | String tokenAppId = token != null ? tokenService.getAppIdIfValid(token) : null; |
|---|
| | | if (!StringUtils.hasText(tokenAppId)) { |
|---|
| | | log.warn("Token验证失败或缺失"); |
|---|
| | | sendErrorResponse(response, Constants.UNAUTHENTICATED_CODE, "认证失败,请提供有效的Token"); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | App app = appAuthService.getAppInfo(tokenAppId); |
|---|
| | | if (app == null || app.getEnable() == null || app.getEnable() != 1) { |
|---|
| | | log.warn("Token对应应用无效或已禁用"); |
|---|
| | | sendErrorResponse(response, Constants.UNAUTHENTICATED_CODE, "认证失败,请提供有效的Token"); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | request.setAttribute(Constants.REQUEST_ATTR_APP_ID, tokenAppId); |
|---|
| | | } else { |
|---|
| | | log.warn("缺少Token认证信息"); |
|---|
| | | sendErrorResponse(response, Constants.UNAUTHENTICATED_CODE, "认证失败,请提供有效的Token"); |
|---|
