blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
1
7 小时以前 5ef6c105aca5bd7c0c63ce3240fbe82c2e07e8f7 
 rsf-open-api/src/main/java/com/vincent/rsf/openApi/security/filter/AppIdAuthenticationFilter.java


@@ -16,6 +16,8 @@


import jakarta.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.io.PrintWriter;


import java.net.InetAddress;


import java.net.UnknownHostException;




/**


 * AppId和AppSecret认证过滤器


@@ -43,6 +45,13 @@


        // 检查是否为认证请求(如获取token)


        if (isAuthRequest(requestURI)) {


            // 对于认证请求,允许通过


            filterChain.doFilter(request, response);


            return;


        }




        // rsf-server本机调用直通,不需要Token


        if (isRequestFromRsfServer(request)) {


            request.setAttribute(Constants.REQUEST_ATTR_APP_ID, "rsf-server");


            filterChain.doFilter(request, response);


            return;


        }


@@ -104,6 +113,28 @@


//               requestURI.contains("/auth/login");


    }




    /**


     * 判断是否来自rsf-server的内部请求


     * 约定:同机部署时,rsf-server通过127.0.0.1/::1访问open-api


     */


    private boolean isRequestFromRsfServer(HttpServletRequest request) {


        String remoteAddr = request.getRemoteAddr();


        if (StringUtils.isBlank(remoteAddr)) {


            return false;


        }




        if ("127.0.0.1".equals(remoteAddr) || "::1".equals(remoteAddr) || "0:0:0:0:0:0:0:1".equals(remoteAddr)) {


            return true;


        }




        try {


            InetAddress address = InetAddress.getByName(remoteAddr);


            return address.isLoopbackAddress() || address.isAnyLocalAddress();


        } catch (UnknownHostException e) {


            return false;


        }


    }




    @Override


    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {


        String requestURI = request.getRequestURI();


@@ -118,4 +149,4 @@


               requestURI.contains("/v3/api-docs");


    }




}


}