| | |
|---|
| | | import jakarta.servlet.http.HttpServletResponse; |
|---|
| | | import java.io.IOException; |
|---|
| | | import java.io.PrintWriter; |
|---|
| | | import java.net.InetAddress; |
|---|
| | | import java.net.UnknownHostException; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * AppId和AppSecret认证过滤器 |
|---|
| | |
|---|
| | | // 检查是否为认证请求(如获取token) |
|---|
| | | if (isAuthRequest(requestURI)) { |
|---|
| | | // 对于认证请求,允许通过 |
|---|
| | | filterChain.doFilter(request, response); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // rsf-server本机调用直通,不需要Token |
|---|
| | | if (isRequestFromRsfServer(request)) { |
|---|
| | | request.setAttribute(Constants.REQUEST_ATTR_APP_ID, "rsf-server"); |
|---|
| | | filterChain.doFilter(request, response); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | |
|---|
| | | // requestURI.contains("/auth/login"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 判断是否来自rsf-server的内部请求 |
|---|
| | | * 约定:同机部署时,rsf-server通过127.0.0.1/::1访问open-api |
|---|
| | | */ |
|---|
| | | private boolean isRequestFromRsfServer(HttpServletRequest request) { |
|---|
| | | String remoteAddr = request.getRemoteAddr(); |
|---|
| | | if (StringUtils.isBlank(remoteAddr)) { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if ("127.0.0.1".equals(remoteAddr) || "::1".equals(remoteAddr) || "0:0:0:0:0:0:0:1".equals(remoteAddr)) { |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | try { |
|---|
| | | InetAddress address = InetAddress.getByName(remoteAddr); |
|---|
| | | return address.isLoopbackAddress() || address.isAnyLocalAddress(); |
|---|
| | | } catch (UnknownHostException e) { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException { |
|---|
| | | String requestURI = request.getRequestURI(); |
|---|
