添加数据中心验证代码

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/feign/FeginAuthController.java

+package com.github.wxiaoqi.security.auth.controller.feign;
+
+import com.alibaba.fastjson.JSONObject;
+import com.github.wxiaoqi.security.api.vo.user.AppUserInfo;
+import com.github.wxiaoqi.security.auth.common.util.jwt.JWTInfo;
+import com.github.wxiaoqi.security.auth.feign.IUserService;
+import com.github.wxiaoqi.security.auth.service.AuthService;
+import com.github.wxiaoqi.security.auth.util.user.JwtAuthenticationRequest;
+import com.github.wxiaoqi.security.auth.util.user.JwtTokenUtil;
+import com.github.wxiaoqi.security.common.constant.RequestTypeConstants;
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
+import com.github.wxiaoqi.security.common.util.process.ResultCode;
+import com.github.wxiaoqi.security.common.util.result.JsonResultUtil;
+import io.swagger.annotations.Api;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+
+@Api(tags = "用户登录")
+@RestController
+@RequestMapping("/fegin/jwt/app/unauth")
+@Slf4j
+public class FeginAuthController {
+    @Value("${jwt.token-header}")
+    private String tokenHeader;
+
+    @Autowired
+    @Qualifier("baseAuthService")
+    private AuthService authService;
+
+    @Autowired
+    @Qualifier("appAuthService")
+    private AuthService appAuthService;
+
+    @Autowired
+    IUserService iUserService;
+
+    @Autowired
+    private JwtTokenUtil jwtTokenUtil;
+
+    @RequestMapping(value = "/app/token", method = RequestMethod.GET)
+    public ObjectRestResponse<String> createAuthenticationToken(String username) throws Exception {
+        ObjectRestResponse<AppUserInfo> restResponse = iUserService.getUserByUsername(username);
+        if(null != restResponse.getData()) {
+            AppUserInfo appUserInfo = restResponse.getData();
+            if(null != appUserInfo) {
+                String token = jwtTokenUtil.generateToken(new JWTInfo(appUserInfo.getUsername(), appUserInfo.getId() + "", appUserInfo.getName(),
+                        RequestTypeConstants.APP));
+                return ObjectRestResponse.succ(token);
+            }
+        }
+        return ObjectRestResponse.succ();
+    }
+
+}

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java

@@ -87,4 +87,8 @@ public interface IUserService {
     @ApiModelProperty("修改手机号码")
     @GetMapping("/api/app/updUsername")
     public ObjectRestResponse updUsername(@RequestParam(value = "username") String username, @RequestParam(value = "mobilecode") String mobilecode, @RequestParam(value = "userId",defaultValue = "0") Integer userId);
+
+
+    @GetMapping("/app/user/app/unauth/getUserByUsername")
+    public ObjectRestResponse<AppUserInfo> getUserByUsername(@RequestParam("username") String username);
 }

ace-gate/pom.xml

@@ -155,8 +155,14 @@
             <artifactId>springfox-swagger-ui</artifactId>
             <version>2.9.2</version>
         </dependency>
+        <dependency>
+            <groupId>com.nimbusds</groupId>
+            <artifactId>nimbus-jose-jwt</artifactId>
+            <version>7.9</version>
+            <scope>compile</scope>
+        </dependency>
 
-<!--        &lt;!&ndash; swagger &ndash;&gt;-->
+        <!--        &lt;!&ndash; swagger &ndash;&gt;-->
 <!--        <dependency>-->
 <!--            <groupId>com.spring4all</groupId>-->
 <!--            <artifactId>swagger-spring-boot-starter</artifactId>-->

ace-gate/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java

 package com.github.wxiaoqi.security.gate.feign;
 
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.gate.fallback.UserServiceFallback;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -22,4 +23,7 @@ public interface IUserService {
   public List<PermissionInfo> getPermissionByUsername(@PathVariable("username") String username);
   @RequestMapping(value="/api/permissions",method = RequestMethod.GET)
   List<PermissionInfo> getAllPermissionInfo();
+
+  @RequestMapping(value = "/fegin/jwt/app/unauth/app/token", method = RequestMethod.GET)
+  public ObjectRestResponse<String> createAuthenticationToken(String username);
 }

ace-gate/src/main/java/com/github/wxiaoqi/security/gate/filter/AccessGatewayFilter.java

 package com.github.wxiaoqi.security.gate.filter;
 
+import cn.hutool.http.HttpUtil;
+import cn.hutool.json.JSONUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.github.wxiaoqi.security.admin.feign.UserFeign;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
@@ -12,15 +14,21 @@ import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo;
 import com.github.wxiaoqi.security.common.constant.RequestTypeConstants;
 import com.github.wxiaoqi.security.common.context.BaseContextHandler;
 import com.github.wxiaoqi.security.common.msg.BaseResponse;
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.common.msg.auth.TokenForbiddenResponse;
+import com.github.wxiaoqi.security.common.util.JsonUtil;
 import com.github.wxiaoqi.security.gate.feign.IAppUserService;
 import com.github.wxiaoqi.security.gate.feign.ILogService;
 import com.github.wxiaoqi.security.gate.feign.IUserService;
 import com.github.wxiaoqi.security.gate.handler.RequestBodyRoutePredicateFactory;
 import com.github.wxiaoqi.security.gate.utils.DBLog;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
@@ -90,14 +98,54 @@ public class AccessGatewayFilter implements GlobalFilter {
     @Autowired
     private ServiceAuthUtil serviceAuthUtil;
 
+    @Data
+    public static class TokenBean{
+        Integer code;
+        String message;
+        String data;
+    }
+
     @Override
     public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
-
         log.error("请求进入:AccessGatewayFilter");
         log.info("check token and user permission....");
         LinkedHashSet requiredAttribute = serverWebExchange.getRequiredAttribute(ServerWebExchangeUtils.GATEWAY_ORIGINAL_REQUEST_URL_ATTR);
         ServerHttpRequest request = serverWebExchange.getRequest();
-//        setLogService(serverWebExchange, gatewayFilterChain);
+
+        //新增判断
+        //判断是否存在
+        SignedJWT signedJWT = null;
+        //根据头部请求token
+        String usercenterResult = HttpUtil.get("https://gdxm.upyuns.com/sign/authz/jwt/rest/78917a82-1c86-4020-b86a-3b1b350357e3");
+        String authToken = null;
+        if(usercenterResult.contains("用户用心")) {
+            //退出本地登录
+        }else {
+            TokenBean tokenBean = JSONUtil.toBean(usercenterResult, TokenBean.class);
+            try {
+                signedJWT = SignedJWT.parse(tokenBean.getData());
+                JWTClaimsSet jwtClaims =signedJWT.getJWTClaimsSet();
+                //设置登录
+
+                IJWTInfo user = null;
+                try {
+                    authToken = getAuthTokenFromRequest(request);
+                    IJWTInfo ijwtInfo = userAuthUtil.getInfoFromToken(authToken);
+                    if(null == ijwtInfo.getName() || !jwtClaims.getSubject().equals(ijwtInfo.getName())) {
+                        throw new Exception();
+                    }
+                } catch (Exception e) {
+                    log.error("未登录，直接登录", e);
+                    ObjectRestResponse<String> restResponseToken = userService.createAuthenticationToken(jwtClaims.getSubject());
+                    authToken = restResponseToken.getData();
+                }
+            } catch (java.text.ParseException e) {
+                log.error(e.getMessage(), e);
+            }
+        }
+        request.getHeaders().set(userAuthConfig.getTokenHeader(), authToken);
+
+        //        setLogService(serverWebExchange, gatewayFilterChain);
         String requestUri = request.getPath().pathWithinApplication().value();
         if (requiredAttribute != null) {
             Iterator<URI> iterator = requiredAttribute.iterator();
@@ -111,6 +159,7 @@ public class AccessGatewayFilter implements GlobalFilter {
         final String method = request.getMethod().toString();
         BaseContextHandler.setToken(null);
         ServerHttpRequest.Builder mutate = request.mutate();
+
         // 不进行拦截的地址
         if (isStartWith(requestUri)) {
             //zjw20190806添加 start ：避免已带token 却拿不到服务client/用户信息
@@ -203,6 +252,14 @@ public class AccessGatewayFilter implements GlobalFilter {
      * @return
      */
     private IJWTInfo getJWTUser(ServerHttpRequest request, ServerHttpRequest.Builder ctx) throws Exception {
+        String authToken = getAuthTokenFromRequest(request);
+        ctx.header(userAuthConfig.getTokenHeader(), authToken);
+        BaseContextHandler.setToken(authToken);
+        return userAuthUtil.getInfoFromToken(authToken);
+    }
+
+    @Nullable
+    private String getAuthTokenFromRequest(ServerHttpRequest request) {
         List<String> strings = request.getHeaders().get(userAuthConfig.getTokenHeader());
         String authToken = null;
         if (strings != null) {
@@ -214,9 +271,7 @@ public class AccessGatewayFilter implements GlobalFilter {
                 authToken = strings.get(0);
             }
         }
-        ctx.header(userAuthConfig.getTokenHeader(), authToken);
-        BaseContextHandler.setToken(authToken);
-        return userAuthUtil.getInfoFromToken(authToken);
+        return authToken;
     }
 
 

ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/AppUserController.java

@@ -304,6 +304,14 @@ public class AppUserController extends CommonBaseController{
         return userIds;
     }
 
+    @GetMapping("/app/unauth/getUserByUsername")
+    @IgnoreUserToken
+    @IgnoreClientToken
+    public ObjectRestResponse<AppUser> getUserByUsername(@RequestParam("username") String username){
+        AppUser appUser = appUserBiz.getUserByUsername(username);
+        return ObjectRestResponse.succ(appUser);
+    }
+
     @GetMapping("/app/unauth/test")
     @IgnoreUserToken
     @IgnoreClientToken