添加数据中心验证代码

0b174dfc · 周健威 · 2fb53f93 · 0b174dfc · 0b174dfc · 0b174dfc
Commit 0b174dfc authored Aug 21, 2024 by 周健威
6 changed files
--- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/feign/FeginAuthController.java
+++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/feign/FeginAuthController.java
+package com.github.wxiaoqi.security.auth.controller.feign;
+import com.alibaba.fastjson.JSONObject;
+import com.github.wxiaoqi.security.api.vo.user.AppUserInfo;
+import com.github.wxiaoqi.security.auth.common.util.jwt.JWTInfo;
+import com.github.wxiaoqi.security.auth.feign.IUserService;
+import com.github.wxiaoqi.security.auth.service.AuthService;
+import com.github.wxiaoqi.security.auth.util.user.JwtAuthenticationRequest;
+import com.github.wxiaoqi.security.auth.util.user.JwtTokenUtil;
+import com.github.wxiaoqi.security.common.constant.RequestTypeConstants;
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
+import com.github.wxiaoqi.security.common.util.process.ResultCode;
+import com.github.wxiaoqi.security.common.util.result.JsonResultUtil;
+import io.swagger.annotations.Api;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+@Api(tags = "用户登录")
+@RestController
+@RequestMapping("/fegin/jwt/app/unauth")
+@Slf4j
+public class FeginAuthController {
+    @Value("${jwt.token-header}")
+    private String tokenHeader;
+    @Autowired
+    @Qualifier("baseAuthService")
+    private AuthService authService;
+    @Autowired
+    @Qualifier("appAuthService")
+    private AuthService appAuthService;
+    @Autowired
+    IUserService iUserService;
+    @Autowired
+    private JwtTokenUtil jwtTokenUtil;
+    @RequestMapping(value = "/app/token", method = RequestMethod.GET)
+    public ObjectRestResponse<String> createAuthenticationToken(String username) throws Exception {
+        ObjectRestResponse<AppUserInfo> restResponse = iUserService.getUserByUsername(username);
+        if(null != restResponse.getData()) {
+            AppUserInfo appUserInfo = restResponse.getData();
+            if(null != appUserInfo) {
+                String token = jwtTokenUtil.generateToken(new JWTInfo(appUserInfo.getUsername(), appUserInfo.getId() + "", appUserInfo.getName(),
+                        RequestTypeConstants.APP));
+                return ObjectRestResponse.succ(token);
+            }
+        }
+        return ObjectRestResponse.succ();
+    }
+}
--- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java
+++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java
@@ -87,4 +87,8 @@ public interface IUserService {
    @ApiModelProperty("修改手机号码")
    @GetMapping("/api/app/updUsername")
    public ObjectRestResponse updUsername(@RequestParam(value = "username") String username, @RequestParam(value = "mobilecode") String mobilecode, @RequestParam(value = "userId",defaultValue = "0") Integer userId);
+    @GetMapping("/app/user/app/unauth/getUserByUsername")
+    public ObjectRestResponse<AppUserInfo> getUserByUsername(@RequestParam("username") String username);
 }
--- a/ace-gate/pom.xml
+++ b/ace-gate/pom.xml
@@ -155,8 +155,14 @@
            <artifactId>springfox-swagger-ui</artifactId>
            <version>2.9.2</version>
        </dependency>
+        <dependency>
+            <groupId>com.nimbusds</groupId>
+            <artifactId>nimbus-jose-jwt</artifactId>
+            <version>7.9</version>
+            <scope>compile</scope>
+        </dependency>
-<!--        &lt;!&ndash; swagger &ndash;&gt;-->
+        <!--        &lt;!&ndash; swagger &ndash;&gt;-->
 <!--        <dependency>-->
 <!--            <groupId>com.spring4all</groupId>-->
 <!--            <artifactId>swagger-spring-boot-starter</artifactId>-->

--- a/ace-gate/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java
+++ b/ace-gate/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java
 package com.github.wxiaoqi.security.gate.feign;
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.gate.fallback.UserServiceFallback;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -22,4 +23,7 @@ public interface IUserService {
  public List<PermissionInfo> getPermissionByUsername(@PathVariable("username") String username);
  @RequestMapping(value="/api/permissions",method = RequestMethod.GET)
  List<PermissionInfo> getAllPermissionInfo();
+  @RequestMapping(value = "/fegin/jwt/app/unauth/app/token", method = RequestMethod.GET)
+  public ObjectRestResponse<String> createAuthenticationToken(String username);
 }
--- a/ace-gate/src/main/java/com/github/wxiaoqi/security/gate/filter/AccessGatewayFilter.java
+++ b/ace-gate/src/main/java/com/github/wxiaoqi/security/gate/filter/AccessGatewayFilter.java
 package com.github.wxiaoqi.security.gate.filter;
+import cn.hutool.http.HttpUtil;
+import cn.hutool.json.JSONUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.github.wxiaoqi.security.admin.feign.UserFeign;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
@@ -12,15 +14,21 @@ import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo;
 import com.github.wxiaoqi.security.common.constant.RequestTypeConstants;
 import com.github.wxiaoqi.security.common.context.BaseContextHandler;
 import com.github.wxiaoqi.security.common.msg.BaseResponse;
+import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.common.msg.auth.TokenForbiddenResponse;
+import com.github.wxiaoqi.security.common.util.JsonUtil;
 import com.github.wxiaoqi.security.gate.feign.IAppUserService;
 import com.github.wxiaoqi.security.gate.feign.ILogService;
 import com.github.wxiaoqi.security.gate.feign.IUserService;
 import com.github.wxiaoqi.security.gate.handler.RequestBodyRoutePredicateFactory;
 import com.github.wxiaoqi.security.gate.utils.DBLog;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
@@ -90,14 +98,54 @@ public class AccessGatewayFilter implements GlobalFilter {
    @Autowired
    private ServiceAuthUtil serviceAuthUtil;
+    @Data
+    public static class TokenBean{
+        Integer code;
+        String message;
+        String data;
+    }
    @Override
    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        log.error("请求进入:AccessGatewayFilter");
        log.info("check token and user permission....");
        LinkedHashSet requiredAttribute = serverWebExchange.getRequiredAttribute(ServerWebExchangeUtils.GATEWAY_ORIGINAL_REQUEST_URL_ATTR);
        ServerHttpRequest request = serverWebExchange.getRequest();
-//        setLogService(serverWebExchange, gatewayFilterChain);
+        //新增判断
+        //判断是否存在
+        SignedJWT signedJWT = null;
+        //根据头部请求token
+        String usercenterResult = HttpUtil.get("https://gdxm.upyuns.com/sign/authz/jwt/rest/78917a82-1c86-4020-b86a-3b1b350357e3");
+        String authToken = null;
+        if(usercenterResult.contains("用户用心")) {
+            //退出本地登录
+        }else {
+            TokenBean tokenBean = JSONUtil.toBean(usercenterResult, TokenBean.class);
+            try {
+                signedJWT = SignedJWT.parse(tokenBean.getData());
+                JWTClaimsSet jwtClaims =signedJWT.getJWTClaimsSet();
+                //设置登录
+                IJWTInfo user = null;
+                try {
+                    authToken = getAuthTokenFromRequest(request);
+                    IJWTInfo ijwtInfo = userAuthUtil.getInfoFromToken(authToken);
+                    if(null == ijwtInfo.getName() || !jwtClaims.getSubject().equals(ijwtInfo.getName())) {
+                        throw new Exception();
+                    }
+                } catch (Exception e) {
+                    log.error("未登录，直接登录", e);
+                    ObjectRestResponse<String> restResponseToken = userService.createAuthenticationToken(jwtClaims.getSubject());
+                    authToken = restResponseToken.getData();
+                }
+            } catch (java.text.ParseException e) {
+                log.error(e.getMessage(), e);
+            }
+        }
+        request.getHeaders().set(userAuthConfig.getTokenHeader(), authToken);
+        //        setLogService(serverWebExchange, gatewayFilterChain);
        String requestUri = request.getPath().pathWithinApplication().value();
        if (requiredAttribute != null) {
            Iterator<URI> iterator = requiredAttribute.iterator();
@@ -111,6 +159,7 @@ public class AccessGatewayFilter implements GlobalFilter {
        final String method = request.getMethod().toString();
        BaseContextHandler.setToken(null);
        ServerHttpRequest.Builder mutate = request.mutate();
        // 不进行拦截的地址
        if (isStartWith(requestUri)) {
            //zjw20190806添加 start ：避免已带token 却拿不到服务client/用户信息
@@ -203,6 +252,14 @@ public class AccessGatewayFilter implements GlobalFilter {
     * @return
     */
    private IJWTInfo getJWTUser(ServerHttpRequest request, ServerHttpRequest.Builder ctx) throws Exception {
+        String authToken = getAuthTokenFromRequest(request);
+        ctx.header(userAuthConfig.getTokenHeader(), authToken);
+        BaseContextHandler.setToken(authToken);
+        return userAuthUtil.getInfoFromToken(authToken);
+    }
+    @Nullable
+    private String getAuthTokenFromRequest(ServerHttpRequest request) {
        List<String> strings = request.getHeaders().get(userAuthConfig.getTokenHeader());
        String authToken = null;
        if (strings != null) {
@@ -214,9 +271,7 @@ public class AccessGatewayFilter implements GlobalFilter {
                authToken = strings.get(0);
            }
        }
-        ctx.header(userAuthConfig.getTokenHeader(), authToken);
+        return authToken;
-        BaseContextHandler.setToken(authToken);
-        return userAuthUtil.getInfoFromToken(authToken);
    }

--- a/ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/AppUserController.java
+++ b/ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/AppUserController.java
@@ -304,6 +304,14 @@ public class AppUserController extends CommonBaseController{
        return userIds;
    }
+    @GetMapping("/app/unauth/getUserByUsername")
+    @IgnoreUserToken
+    @IgnoreClientToken
+    public ObjectRestResponse<AppUser> getUserByUsername(@RequestParam("username") String username){
+        AppUser appUser = appUserBiz.getUserByUsername(username);
+        return ObjectRestResponse.succ(appUser);
+    }
    @GetMapping("/app/unauth/test")
    @IgnoreUserToken
    @IgnoreClientToken