Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cloud-backend
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
framework
cloud-backend
Commits
997d8e63
Commit
997d8e63
authored
May 29, 2022
by
wilmiam
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
1.0.0
parent
b762e622
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
14 changed files
with
271 additions
and
129 deletions
+271
-129
admin-server/src/main/java/com/zq/admin/config/bean/LoginProperties.java
+0
-2
admin-server/src/main/java/com/zq/admin/config/security/SpringSecurityConfig.java
+1
-0
admin-server/src/main/java/com/zq/admin/config/security/TokenConfigurer.java
+1
-0
admin-server/src/main/java/com/zq/admin/config/security/TokenFilter.java
+1
-0
admin-server/src/main/java/com/zq/admin/config/security/TokenProvider.java
+117
-117
admin-server/src/main/java/com/zq/admin/modules/mnt/service/impl/DeployServiceImpl.java
+1
-2
admin-server/src/main/java/com/zq/admin/modules/security/rest/AuthorizationController.java
+1
-1
admin-server/src/main/java/com/zq/admin/modules/security/service/UserCacheManager.java
+5
-6
user-server/src/main/java/com/zq/user/config/SpringSecurityConfig.java
+1
-0
user-server/src/main/java/com/zq/user/config/TokenConfigurer.java
+1
-0
user-server/src/main/java/com/zq/user/config/TokenFilter.java
+4
-1
user-server/src/main/java/com/zq/user/config/TokenProvider.java
+0
-0
xxx-common-utils/src/main/java/com/zq/common/config/redis/BaseCacheKeys.java
+2
-0
xxx-common-utils/src/main/java/com/zq/common/config/security/TokenProvider.java
+136
-0
No files found.
admin-server/src/main/java/com/zq/admin/config/bean/LoginProperties.java
View file @
997d8e63
...
...
@@ -40,8 +40,6 @@ public class LoginProperties {
private
LoginCode
loginCode
;
public
static
final
String
cacheKey
=
"USER-LOGIN-DATA"
;
public
boolean
isSingleLogin
()
{
return
singleLogin
;
}
...
...
admin-server/src/main/java/com/zq/admin/config/security/SpringSecurityConfig.java
View file @
997d8e63
...
...
@@ -19,6 +19,7 @@ import com.zq.admin.modules.security.service.OnlineUserService;
import
com.zq.admin.modules.security.service.UserCacheManager
;
import
com.zq.common.annotation.AnonymousAccess
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
com.zq.common.utils.RequestMethodEnum
;
import
lombok.RequiredArgsConstructor
;
import
org.springframework.context.ApplicationContext
;
...
...
admin-server/src/main/java/com/zq/admin/config/security/TokenConfigurer.java
View file @
997d8e63
...
...
@@ -18,6 +18,7 @@ package com.zq.admin.config.security;
import
com.zq.admin.modules.security.service.OnlineUserService
;
import
com.zq.admin.modules.security.service.UserCacheManager
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
lombok.RequiredArgsConstructor
;
import
org.springframework.security.config.annotation.SecurityConfigurerAdapter
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
...
...
admin-server/src/main/java/com/zq/admin/config/security/TokenFilter.java
View file @
997d8e63
...
...
@@ -19,6 +19,7 @@ import cn.hutool.core.util.StrUtil;
import
com.zq.admin.modules.security.service.OnlineUserService
;
import
com.zq.admin.modules.security.service.UserCacheManager
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
com.zq.common.context.ContextUtils
;
import
com.zq.common.vo.OnlineUserDto
;
import
io.jsonwebtoken.ExpiredJwtException
;
...
...
admin-server/src/main/java/com/zq/admin/config/security/TokenProvider.java
View file @
997d8e63
package
com
.
zq
.
admin
.
config
.
security
;
/*
* Copyright 2019-2020 Zheng Jie
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import
cn.hutool.core.date.DateField
;
import
cn.hutool.core.date.DateUtil
;
import
cn.hutool.core.util.IdUtil
;
import
com.zq.common.config.redis.RedisUtils
;
import
com.zq.common.config.security.SecurityProperties
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
lombok.RequiredArgsConstructor
;
import
lombok.extern.slf4j.Slf4j
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.factory.InitializingBean
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.userdetails.User
;
import
org.springframework.stereotype.Component
;
import
javax.crypto.spec.SecretKeySpec
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.xml.bind.DatatypeConverter
;
import
java.security.Key
;
import
java.util.ArrayList
;
import
java.util.Date
;
import
java.util.concurrent.TimeUnit
;
/**
* @author /
*/
@Slf4j
@Component
@RequiredArgsConstructor
public
class
TokenProvider
implements
InitializingBean
{
private
final
RedisUtils
redisUtils
;
private
final
SecurityProperties
properties
;
public
static
final
String
AUTHORITIES_KEY
=
"auth"
;
private
static
Key
key
;
private
static
SignatureAlgorithm
signatureAlgorithm
;
@Override
public
void
afterPropertiesSet
()
{
signatureAlgorithm
=
SignatureAlgorithm
.
HS512
;
byte
[]
keyBytes
=
DatatypeConverter
.
parseBase64Binary
(
properties
.
getBase64Secret
());
key
=
new
SecretKeySpec
(
keyBytes
,
signatureAlgorithm
.
getJcaName
());
}
public
static
String
createToken
(
Authentication
authentication
)
{
return
Jwts
.
builder
()
.
claim
(
AUTHORITIES_KEY
,
authentication
.
getName
())
.
setSubject
(
authentication
.
getName
())
.
signWith
(
signatureAlgorithm
,
key
)
// 加入ID确保生成的 Token 都不一致
.
setId
(
IdUtil
.
simpleUUID
())
.
compact
();
}
public
Claims
getClaims
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
DatatypeConverter
.
parseBase64Binary
(
properties
.
getBase64Secret
()))
.
parseClaimsJws
(
token
)
.
getBody
();
}
public
Authentication
getAuthentication
(
String
token
)
{
Claims
claims
=
getClaims
(
token
);
User
principal
=
new
User
(
claims
.
getSubject
(),
"******"
,
new
ArrayList
<>());
return
new
UsernamePasswordAuthenticationToken
(
principal
,
token
,
new
ArrayList
<>());
}
/**
* @param token 需要检查的token
*/
public
void
checkRenewal
(
String
token
)
{
// 判断是否续期token,计算token的过期时间
long
time
=
redisUtils
.
getExpire
(
properties
.
getOnlineKey
()
+
token
)
*
1000
;
Date
expireDate
=
DateUtil
.
offset
(
new
Date
(),
DateField
.
MILLISECOND
,
(
int
)
time
);
// 判断当前时间与过期时间的时间差
long
differ
=
expireDate
.
getTime
()
-
System
.
currentTimeMillis
();
// 如果在续期检查的范围内,则续期
if
(
differ
<=
properties
.
getDetect
())
{
long
renew
=
time
+
properties
.
getRenew
();
redisUtils
.
expire
(
properties
.
getOnlineKey
()
+
token
,
renew
,
TimeUnit
.
MILLISECONDS
);
}
}
public
String
getToken
(
HttpServletRequest
request
)
{
String
bearerToken
=
request
.
getHeader
(
properties
.
getHeader
());
if
(
StringUtils
.
isBlank
(
bearerToken
))
{
return
null
;
}
if
(
bearerToken
.
startsWith
(
properties
.
getTokenStartWith
()))
{
// 去掉令牌前缀
return
bearerToken
.
replace
(
properties
.
getTokenStartWith
(),
""
);
}
else
{
log
.
debug
(
"非法Token:{}"
,
bearerToken
);
}
return
null
;
}
}
//
package com.zq.admin.config.security;/*
//
* Copyright 2019-2020 Zheng Jie
//
*
//
* Licensed under the Apache License, Version 2.0 (the "License");
//
* you may not use this file except in compliance with the License.
//
* You may obtain a copy of the License at
//
*
//
* http://www.apache.org/licenses/LICENSE-2.0
//
*
//
* Unless required by applicable law or agreed to in writing, software
//
* distributed under the License is distributed on an "AS IS" BASIS,
//
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//
* See the License for the specific language governing permissions and
//
* limitations under the License.
//
*/
//
//
import cn.hutool.core.date.DateField;
//
import cn.hutool.core.date.DateUtil;
//
import cn.hutool.core.util.IdUtil;
//
import com.zq.common.config.redis.RedisUtils;
//
import com.zq.common.config.security.SecurityProperties;
//
import io.jsonwebtoken.Claims;
//
import io.jsonwebtoken.Jwts;
//
import io.jsonwebtoken.SignatureAlgorithm;
//
import lombok.RequiredArgsConstructor;
//
import lombok.extern.slf4j.Slf4j;
//
import org.apache.commons.lang3.StringUtils;
//
import org.springframework.beans.factory.InitializingBean;
//
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
//
import org.springframework.security.core.Authentication;
//
import org.springframework.security.core.userdetails.User;
//
import org.springframework.stereotype.Component;
//
//
import javax.crypto.spec.SecretKeySpec;
//
import javax.servlet.http.HttpServletRequest;
//
import javax.xml.bind.DatatypeConverter;
//
import java.security.Key;
//
import java.util.ArrayList;
//
import java.util.Date;
//
import java.util.concurrent.TimeUnit;
//
/
/ /
**
//
* @author /
//
*/
//
@Slf4j
//
@Component
//
@RequiredArgsConstructor
//
public class TokenProvider implements InitializingBean {
//
//
private final RedisUtils redisUtils;
//
private final SecurityProperties properties;
//
//
public static final String AUTHORITIES_KEY = "auth";
//
private static Key key;
//
private static SignatureAlgorithm signatureAlgorithm;
//
//
@Override
//
public void afterPropertiesSet() {
//
signatureAlgorithm = SignatureAlgorithm.HS512;
//
byte[] keyBytes = DatatypeConverter.parseBase64Binary(properties.getBase64Secret());
//
key = new SecretKeySpec(keyBytes, signatureAlgorithm.getJcaName());
//
}
//
//
public static String createToken(Authentication authentication) {
//
return Jwts.builder()
//
.claim(AUTHORITIES_KEY, authentication.getName())
//
.setSubject(authentication.getName())
//
.signWith(signatureAlgorithm, key)
//
// 加入ID确保生成的 Token 都不一致
//
.setId(IdUtil.simpleUUID())
//
.compact();
//
}
//
//
public Claims getClaims(String token) {
//
return Jwts.parser()
//
.setSigningKey(DatatypeConverter.parseBase64Binary(properties.getBase64Secret()))
//
.parseClaimsJws(token)
//
.getBody();
//
}
//
//
public Authentication getAuthentication(String token) {
//
Claims claims = getClaims(token);
//
User principal = new User(claims.getSubject(), "******", new ArrayList<>());
//
return new UsernamePasswordAuthenticationToken(principal, token, new ArrayList<>());
//
}
//
//
/**
//
* @param token 需要检查的token
//
*/
//
public void checkRenewal(String token) {
//
// 判断是否续期token,计算token的过期时间
//
long time = redisUtils.getExpire(properties.getOnlineKey() + token) * 1000;
//
Date expireDate = DateUtil.offset(new Date(), DateField.MILLISECOND, (int) time);
//
// 判断当前时间与过期时间的时间差
//
long differ = expireDate.getTime() - System.currentTimeMillis();
//
// 如果在续期检查的范围内,则续期
//
if (differ <= properties.getDetect()) {
//
long renew = time + properties.getRenew();
//
redisUtils.expire(properties.getOnlineKey() + token, renew, TimeUnit.MILLISECONDS);
//
}
//
}
//
//
public String getToken(HttpServletRequest request) {
//
String bearerToken = request.getHeader(properties.getHeader());
//
if (StringUtils.isBlank(bearerToken)) {
//
return null;
//
}
//
if (bearerToken.startsWith(properties.getTokenStartWith())) {
//
// 去掉令牌前缀
//
return bearerToken.replace(properties.getTokenStartWith(), "");
//
} else {
//
log.debug("非法Token:{}", bearerToken);
//
}
//
return null;
//
}
//
//
}
admin-server/src/main/java/com/zq/admin/modules/mnt/service/impl/DeployServiceImpl.java
View file @
997d8e63
...
...
@@ -186,7 +186,7 @@ public class DeployServiceImpl implements DeployService {
private
void
sleep
(
int
second
)
{
try
{
Thread
.
sleep
(
second
*
1000
);
Thread
.
sleep
(
second
*
1000
L
);
}
catch
(
InterruptedException
e
)
{
log
.
error
(
e
.
getMessage
(),
e
);
}
...
...
@@ -219,7 +219,6 @@ public class DeployServiceImpl implements DeployService {
private
void
stopApp
(
int
port
,
ExecuteShellUtil
executeShellUtil
)
{
//发送停止命令
executeShellUtil
.
execute
(
String
.
format
(
"lsof -i :%d|grep -v \"PID\"|awk '{print \"kill -9\",$2}'|sh"
,
port
));
}
/**
...
...
admin-server/src/main/java/com/zq/admin/modules/security/rest/AuthorizationController.java
View file @
997d8e63
...
...
@@ -20,7 +20,6 @@ import com.wf.captcha.base.Captcha;
import
com.zq.admin.config.RsaProperties
;
import
com.zq.admin.config.bean.LoginCodeEnum
;
import
com.zq.admin.config.bean.LoginProperties
;
import
com.zq.admin.config.security.TokenProvider
;
import
com.zq.admin.exception.BadRequestException
;
import
com.zq.admin.modules.security.service.OnlineUserService
;
import
com.zq.admin.modules.security.service.dto.AuthUserDto
;
...
...
@@ -32,6 +31,7 @@ import com.zq.common.annotation.rest.AnonymousGetMapping;
import
com.zq.common.annotation.rest.AnonymousPostMapping
;
import
com.zq.common.config.redis.RedisUtils
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
lombok.RequiredArgsConstructor
;
...
...
admin-server/src/main/java/com/zq/admin/modules/security/service/UserCacheManager.java
View file @
997d8e63
...
...
@@ -16,8 +16,8 @@
package
com
.
zq
.
admin
.
modules
.
security
.
service
;
import
cn.hutool.core.util.RandomUtil
;
import
com.zq.admin.config.bean.LoginProperties
;
import
com.zq.admin.modules.security.service.dto.JwtUserDto
;
import
com.zq.common.config.redis.BaseCacheKeys
;
import
com.zq.common.config.redis.RedisUtils
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.factory.annotation.Value
;
...
...
@@ -48,7 +48,7 @@ public class UserCacheManager {
public
JwtUserDto
getUserCache
(
String
userName
)
{
if
(
StringUtils
.
isNotEmpty
(
userName
))
{
// 获取数据
Object
obj
=
redisUtils
.
hget
(
LoginProperties
.
cacheKey
,
userName
);
Object
obj
=
redisUtils
.
hget
(
BaseCacheKeys
.
USER_DATA_MAP_KEY
,
userName
);
if
(
obj
!=
null
)
{
return
(
JwtUserDto
)
obj
;
}
...
...
@@ -66,7 +66,7 @@ public class UserCacheManager {
if
(
StringUtils
.
isNotEmpty
(
userName
))
{
// 添加数据, 避免数据同时过期
long
time
=
idleTime
+
RandomUtil
.
randomInt
(
900
,
1800
);
redisUtils
.
hset
(
LoginProperties
.
cacheKey
,
userName
,
user
,
time
);
redisUtils
.
hset
(
BaseCacheKeys
.
USER_DATA_MAP_KEY
,
userName
,
user
,
time
);
}
}
...
...
@@ -80,8 +80,8 @@ public class UserCacheManager {
public
void
cleanUserCache
(
String
userName
)
{
if
(
StringUtils
.
isNotEmpty
(
userName
))
{
// 清除数据
redisUtils
.
hdel
(
LoginProperties
.
cacheKey
,
userName
);
redisUtils
.
hdel
(
BaseCacheKeys
.
USER_DATA_MAP_KEY
,
userName
);
}
}
}
\ No newline at end of file
}
user-server/src/main/java/com/zq/user/config/SpringSecurityConfig.java
View file @
997d8e63
...
...
@@ -18,6 +18,7 @@ package com.zq.user.config;
import
com.zq.common.annotation.AnonymousAccess
;
import
com.zq.common.config.redis.RedisUtils
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
com.zq.common.utils.RequestMethodEnum
;
import
lombok.RequiredArgsConstructor
;
import
org.springframework.context.ApplicationContext
;
...
...
user-server/src/main/java/com/zq/user/config/TokenConfigurer.java
View file @
997d8e63
...
...
@@ -17,6 +17,7 @@ package com.zq.user.config;
import
com.zq.common.config.redis.RedisUtils
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
lombok.RequiredArgsConstructor
;
import
org.springframework.security.config.annotation.SecurityConfigurerAdapter
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
...
...
user-server/src/main/java/com/zq/user/config/TokenFilter.java
View file @
997d8e63
...
...
@@ -16,8 +16,10 @@
package
com
.
zq
.
user
.
config
;
import
cn.hutool.core.util.StrUtil
;
import
com.zq.common.config.redis.BaseCacheKeys
;
import
com.zq.common.config.redis.RedisUtils
;
import
com.zq.common.config.security.SecurityProperties
;
import
com.zq.common.config.security.TokenProvider
;
import
com.zq.common.context.ContextUtils
;
import
com.zq.common.vo.OnlineUserDto
;
import
io.jsonwebtoken.ExpiredJwtException
;
...
...
@@ -74,7 +76,8 @@ public class TokenFilter extends GenericFilterBean {
cleanUserCache
=
true
;
}
finally
{
if
(
cleanUserCache
||
Objects
.
isNull
(
onlineUserDto
))
{
// userCacheClean.cleanUserCache(String.valueOf(tokenProvider.getClaims(token).get(TokenProvider.AUTHORITIES_KEY)));
String
username
=
String
.
valueOf
(
tokenProvider
.
getClaims
(
token
).
get
(
TokenProvider
.
AUTHORITIES_KEY
));
redisUtils
.
hdel
(
BaseCacheKeys
.
USER_DATA_MAP_KEY
,
username
);
}
}
if
(
onlineUserDto
!=
null
&&
StringUtils
.
isNotBlank
(
token
))
{
...
...
user-server/src/main/java/com/zq/user/config/TokenProvider.java
View file @
997d8e63
This diff is collapsed.
Click to expand it.
xxx-common-utils/src/main/java/com/zq/common/config/redis/BaseCacheKeys.java
View file @
997d8e63
...
...
@@ -19,6 +19,8 @@ public abstract class BaseCacheKeys {
private
static
final
String
RATE_LIMIT
=
PREFIX
+
"rate-limit."
;
public
static
final
String
USER_DATA_MAP_KEY
=
"USER-LOGIN-DATA"
;
/**
* 构建app端用户token的缓存key
*
...
...
xxx-common-utils/src/main/java/com/zq/common/config/security/TokenProvider.java
0 → 100644
View file @
997d8e63
package
com
.
zq
.
common
.
config
.
security
;
/*
* Copyright 2019-2020 Zheng Jie
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import
cn.hutool.core.date.DateField
;
import
cn.hutool.core.date.DateUtil
;
import
cn.hutool.core.util.IdUtil
;
import
cn.hutool.core.util.ObjectUtil
;
import
com.zq.common.config.redis.RedisUtils
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
lombok.RequiredArgsConstructor
;
import
lombok.extern.slf4j.Slf4j
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.factory.InitializingBean
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.authority.SimpleGrantedAuthority
;
import
org.springframework.security.core.userdetails.User
;
import
org.springframework.stereotype.Component
;
import
javax.crypto.spec.SecretKeySpec
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.xml.bind.DatatypeConverter
;
import
java.security.Key
;
import
java.util.Arrays
;
import
java.util.Collection
;
import
java.util.Collections
;
import
java.util.Date
;
import
java.util.concurrent.TimeUnit
;
import
java.util.stream.Collectors
;
/**
* @author /
*/
@Slf4j
@Component
@RequiredArgsConstructor
public
class
TokenProvider
implements
InitializingBean
{
private
final
RedisUtils
redisUtils
;
private
final
SecurityProperties
properties
;
public
static
final
String
AUTHORITIES_KEY
=
"auth"
;
private
static
Key
key
;
private
static
SignatureAlgorithm
signatureAlgorithm
;
@Override
public
void
afterPropertiesSet
()
{
signatureAlgorithm
=
SignatureAlgorithm
.
HS512
;
byte
[]
keyBytes
=
DatatypeConverter
.
parseBase64Binary
(
properties
.
getBase64Secret
());
key
=
new
SecretKeySpec
(
keyBytes
,
signatureAlgorithm
.
getJcaName
());
}
public
static
String
createToken
(
Authentication
authentication
)
{
String
authorities
=
authentication
.
getAuthorities
().
stream
()
.
map
(
GrantedAuthority:
:
getAuthority
)
.
collect
(
Collectors
.
joining
(
","
));
return
Jwts
.
builder
()
.
setSubject
(
authentication
.
getName
())
.
claim
(
AUTHORITIES_KEY
,
authorities
)
.
signWith
(
signatureAlgorithm
,
key
)
// 加入ID确保生成的 Token 都不一致
.
setId
(
IdUtil
.
simpleUUID
())
.
compact
();
}
public
Claims
getClaims
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
DatatypeConverter
.
parseBase64Binary
(
properties
.
getBase64Secret
()))
.
parseClaimsJws
(
token
)
.
getBody
();
}
public
Authentication
getAuthentication
(
String
token
)
{
Claims
claims
=
getClaims
(
token
);
// fix bug: 当前用户如果没有任何权限时,在输入用户名后,刷新验证码会抛IllegalArgumentException
Object
authoritiesStr
=
claims
.
get
(
AUTHORITIES_KEY
);
Collection
<?
extends
GrantedAuthority
>
authorities
=
ObjectUtil
.
isNotEmpty
(
authoritiesStr
)
?
Arrays
.
stream
(
authoritiesStr
.
toString
().
split
(
","
))
.
map
(
SimpleGrantedAuthority:
:
new
)
.
collect
(
Collectors
.
toList
())
:
Collections
.
emptyList
();
User
principal
=
new
User
(
claims
.
getSubject
(),
"******"
,
authorities
);
return
new
UsernamePasswordAuthenticationToken
(
principal
,
token
,
authorities
);
}
/**
* @param token 需要检查的token
*/
public
void
checkRenewal
(
String
token
)
{
// 判断是否续期token,计算token的过期时间
long
time
=
redisUtils
.
getExpire
(
properties
.
getOnlineKey
()
+
token
)
*
1000
;
Date
expireDate
=
DateUtil
.
offset
(
new
Date
(),
DateField
.
MILLISECOND
,
(
int
)
time
);
// 判断当前时间与过期时间的时间差
long
differ
=
expireDate
.
getTime
()
-
System
.
currentTimeMillis
();
// 如果在续期检查的范围内,则续期
if
(
differ
<=
properties
.
getDetect
())
{
long
renew
=
time
+
properties
.
getRenew
();
redisUtils
.
expire
(
properties
.
getOnlineKey
()
+
token
,
renew
,
TimeUnit
.
MILLISECONDS
);
}
}
public
String
getToken
(
HttpServletRequest
request
)
{
String
bearerToken
=
request
.
getHeader
(
properties
.
getHeader
());
if
(
StringUtils
.
isBlank
(
bearerToken
))
{
return
null
;
}
if
(
bearerToken
.
startsWith
(
properties
.
getTokenStartWith
()))
{
// 去掉令牌前缀
return
bearerToken
.
replace
(
properties
.
getTokenStartWith
(),
""
);
}
else
{
log
.
debug
(
"非法Token:{}"
,
bearerToken
);
}
return
null
;
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment