1.0.0

admin-server/pom.xml

@@ -131,6 +131,10 @@
             <version>${qiniu.version}</version>
         </dependency>
 
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+        </dependency>
         <!--mapStruct依赖-->
         <dependency>
             <groupId>org.mapstruct</groupId>

admin-server/src/main/java/com/zq/admin/modules/security/rest/AuthorizationController.java

@@ -32,6 +32,7 @@ import com.zq.common.annotation.rest.AnonymousGetMapping;
 import com.zq.common.annotation.rest.AnonymousPostMapping;
 import com.zq.common.config.redis.RedisUtils;
 import com.zq.common.config.security.SecurityProperties;
+import com.zq.common.vo.ResultVo;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
@@ -43,6 +44,8 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -72,6 +75,7 @@ public class AuthorizationController {
     private final OnlineUserService onlineUserService;
     private final TokenProvider tokenProvider;
     private final AuthenticationManagerBuilder authenticationManagerBuilder;
+    private final UserDetailsService userDetailsService;
     @Resource
     private LoginProperties loginProperties;
 
@@ -148,4 +152,24 @@ public class AuthorizationController {
         return new ResponseEntity<>(HttpStatus.OK);
     }
 
+    @ApiOperation("cas登录")
+    @AnonymousPostMapping(value = "/casLogin")
+    public ResultVo<Map<String, Object>> casLogin(@RequestBody AuthUserDto authUser, HttpServletRequest request) {
+        UserDetails userDetails = userDetailsService.loadUserByUsername(authUser.getUsername());
+        Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+        // 生成令牌
+        String token = TokenProvider.createToken(authentication);
+
+        final JwtUserDto jwtUserDto = (JwtUserDto) authentication.getPrincipal();
+        // 保存在线信息
+        onlineUserService.save(jwtUserDto, token, request);
+
+        // 返回 token 与 用户信息
+        Map<String, Object> authInfo = new HashMap<String, Object>(1) {{
+            put("token", token);
+        }};
+        return ResultVo.success(authInfo);
+    }
+
 }

gateway-server/src/main/resources/application.yml

@@ -14,7 +14,7 @@ spring:
         cors-configurations:
           '[/**]':
             allowCredentials: true
-            allowedOrigins: "*"
+            allowedOriginPatterns: "*"
             allowedMethods: "PUT, POST, GET, OPTIONS, DELETE"
             allowedHeaders: "Content-type, Authorization"
             maxAge: 3600

user-server/pom.xml

@@ -51,12 +51,10 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-bootstrap</artifactId>
         </dependency>
-        <!--Spring devtools 热部署-->
+        <!-- 远程调用cloud feign -->
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-devtools</artifactId>
-            <scope>runtime</scope>
-            <optional>true</optional>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-openfeign</artifactId>
         </dependency>
         <!--Spring boot Redis-->
         <dependency>

user-server/src/main/java/com/zq/user/UserApplication.java

@@ -5,6 +5,7 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+import org.springframework.cloud.openfeign.EnableFeignClients;
 import org.springframework.scheduling.annotation.EnableAsync;
 import org.springframework.scheduling.annotation.EnableScheduling;
 
@@ -16,6 +17,7 @@ import org.springframework.scheduling.annotation.EnableScheduling;
 @EnableCaching
 @EnableScheduling
 @MapperScan({"com.zq.user.dao", "com.zq.logging.mapper"})
+@EnableFeignClients
 @EnableDiscoveryClient
 @SpringBootApplication(scanBasePackages = {"com.zq.user", "com.zq.logging", "com.zq.common.config"})
 public class UserApplication {

user-server/src/main/java/com/zq/user/config/FeignConfig.java

+package com.zq.user.config;
+
+import com.zq.common.constant.FeignHeader;
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.List;
+
+/**
+ * @author wilmiam
+ * @since 2021-07-09 10:34
+ */
+@Configuration
+public class FeignConfig {
+
+    /**
+     * 转发请求头
+     */
+    private static final List<String> FORWARD_HEADERS = Arrays.asList(
+            "AUTHORIZATION",
+            "X-FORWARDED-FOR",
+            "X-FORWARDED-PROTO",
+            "X-FORWARDED-PORT",
+            "X-FORWARDED-HOST",
+            "FORWARDED",
+            "PROXY-CLIENT-IP",
+            "WL-PROXY-CLIENT-IP",
+            "HTTP_X_FORWARDED_FOR",
+            "HTTP_X_FORWARDED",
+            "HTTP_X_CLUSTER_CLIENT_IP",
+            "HTTP_CLIENT_IP",
+            "HTTP_FORWARDED_FOR",
+            "HTTP_FORWARDED",
+            "HTTP_VIA",
+            "REMOTE_ADDR",
+            "X-REAL-IP",
+            "HOST"
+    );
+
+    /**
+     * 解决fein远程调用丢失请求头
+     *
+     * @return
+     */
+    @Bean
+    public RequestInterceptor requestInterceptor() {
+        return new RequestInterceptor() {
+            @Override
+            public void apply(RequestTemplate template) {
+                RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
+                if (requestAttributes == null) {
+                    return;
+                }
+                HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
+                template.header(FeignHeader.API_TOKEN, request.getParameter("token"));
+                Enumeration<String> headerNames = request.getHeaderNames();
+                if (headerNames != null) {
+                    while (headerNames.hasMoreElements()) {
+                        String name = headerNames.nextElement();
+                        // 不要设置content-length
+                        if ("content-length".equals(name)) {
+                            continue;
+                        }
+
+                        if (FORWARD_HEADERS.contains(name.toUpperCase())) {
+                            String values = request.getHeader(name);
+                            template.header(name, values);
+                        }
+                    }
+                }
+            }
+        };
+    }
+
+}

user-server/src/main/java/com/zq/user/config/SpringSecurityConfig.java

@@ -16,9 +16,8 @@
 package com.zq.user.config;
 
 import com.zq.common.annotation.AnonymousAccess;
-import com.zq.common.config.redis.RedisUtils;
-import com.zq.common.config.security.SecurityProperties;
 import com.zq.common.utils.RequestMethodEnum;
+import com.zq.user.feign.AdminFeignClient;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
@@ -52,8 +51,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
     private final JwtAuthenticationEntryPoint authenticationErrorHandler;
     private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
     private final ApplicationContext applicationContext;
-    private final SecurityProperties properties;
-    private final RedisUtils redisUtils;
+    private final AdminFeignClient adminFeignClient;
 
     @Bean
     public GrantedAuthorityDefaults grantedAuthorityDefaults() {
@@ -137,7 +135,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
     }
 
     private TokenConfigurer securityConfigurerAdapter() {
-        return new TokenConfigurer(tokenProvider, properties, redisUtils);
+        return new TokenConfigurer(tokenProvider, adminFeignClient);
     }
 
     private Map<String, Set<String>> getAnonymousUrl(Map<RequestMappingInfo, HandlerMethod> handlerMethodMap) {

user-server/src/main/java/com/zq/user/config/TokenConfigurer.java

@@ -15,8 +15,7 @@
  */
 package com.zq.user.config;
 
-import com.zq.common.config.redis.RedisUtils;
-import com.zq.common.config.security.SecurityProperties;
+import com.zq.user.feign.AdminFeignClient;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -30,12 +29,11 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 public class TokenConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
 
     private final TokenProvider tokenProvider;
-    private final SecurityProperties properties;
-    private final RedisUtils redisUtils;
+    private final AdminFeignClient adminFeignClient;
 
     @Override
     public void configure(HttpSecurity http) {
-        TokenFilter customFilter = new TokenFilter(tokenProvider, properties, redisUtils);
+        TokenFilter customFilter = new TokenFilter(tokenProvider, adminFeignClient);
         http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
     }
 

user-server/src/main/java/com/zq/user/config/TokenFilter.java

@@ -16,12 +16,10 @@
 package com.zq.user.config;
 
 import cn.hutool.core.util.StrUtil;
-import com.zq.common.config.redis.BaseCacheKeys;
-import com.zq.common.config.redis.RedisUtils;
-import com.zq.common.config.security.SecurityProperties;
 import com.zq.common.context.ContextUtils;
 import com.zq.common.vo.OnlineUserDto;
-import io.jsonwebtoken.ExpiredJwtException;
+import com.zq.common.vo.ResultVo;
+import com.zq.user.feign.AdminFeignClient;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -35,7 +33,6 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
-import java.util.Objects;
 
 /**
  * @author /
@@ -45,18 +42,15 @@ public class TokenFilter extends GenericFilterBean {
     private static final Logger log = LoggerFactory.getLogger(TokenFilter.class);
 
     private final TokenProvider tokenProvider;
-    private final SecurityProperties properties;
-    private final RedisUtils redisUtils;
+    private final AdminFeignClient adminFeignClient;
 
     /**
-     * @param tokenProvider Token
-     * @param properties    JWT
-     * @param redisUtils    redis
+     * @param tokenProvider    Token
+     * @param adminFeignClient adminFeign
      */
-    public TokenFilter(TokenProvider tokenProvider, SecurityProperties properties, RedisUtils redisUtils) {
-        this.properties = properties;
+    public TokenFilter(TokenProvider tokenProvider, AdminFeignClient adminFeignClient) {
         this.tokenProvider = tokenProvider;
-        this.redisUtils = redisUtils;
+        this.adminFeignClient = adminFeignClient;
     }
 
     @Override
@@ -67,17 +61,11 @@ public class TokenFilter extends GenericFilterBean {
         // 对于 Token 为空的不需要去查 Redis
         if (StrUtil.isNotBlank(token)) {
             OnlineUserDto onlineUserDto = null;
-            boolean cleanUserCache = false;
             try {
-                onlineUserDto = redisUtils.getObj(properties.getOnlineKey() + token, OnlineUserDto.class);
-            } catch (ExpiredJwtException e) {
-                log.error(e.getMessage());
-                cleanUserCache = true;
-            } finally {
-                if (cleanUserCache || Objects.isNull(onlineUserDto)) {
-                    String username = String.valueOf(tokenProvider.getClaims(token).get(TokenProvider.AUTHORITIES_KEY));
-                    redisUtils.hdel(BaseCacheKeys.USER_DATA_MAP_KEY, username);
-                }
+                ResultVo<OnlineUserDto> resultVo = adminFeignClient.getCurrentUser();
+                onlineUserDto = resultVo.getData();
+            } catch (Exception e) {
+                log.error(">> 获取当前用户失败：" + e.getMessage());
             }
             if (onlineUserDto != null && StringUtils.isNotBlank(token)) {
                 Authentication authentication = tokenProvider.getAuthentication(token);

user-server/src/main/java/com/zq/user/feign/AdminFeignClient.java

+package com.zq.user.feign;
+
+import com.zq.common.vo.OnlineUserDto;
+import com.zq.common.vo.ResultVo;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+
+/**
+ * @author wilmiam
+ * @since 2022/10/11 17:19
+ */
+@FeignClient(name = "ADMIN-SERVER", path = "/admin")
+public interface AdminFeignClient {
+
+    /**
+     * 获取当前用户
+     *
+     * @return
+     */
+    @GetMapping(value = "/auth/getCurrentUser")
+    ResultVo<OnlineUserDto> getCurrentUser();
+
+}