| | |
|---|
| | | @Value("${jwt.secret-key}") |
|---|
| | | private String secretKey; |
|---|
| | | |
|---|
| | | @Value("${jwt.iss_user.format}") |
|---|
| | | private String issUser; |
|---|
| | | |
|---|
| | | @Value("${jwt.auth-skip-urls}") |
|---|
| | | private String[] skipAuthUrls; |
|---|
| | | |
|---|
| | | @Value("${jwt.blacklist-key.format}") |
|---|
| | | private String jwtBlacklistKeyFormat; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * jwt用户 |
|---|
| | | */ |
|---|
| | | private static String ISSUSER = "HUGEINFO"; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public int getOrder() { |
|---|
| | |
|---|
| | | } |
|---|
| | | if (status) { |
|---|
| | | return chain.filter(exchange); |
|---|
| | | } else { |
|---|
| | | // todo 运营中心暂时写死token |
|---|
| | | if (url.indexOf("dyh-oper") != -1) { |
|---|
| | | String userId = "10001"; |
|---|
| | | ServerHttpRequest mutableReq = null; |
|---|
| | | exchange.getRequest().mutate().header("Authorization-userId", userId).build(); |
|---|
| | | ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build(); |
|---|
| | | return chain.filter(mutableExchange); |
|---|
| | | } else { |
|---|
| | | //从请求头中取出token |
|---|
| | | String token = exchange.getRequest().getHeaders().getFirst("Authorization"); |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * JWT验证 |
|---|
| | |
|---|
| | | try { |
|---|
| | | Algorithm algorithm = Algorithm.HMAC256(secretKey); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm) |
|---|
| | | .withIssuer(ISSUSER) |
|---|
| | | .withIssuer(issUser) |
|---|
| | | .build(); |
|---|
| | | DecodedJWT jwt = verifier.verify(token); |
|---|
| | | String userId = jwt.getClaim("userId").asString(); |
|---|
