| | |
|---|
| | | @Value("${jwt.secret-key}") |
|---|
| | | private String secretKey; |
|---|
| | | |
|---|
| | | @Value("${jwt.iss-user}") |
|---|
| | | private String issUser; |
|---|
| | | |
|---|
| | | @Value("${jwt.auth-skip-urls}") |
|---|
| | | private String[] skipAuthUrls; |
|---|
| | | |
|---|
| | | @Value("${jwt.blacklist-key.format}") |
|---|
| | | private String jwtBlacklistKeyFormat; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * jwt用户 |
|---|
| | | */ |
|---|
| | | private static String ISSUSER = "HUGEINFO"; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public int getOrder() { |
|---|
| | |
|---|
| | | if (status) { |
|---|
| | | return chain.filter(exchange); |
|---|
| | | } else { |
|---|
| | | // todo 运营中心暂时写死token |
|---|
| | | if (url.indexOf("dyh-oper") != -1) { |
|---|
| | | String userId = "10001"; |
|---|
| | | ServerHttpRequest mutableReq = null; |
|---|
| | | exchange.getRequest().mutate().header("Authorization-userId", userId).build(); |
|---|
| | | ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build(); |
|---|
| | | return chain.filter(mutableExchange); |
|---|
| | | //从请求头中取出token |
|---|
| | | String token = exchange.getRequest().getHeaders().getFirst("Authorization"); |
|---|
| | | //未携带token或token在黑名单内 |
|---|
| | | if (StringUtils.isEmpty(token) || isBlackToken(token)) { |
|---|
| | | ServerHttpResponse originalResponse = exchange.getResponse(); |
|---|
| | | originalResponse.setStatusCode(HttpStatus.OK); |
|---|
| | | originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8"); |
|---|
| | | byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}" |
|---|
| | | .getBytes(StandardCharsets.UTF_8); |
|---|
| | | DataBuffer buffer = originalResponse.bufferFactory().wrap(response); |
|---|
| | | return originalResponse.writeWith(Flux.just(buffer)); |
|---|
| | | } else { |
|---|
| | | //从请求头中取出token |
|---|
| | | String token = exchange.getRequest().getHeaders().getFirst("Authorization"); |
|---|
| | | //未携带token或token在黑名单内 |
|---|
| | | if (StringUtils.isEmpty(token) || isBlackToken(token)) { |
|---|
| | | //取出token包含的身份 |
|---|
| | | Map<String, Object> result = verifyJWT(token); |
|---|
| | | int code = (int) result.get("code"); |
|---|
| | | if (code != 0) { |
|---|
| | | ServerHttpResponse originalResponse = exchange.getResponse(); |
|---|
| | | originalResponse.setStatusCode(HttpStatus.OK); |
|---|
| | | originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8"); |
|---|
| | | byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}" |
|---|
| | | .getBytes(StandardCharsets.UTF_8); |
|---|
| | | String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}"; |
|---|
| | | byte[] response = responseResult.getBytes(StandardCharsets.UTF_8); |
|---|
| | | DataBuffer buffer = originalResponse.bufferFactory().wrap(response); |
|---|
| | | return originalResponse.writeWith(Flux.just(buffer)); |
|---|
| | | } else { |
|---|
| | | //取出token包含的身份 |
|---|
| | | Map<String, Object> result = verifyJWT(token); |
|---|
| | | int code = (int) result.get("code"); |
|---|
| | | if (code != 0) { |
|---|
| | | ServerHttpResponse originalResponse = exchange.getResponse(); |
|---|
| | | originalResponse.setStatusCode(HttpStatus.OK); |
|---|
| | | originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8"); |
|---|
| | | String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}"; |
|---|
| | | byte[] response = responseResult.getBytes(StandardCharsets.UTF_8); |
|---|
| | | DataBuffer buffer = originalResponse.bufferFactory().wrap(response); |
|---|
| | | return originalResponse.writeWith(Flux.just(buffer)); |
|---|
| | | //将现在的request,添加当前身份 |
|---|
| | | String userId = (String) result.get("userId"); |
|---|
| | | ServerHttpRequest mutableReq = null; |
|---|
| | | String custId = (String) result.get("custId"); |
|---|
| | | if (StringUtils.isNotEmpty(custId)) { |
|---|
| | | URI uri = exchange.getRequest().getURI(); |
|---|
| | | URI newUri = assembleUri(uri, custId); |
|---|
| | | exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build(); |
|---|
| | | } else { |
|---|
| | | //将现在的request,添加当前身份 |
|---|
| | | String userId = (String) result.get("userId"); |
|---|
| | | ServerHttpRequest mutableReq = null; |
|---|
| | | String custId = (String) result.get("custId"); |
|---|
| | | if (StringUtils.isNotEmpty(custId)) { |
|---|
| | | URI uri = exchange.getRequest().getURI(); |
|---|
| | | URI newUri = assembleUri(uri, custId); |
|---|
| | | exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build(); |
|---|
| | | } else { |
|---|
| | | exchange.getRequest().mutate().header("Authorization-userId", userId).build(); |
|---|
| | | } |
|---|
| | | ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build(); |
|---|
| | | return chain.filter(mutableExchange); |
|---|
| | | exchange.getRequest().mutate().header("Authorization-userId", userId).build(); |
|---|
| | | } |
|---|
| | | ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build(); |
|---|
| | | return chain.filter(mutableExchange); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | try { |
|---|
| | | Algorithm algorithm = Algorithm.HMAC256(secretKey); |
|---|
| | | JWTVerifier verifier = JWT.require(algorithm) |
|---|
| | | .withIssuer(ISSUSER) |
|---|
| | | .withIssuer(issUser) |
|---|
| | | .build(); |
|---|
| | | DecodedJWT jwt = verifier.verify(token); |
|---|
| | | String userId = jwt.getClaim("userId").asString(); |
|---|
