~huangh/gz-dyh.git

			@@ -1,5 +1,7 @@
			package cn.huge.gateway.filter;

			import cn.huge.gateway.utils.JsonMapper;
			import cn.huge.gateway.utils.ReturnBO;
			import cn.huge.gateway.utils.SpringContextUtil;
			import com.auth0.jwt.JWT;
			import com.auth0.jwt.JWTVerifier;
			@@ -46,7 +48,7 @@
			@Value("${jwt.secret-key}")
			private String secretKey;

			@Value("${jwt.iss_user.format}")
			@Value("${jwt.iss-user}")
			private String issUser;

			@Value("${jwt.auth-skip-urls}")
			@@ -68,63 +70,52 @@
			*/
			@Override
			public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
			//开发环境不校验
			if (SpringContextUtil.checkDev()){
			return chain.filter(exchange);
			}else {
			String url = exchange.getRequest().getURI().getPath();
			//跳过不需要验证的路径
			List<String> skipAuthUrlList = Arrays.asList(skipAuthUrls);
			Boolean status = false;
			if (!CollectionUtils.isEmpty(skipAuthUrlList)) {
			for (String skipAuthUrl : skipAuthUrlList) {
			if (url.indexOf(skipAuthUrl) != -1) {
			status = true;
			break;
			}
			String url = exchange.getRequest().getURI().getPath();
			//跳过不需要验证的路径
			List<String> skipAuthUrlList = Arrays.asList(skipAuthUrls);
			Boolean status = false;
			if (!CollectionUtils.isEmpty(skipAuthUrlList)) {
			for (String skipAuthUrl : skipAuthUrlList) {
			if (url.indexOf(skipAuthUrl) != -1) {
			status = true;
			break;
			}
			}
			if (status) {
			return chain.filter(exchange);
			}
			if (status) {
			return chain.filter(exchange);
			} else {
			JsonMapper jsonMapper = new JsonMapper();
			ReturnBO returnBO = new ReturnBO();
			//从请求头中取出token
			String token = exchange.getRequest().getHeaders().getFirst("Authorization");
			//未携带token或token在黑名单内
			if (StringUtils.isEmpty(token) \|\| isBlackToken(token)) {
			ServerHttpResponse originalResponse = exchange.getResponse();
			originalResponse.setStatusCode(HttpStatus.OK);
			originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
			returnBO.setCode(401);
			returnBO.setMsg("您尚未登录，请登录后重试！");
			byte[] response = jsonMapper.toJson(returnBO).getBytes(StandardCharsets.UTF_8);
			DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
			return originalResponse.writeWith(Flux.just(buffer));
			} else {
			//从请求头中取出token
			String token = exchange.getRequest().getHeaders().getFirst("Authorization");
			//未携带token或token在黑名单内
			if (StringUtils.isEmpty(token) \|\| isBlackToken(token)) {
			//取出token包含的身份
			returnBO = verifyJWT(token);
			if (returnBO.getCode() != 0) {
			ServerHttpResponse originalResponse = exchange.getResponse();
			originalResponse.setStatusCode(HttpStatus.OK);
			originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
			byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录，请进行登录！\"}"
			.getBytes(StandardCharsets.UTF_8);
			byte[] response = jsonMapper.toJson(returnBO).getBytes(StandardCharsets.UTF_8);
			DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
			return originalResponse.writeWith(Flux.just(buffer));
			} else {
			//取出token包含的身份
			Map<String, Object> result = verifyJWT(token);
			int code = (int) result.get("code");
			if (code != 0) {
			ServerHttpResponse originalResponse = exchange.getResponse();
			originalResponse.setStatusCode(HttpStatus.OK);
			originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
			String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}";
			byte[] response = responseResult.getBytes(StandardCharsets.UTF_8);
			DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
			return originalResponse.writeWith(Flux.just(buffer));
			} else {
			//将现在的request，添加当前身份
			String userId = (String) result.get("userId");
			ServerHttpRequest mutableReq = null;
			String custId = (String) result.get("custId");
			if (StringUtils.isNotEmpty(custId)) {
			URI uri = exchange.getRequest().getURI();
			URI newUri = assembleUri(uri, custId);
			exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build();
			} else {
			exchange.getRequest().mutate().header("Authorization-userId", userId).build();
			}
			ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
			return chain.filter(mutableExchange);
			}
			//将现在的request，添加当前身份
			String userId = (String) returnBO.getData();
			ServerHttpRequest mutableReq = null;
			exchange.getRequest().mutate().header("Authorization-userId", userId).build();
			ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
			return chain.filter(mutableExchange);
			}
			}
			}
			@@ -135,8 +126,8 @@
			* @param token 授权信息
			* @return Map
			*/
			private Map<String, Object> verifyJWT(String token){
			Map<String, Object> result = new HashMap<>();
			private ReturnBO verifyJWT(String token){
			ReturnBO returnBO = new ReturnBO();
			try {
			Algorithm algorithm = Algorithm.HMAC256(secretKey);
			JWTVerifier verifier = JWT.require(algorithm)
			@@ -145,25 +136,23 @@
			DecodedJWT jwt = verifier.verify(token);
			String userId = jwt.getClaim("userId").asString();
			if (userId.isEmpty()){
			result.put("code", 401);
			result.put("msg", "登录用户已失效，请重新登录");
			returnBO.setCode(401);
			returnBO.setMsg("您尚未登录，请登录后重试！");
			}else{
			result.put("code", 0);
			result.put("userId", userId);
			String custId = jwt.getClaim("custId").asString();
			result.put("custId", custId);
			returnBO.setCode(0);
			returnBO.setData(userId);
			}
			} catch (JWTVerificationException e){
			log.error("AuthFilter方法[verifyJWT]调用异常："+e, e);
			if (e.getMessage().indexOf("The Token has expired") != -1){
			result.put("code", 401);
			result.put("msg", "登录用户已失效，请重新登录！");
			returnBO.setCode(401);
			returnBO.setMsg("您尚未登录，请登录后重试！");
			}else{
			result.put("code", 401);
			result.put("msg", "登录用户已失效，请重新登录");
			returnBO.setCode(401);
			returnBO.setMsg("您尚未登录，请登录后重试！");
			}
			}
			return result;
			return returnBO;
			}

			/**