Commit 50f0b9fb31a6d37912cd1e109fa3225faddabdae
1 parent
8d3d6df5
bugfix:网关鉴权BUG修复
Showing
5 changed files
with
45 additions
and
4 deletions
.idea/compiler.xml
| ... | ... | @@ -2,6 +2,7 @@ |
| 2 | 2 | <project version="4"> |
| 3 | 3 | <component name="CompilerConfiguration"> |
| 4 | 4 | <annotationProcessing> |
| 5 | + <profile default="true" name="Default" enabled="true" /> | |
| 5 | 6 | <profile name="Maven default annotation processors profile" enabled="true"> |
| 6 | 7 | <sourceOutputDir name="target/generated-sources/annotations" /> |
| 7 | 8 | <sourceTestOutputDir name="target/generated-test-sources/test-annotations" /> | ... | ... |
sl-express-gateway/src/main/java/com/sl/gateway/filter/CourierTokenGatewayFilterFactory.java
| ... | ... | @@ -3,6 +3,7 @@ package com.sl.gateway.filter; |
| 3 | 3 | import com.itheima.auth.sdk.dto.AuthUserInfoDTO; |
| 4 | 4 | import com.itheima.auth.sdk.service.TokenCheckService; |
| 5 | 5 | import com.sl.gateway.config.MyConfig; |
| 6 | +import com.sl.transport.common.util.JwtUtils; | |
| 6 | 7 | import lombok.extern.slf4j.Slf4j; |
| 7 | 8 | import org.springframework.cloud.gateway.filter.GatewayFilter; |
| 8 | 9 | import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; | ... | ... |
sl-express-gateway/src/main/java/com/sl/gateway/filter/CustomerTokenGatewayFilterFactory.java
| ... | ... | @@ -4,12 +4,14 @@ import com.itheima.auth.sdk.dto.AuthUserInfoDTO; |
| 4 | 4 | import com.sl.gateway.config.MyConfig; |
| 5 | 5 | import com.sl.gateway.properties.JwtProperties; |
| 6 | 6 | import com.sl.transport.common.constant.Constants; |
| 7 | +import com.sl.transport.common.util.JwtUtils; | |
| 7 | 8 | import lombok.extern.slf4j.Slf4j; |
| 8 | 9 | import org.springframework.cloud.gateway.filter.GatewayFilter; |
| 9 | 10 | import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; |
| 10 | 11 | import org.springframework.stereotype.Component; |
| 11 | 12 | |
| 12 | 13 | import javax.annotation.Resource; |
| 14 | +import java.util.Map; | |
| 13 | 15 | |
| 14 | 16 | /** |
| 15 | 17 | * 用户端token拦截处理 |
| ... | ... | @@ -32,7 +34,21 @@ public class CustomerTokenGatewayFilterFactory extends AbstractGatewayFilterFact |
| 32 | 34 | @Override |
| 33 | 35 | public AuthUserInfoDTO check(String token) { |
| 34 | 36 | // 普通用户的token没有对接权限系统,需要自定实现 |
| 35 | - return null; | |
| 37 | + try { | |
| 38 | +// 基于JwtUtils解析token获取Claims内容 | |
| 39 | + Map<String, Object> claims = JwtUtils.checkToken(jwtProperties.getPublicKey(), token); | |
| 40 | + | |
| 41 | +// 在解析的内容中获取用户ID | |
| 42 | + Long userId = (Long) claims.get("userId"); | |
| 43 | + | |
| 44 | +// 封装AuthUserInfoDTO对象返回 | |
| 45 | + AuthUserInfoDTO authUserInfoDTO = new AuthUserInfoDTO(); | |
| 46 | + authUserInfoDTO.setUserId(userId); | |
| 47 | + return authUserInfoDTO; | |
| 48 | + } catch (Exception e) { | |
| 49 | + log.error(">>>>>>>>>>>>>>>>>> 解析用户登录token失败 >>>>>>>>>>>>>>>>"); | |
| 50 | + return null; | |
| 51 | + } | |
| 36 | 52 | } |
| 37 | 53 | |
| 38 | 54 | @Override | ... | ... |
sl-express-gateway/src/main/java/com/sl/gateway/filter/ManagerTokenGatewayFilterFactory.java
| 1 | 1 | package com.sl.gateway.filter; |
| 2 | 2 | |
| 3 | +import cn.hutool.core.collection.CollUtil; | |
| 4 | +import com.itheima.auth.factory.AuthTemplateFactory; | |
| 5 | +import com.itheima.auth.sdk.AuthTemplate; | |
| 6 | +import com.itheima.auth.sdk.common.Result; | |
| 3 | 7 | import com.itheima.auth.sdk.dto.AuthUserInfoDTO; |
| 4 | 8 | import com.itheima.auth.sdk.service.TokenCheckService; |
| 5 | 9 | import com.sl.gateway.config.MyConfig; |
| 10 | +import org.springframework.beans.factory.annotation.Value; | |
| 6 | 11 | import org.springframework.cloud.gateway.filter.GatewayFilter; |
| 7 | 12 | import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; |
| 8 | 13 | import org.springframework.stereotype.Component; |
| 9 | 14 | |
| 10 | 15 | import javax.annotation.Resource; |
| 16 | +import java.util.Collection; | |
| 17 | +import java.util.List; | |
| 11 | 18 | |
| 12 | 19 | /** |
| 13 | 20 | * 后台管理员token拦截处理 |
| ... | ... | @@ -17,9 +24,13 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto |
| 17 | 24 | |
| 18 | 25 | @Resource |
| 19 | 26 | private MyConfig myConfig; |
| 27 | + | |
| 20 | 28 | @Resource |
| 21 | 29 | private TokenCheckService tokenCheckService; |
| 22 | 30 | |
| 31 | + @Value("${role.manager}") | |
| 32 | + private List<Long> managerRoleIds; | |
| 33 | + | |
| 23 | 34 | @Override |
| 24 | 35 | public GatewayFilter apply(Object config) { |
| 25 | 36 | //由于实现了AuthFilter接口,所以可以传递this对象到TokenGatewayFilter中 |
| ... | ... | @@ -34,6 +45,18 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto |
| 34 | 45 | |
| 35 | 46 | @Override |
| 36 | 47 | public Boolean auth(String token, AuthUserInfoDTO authUserInfoDTO, String path) { |
| 37 | - return true; | |
| 48 | +// 获取AuthTemplate对象 | |
| 49 | + AuthTemplate authTemplate = AuthTemplateFactory.get(token); | |
| 50 | + | |
| 51 | +// 查询登录用户对应的角色id | |
| 52 | + Result<List<Long>> roleByUserId = authTemplate.opsForRole().findRoleByUserId(authUserInfoDTO.getUserId()); | |
| 53 | + List<Long> roleIds = roleByUserId.getData(); | |
| 54 | + | |
| 55 | +// 和配置的访问角色 取交集 | |
| 56 | + Collection<Long> intersection = CollUtil.intersection(roleIds, managerRoleIds); | |
| 57 | + | |
| 58 | +// 判断是否有交集即可判断出是否有权限 | |
| 59 | + return CollUtil.isNotEmpty(intersection); | |
| 38 | 60 | } |
| 61 | + | |
| 39 | 62 | } | ... | ... |
sl-express-gateway/src/test/java/com/sl/gateway/auth/AuthTemplateTest.java
| ... | ... | @@ -34,7 +34,7 @@ public class AuthTemplateTest { |
| 34 | 34 | public void testLogin() { |
| 35 | 35 | //登录 |
| 36 | 36 | Result<LoginDTO> result = this.authTemplate.opsForLogin() |
| 37 | - .token("zhangsan", "123456"); | |
| 37 | + .token("sl001", "123456"); | |
| 38 | 38 | |
| 39 | 39 | String token = result.getData().getToken().getToken(); |
| 40 | 40 | System.out.println("token为:" + token); |
| ... | ... | @@ -51,7 +51,7 @@ public class AuthTemplateTest { |
| 51 | 51 | @Test |
| 52 | 52 | public void checkToken() { |
| 53 | 53 | //上面方法中生成的token |
| 54 | - String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDAyNjIxMzAwOTkwMDc2NzA1IiwiYWNjb3VudCI6InpoYW5nc2FuIiwibmFtZSI6IuW8oOS4iSIsIm9yZ2lkIjoxMDAyNjE5NTU4MzU3NDI1OTUzLCJzdGF0aW9uaWQiOjk4MTIyMzcwMzMzNTQxMDYyNSwiYWRtaW5pc3RyYXRvciI6ZmFsc2UsImV4cCI6MTY1OTEzNDA0MH0.WBZaeBvmuw202raw7JvvHnIMpST28d0gv6ufVDenL_iGQwdClucUfd3YPLg9BLoiosaP16SEuB1nM_-HWl8rUA"; | |
| 54 | + String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDI1NDI4Njg3MzEyNjg0OTI5IiwiYWNjb3VudCI6InNsMDAxIiwibmFtZSI6IuW8oOaIkOmjniIsIm9yZ2lkIjoxMDI0NzA0ODQ0NDg2NzU2NjQxLCJzdGF0aW9uaWQiOjEwMjQ3MDU0ODk0MzY0OTQ3MjEsImFkbWluaXN0cmF0b3IiOmZhbHNlLCJleHAiOjE2OTYzNjMwNDF9.kOtK7uEGXOqCQIqFYV88ITie-_ppcooX3nrs4ojSYsCB0ir0JBx_eO1WWw5Mqw0K3sVSf6-Rfxu-Dpr-IhRTgA"; | |
| 55 | 55 | AuthUserInfoDTO authUserInfo = this.tokenCheckService.parserToken(token); |
| 56 | 56 | System.out.println(authUserInfo); |
| 57 | 57 | ... | ... |