| | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | import java.io.IOException; |
|---|
| | | import java.io.OutputStreamWriter; |
|---|
| | | import java.io.PrintWriter; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * token 校验过滤器 |
|---|
| | |
|---|
| | | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) |
|---|
| | | throws ServletException, IOException { |
|---|
| | | String auth = request.getHeader("Blade-Auth"); |
|---|
| | | if (!StringUtils.isBlank(auth)) { |
|---|
| | | String token = JwtUtil.getToken(auth); |
|---|
| | | Claims claims = JwtUtil.parseJWT(token); |
|---|
| | | if (!StringUtils.isBlank(token) && null!=claims) { |
|---|
| | | //判断 Token 状态 |
|---|
| | | String tenantId = String.valueOf(claims.get(TokenConstant.TENANT_ID)); |
|---|
| | | String userId = String.valueOf(claims.get(TokenConstant.USER_ID)); |
|---|
| | | String account = String.valueOf(claims.get(TokenConstant.ACCOUNT)); |
|---|
| | | String accessToken = JwtUtil.getAccessToken(tenantId, userId, token); |
|---|
| | | if (token.equalsIgnoreCase(accessToken)) { |
|---|
| | | UsernamePasswordAuthenticationToken authenticationToken |
|---|
| | | = new UsernamePasswordAuthenticationToken(account, null); |
|---|
| | | authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); |
|---|
| | | SecurityContextHolder.getContext().setAuthentication(authenticationToken); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | if (StringUtils.isBlank(auth)) { |
|---|
| | | // 无授权处理 |
|---|
| | | unAuthResponse(response); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | |
|---|
| | | String token = JwtUtil.getToken(auth); |
|---|
| | | Claims claims = JwtUtil.parseJWT(token); |
|---|
| | | if (!StringUtils.isBlank(token) && null!=claims) { |
|---|
| | | //判断 Token 状态 |
|---|
| | | String tenantId = String.valueOf(claims.get(TokenConstant.TENANT_ID)); |
|---|
| | | String userId = String.valueOf(claims.get(TokenConstant.USER_ID)); |
|---|
| | | String account = String.valueOf(claims.get(TokenConstant.ACCOUNT)); |
|---|
| | | String accessToken = JwtUtil.getAccessToken(tenantId, userId, token); |
|---|
| | | if (token.equalsIgnoreCase(accessToken)) { |
|---|
| | | UsernamePasswordAuthenticationToken authenticationToken |
|---|
| | | = new UsernamePasswordAuthenticationToken(account, null); |
|---|
| | | authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); |
|---|
| | | SecurityContextHolder.getContext().setAuthentication(authenticationToken); |
|---|
| | | }else { |
|---|
| | | // 无授权处理 |
|---|
| | | unAuthResponse(response); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | }else { |
|---|
| | | // 无授权处理 |
|---|
| | | unAuthResponse(response); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | |
|---|
| | | filterChain.doFilter(request, response); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 无授权处理 |
|---|
| | | * @param response |
|---|
| | | * @throws IOException |
|---|
| | | */ |
|---|
| | | private void unAuthResponse(HttpServletResponse response) throws IOException { |
|---|
| | | response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); |
|---|
| | | response.setContentType("application/json;charset=UTF-8"); |
|---|
| | | PrintWriter writer = new PrintWriter(new OutputStreamWriter(response.getOutputStream(), "UTF-8")); |
|---|
| | | writer.write("{\"status\": 401,\n" + "\"error\": \"Unauthorized\"\n" + "}"); |
|---|
| | | writer.flush(); |
|---|
| | | } |
|---|
| | | } |
|---|
