Merge remote-tracking branch 'origin/zzj' into zzj

huanghongfa

2021-09-02 177249c76aeea0b4bf8d8816d4994e3b445b45ce

 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java

@@ -1,12 +1,14 @@
package com.panzhihua.zuul.filters;

import com.alibaba.fastjson.JSONArray;
import com.panzhihua.common.constants.*;
import com.panzhihua.common.model.vos.R;
import com.panzhihua.common.utlis.JWTTokenUtil;
import com.panzhihua.common.utlis.ResultUtil;
import com.panzhihua.zuul.config.RealNamedConfig;
import io.jsonwebtoken.Claims;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.data.redis.core.StringRedisTemplate;
@@ -15,13 +17,16 @@
import org.springframework.stereotype.Component;
import org.springframework.web.context.support.WebApplicationContextUtils;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
import com.alibaba.fastjson.JSONArray;
import com.panzhihua.common.constants.HttpStatus;
import com.panzhihua.common.constants.SecurityConstants;
import com.panzhihua.common.constants.TokenConstant;
import com.panzhihua.common.model.vos.R;
import com.panzhihua.common.utlis.JWTTokenUtil;
import com.panzhihua.common.utlis.ResultUtil;
import com.panzhihua.zuul.config.RealNamedConfig;

import io.jsonwebtoken.Claims;

/**
 * @program: springcloud_k8s_panzhihuazhihuishequ
@@ -36,7 +41,6 @@
    @Autowired
    private RealNamedConfig realNamedConfig;


    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

@@ -45,30 +49,36 @@
    /**
     * 用户是否登录校验
     *
     * @param servletRequest  请求
     * @param servletResponse 返回
     * @param filterChain     过滤器链条
     * @throws IOException      io
     * @throws ServletException servlet
     * @param servletRequest
     *            请求
     * @param servletResponse
     *            返回
     * @param filterChain
     *            过滤器链条
     * @throws IOException
     *             io
     * @throws ServletException
     *             servlet
     */
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
        throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        SafeboxRequestWrapper safeboxRequestWrapper = new SafeboxRequestWrapper(request);
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpServletResponse response = (HttpServletResponse)servletResponse;

        // 获取请求头中JWT的Token
        String tokenHeader = request.getHeader(TokenConstant.TOKEN_HEADER);
        if (null != tokenHeader && tokenHeader.startsWith(TokenConstant.TOKEN_PRE)
                &&realNamedConfig!=null && realNamedConfig.getVerify()!=null &&realNamedConfig.getVerify().size()>0) {
        if (null != tokenHeader && tokenHeader.startsWith(TokenConstant.TOKEN_PRE) && realNamedConfig != null
            && realNamedConfig.getVerify() != null && realNamedConfig.getVerify().size() > 0) {
            String token = tokenHeader.replace(TokenConstant.TOKEN_PRE, "");

            // token解析
            Claims claims = JWTTokenUtil.getClaimsFromToken(token);
            if(claims!=null) {//检查token有效
            if (claims != null) {// 检查token有效
                String username = claims.getSubject();
                int type = (Integer) claims.get("type");
                if (1 == type) {//小程序用户统一角色
                int type = (Integer)claims.get("type");
                if (1 == type) {// 小程序用户统一角色
                    String requestURI = request.getRequestURI();
                    String requestMethod = request.getMethod().toLowerCase();

@@ -95,16 +105,18 @@
                            boolean userHashRight = false;
                            try {
                                String roles = valueOperations.get(appletUserRoleKey);
                                List<SimpleGrantedAuthority> authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
                                List<SimpleGrantedAuthority> authorities =
                                    JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
                                if (authorities != null && authorities.size() > 0) {
                                    AtomicBoolean userHasRightRole = new AtomicBoolean(false);
                                    authorities.forEach(authority -> {
                                        if (authority.getAuthority().equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
                                        if (authority.getAuthority()
                                            .equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
                                            userHasRightRole.set(true);
                                        }
                                    });
                                    if (userHasRightRole.get()) {
                                        //用户包含“已实名”角色，则放行 什么也不做
                                        // 用户包含“已实名”角色，则放行 什么也不做
                                        userHashRight = true;
                                    }
                                }