From deb1110ca94cb0ac7bcdc51b4e8dd00407792a94 Mon Sep 17 00:00:00 2001
From: zhaoxiaohao <279049017@qq.com>
Date: Thu, 18 Mar 2021 15:11:54 +0800
Subject: [PATCH] 优化去除token的操作
---
kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java | 48 ++++--------------------
kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/TokenService.java | 11 +++++
kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/impl/TokenServiceImpl.java | 42 +++++++++++++++++++++
3 files changed, 61 insertions(+), 40 deletions(-)
diff --git a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java
index 26df49d..630521a 100644
--- a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java
+++ b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java
@@ -1,8 +1,6 @@
package com.kidgrow.zuul.filter;
-import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSON;
-import com.kidgrow.authclient.util.AuthUtils;
import com.kidgrow.common.model.ResultBody;
import com.kidgrow.common.model.SysOrganization;
import com.kidgrow.common.model.SysUser;
@@ -11,6 +9,7 @@
import com.kidgrow.redis.util.RedisUtils;
import com.kidgrow.zuul.feign.SysOrganizationService;
import com.kidgrow.zuul.feign.SysUserOrgService;
+import com.kidgrow.zuul.service.TokenService;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import lombok.SneakyThrows;
@@ -21,12 +20,8 @@
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Component;
-import org.springframework.util.Assert;
import javax.servlet.http.HttpServletRequest;
import java.util.*;
@@ -36,7 +31,7 @@
/**
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>
*
- * @Description: 将认证用户的相关信息放入header中, 后端服务可以直接读取使用 包含了----组织的拦截---<br>
+ * @Description: 将认证用户的相关信息放入header中, 后端服务可以直接读取使用 包含了----组织的拦截--- 如果被拦截,将清除token<br>
* @Project: <br>
* @CreateDate: Created in 2020/2/21 10:12 <br>
* @Author: <a href="4345453@kidgrow.com">liuke</a>
@@ -66,9 +61,7 @@
@Autowired
private SysOrganizationService sysOrganizationService;
@Autowired
- private TokenStore tokenStore;
-
- private final String CLIENTID = "webApp";//运营端
+ private TokenService tokenService;
@SneakyThrows
@Override
@@ -80,10 +73,6 @@
// 获取request对象
HttpServletRequest request = currentContext.getRequest();
//security会把一个SecurityContextImpl对象存储到session中,此对象中有当前用户的各种资料
- String token = request.getParameter("token");
- if (StrUtil.isEmpty(token)) {
- token = AuthUtils.extractToken(request);
- }
SecurityContextImpl securityContextImpl = (SecurityContextImpl) request
.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
authentication = securityContextImpl.getAuthentication();
@@ -92,8 +81,6 @@
if (principal instanceof SysUser) {
//运营端进行
OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
- String clientId = oauth2Authentication.getOAuth2Request().getClientId();
-// if (CLIENTID.equals(clientId)) {
SysUser user = (SysUser) authentication.getPrincipal();
/**
* 将组织中为空的拦截
@@ -101,7 +88,7 @@
List<SysUserOrg> sysUserOrgs = this.getSysUserOrg(user.getId());
if (sysUserOrgs == null || sysUserOrgs.isEmpty()) {
//退出的操作
- this.logout(request);
+ this.tokenService.logout(request);
ctx.setSendZuulResponse(false);
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
// String str = new String("您的组织已经被禁用,请联系管理员".getBytes("utf-8"), "utf-8");
@@ -123,7 +110,7 @@
List<SysOrganization> sysOrganizations = JSON.parseArray(JSON.toJSONString(sysOrganizationService.getListByMap(map).getData()), SysOrganization.class);
if (sysOrganizations == null || sysOrganizations.size() <= 0) {
//退出的操作
- this.logout(request);
+ this.tokenService.logout(request);
ctx.setSendZuulResponse(false);
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
@@ -131,7 +118,7 @@
for (SysOrganization sysOrganization : sysOrganizations) {
if (!sysOrganization.getEnabled() || sysOrganization.getIsDel()) {
//退出的操作
- this.logout(request);
+ this.tokenService.logout(request);
ctx.setSendZuulResponse(false);
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
@@ -145,27 +132,8 @@
}
return null;
}
- //根据token退出
- public void logout(HttpServletRequest request) {
- Assert.notNull(tokenStore, "tokenStore must be set");
- String token = request.getParameter("token");
- if (StrUtil.isEmpty(token)) {
- token = AuthUtils.extractToken(request);
- }
- if(StrUtil.isNotEmpty(token)){
- OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
- OAuth2RefreshToken refreshToken;
- if (existingAccessToken != null) {
- if (existingAccessToken.getRefreshToken() != null) {
- log.info("remove refreshToken!", existingAccessToken.getRefreshToken());
- refreshToken = existingAccessToken.getRefreshToken();
- tokenStore.removeRefreshToken(refreshToken);
- }
- log.info("remove existingAccessToken!", existingAccessToken);
- tokenStore.removeAccessToken(existingAccessToken);
- }
- }
- }
+
+
/**
* 通过userID 获取组织的关系
diff --git a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/TokenService.java b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/TokenService.java
new file mode 100644
index 0000000..c65de9d
--- /dev/null
+++ b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/TokenService.java
@@ -0,0 +1,11 @@
+package com.kidgrow.zuul.service;
+
+import javax.servlet.http.HttpServletRequest;
+
+public interface TokenService {
+ /**
+ * 退出的接口
+ * @param request
+ */
+ void logout(HttpServletRequest request);
+}
diff --git a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/impl/TokenServiceImpl.java b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/impl/TokenServiceImpl.java
new file mode 100644
index 0000000..19d6fc1
--- /dev/null
+++ b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/service/impl/TokenServiceImpl.java
@@ -0,0 +1,42 @@
+package com.kidgrow.zuul.service.impl;
+
+import cn.hutool.core.util.StrUtil;
+import com.kidgrow.authclient.util.AuthUtils;
+import com.kidgrow.zuul.service.TokenService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2RefreshToken;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.stereotype.Service;
+import org.springframework.util.Assert;
+
+import javax.servlet.http.HttpServletRequest;
+@Service
+public class TokenServiceImpl implements TokenService {
+
+ @Autowired
+ private TokenStore tokenStore;
+ /**
+ * 退出的接口
+ * @param request
+ */
+ @Override
+ public void logout(HttpServletRequest request) {
+ Assert.notNull(tokenStore, "tokenStore must be set");
+ String token = request.getParameter("token");
+ if (StrUtil.isEmpty(token)) {
+ token = AuthUtils.extractToken(request);
+ }
+ if(StrUtil.isNotEmpty(token)){
+ OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
+ OAuth2RefreshToken refreshToken;
+ if (existingAccessToken != null) {
+ if (existingAccessToken.getRefreshToken() != null) {
+ refreshToken = existingAccessToken.getRefreshToken();
+ tokenStore.removeRefreshToken(refreshToken);
+ }
+ tokenStore.removeAccessToken(existingAccessToken);
+ }
+ }
+ }
+}
--
Gitblit v1.8.0