diff --git a/wfc-api/wfc-api-omada/src/main/java/org/wfc/omada/config/FeignConfig.java b/wfc-api/wfc-api-omada/src/main/java/org/wfc/omada/config/FeignConfig.java index 5ca6ce0..8592a9e 100644 --- a/wfc-api/wfc-api-omada/src/main/java/org/wfc/omada/config/FeignConfig.java +++ b/wfc-api/wfc-api-omada/src/main/java/org/wfc/omada/config/FeignConfig.java @@ -13,6 +13,7 @@ import org.springframework.http.ResponseEntity; import org.springframework.util.LinkedMultiValueMap; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponentsBuilder; +import org.wfc.common.core.constant.SecurityConstants; import org.wfc.common.redis.service.RedisService; import org.wfc.omada.config.domain.vo.AuthorizeTokenVO; import org.wfc.omada.config.domain.vo.OmadaResult; @@ -42,7 +43,6 @@ public class FeignConfig implements RequestInterceptor { private static final String CLIENT_ID = "client_id"; private static final String CLIENT_SECRET = "client_secret"; private static final String GRANT_TYPE = "grant_type"; - private static final String PRE_ACCESS_TOKEN = "AccessToken="; private static final String REFRESH_TOKEN = "refresh_token"; private static final String AUTHORIZATION = "Authorization"; private static final String CLIENT_CREDENTIALS = "client_credentials"; @@ -66,12 +66,12 @@ public class FeignConfig implements RequestInterceptor { } String accessToken = omadaResult.getResult().getAccessToken(); String refreshToken = omadaResult.getResult().getRefreshToken(); - authorization = PRE_ACCESS_TOKEN + accessToken; + authorization = SecurityConstants.PRE_ACCESS_TOKEN + accessToken; // 保存访问令牌和刷新令牌到redis中 redisService.setCacheObject(REDIS_ACCESS_TOKEN, accessToken, 7000L, TimeUnit.SECONDS); redisService.setCacheObject(REDIS_REFRESH_TOKEN, refreshToken, 13L, TimeUnit.DAYS); } else { - authorization = PRE_ACCESS_TOKEN + cacheAccessToken; + authorization = SecurityConstants.PRE_ACCESS_TOKEN + cacheAccessToken; } if (StrUtil.isNotBlank(authorization)) { // 更新最新的omadaUrl和omadacId diff --git a/wfc-common/wfc-common-core/src/main/java/org/wfc/common/core/constant/SecurityConstants.java b/wfc-common/wfc-common-core/src/main/java/org/wfc/common/core/constant/SecurityConstants.java index 2be0de2..90b2c59 100644 --- a/wfc-common/wfc-common-core/src/main/java/org/wfc/common/core/constant/SecurityConstants.java +++ b/wfc-common/wfc-common-core/src/main/java/org/wfc/common/core/constant/SecurityConstants.java @@ -27,6 +27,11 @@ public class SecurityConstants */ public static final String AUTHORIZATION_HEADER = "Authorization"; + /** + * 授权信息值 + */ + public static final String PRE_ACCESS_TOKEN = "AccessToken="; + /** * 请求来源 */ diff --git a/wfc-common/wfc-common-security/src/main/java/org/wfc/common/security/feign/FeignRequestInterceptor.java b/wfc-common/wfc-common-security/src/main/java/org/wfc/common/security/feign/FeignRequestInterceptor.java index f13bcef..04c7abd 100644 --- a/wfc-common/wfc-common-security/src/main/java/org/wfc/common/security/feign/FeignRequestInterceptor.java +++ b/wfc-common/wfc-common-security/src/main/java/org/wfc/common/security/feign/FeignRequestInterceptor.java @@ -9,47 +9,44 @@ import org.wfc.common.core.utils.StringUtils; import org.wfc.common.core.utils.ip.IpUtils; import javax.servlet.http.HttpServletRequest; +import java.util.Collection; import java.util.Map; /** * feign 请求拦截器 - * + * * @author wfc */ @Component -public class FeignRequestInterceptor implements RequestInterceptor -{ +public class FeignRequestInterceptor implements RequestInterceptor { @Override - public void apply(RequestTemplate requestTemplate) - { + public void apply(RequestTemplate requestTemplate) { HttpServletRequest httpServletRequest = ServletUtils.getRequest(); - if (StringUtils.isNotNull(httpServletRequest)) - { + if (StringUtils.isNotNull(httpServletRequest)) { Map headers = ServletUtils.getHeaders(httpServletRequest); // 传递用户信息请求头,防止丢失 String userId = headers.get(SecurityConstants.DETAILS_USER_ID); - if (StringUtils.isNotEmpty(userId)) - { + if (StringUtils.isNotEmpty(userId)) { requestTemplate.header(SecurityConstants.DETAILS_USER_ID, userId); } String userKey = headers.get(SecurityConstants.USER_KEY); - if (StringUtils.isNotEmpty(userKey)) - { + if (StringUtils.isNotEmpty(userKey)) { requestTemplate.header(SecurityConstants.USER_KEY, userKey); } String userName = headers.get(SecurityConstants.DETAILS_USERNAME); - if (StringUtils.isNotEmpty(userName)) - { + if (StringUtils.isNotEmpty(userName)) { requestTemplate.header(SecurityConstants.DETAILS_USERNAME, userName); } String authentication = headers.get(SecurityConstants.AUTHORIZATION_HEADER); - if (StringUtils.isNotEmpty(authentication)) - { - requestTemplate.header(SecurityConstants.AUTHORIZATION_HEADER, authentication); + if (StringUtils.isNotEmpty(authentication)) { + Collection headerValues = requestTemplate.headers().get(SecurityConstants.AUTHORIZATION_HEADER); + boolean hasToken = headerValues.stream().anyMatch(c -> c.startsWith(SecurityConstants.PRE_ACCESS_TOKEN)); + if (!hasToken) { + requestTemplate.header(SecurityConstants.AUTHORIZATION_HEADER, authentication); + } } String language = headers.get(SecurityConstants.CONTENT_LANGUAGE); - if (StringUtils.isNotEmpty(language)) - { + if (StringUtils.isNotEmpty(language)) { requestTemplate.header(SecurityConstants.CONTENT_LANGUAGE, language); } String platform = headers.get(SecurityConstants.DETAILS_PLATFORM); diff --git a/wfc-gateway/src/main/java/org/wfc/gateway/filter/AuthFilter.java b/wfc-gateway/src/main/java/org/wfc/gateway/filter/AuthFilter.java index d60b061..59a406a 100644 --- a/wfc-gateway/src/main/java/org/wfc/gateway/filter/AuthFilter.java +++ b/wfc-gateway/src/main/java/org/wfc/gateway/filter/AuthFilter.java @@ -1,5 +1,6 @@ package org.wfc.gateway.filter; +import io.jsonwebtoken.Claims; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -19,11 +20,8 @@ import org.wfc.common.core.utils.ServletUtils; import org.wfc.common.core.utils.StringUtils; import org.wfc.common.redis.service.RedisService; import org.wfc.gateway.config.properties.IgnoreWhiteProperties; -import io.jsonwebtoken.Claims; import reactor.core.publisher.Mono; -import java.util.Arrays; - /** * 网关鉴权 * @@ -41,10 +39,6 @@ public class AuthFilter implements GlobalFilter, Ordered @Autowired private RedisService redisService; - private static final String[] feignOmadaUrls = {"system/dashboard/overview", "system/dashboard/page", "schedule/job/run", - "system/client/list", "u/order", "u/order/paySuccess", "/payment/aliPay/callback", "/payment/wxPay/callback"}; - - @Override public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { @@ -89,10 +83,6 @@ public class AuthFilter implements GlobalFilter, Ordered addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid); addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username); addHeader(mutate, SecurityConstants.DETAILS_PLATFORM, platform); - // feign omada api 调用处理 - if (Arrays.stream(feignOmadaUrls).anyMatch(url::contains)) { - removeHeader(mutate, SecurityConstants.AUTHORIZATION_HEADER); - } // 内部请求来源参数清除 removeHeader(mutate, SecurityConstants.FROM_SOURCE); return chain.filter(exchange.mutate().request(mutate.build()).build());