Fixing .gitignore
This commit is contained in:
wangjinlei
@@ -1,110 +1,110 @@
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.peanut.common.utils.HttpContextUtils;
|
||||
import com.peanut.common.utils.R;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.http.HttpStatus;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* oauth2过滤器
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class OAuth2Filter extends AuthenticatingFilter {
|
||||
|
||||
@Override
|
||||
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token
|
||||
String token = getRequestToken((HttpServletRequest) request);
|
||||
|
||||
if(StringUtils.isBlank(token)){
|
||||
return null;
|
||||
}
|
||||
|
||||
return new OAuth2Token(token);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
|
||||
if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token,如果token不存在,直接返回401
|
||||
String token = getRequestToken((HttpServletRequest) request);
|
||||
if(StringUtils.isBlank(token)){
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
|
||||
String json = new Gson().toJson(R.error(HttpStatus.SC_UNAUTHORIZED, "invalid token"));
|
||||
|
||||
httpResponse.getWriter().print(json);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return executeLogin(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.setContentType("application/json;charset=utf-8");
|
||||
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
try {
|
||||
//处理登录失败的异常
|
||||
Throwable throwable = e.getCause() == null ? e : e.getCause();
|
||||
R r = R.error(HttpStatus.SC_UNAUTHORIZED, throwable.getMessage());
|
||||
|
||||
String json = new Gson().toJson(r);
|
||||
httpResponse.getWriter().print(json);
|
||||
} catch (IOException e1) {
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取请求的token
|
||||
*/
|
||||
private String getRequestToken(HttpServletRequest httpRequest){
|
||||
//从header中获取token
|
||||
String token = httpRequest.getHeader("token");
|
||||
|
||||
//如果header中不存在token,则从参数中获取token
|
||||
if(StringUtils.isBlank(token)){
|
||||
token = httpRequest.getParameter("token");
|
||||
}
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.peanut.common.utils.HttpContextUtils;
|
||||
import com.peanut.common.utils.R;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.http.HttpStatus;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* oauth2过滤器
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class OAuth2Filter extends AuthenticatingFilter {
|
||||
|
||||
@Override
|
||||
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token
|
||||
String token = getRequestToken((HttpServletRequest) request);
|
||||
|
||||
if(StringUtils.isBlank(token)){
|
||||
return null;
|
||||
}
|
||||
|
||||
return new OAuth2Token(token);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
|
||||
if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token,如果token不存在,直接返回401
|
||||
String token = getRequestToken((HttpServletRequest) request);
|
||||
if(StringUtils.isBlank(token)){
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
|
||||
String json = new Gson().toJson(R.error(HttpStatus.SC_UNAUTHORIZED, "invalid token"));
|
||||
|
||||
httpResponse.getWriter().print(json);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return executeLogin(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.setContentType("application/json;charset=utf-8");
|
||||
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
try {
|
||||
//处理登录失败的异常
|
||||
Throwable throwable = e.getCause() == null ? e : e.getCause();
|
||||
R r = R.error(HttpStatus.SC_UNAUTHORIZED, throwable.getMessage());
|
||||
|
||||
String json = new Gson().toJson(r);
|
||||
httpResponse.getWriter().print(json);
|
||||
} catch (IOException e1) {
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取请求的token
|
||||
*/
|
||||
private String getRequestToken(HttpServletRequest httpRequest){
|
||||
//从header中获取token
|
||||
String token = httpRequest.getHeader("token");
|
||||
|
||||
//如果header中不存在token,则从参数中获取token
|
||||
if(StringUtils.isBlank(token)){
|
||||
token = httpRequest.getParameter("token");
|
||||
}
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -1,112 +1,112 @@
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.peanut.modules.book.entity.MyUserEntity;
|
||||
import com.peanut.modules.sys.entity.SysUserEntity;
|
||||
import com.peanut.modules.sys.entity.SysUserTokenEntity;
|
||||
import com.peanut.modules.sys.service.ShiroService;
|
||||
import com.peanut.modules.sys.service.SysUserTokenService;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
||||
import org.apache.shiro.realm.AuthorizingRealm;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 认证
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
@Component
|
||||
public class OAuth2Realm extends AuthorizingRealm {
|
||||
@Autowired
|
||||
private ShiroService shiroService;
|
||||
@Autowired
|
||||
private SysUserTokenService sysUserTokenService;
|
||||
|
||||
@Override
|
||||
public boolean supports(AuthenticationToken token) {
|
||||
return token instanceof OAuth2Token;
|
||||
}
|
||||
|
||||
/**
|
||||
* 授权(验证权限时调用)
|
||||
*/
|
||||
@Override
|
||||
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
|
||||
long userId = 0;
|
||||
System.out.println("aaaaa"+principals.getPrimaryPrincipal());
|
||||
if (principals.toString().contains("MyUserEntity")){
|
||||
MyUserEntity user = (MyUserEntity) principals.getPrimaryPrincipal();
|
||||
userId = Long.valueOf(user.getId());
|
||||
}else {
|
||||
SysUserEntity user = (SysUserEntity)principals.getPrimaryPrincipal();
|
||||
userId = user.getUserId();
|
||||
}
|
||||
//用户权限列表
|
||||
Set<String> permsSet = shiroService.getUserPermissions(userId);
|
||||
|
||||
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
|
||||
info.setStringPermissions(permsSet);
|
||||
return info;
|
||||
}
|
||||
|
||||
/**
|
||||
* 认证(登录时调用)
|
||||
*/
|
||||
@Override
|
||||
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
|
||||
String accessToken = (String) token.getPrincipal();
|
||||
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo();
|
||||
//根据accessToken,查询用户信息
|
||||
SysUserTokenEntity tokenEntity = shiroService.queryByToken(accessToken);
|
||||
//token失效
|
||||
if(tokenEntity == null || tokenEntity.getExpireTime().getTime() < System.currentTimeMillis()){
|
||||
throw new IncorrectCredentialsException("token失效,请重新登录");
|
||||
}
|
||||
Long userId = tokenEntity.getUserId();
|
||||
|
||||
Long timeout = (tokenEntity.getExpireTime().getTime() - System.currentTimeMillis())/(1000 * 60 * 60);
|
||||
|
||||
if (timeout <= 24){
|
||||
// token 续期
|
||||
//当前时间
|
||||
Date now = new Date();
|
||||
//过期时间
|
||||
Date expireTime = new Date(now.getTime() + (3600 *24 * 10 * 1000) );
|
||||
|
||||
tokenEntity.setExpireTime(expireTime);
|
||||
|
||||
sysUserTokenService.updateById(tokenEntity);
|
||||
}
|
||||
|
||||
|
||||
//判断前后台用户
|
||||
if (userId >= 10000) {
|
||||
MyUserEntity myUserEntity = shiroService.queryAppUser(userId);
|
||||
info = new SimpleAuthenticationInfo(myUserEntity, accessToken, getName());
|
||||
}else {
|
||||
//查询用户信息
|
||||
SysUserEntity user = shiroService.queryUser(tokenEntity.getUserId());
|
||||
//账号锁定
|
||||
if(user.getStatus() == 0){
|
||||
throw new LockedAccountException("账号已被锁定,请联系管理员");
|
||||
}
|
||||
info = new SimpleAuthenticationInfo(user, accessToken, getName());
|
||||
}
|
||||
|
||||
return info;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.peanut.modules.book.entity.MyUserEntity;
|
||||
import com.peanut.modules.sys.entity.SysUserEntity;
|
||||
import com.peanut.modules.sys.entity.SysUserTokenEntity;
|
||||
import com.peanut.modules.sys.service.ShiroService;
|
||||
import com.peanut.modules.sys.service.SysUserTokenService;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
||||
import org.apache.shiro.realm.AuthorizingRealm;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 认证
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
@Component
|
||||
public class OAuth2Realm extends AuthorizingRealm {
|
||||
@Autowired
|
||||
private ShiroService shiroService;
|
||||
@Autowired
|
||||
private SysUserTokenService sysUserTokenService;
|
||||
|
||||
@Override
|
||||
public boolean supports(AuthenticationToken token) {
|
||||
return token instanceof OAuth2Token;
|
||||
}
|
||||
|
||||
/**
|
||||
* 授权(验证权限时调用)
|
||||
*/
|
||||
@Override
|
||||
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
|
||||
long userId = 0;
|
||||
System.out.println("aaaaa"+principals.getPrimaryPrincipal());
|
||||
if (principals.toString().contains("MyUserEntity")){
|
||||
MyUserEntity user = (MyUserEntity) principals.getPrimaryPrincipal();
|
||||
userId = Long.valueOf(user.getId());
|
||||
}else {
|
||||
SysUserEntity user = (SysUserEntity)principals.getPrimaryPrincipal();
|
||||
userId = user.getUserId();
|
||||
}
|
||||
//用户权限列表
|
||||
Set<String> permsSet = shiroService.getUserPermissions(userId);
|
||||
|
||||
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
|
||||
info.setStringPermissions(permsSet);
|
||||
return info;
|
||||
}
|
||||
|
||||
/**
|
||||
* 认证(登录时调用)
|
||||
*/
|
||||
@Override
|
||||
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
|
||||
String accessToken = (String) token.getPrincipal();
|
||||
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo();
|
||||
//根据accessToken,查询用户信息
|
||||
SysUserTokenEntity tokenEntity = shiroService.queryByToken(accessToken);
|
||||
//token失效
|
||||
if(tokenEntity == null || tokenEntity.getExpireTime().getTime() < System.currentTimeMillis()){
|
||||
throw new IncorrectCredentialsException("token失效,请重新登录");
|
||||
}
|
||||
Long userId = tokenEntity.getUserId();
|
||||
|
||||
Long timeout = (tokenEntity.getExpireTime().getTime() - System.currentTimeMillis())/(1000 * 60 * 60);
|
||||
|
||||
if (timeout <= 24){
|
||||
// token 续期
|
||||
//当前时间
|
||||
Date now = new Date();
|
||||
//过期时间
|
||||
Date expireTime = new Date(now.getTime() + (3600 *24 * 10 * 1000) );
|
||||
|
||||
tokenEntity.setExpireTime(expireTime);
|
||||
|
||||
sysUserTokenService.updateById(tokenEntity);
|
||||
}
|
||||
|
||||
|
||||
//判断前后台用户
|
||||
if (userId >= 10000) {
|
||||
MyUserEntity myUserEntity = shiroService.queryAppUser(userId);
|
||||
info = new SimpleAuthenticationInfo(myUserEntity, accessToken, getName());
|
||||
}else {
|
||||
//查询用户信息
|
||||
SysUserEntity user = shiroService.queryUser(tokenEntity.getUserId());
|
||||
//账号锁定
|
||||
if(user.getStatus() == 0){
|
||||
throw new LockedAccountException("账号已被锁定,请联系管理员");
|
||||
}
|
||||
info = new SimpleAuthenticationInfo(user, accessToken, getName());
|
||||
}
|
||||
|
||||
return info;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,35 +1,35 @@
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
|
||||
/**
|
||||
* token
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class OAuth2Token implements AuthenticationToken {
|
||||
private String token;
|
||||
|
||||
public OAuth2Token(String token){
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrincipal() {
|
||||
return token;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getCredentials() {
|
||||
return token;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
|
||||
/**
|
||||
* token
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class OAuth2Token implements AuthenticationToken {
|
||||
private String token;
|
||||
|
||||
public OAuth2Token(String token){
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrincipal() {
|
||||
return token;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getCredentials() {
|
||||
return token;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,52 +1,52 @@
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.peanut.common.exception.RRException;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* 生成token
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class TokenGenerator {
|
||||
|
||||
public static String generateValue() {
|
||||
return generateValue(UUID.randomUUID().toString());
|
||||
}
|
||||
|
||||
private static final char[] hexCode = "0123456789abcdef".toCharArray();
|
||||
|
||||
public static String toHexString(byte[] data) {
|
||||
if(data == null) {
|
||||
return null;
|
||||
}
|
||||
StringBuilder r = new StringBuilder(data.length*2);
|
||||
for ( byte b : data) {
|
||||
r.append(hexCode[(b >> 4) & 0xF]);
|
||||
r.append(hexCode[(b & 0xF)]);
|
||||
}
|
||||
return r.toString();
|
||||
}
|
||||
|
||||
public static String generateValue(String param) {
|
||||
try {
|
||||
MessageDigest algorithm = MessageDigest.getInstance("MD5");
|
||||
algorithm.reset();
|
||||
algorithm.update(param.getBytes());
|
||||
byte[] messageDigest = algorithm.digest();
|
||||
return toHexString(messageDigest);
|
||||
} catch (Exception e) {
|
||||
throw new RRException("生成Token失败", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2016-2019 人人开源 All rights reserved.
|
||||
*
|
||||
* https://www.renren.io
|
||||
*
|
||||
* 版权所有,侵权必究!
|
||||
*/
|
||||
|
||||
package com.peanut.modules.sys.oauth2;
|
||||
|
||||
import com.peanut.common.exception.RRException;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* 生成token
|
||||
*
|
||||
* @author Mark sunlightcs@gmail.com
|
||||
*/
|
||||
public class TokenGenerator {
|
||||
|
||||
public static String generateValue() {
|
||||
return generateValue(UUID.randomUUID().toString());
|
||||
}
|
||||
|
||||
private static final char[] hexCode = "0123456789abcdef".toCharArray();
|
||||
|
||||
public static String toHexString(byte[] data) {
|
||||
if(data == null) {
|
||||
return null;
|
||||
}
|
||||
StringBuilder r = new StringBuilder(data.length*2);
|
||||
for ( byte b : data) {
|
||||
r.append(hexCode[(b >> 4) & 0xF]);
|
||||
r.append(hexCode[(b & 0xF)]);
|
||||
}
|
||||
return r.toString();
|
||||
}
|
||||
|
||||
public static String generateValue(String param) {
|
||||
try {
|
||||
MessageDigest algorithm = MessageDigest.getInstance("MD5");
|
||||
algorithm.reset();
|
||||
algorithm.update(param.getBytes());
|
||||
byte[] messageDigest = algorithm.digest();
|
||||
return toHexString(messageDigest);
|
||||
} catch (Exception e) {
|
||||
throw new RRException("生成Token失败", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user