Parcourir la source

微信基础信息维护

trick9191 il y a 6 ans
Parent
commit
ef0bbad944

+ 5 - 0
gateway/ag-basic/pom.xml

@ -100,6 +100,11 @@
            <groupId>com.yihu.jw</groupId>
            <artifactId>common-web</artifactId>
        </dependency>
        <dependency>
            <groupId>com.yihu.jw</groupId>
            <artifactId>common-rest-model</artifactId>
        </dependency>
    </dependencies>
    <build>

+ 122 - 120
gateway/ag-basic/src/main/java/com/yihu/jw/gateway/filter/BasicZuulFilter.java

@ -1,91 +1,93 @@
//package com.yihu.jw.gateway.filter;
//
//import com.fasterxml.jackson.databind.ObjectMapper;
//import com.netflix.zuul.ZuulFilter;
//import com.netflix.zuul.context.RequestContext;
//import com.yihu.jw.restmodel.web.Envelop;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Primary;
//import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
//import org.springframework.http.HttpStatus;
//import org.springframework.security.oauth2.common.OAuth2AccessToken;
//import org.springframework.security.oauth2.provider.token.TokenStore;
//import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
//import org.springframework.stereotype.Component;
//
//import javax.servlet.http.HttpServletRequest;
//import java.io.IOException;
//
///**
// * Created by progr1mmer on 2017/12/27
// */
//@Component
//public class BasicZuulFilter extends ZuulFilter {
//
//    private static final Logger logger = LoggerFactory.getLogger(BasicZuulFilter.class);
//    private static final String ACCESS_TOKEN_PARAMETER = "token";
//
//    @Autowired
//    private ObjectMapper objectMapper;
//    @Autowired
//    private TokenStore tokenStore;
//
//    @Override
//    public String filterType() {
//        return "pre";
//    }
//
//    @Override
//    public int filterOrder() {
//        return 0;
//    }
//
//    @Override
//    public boolean shouldFilter() {
//        return true;
//    }
//
//    @Override
//    public Object run() {
//        RequestContext ctx = RequestContext.getCurrentContext();
//        HttpServletRequest request = ctx.getRequest();
//        String url = request.getRequestURI();
//        //内部微服务有不需要认证的地址请在URL上追加/open/来进行过滤,如/api/v1.0/open/**,不要在此继续追加!!!
//        if (url.contains("/authentication/")
//                || url.contains("/file/")
//                || url.contains("/open/")
//                || url.contains("/jkzl/")
//                || url.contains("/fzGateway/")
//                || url.contains("/usersOfApp")
//                || url.contains("/users/h5/handshake")
//                || url.contains("/appVersion/getAppVersion")
//                || url.contains("/messageTemplate/messageOrderPush")
//                || url.contains("/account/")) {
//            return true;
//        }
//        return this.authenticate(ctx, request, url);
//    }
//
//    private Object authenticate(RequestContext ctx, HttpServletRequest request, String path) {
//        String accessToken = this.extractToken(request);
//        if (null == accessToken) {
//            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "token can not be null");
//        }
//        OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(accessToken);
//        if (null == oAuth2AccessToken) {
//            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token");
//        }
//        if (oAuth2AccessToken.isExpired()) {
//            return this.forbidden(ctx, HttpStatus.PAYMENT_REQUIRED.value(), "expired token"); //返回402 登陆过期
//        }
package com.yihu.jw.gateway.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.yihu.jw.restmodel.web.Envelop;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Primary;
import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Set;
/**
 * Created by progr1mmer on 2017/12/27
 */
@Component
public class BasicZuulFilter extends ZuulFilter {
    private static final Logger logger = LoggerFactory.getLogger(BasicZuulFilter.class);
    private static final String ACCESS_TOKEN_PARAMETER = "token";
    @Autowired
    private ObjectMapper objectMapper;
    @Autowired
    private TokenStore tokenStore;
    @Override
    public String filterType() {
        return "pre";
    }
    @Override
    public int filterOrder() {
        return 0;
    }
    @Override
    public boolean shouldFilter() {
        return true;
    }
    @Override
    public Object run() {
        RequestContext ctx = RequestContext.getCurrentContext();
        HttpServletRequest request = ctx.getRequest();
        String url = request.getRequestURI();
        //内部微服务有不需要认证的地址请在URL上追加/open/来进行过滤,如/api/v1.0/open/**,不要在此继续追加!!!
        if (url.contains("/authentication/")
                || url.contains("/file/")
                || url.contains("/open/")
                || url.contains("/jkzl/")
                || url.contains("/fzGateway/")
                || url.contains("/usersOfApp")
                || url.contains("/users/h5/handshake")
                || url.contains("/appVersion/getAppVersion")
                || url.contains("/messageTemplate/messageOrderPush")
                || url.contains("/account/")) {
            return true;
        }
        return this.authenticate(ctx, request, url);
    }
    private Object authenticate(RequestContext ctx, HttpServletRequest request, String path) {
        String accessToken = this.extractToken(request);
        if (null == accessToken) {
            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "token can not be null");
        }
        OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(accessToken);
        if (null == oAuth2AccessToken) {
            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token");
        }
        if (oAuth2AccessToken.isExpired()) {
            return this.forbidden(ctx, HttpStatus.PAYMENT_REQUIRED.value(), "expired token"); //返回402 登陆过期
        }
//        //将token的认证信息附加到请求中,转发给下游微服务
//        /*OAuth2Authentication auth = tokenStore.readAuthentication(accessToken);
//        ctx.addZuulRequestHeader("x-auth-name", auth.getName());*/
//        OAuth2Authentication auth = tokenStore.readAuthentication(accessToken);
//        ctx.addZuulRequestHeader("x-auth-name", auth.getName());
//        //以下代码取消注释可开启Oauth2应用资源授权验证
//        /*Set<String> resourceIds = auth.getOAuth2Request().getResourceIds();
//        Set<String> resourceIds = auth.getOAuth2Request().getResourceIds();
//        for (String resourceId : resourceIds) {
//            if (resourceId.equals("*")) {
//                return true;
@ -99,37 +101,37 @@
//                return true;
//            }
//        }
//        return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token does not contain request resource " + path);*/
//        return true;
//    }
//
//    private String extractToken(HttpServletRequest request) {
//        String accessToken = request.getHeader(ACCESS_TOKEN_PARAMETER);
//        if (null == accessToken) {
//            accessToken = request.getParameter(ACCESS_TOKEN_PARAMETER);
//        }
//        return accessToken;
//    }
//
//    private Object forbidden(RequestContext requestContext, int status, String errorMsg) {
//        requestContext.setSendZuulResponse(false);
//        Envelop envelop = new Envelop();
//        envelop.setMessage(errorMsg);
//        envelop.setStatus(status);
//        try {
//            //requestContext.setResponseStatusCode(status);
//            requestContext.getResponse().getWriter().write(objectMapper.writeValueAsString(envelop));
//        } catch (IOException e) {
//            requestContext.setResponseStatusCode(HttpStatus.INTERNAL_SERVER_ERROR.value());
//            logger.error(e.getMessage());
//        }
//        return false;
//    }
//
//    @Bean
//    @Primary
//    public RedisTokenStore redisTokenStore(JedisConnectionFactory jedisConnectionFactory) {
//        return new RedisTokenStore(jedisConnectionFactory);
//    }
//
//}
//        return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token does not contain request resource " + path);
        return true;
    }
    private String extractToken(HttpServletRequest request) {
        String accessToken = request.getHeader(ACCESS_TOKEN_PARAMETER);
        if (null == accessToken) {
            accessToken = request.getParameter(ACCESS_TOKEN_PARAMETER);
        }
        return accessToken;
    }
    private Object forbidden(RequestContext requestContext, int status, String errorMsg) {
        requestContext.setSendZuulResponse(false);
        Envelop envelop = new Envelop();
        envelop.setMessage(errorMsg);
        envelop.setStatus(status);
        try {
            //requestContext.setResponseStatusCode(status);
            requestContext.getResponse().getWriter().write(objectMapper.writeValueAsString(envelop));
        } catch (IOException e) {
            requestContext.setResponseStatusCode(HttpStatus.INTERNAL_SERVER_ERROR.value());
            logger.error(e.getMessage());
        }
        return false;
    }
    @Bean
    @Primary
    public RedisTokenStore redisTokenStore(JedisConnectionFactory jedisConnectionFactory) {
        return new RedisTokenStore(jedisConnectionFactory);
    }
}

+ 15 - 0
server/svr-authentication/src/main/java/com/yihu/jw/security/core/userdetails/jdbc/WlyyUserDetailsService.java

@ -5,6 +5,7 @@ import com.yihu.jw.security.model.WlyyUserDetails;
import com.yihu.jw.security.model.WlyyUserSimple;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateUtils;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.support.JdbcDaoSupport;
import org.springframework.security.core.GrantedAuthority;
@ -241,4 +242,18 @@ public class WlyyUserDetailsService extends JdbcDaoSupport implements UserDetail
        return loginType;
    }
    public boolean setRolePhth(String loginType, String token, String id, RedisTemplate redisTemplate){
        if(org.apache.commons.lang.StringUtils.isBlank(loginType)||"1".equals(loginType)){ //1或默认查找user表,为平台管理员账号
        }else if("2".equals(loginType)){//2.为医生账号
        }else if("3".equals(loginType)){ //3.患者账号
        }else{
            return false;
        }
        return true;
    }
}

+ 0 - 1
server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java

@ -404,5 +404,4 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
        ResponseEntity<Oauth2Envelop> response = new ResponseEntity<>(authenticationFailed, headers, HttpStatus.OK);
        return response;
    }
}