From 8b453b16b8c3e84844354240b01b78196e8897ba Mon Sep 17 00:00:00 2001 From: LuoYe_MyWork Date: Fri, 19 Jun 2020 17:15:42 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=A7=92=E8=89=B2=E6=9D=83?= =?UTF-8?q?=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../e5/config/rabbitMQ/RabbitMQConfig.java | 10 ++- .../SecurityAuthenticationHandler.java | 12 ++- .../e5/config/security/SecurityConfig.java | 71 +++++++---------- .../security/UrlAccessDecisionManager.java | 66 ++++++++++++++++ ...vocationSecurityMetadataSourceService.java | 78 +++++++++++++++++++ .../UsernamePasswordAuthenticationConfig.java | 8 +- ...sernamePasswordAuthenticationProvider.java | 38 ++++++--- .../UsernamePasswordAuthenticationToken.java | 15 +++- .../filter/LinkTokenAuthenticationFilter.java | 37 ++++----- .../service/rabbitMQ/impl/ListenerImpl.java | 20 +++-- .../service/security/SecurityUserService.java | 39 ---------- 11 files changed, 261 insertions(+), 133 deletions(-) create mode 100644 src/main/java/io/qyi/e5/config/security/UrlAccessDecisionManager.java create mode 100644 src/main/java/io/qyi/e5/config/security/UrlInvocationSecurityMetadataSourceService.java delete mode 100644 src/main/java/io/qyi/e5/service/security/SecurityUserService.java diff --git a/src/main/java/io/qyi/e5/config/rabbitMQ/RabbitMQConfig.java b/src/main/java/io/qyi/e5/config/rabbitMQ/RabbitMQConfig.java index d52bc61..e332096 100644 --- a/src/main/java/io/qyi/e5/config/rabbitMQ/RabbitMQConfig.java +++ b/src/main/java/io/qyi/e5/config/rabbitMQ/RabbitMQConfig.java @@ -22,12 +22,13 @@ import java.util.Map; public class RabbitMQConfig { @Value("") private String DirectQueueName; + /** * 处理死信队列的消费队列 - * */ + */ @Bean public Queue fanoutQueue1() { - return new Queue("delay_queue1", true, false, false); + return new Queue("delay_queue3", true, false, false); } /** @@ -37,13 +38,14 @@ public class RabbitMQConfig { * HeadersExchange :通过添加属性key-value匹配 * DirectExchange:按照routingkey分发到指定队列 * TopicExchange:多关键字匹配 + * * @return */ @Bean public CustomExchange customExchangeDelay() { Map arg = new HashMap<>(); arg.put("x-delayed-type", "direct"); - return new CustomExchange("delay","x-delayed-message",true, false,arg); + return new CustomExchange("delay3", "x-delayed-message", true, false, arg); } /*@Bean @@ -54,7 +56,7 @@ public class RabbitMQConfig { //绑定 将队列和交换机绑定, @Bean public Binding bindingFanoutQueue1() { - return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay").noargs(); + return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay3").noargs(); } diff --git a/src/main/java/io/qyi/e5/config/security/SecurityAuthenticationHandler.java b/src/main/java/io/qyi/e5/config/security/SecurityAuthenticationHandler.java index 48cd992..f1de06e 100644 --- a/src/main/java/io/qyi/e5/config/security/SecurityAuthenticationHandler.java +++ b/src/main/java/io/qyi/e5/config/security/SecurityAuthenticationHandler.java @@ -2,6 +2,9 @@ package io.qyi.e5.config.security; import com.google.gson.Gson; import io.qyi.e5.util.ResultUtil; +import io.qyi.e5.util.redis.RedisUtil; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.context.SecurityContextHolder; @@ -25,16 +28,21 @@ import java.util.Map; * @create: 2019-12-27 08:57 **/ @Component -public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler { +public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler { + @Autowired + RedisUtil redisUtil; + @Override public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException { UsernamePasswordAuthenticationToken at = (UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); Gson gson = new Gson(); httpServletResponse.setContentType("application/json;charset=utf-8"); PrintWriter writer = httpServletResponse.getWriter(); - Map token = new HashMap<>(); + Map token = new HashMap<>(); token.put("token", at.getToken()); token.put("username", at.getName()); + token.put("authority", at.getAuthority()); + token.put("expire", (int) redisUtil.getExpire("token:" + at.getToken())); writer.write(gson.toJson(ResultUtil.success(token)) ); writer.flush(); } diff --git a/src/main/java/io/qyi/e5/config/security/SecurityConfig.java b/src/main/java/io/qyi/e5/config/security/SecurityConfig.java index d322843..d5fe0a2 100644 --- a/src/main/java/io/qyi/e5/config/security/SecurityConfig.java +++ b/src/main/java/io/qyi/e5/config/security/SecurityConfig.java @@ -1,14 +1,15 @@ package io.qyi.e5.config.security; import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter; -import io.qyi.e5.service.security.SecurityUserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.ObjectPostProcessor; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; /** @@ -24,64 +25,50 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired SecurityAuthenticationHandler securityAuthenticationHandler; - @Autowired - private SecurityUserService securityUserService; @Autowired UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig; + @Autowired + UrlAccessDecisionManager myAccessDecisionManager; + + @Autowired + UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService; @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { System.out.println("AuthenticationManagerBuilder auth"); -// auth.userDetailsService(securityUserService).passwordEncoder(new BCryptPasswordEncoder()); -// auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()) -// .withUser("user").password(new BCryptPasswordEncoder().encode("123")).roles("user").and() -// .withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).roles("USER", "ADMIN"); } // 通过重载该方法,可配置如何通过拦截器保护请求。 @Override protected void configure(HttpSecurity http) throws Exception { System.out.println("HttpSecurity http"); - http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); - http.csrf().disable() - .apply(usernamePasswordAuthenticationConfig); /*关闭创建session*/ http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); - /*formLogin() - .loginPage("/user/login")// 登陆页面 - .loginProcessingUrl("/user/loginFrom")// 登陆表单提交请求 - .and()*/ - http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证 -// .and() -// .authorizeRequests().antMatchers("/quartz/**").permitAll()//测试 - .anyRequest()// 任何请求 - .authenticated();// 都需要身份认证 -// http.exceptionHandling().accessDeniedHandler(); -// http.formLogin().loginProcessingUrl("api/getInfo"); - -// http.formLogin().usernameParameter("username"); -// http.formLogin().passwordParameter("password"); - +// http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证 +// .accessDecisionManager(myAccessDecisionManager) + http.authorizeRequests(). + anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor()); + http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); + /*自定义*/ + http.csrf().disable().apply(usernamePasswordAuthenticationConfig); + //自定义过滤器 + } + /** + * 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的 + * @return ObjectPostProcessor + */ + private ObjectPostProcessor filterSecurityInterceptorObjectPostProcessor() { + return new ObjectPostProcessor() { + @Override + public O postProcess(O object) { + object.setAccessDecisionManager(myAccessDecisionManager); + object.setSecurityMetadataSource(myInvocationSecurityMetadataSourceService); + return object; + } + }; } - /*@Bean - public LinkTokenAuthenticationFilter linkTokenAuthenticationFilter (){ - return new LinkTokenAuthenticationFilter(); - }*/ - - /*@Bean - public AccessDeniedHandler getAccessDeniedHandler() { - return new RestAuthenticationAccessDeniedHandler(); - }*/ - - /* @Override - public void configure(WebSecurity web) { - System.out.println("WebSecurity web"); - String antPatterns = "/pdfjs-2.1.266/**,/favicon.ico,/css/**,/js/**,/ico/**,/images/**,/jquery-1.12.4/**,/uuid-1.4/**,/layui-2.4.5/**,/jquery-easyui-1.6.11/**,/zTree-3.5.33/**,/select2-4.0.5/**,/greensock-js-1.20.5/**"; - web.ignoring().antMatchers(antPatterns.split(",")); - }*/ - } diff --git a/src/main/java/io/qyi/e5/config/security/UrlAccessDecisionManager.java b/src/main/java/io/qyi/e5/config/security/UrlAccessDecisionManager.java new file mode 100644 index 0000000..70662df --- /dev/null +++ b/src/main/java/io/qyi/e5/config/security/UrlAccessDecisionManager.java @@ -0,0 +1,66 @@ +package io.qyi.e5.config.security; + +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.AccessDecisionManager; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.access.ConfigAttribute; +import org.springframework.security.authentication.InsufficientAuthenticationException; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.stereotype.Service; + +import java.util.Collection; +import java.util.Iterator; + +/** + * 决策管理器 + * + * @program: e5 + * @description: + * @author: 落叶随风 + * @create: 2020-06-15 16:11 + **/ +@Slf4j +@Service +public class UrlAccessDecisionManager implements AccessDecisionManager { + @Override + public void decide(Authentication authentication, Object o, Collection collection) throws AccessDeniedException, InsufficientAuthenticationException { + log.info("进入权限判断!"); + if (collection == null) { + return; + } + log.info("object is a URL. {}", o.toString()); + //所请求的资源拥有的权限(一个资源对多个权限) + Iterator iterator = collection.iterator(); + while (iterator.hasNext()) { + ConfigAttribute configAttribute = iterator.next(); + //访问所请求资源所需要的权限 + String needPermission = configAttribute.getAttribute(); + log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission); + if (needPermission == null) { + break; + } + //用户所拥有的权限authentication + Collection authorities = authentication.getAuthorities(); + for (GrantedAuthority ga : authorities) { + if (needPermission.equals(ga.getAuthority())) { + return; + } + } + } + //没有权限 + throw new AccessDeniedException("无权限!"); + } + + @Override + public boolean supports(ConfigAttribute configAttribute) { + log.info("进入权限判断! ConfigAttribute configAttribute"); + return true; + } + + @Override + public boolean supports(Class aClass) { + log.info("进入权限判断! Class aClass"); + return true; + } +} diff --git a/src/main/java/io/qyi/e5/config/security/UrlInvocationSecurityMetadataSourceService.java b/src/main/java/io/qyi/e5/config/security/UrlInvocationSecurityMetadataSourceService.java new file mode 100644 index 0000000..06dda2b --- /dev/null +++ b/src/main/java/io/qyi/e5/config/security/UrlInvocationSecurityMetadataSourceService.java @@ -0,0 +1,78 @@ +package io.qyi.e5.config.security; + +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.ConfigAttribute; +import org.springframework.security.access.SecurityConfig; +import org.springframework.security.web.FilterInvocation; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; +import org.springframework.stereotype.Service; + +import javax.servlet.http.HttpServletRequest; +import java.util.*; + +/** + * @program: e5 + * @description: + * @author: 落叶随风 + * @create: 2020-06-17 16:25 + **/ +@Slf4j +@Service +public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource { + + private HashMap> map =null; + /** + * 加载权限表中所有权限 + * 这里有一个坑,如果map返回是null,是不会AccessDecisionManager,默认放行。 + */ + public void loadResourceDefine(){ + log.info("加载权限表中所有权限"); + map = new HashMap<>(); + Collection array; + ConfigAttribute cfg; + Map permissions = new HashMap<>(); + permissions.put("/admin/**", "admin"); + permissions.put("/**", "user"); + Iterator> iterator = permissions.entrySet().iterator(); + while (iterator.hasNext()) { + Map.Entry next = iterator.next(); + String key = next.getKey(); + String value = next.getValue(); + + array = new ArrayList<>(); + cfg = new SecurityConfig(value); + array.add(cfg); + map.put(key, array); + } + + } + + @Override + public Collection getAttributes(Object o) throws IllegalArgumentException { + if(map ==null) loadResourceDefine(); + //object 中包含用户请求的request 信息 + HttpServletRequest request = ((FilterInvocation) o).getHttpRequest(); + AntPathRequestMatcher matcher; + String resUrl; + for(Iterator iter = map.keySet().iterator(); iter.hasNext(); ) { + resUrl = iter.next(); + matcher = new AntPathRequestMatcher(resUrl); + if(matcher.matches(request)) { + return map.get(resUrl); + } + } + return null; + } + + + @Override + public Collection getAllConfigAttributes() { + return null; + } + + @Override + public boolean supports(Class aClass) { + return FilterInvocation.class.isAssignableFrom(aClass); + } +} diff --git a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationConfig.java b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationConfig.java index 7d03b8c..27beae0 100644 --- a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationConfig.java +++ b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationConfig.java @@ -1,12 +1,15 @@ package io.qyi.e5.config.security; +import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter; import io.qyi.e5.config.security.filter.LoginAuthenticationFilter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.SecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.DefaultSecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.stereotype.Component; @@ -25,10 +28,12 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap @Autowired SecurityAuthenticationHandler securityAuthenticationHandler; + @Override public void configure(HttpSecurity http) throws Exception { LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter(); + logger.info("自定义用户认证处理逻辑"); // 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证 authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); @@ -36,12 +41,11 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap // 指定自定义的认证成功和失败的处理器 authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler); authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler); - // 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前 http.authenticationProvider(usernamePasswordAuthenticationProvider) .addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class); - } + } diff --git a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationProvider.java b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationProvider.java index 8698e7a..22e3775 100644 --- a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationProvider.java +++ b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationProvider.java @@ -18,9 +18,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; +import java.util.*; /** * @program: e5 @@ -41,11 +39,15 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro @Value("${isdebug}") boolean isDebug; + @Value("${user.admin.githubId}") + int adminGithubId; + + @Value("${user.token.expire}") + private int tokenExpire; + @Autowired RedisUtil redisUtil; - - @Autowired IGithubService githubService; @@ -59,16 +61,22 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro String state = authenticationToken.getState(); logger.info("Github 认证: code:{} state:{} Token:", code, state); Map userInfo_redis = new HashMap<>(); + /*是否调试模式*/ if (isDebug) { + List list = new ArrayList<>(); + list.add("admin"); + list.add("user"); + String[] l =list.toArray(new String[list.size()]); String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString()); UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken("debugName", - "DebugAvatar", 19658189,token, AuthorityUtils.createAuthorityList("user")); + "DebugAvatar", adminGithubId, token, "admin", AuthorityUtils.createAuthorityList(l)); authenticationToken1.setDetails(authenticationToken); userInfo_redis.put("github_name", "debug"); - userInfo_redis.put("github_id", 19658189); + userInfo_redis.put("github_id", adminGithubId); userInfo_redis.put("avatar_url", "https://www.baidu.com"); - redisUtil.hmset(token_ + token, userInfo_redis, 3600); + userInfo_redis.put("authority", list); + redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire); return authenticationToken1; } if (!redisUtil.hasKey(states + state)) { @@ -105,16 +113,24 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro } String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString()); - + /*配置角色,这里只是简单的配置,实际上需要从数据库中读取角色*/ + List list = new ArrayList<>(); + list.add("user"); + if (adminGithubId == github.getGithubId()) { + list.add("admin"); + } + String[] Authority =list.toArray(new String[list.size()]); /*写token信息到redis*/ userInfo_redis.put("github_name", github.getName()); userInfo_redis.put("github_id", github.getGithubId()); userInfo_redis.put("avatar_url", github.getAvatarUrl()); - redisUtil.hmset(token_ + token, userInfo_redis, 3600); + userInfo_redis.put("authority", Authority); + redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire); + // 创建一个已认证的token UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(github.getName(), - github.getAvatarUrl(), github.getGithubId(), token, AuthorityUtils.createAuthorityList("user")); + github.getAvatarUrl(), github.getGithubId() , AuthorityUtils.createAuthorityList(Authority)); // 设置一些详细信息 authenticationToken1.setDetails(authenticationToken); diff --git a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationToken.java b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationToken.java index 2417f0a..43f626f 100644 --- a/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationToken.java +++ b/src/main/java/io/qyi/e5/config/security/UsernamePasswordAuthenticationToken.java @@ -29,8 +29,11 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT private String Token; + private String Authority; + private int github_id; + // 创建未认证的用户名密码认证对象 public UsernamePasswordAuthenticationToken() { super(null); @@ -64,15 +67,17 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT } // 创建已认证的用户密码认证对象 - public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, Collection authorities) { + public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, String Authority, Collection authorities) { super(authorities); this.name = name; this.avatar_url = avatar_url; this.github_id = github_id; this.Token = token; + this.Authority = Authority; super.setAuthenticated(true); } + public String getToken() { return Token; } @@ -132,4 +137,12 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT public void setGithub_id(int github_id) { this.github_id = github_id; } + + public String getAuthority() { + return Authority; + } + + public void setAuthority(String authority) { + Authority = authority; + } } diff --git a/src/main/java/io/qyi/e5/config/security/filter/LinkTokenAuthenticationFilter.java b/src/main/java/io/qyi/e5/config/security/filter/LinkTokenAuthenticationFilter.java index e69dea9..02510e2 100644 --- a/src/main/java/io/qyi/e5/config/security/filter/LinkTokenAuthenticationFilter.java +++ b/src/main/java/io/qyi/e5/config/security/filter/LinkTokenAuthenticationFilter.java @@ -1,16 +1,15 @@ package io.qyi.e5.config.security.filter; -import com.google.gson.Gson; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken; import io.qyi.e5.util.SpringUtil; import io.qyi.e5.util.redis.RedisUtil; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; @@ -18,7 +17,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.PrintWriter; +import java.util.Arrays; +import java.util.List; import java.util.Map; /** @@ -29,25 +29,27 @@ import java.util.Map; * @author: 落叶随风 * @create: 2020-04-05 00:42 **/ +@Slf4j public class LinkTokenAuthenticationFilter extends OncePerRequestFilter { + @Override protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException { String token = httpServletRequest.getHeader("token"); if (token != null) { - RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class); - if (redisUtil.hasKey("token:" + token)) { - Map userInfo = redisUtil.hmget("token:" + token); + RedisUtil RedisUtil = SpringUtil.getBean(RedisUtil.class); + if (RedisUtil.hasKey("token:" + token)) { + Map userInfo = RedisUtil.hmget("token:" + token); // 将未认证的Authentication转换成自定义的用户认证Token - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(); + List list = (List)userInfo.get("authority"); + String[] authority = list.toArray(new String[list.size()]); UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(userInfo.get("github_name") == null ? "" : userInfo.get("github_name").toString(), - userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList("user")); - authenticationToken1.setDetails(authenticationToken); + userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList(authority)); SecurityContextHolder.getContext().setAuthentication(authenticationToken1); - System.out.println("完成授权"); + log.info("完成授权,角色:{}" , Arrays.toString(authority) ); } } - System.out.println("--------------Token鉴权---------------"); + log.info("--------------Token鉴权---------------"); /*设置跨域*/ HttpServletResponse response = httpServletResponse; response.setHeader("Access-Control-Allow-Origin", "*"); @@ -57,18 +59,11 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter { response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token"); /*如果是OPTIONS则结束请求*/ if (HttpMethod.OPTIONS.toString().equals(httpServletRequest.getMethod())) { + log.debug("OPTIONS请求"); response.setStatus(HttpStatus.NO_CONTENT.value()); } else { filterChain.doFilter(httpServletRequest, response); } } - - public void sendJson(HttpServletResponse httpServletResponse, Object o) throws IOException { - Gson gson = new Gson(); - String s = gson.toJson(o); - PrintWriter writer = httpServletResponse.getWriter(); - writer.write(s); - writer.flush(); - } } diff --git a/src/main/java/io/qyi/e5/service/rabbitMQ/impl/ListenerImpl.java b/src/main/java/io/qyi/e5/service/rabbitMQ/impl/ListenerImpl.java index c2617b6..0270bb9 100644 --- a/src/main/java/io/qyi/e5/service/rabbitMQ/impl/ListenerImpl.java +++ b/src/main/java/io/qyi/e5/service/rabbitMQ/impl/ListenerImpl.java @@ -1,13 +1,9 @@ package io.qyi.e5.service.rabbitMQ.impl; -import com.alibaba.fastjson.JSON; -import com.alibaba.fastjson.JSONObject; -import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; -import com.google.gson.Gson; import com.rabbitmq.client.Channel; -import io.qyi.e5.outlook.entity.Outlook; import io.qyi.e5.outlook.service.IOutlookService; import io.qyi.e5.service.task.ITask; +import lombok.extern.slf4j.Slf4j; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.amqp.core.Message; @@ -17,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.io.IOException; -import java.lang.reflect.Type; /** * @program: msgpush @@ -25,9 +20,9 @@ import java.lang.reflect.Type; * @author: 落叶随风 * @create: 2020-01-13 23:35 **/ +@Slf4j @Service public class ListenerImpl { - private final Logger logger = LoggerFactory.getLogger(this.getClass()); @Autowired IOutlookService outlookService; @@ -35,14 +30,17 @@ public class ListenerImpl { ITask Task; @RabbitHandler - @RabbitListener(queues = "delay_queue1", containerFactory = "rabbitListenerContainerFactory") + @RabbitListener(queues = "delay_queue3", containerFactory = "rabbitListenerContainerFactory") public void listen(Message message, Channel channel) throws IOException { - logger.info("消费者1开始处理消息: {},时间戳:{}" ,message,System.currentTimeMillis()); + log.info("消费者1开始处理消息: {},时间戳:{}" ,message,System.currentTimeMillis()); System.out.println("消费者1开始处理消息:"+System.currentTimeMillis()); int github_id = Integer.valueOf(new String(message.getBody())); - Task.executeE5(github_id); + boolean b = Task.executeE5(github_id); + channel.basicAck(message.getMessageProperties().getDeliveryTag(), true); /*再次进行添加任务*/ - Task.sendTaskOutlookMQ(github_id); + if (b) { + Task.sendTaskOutlookMQ(github_id); + } } } diff --git a/src/main/java/io/qyi/e5/service/security/SecurityUserService.java b/src/main/java/io/qyi/e5/service/security/SecurityUserService.java deleted file mode 100644 index c0f8b29..0000000 --- a/src/main/java/io/qyi/e5/service/security/SecurityUserService.java +++ /dev/null @@ -1,39 +0,0 @@ -package io.qyi.e5.service.security; - -import io.qyi.e5.user.mapper.UserMapper; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.factory.PasswordEncoderFactories; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Component; -import org.springframework.stereotype.Service; - -/** - * @program: e5 - * @description: - * @author: 落叶随风 - * @create: 2020-02-26 21:38 - **/ -@Component -public class SecurityUserService implements UserDetailsService { - private final Logger logger = LoggerFactory.getLogger(this.getClass()); - @Autowired - private UserMapper userMapper; - - @Override - public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException { - BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder(); - String encode = bCryptPasswordEncoder.encode("123"); - String encodePasswd = encode; - logger.info("登录用户名: {} , 密码:{}",s,encodePasswd); - UserDetails userDetails = new User(s, encode, AuthorityUtils.createAuthorityList("admin")); - return userDetails; - } -}