增加角色权限

This commit is contained in:
LuoYe_MyWork
2020-06-19 17:15:42 +08:00
parent 8a5f152315
commit 8b453b16b8
11 changed files with 261 additions and 133 deletions

View File

@@ -22,12 +22,13 @@ import java.util.Map;
public class RabbitMQConfig { public class RabbitMQConfig {
@Value("") @Value("")
private String DirectQueueName; private String DirectQueueName;
/** /**
* 处理死信队列的消费队列 * 处理死信队列的消费队列
* */ */
@Bean @Bean
public Queue fanoutQueue1() { public Queue fanoutQueue1() {
return new Queue("delay_queue1", true, false, false); return new Queue("delay_queue3", true, false, false);
} }
/** /**
@@ -37,13 +38,14 @@ public class RabbitMQConfig {
* HeadersExchange 通过添加属性key-value匹配 * HeadersExchange 通过添加属性key-value匹配
* DirectExchange:按照routingkey分发到指定队列 * DirectExchange:按照routingkey分发到指定队列
* TopicExchange:多关键字匹配 * TopicExchange:多关键字匹配
*
* @return * @return
*/ */
@Bean @Bean
public CustomExchange customExchangeDelay() { public CustomExchange customExchangeDelay() {
Map<String, Object> arg = new HashMap<>(); Map<String, Object> arg = new HashMap<>();
arg.put("x-delayed-type", "direct"); arg.put("x-delayed-type", "direct");
return new CustomExchange("delay","x-delayed-message",true, false,arg); return new CustomExchange("delay3", "x-delayed-message", true, false, arg);
} }
/*@Bean /*@Bean
@@ -54,7 +56,7 @@ public class RabbitMQConfig {
//绑定 将队列和交换机绑定, //绑定 将队列和交换机绑定,
@Bean @Bean
public Binding bindingFanoutQueue1() { public Binding bindingFanoutQueue1() {
return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay").noargs(); return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay3").noargs();
} }

View File

@@ -2,6 +2,9 @@ package io.qyi.e5.config.security;
import com.google.gson.Gson; import com.google.gson.Gson;
import io.qyi.e5.util.ResultUtil; import io.qyi.e5.util.ResultUtil;
import io.qyi.e5.util.redis.RedisUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
@@ -25,16 +28,21 @@ import java.util.Map;
* @create: 2019-12-27 08:57 * @create: 2019-12-27 08:57
**/ **/
@Component @Component
public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler { public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler {
@Autowired
RedisUtil redisUtil;
@Override @Override
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException { public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
UsernamePasswordAuthenticationToken at = (UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); UsernamePasswordAuthenticationToken at = (UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
Gson gson = new Gson(); Gson gson = new Gson();
httpServletResponse.setContentType("application/json;charset=utf-8"); httpServletResponse.setContentType("application/json;charset=utf-8");
PrintWriter writer = httpServletResponse.getWriter(); PrintWriter writer = httpServletResponse.getWriter();
Map<String, String> token = new HashMap<>(); Map<String, Object> token = new HashMap<>();
token.put("token", at.getToken()); token.put("token", at.getToken());
token.put("username", at.getName()); token.put("username", at.getName());
token.put("authority", at.getAuthority());
token.put("expire", (int) redisUtil.getExpire("token:" + at.getToken()));
writer.write(gson.toJson(ResultUtil.success(token)) ); writer.write(gson.toJson(ResultUtil.success(token)) );
writer.flush(); writer.flush();
} }

View File

@@ -1,14 +1,15 @@
package io.qyi.e5.config.security; package io.qyi.e5.config.security;
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter; import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
import io.qyi.e5.service.security.SecurityUserService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
/** /**
@@ -24,64 +25,50 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
SecurityAuthenticationHandler securityAuthenticationHandler; SecurityAuthenticationHandler securityAuthenticationHandler;
@Autowired
private SecurityUserService securityUserService;
@Autowired @Autowired
UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig; UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig;
@Autowired
UrlAccessDecisionManager myAccessDecisionManager;
@Autowired
UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
@Override @Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception { protected void configure(AuthenticationManagerBuilder auth) throws Exception {
System.out.println("AuthenticationManagerBuilder auth"); System.out.println("AuthenticationManagerBuilder auth");
// auth.userDetailsService(securityUserService).passwordEncoder(new BCryptPasswordEncoder());
// auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
// .withUser("user").password(new BCryptPasswordEncoder().encode("123")).roles("user").and()
// .withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).roles("USER", "ADMIN");
} }
// 通过重载该方法,可配置如何通过拦截器保护请求。 // 通过重载该方法,可配置如何通过拦截器保护请求。
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
System.out.println("HttpSecurity http"); System.out.println("HttpSecurity http");
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
http.csrf().disable()
.apply(usernamePasswordAuthenticationConfig);
/*关闭创建session*/ /*关闭创建session*/
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
/*formLogin() // http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
.loginPage("/user/login")// 登陆页面 // .accessDecisionManager(myAccessDecisionManager)
.loginProcessingUrl("/user/loginFrom")// 登陆表单提交请求 http.authorizeRequests().
.and()*/ anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证 http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
// .and() /*自定义*/
// .authorizeRequests().antMatchers("/quartz/**").permitAll()//测试 http.csrf().disable().apply(usernamePasswordAuthenticationConfig);
.anyRequest()// 任何请求 //自定义过滤器
.authenticated();// 都需要身份认证 }
// http.exceptionHandling().accessDeniedHandler(); /**
// http.formLogin().loginProcessingUrl("api/getInfo"); * 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
* @return ObjectPostProcessor
// http.formLogin().usernameParameter("username"); */
// http.formLogin().passwordParameter("password"); private ObjectPostProcessor<FilterSecurityInterceptor> filterSecurityInterceptorObjectPostProcessor() {
return new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
object.setAccessDecisionManager(myAccessDecisionManager);
object.setSecurityMetadataSource(myInvocationSecurityMetadataSourceService);
return object;
}
};
} }
/*@Bean
public LinkTokenAuthenticationFilter linkTokenAuthenticationFilter (){
return new LinkTokenAuthenticationFilter();
}*/
/*@Bean
public AccessDeniedHandler getAccessDeniedHandler() {
return new RestAuthenticationAccessDeniedHandler();
}*/
/* @Override
public void configure(WebSecurity web) {
System.out.println("WebSecurity web");
String antPatterns = "/pdfjs-2.1.266/**,/favicon.ico,/css/**,/js/**,/ico/**,/images/**,/jquery-1.12.4/**,/uuid-1.4/**,/layui-2.4.5/**,/jquery-easyui-1.6.11/**,/zTree-3.5.33/**,/select2-4.0.5/**,/greensock-js-1.20.5/**";
web.ignoring().antMatchers(antPatterns.split(","));
}*/
} }

View File

@@ -0,0 +1,66 @@
package io.qyi.e5.config.security;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Service;
import java.util.Collection;
import java.util.Iterator;
/**
* 决策管理器
*
* @program: e5
* @description:
* @author: 落叶随风
* @create: 2020-06-15 16:11
**/
@Slf4j
@Service
public class UrlAccessDecisionManager implements AccessDecisionManager {
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
log.info("进入权限判断!");
if (collection == null) {
return;
}
log.info("object is a URL. {}", o.toString());
//所请求的资源拥有的权限(一个资源对多个权限)
Iterator<ConfigAttribute> iterator = collection.iterator();
while (iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next();
//访问所请求资源所需要的权限
String needPermission = configAttribute.getAttribute();
log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
if (needPermission == null) {
break;
}
//用户所拥有的权限authentication
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
for (GrantedAuthority ga : authorities) {
if (needPermission.equals(ga.getAuthority())) {
return;
}
}
}
//没有权限
throw new AccessDeniedException("无权限!");
}
@Override
public boolean supports(ConfigAttribute configAttribute) {
log.info("进入权限判断! ConfigAttribute configAttribute");
return true;
}
@Override
public boolean supports(Class<?> aClass) {
log.info("进入权限判断! Class<?> aClass");
return true;
}
}

View File

@@ -0,0 +1,78 @@
package io.qyi.e5.config.security;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
import java.util.*;
/**
* @program: e5
* @description:
* @author: 落叶随风
* @create: 2020-06-17 16:25
**/
@Slf4j
@Service
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
private HashMap<String, Collection<ConfigAttribute>> map =null;
/**
* 加载权限表中所有权限
* 这里有一个坑如果map返回是null是不会AccessDecisionManager默认放行。
*/
public void loadResourceDefine(){
log.info("加载权限表中所有权限");
map = new HashMap<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
Map<String, String> permissions = new HashMap<>();
permissions.put("/admin/**", "admin");
permissions.put("/**", "user");
Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> next = iterator.next();
String key = next.getKey();
String value = next.getValue();
array = new ArrayList<>();
cfg = new SecurityConfig(value);
array.add(cfg);
map.put(key, array);
}
}
@Override
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
if(map ==null) loadResourceDefine();
//object 中包含用户请求的request 信息
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
AntPathRequestMatcher matcher;
String resUrl;
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
resUrl = iter.next();
matcher = new AntPathRequestMatcher(resUrl);
if(matcher.matches(request)) {
return map.get(resUrl);
}
}
return null;
}
@Override
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}
@Override
public boolean supports(Class<?> aClass) {
return FilterInvocation.class.isAssignableFrom(aClass);
}
}

View File

@@ -1,12 +1,15 @@
package io.qyi.e5.config.security; package io.qyi.e5.config.security;
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter; import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter; import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.DefaultSecurityFilterChain; import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@@ -25,10 +28,12 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
@Autowired @Autowired
SecurityAuthenticationHandler securityAuthenticationHandler; SecurityAuthenticationHandler securityAuthenticationHandler;
@Override @Override
public void configure(HttpSecurity http) throws Exception { public void configure(HttpSecurity http) throws Exception {
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter(); LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
logger.info("自定义用户认证处理逻辑"); logger.info("自定义用户认证处理逻辑");
// 自定义用户认证处理逻辑时需要指定AuthenticationManager否则无法认证 // 自定义用户认证处理逻辑时需要指定AuthenticationManager否则无法认证
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
@@ -36,12 +41,11 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
// 指定自定义的认证成功和失败的处理器 // 指定自定义的认证成功和失败的处理器
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler); authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler); authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前 // 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
http.authenticationProvider(usernamePasswordAuthenticationProvider) http.authenticationProvider(usernamePasswordAuthenticationProvider)
.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
} }
} }

View File

@@ -18,9 +18,7 @@ import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import java.util.HashMap; import java.util.*;
import java.util.Map;
import java.util.UUID;
/** /**
* @program: e5 * @program: e5
@@ -41,11 +39,15 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
@Value("${isdebug}") @Value("${isdebug}")
boolean isDebug; boolean isDebug;
@Value("${user.admin.githubId}")
int adminGithubId;
@Value("${user.token.expire}")
private int tokenExpire;
@Autowired @Autowired
RedisUtil redisUtil; RedisUtil redisUtil;
@Autowired @Autowired
IGithubService githubService; IGithubService githubService;
@@ -59,16 +61,22 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
String state = authenticationToken.getState(); String state = authenticationToken.getState();
logger.info("Github 认证: code{} state{} Token", code, state); logger.info("Github 认证: code{} state{} Token", code, state);
Map<String, Object> userInfo_redis = new HashMap<>(); Map<String, Object> userInfo_redis = new HashMap<>();
/*是否调试模式*/ /*是否调试模式*/
if (isDebug) { if (isDebug) {
List<String> list = new ArrayList<>();
list.add("admin");
list.add("user");
String[] l =list.toArray(new String[list.size()]);
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString()); String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken("debugName", UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken("debugName",
"DebugAvatar", 19658189,token, AuthorityUtils.createAuthorityList("user")); "DebugAvatar", adminGithubId, token, "admin", AuthorityUtils.createAuthorityList(l));
authenticationToken1.setDetails(authenticationToken); authenticationToken1.setDetails(authenticationToken);
userInfo_redis.put("github_name", "debug"); userInfo_redis.put("github_name", "debug");
userInfo_redis.put("github_id", 19658189); userInfo_redis.put("github_id", adminGithubId);
userInfo_redis.put("avatar_url", "https://www.baidu.com"); userInfo_redis.put("avatar_url", "https://www.baidu.com");
redisUtil.hmset(token_ + token, userInfo_redis, 3600); userInfo_redis.put("authority", list);
redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire);
return authenticationToken1; return authenticationToken1;
} }
if (!redisUtil.hasKey(states + state)) { if (!redisUtil.hasKey(states + state)) {
@@ -105,16 +113,24 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
} }
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString()); String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
/*配置角色,这里只是简单的配置,实际上需要从数据库中读取角色*/
List<String> list = new ArrayList<>();
list.add("user");
if (adminGithubId == github.getGithubId()) {
list.add("admin");
}
String[] Authority =list.toArray(new String[list.size()]);
/*写token信息到redis*/ /*写token信息到redis*/
userInfo_redis.put("github_name", github.getName()); userInfo_redis.put("github_name", github.getName());
userInfo_redis.put("github_id", github.getGithubId()); userInfo_redis.put("github_id", github.getGithubId());
userInfo_redis.put("avatar_url", github.getAvatarUrl()); userInfo_redis.put("avatar_url", github.getAvatarUrl());
redisUtil.hmset(token_ + token, userInfo_redis, 3600); userInfo_redis.put("authority", Authority);
redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire);
// 创建一个已认证的token // 创建一个已认证的token
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(github.getName(), UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(github.getName(),
github.getAvatarUrl(), github.getGithubId(), token, AuthorityUtils.createAuthorityList("user")); github.getAvatarUrl(), github.getGithubId() , AuthorityUtils.createAuthorityList(Authority));
// 设置一些详细信息 // 设置一些详细信息
authenticationToken1.setDetails(authenticationToken); authenticationToken1.setDetails(authenticationToken);

View File

@@ -29,8 +29,11 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
private String Token; private String Token;
private String Authority;
private int github_id; private int github_id;
// 创建未认证的用户名密码认证对象 // 创建未认证的用户名密码认证对象
public UsernamePasswordAuthenticationToken() { public UsernamePasswordAuthenticationToken() {
super(null); super(null);
@@ -64,15 +67,17 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
} }
// 创建已认证的用户密码认证对象 // 创建已认证的用户密码认证对象
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, Collection<? extends GrantedAuthority> authorities) { public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, String Authority, Collection<? extends GrantedAuthority> authorities) {
super(authorities); super(authorities);
this.name = name; this.name = name;
this.avatar_url = avatar_url; this.avatar_url = avatar_url;
this.github_id = github_id; this.github_id = github_id;
this.Token = token; this.Token = token;
this.Authority = Authority;
super.setAuthenticated(true); super.setAuthenticated(true);
} }
public String getToken() { public String getToken() {
return Token; return Token;
} }
@@ -132,4 +137,12 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
public void setGithub_id(int github_id) { public void setGithub_id(int github_id) {
this.github_id = github_id; this.github_id = github_id;
} }
public String getAuthority() {
return Authority;
}
public void setAuthority(String authority) {
Authority = authority;
}
} }

View File

@@ -1,16 +1,15 @@
package io.qyi.e5.config.security.filter; package io.qyi.e5.config.security.filter;
import com.google.gson.Gson;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken; import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
import io.qyi.e5.util.SpringUtil; import io.qyi.e5.util.SpringUtil;
import io.qyi.e5.util.redis.RedisUtil; import io.qyi.e5.util.redis.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
@@ -18,7 +17,8 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.util.Arrays;
import java.util.List;
import java.util.Map; import java.util.Map;
/** /**
@@ -29,25 +29,27 @@ import java.util.Map;
* @author: 落叶随风 * @author: 落叶随风
* @create: 2020-04-05 00:42 * @create: 2020-04-05 00:42
**/ **/
@Slf4j
public class LinkTokenAuthenticationFilter extends OncePerRequestFilter { public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
@Override @Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException { protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
String token = httpServletRequest.getHeader("token"); String token = httpServletRequest.getHeader("token");
if (token != null) { if (token != null) {
RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class); RedisUtil RedisUtil = SpringUtil.getBean(RedisUtil.class);
if (redisUtil.hasKey("token:" + token)) { if (RedisUtil.hasKey("token:" + token)) {
Map<Object, Object> userInfo = redisUtil.hmget("token:" + token); Map<Object, Object> userInfo = RedisUtil.hmget("token:" + token);
// 将未认证的Authentication转换成自定义的用户认证Token // 将未认证的Authentication转换成自定义的用户认证Token
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(); List<String> list = (List<String>)userInfo.get("authority");
String[] authority = list.toArray(new String[list.size()]);
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(userInfo.get("github_name") == null ? "" : userInfo.get("github_name").toString(), UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(userInfo.get("github_name") == null ? "" : userInfo.get("github_name").toString(),
userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList("user")); userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList(authority));
authenticationToken1.setDetails(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authenticationToken1); SecurityContextHolder.getContext().setAuthentication(authenticationToken1);
System.out.println("完成授权"); log.info("完成授权,角色:{}" , Arrays.toString(authority) );
} }
} }
System.out.println("--------------Token鉴权---------------"); log.info("--------------Token鉴权---------------");
/*设置跨域*/ /*设置跨域*/
HttpServletResponse response = httpServletResponse; HttpServletResponse response = httpServletResponse;
response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Origin", "*");
@@ -57,18 +59,11 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token"); response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
/*如果是OPTIONS则结束请求*/ /*如果是OPTIONS则结束请求*/
if (HttpMethod.OPTIONS.toString().equals(httpServletRequest.getMethod())) { if (HttpMethod.OPTIONS.toString().equals(httpServletRequest.getMethod())) {
log.debug("OPTIONS请求");
response.setStatus(HttpStatus.NO_CONTENT.value()); response.setStatus(HttpStatus.NO_CONTENT.value());
} else { } else {
filterChain.doFilter(httpServletRequest, response); filterChain.doFilter(httpServletRequest, response);
} }
} }
public void sendJson(HttpServletResponse httpServletResponse, Object o) throws IOException {
Gson gson = new Gson();
String s = gson.toJson(o);
PrintWriter writer = httpServletResponse.getWriter();
writer.write(s);
writer.flush();
}
} }

View File

@@ -1,13 +1,9 @@
package io.qyi.e5.service.rabbitMQ.impl; package io.qyi.e5.service.rabbitMQ.impl;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.google.gson.Gson;
import com.rabbitmq.client.Channel; import com.rabbitmq.client.Channel;
import io.qyi.e5.outlook.entity.Outlook;
import io.qyi.e5.outlook.service.IOutlookService; import io.qyi.e5.outlook.service.IOutlookService;
import io.qyi.e5.service.task.ITask; import io.qyi.e5.service.task.ITask;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.amqp.core.Message; import org.springframework.amqp.core.Message;
@@ -17,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import java.io.IOException; import java.io.IOException;
import java.lang.reflect.Type;
/** /**
* @program: msgpush * @program: msgpush
@@ -25,9 +20,9 @@ import java.lang.reflect.Type;
* @author: 落叶随风 * @author: 落叶随风
* @create: 2020-01-13 23:35 * @create: 2020-01-13 23:35
**/ **/
@Slf4j
@Service @Service
public class ListenerImpl { public class ListenerImpl {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Autowired @Autowired
IOutlookService outlookService; IOutlookService outlookService;
@@ -35,14 +30,17 @@ public class ListenerImpl {
ITask Task; ITask Task;
@RabbitHandler @RabbitHandler
@RabbitListener(queues = "delay_queue1", containerFactory = "rabbitListenerContainerFactory") @RabbitListener(queues = "delay_queue3", containerFactory = "rabbitListenerContainerFactory")
public void listen(Message message, Channel channel) throws IOException { public void listen(Message message, Channel channel) throws IOException {
logger.info("消费者1开始处理消息 {},时间戳:{}" ,message,System.currentTimeMillis()); log.info("消费者1开始处理消息 {},时间戳:{}" ,message,System.currentTimeMillis());
System.out.println("消费者1开始处理消息"+System.currentTimeMillis()); System.out.println("消费者1开始处理消息"+System.currentTimeMillis());
int github_id = Integer.valueOf(new String(message.getBody())); int github_id = Integer.valueOf(new String(message.getBody()));
Task.executeE5(github_id); boolean b = Task.executeE5(github_id);
channel.basicAck(message.getMessageProperties().getDeliveryTag(), true); channel.basicAck(message.getMessageProperties().getDeliveryTag(), true);
/*再次进行添加任务*/ /*再次进行添加任务*/
Task.sendTaskOutlookMQ(github_id); if (b) {
Task.sendTaskOutlookMQ(github_id);
}
} }
} }

View File

@@ -1,39 +0,0 @@
package io.qyi.e5.service.security;
import io.qyi.e5.user.mapper.UserMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;
/**
* @program: e5
* @description:
* @author: 落叶随风
* @create: 2020-02-26 21:38
**/
@Component
public class SecurityUserService implements UserDetailsService {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Autowired
private UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
String encode = bCryptPasswordEncoder.encode("123");
String encodePasswd = encode;
logger.info("登录用户名: {} , 密码:{}",s,encodePasswd);
UserDetails userDetails = new User(s, encode, AuthorityUtils.createAuthorityList("admin"));
return userDetails;
}
}