Commit fa3e77b84186d244d5556bdf42e5e98bde5d87b3
1 parent
72a20310
Exists in
master
optimize monitor controller
Showing
13 changed files
with
461 additions
and
29 deletions
Show diff stats
src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java
0 → 100644
| ... | ... | @@ -0,0 +1,26 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.advice; | |
| 2 | + | |
| 3 | +import org.springframework.web.bind.annotation.ControllerAdvice; | |
| 4 | +import org.springframework.web.bind.annotation.ExceptionHandler; | |
| 5 | +import org.springframework.web.bind.annotation.ResponseBody; | |
| 6 | + | |
| 7 | +import com.taover.util.UtilLog; | |
| 8 | +import com.taover.util.bean.ResultInfo; | |
| 9 | +import com.taover.util.bean.ResultInfoException; | |
| 10 | +import com.taover.util.bean.UtilResultInfo; | |
| 11 | + | |
| 12 | +@ControllerAdvice("com.taover.bazhuayun.analysis.web.controller.manage") | |
| 13 | +public class GlobalExceptionHandler { | |
| 14 | + @ExceptionHandler(value = Exception.class) | |
| 15 | + @ResponseBody | |
| 16 | + public ResultInfo handlerException(Exception e) { | |
| 17 | + UtilLog.errorForException(e, this.getClass()); | |
| 18 | + return UtilResultInfo.getFailure(e.getMessage()); | |
| 19 | + } | |
| 20 | + | |
| 21 | + @ExceptionHandler(value = ResultInfoException.class) | |
| 22 | + @ResponseBody | |
| 23 | + public ResultInfo handlerResultInfoException(ResultInfoException e) { | |
| 24 | + return e.toResultInfo(); | |
| 25 | + } | |
| 26 | +} | |
| 0 | 27 | \ No newline at end of file | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java
0 → 100644
| ... | ... | @@ -0,0 +1,154 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.controller.manage; | |
| 2 | + | |
| 3 | +import javax.annotation.Resource; | |
| 4 | +import javax.servlet.http.HttpServletRequest; | |
| 5 | + | |
| 6 | +import org.apache.commons.lang.StringUtils; | |
| 7 | +import org.springframework.web.bind.annotation.DeleteMapping; | |
| 8 | +import org.springframework.web.bind.annotation.GetMapping; | |
| 9 | +import org.springframework.web.bind.annotation.PathVariable; | |
| 10 | +import org.springframework.web.bind.annotation.PostMapping; | |
| 11 | +import org.springframework.web.bind.annotation.PutMapping; | |
| 12 | +import org.springframework.web.bind.annotation.RequestBody; | |
| 13 | +import org.springframework.web.bind.annotation.RequestMapping; | |
| 14 | +import org.springframework.web.bind.annotation.RestController; | |
| 15 | + | |
| 16 | +import com.taover.bazhuayun.analysis.web.form.HeartbeatInstanceCreateForm; | |
| 17 | +import com.taover.bazhuayun.analysis.web.form.HeartbeatInstanceUpdateForm; | |
| 18 | +import com.taover.bazhuayun.analysis.web.module.heartbeat.HeartbeatManager; | |
| 19 | +import com.taover.bazhuayun.analysis.web.repository.AnalysisHeartbeatInstanceRepository; | |
| 20 | +import com.taover.util.bean.ResultInfo; | |
| 21 | +import com.taover.util.bean.UtilResultInfo; | |
| 22 | + | |
| 23 | +@RestController("manage.heartbeat") | |
| 24 | +@RequestMapping("/manage/heartbeat") | |
| 25 | +public class HeartbeatController { | |
| 26 | + @Resource | |
| 27 | + private AnalysisHeartbeatInstanceRepository analysisHeartbeatInstanceRepository; | |
| 28 | + @Resource | |
| 29 | + private HeartbeatManager heartbeatManager; | |
| 30 | + | |
| 31 | + /** | |
| 32 | + * @apiDefine ResultInfo | |
| 33 | + * @apiSuccess {string} | |
| 34 | + * @apiSuccessExample {json} Success-Response: | |
| 35 | + * { | |
| 36 | + * code:ok, | |
| 37 | + * error:null | |
| 38 | + * } | |
| 39 | + * @apiError ThrowException 出现异常 | |
| 40 | + * @apiErrorExample | |
| 41 | + * { | |
| 42 | + * code:fail, | |
| 43 | + * error:null exception | |
| 44 | + * } | |
| 45 | + */ | |
| 46 | + | |
| 47 | + /** | |
| 48 | + * @api {GET} /v1/wxorderauthoper 查询wxorderauthoper列表 | |
| 49 | + * @apiDescription 查询wxorderauthoper列表数据 | |
| 50 | + * 返回分页结果 | |
| 51 | + * | |
| 52 | + * @apiGroup wxorderauthoper | |
| 53 | + * @apiName wxorderauthoper列表 | |
| 54 | + * @apiVersion 1.0.0 | |
| 55 | + * @apiHeader Authorization | |
| 56 | + * | |
| 57 | + * @apiUse ResultInfo | |
| 58 | + */ | |
| 59 | + @GetMapping | |
| 60 | + public ResultInfo get(HttpServletRequest request){ | |
| 61 | + String pageStr = request.getParameter("page"); | |
| 62 | + if(StringUtils.isEmpty(pageStr)){ | |
| 63 | + pageStr = "1"; | |
| 64 | + } | |
| 65 | + String sizeStr = request.getParameter("size"); | |
| 66 | + if(StringUtils.isEmpty(sizeStr)){ | |
| 67 | + sizeStr = "10"; | |
| 68 | + } | |
| 69 | + return UtilResultInfo.getSuccess("", this.analysisHeartbeatInstanceRepository.findPageBySql("1=1", Integer.valueOf(pageStr), Integer.valueOf(sizeStr), null)); | |
| 70 | + } | |
| 71 | + | |
| 72 | + /** | |
| 73 | + * @api {GET} /v1/wxorderauthoper/{ssid} 查询ssid对应的wxorderauthoper | |
| 74 | + * @apiDescription 查询ssid对应wxorderauthoper数据 | |
| 75 | + * | |
| 76 | + * @apiGroup wxorderauthoper | |
| 77 | + * @apiName get实体数据 | |
| 78 | + * @apiVersion 1.0.0 | |
| 79 | + * @apiHeader Authorization | |
| 80 | + * | |
| 81 | + * @apiUse ResultInfo | |
| 82 | + */ | |
| 83 | + @GetMapping("/{code}") | |
| 84 | + public ResultInfo get(@PathVariable String code){ | |
| 85 | + try { | |
| 86 | + return UtilResultInfo.getSuccess("", this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null)); | |
| 87 | + } catch (Exception e) { | |
| 88 | + return UtilResultInfo.getFailure("not found record"); | |
| 89 | + } | |
| 90 | + } | |
| 91 | + | |
| 92 | + /** | |
| 93 | + * @api {POST} /v1/wxorderauthoper 创建wxorderauthoper | |
| 94 | + * @apiDescription 创建wxorderauthoper | |
| 95 | + * | |
| 96 | + * @apiGroup wxorderauthoper | |
| 97 | + * @apiName get实体数据 | |
| 98 | + * @apiVersion 1.0.0 | |
| 99 | + * @apiHeader Authorization | |
| 100 | + * | |
| 101 | + * @apiUse ResultInfo | |
| 102 | + */ | |
| 103 | + @PostMapping | |
| 104 | + public ResultInfo post(@RequestBody HeartbeatInstanceCreateForm form){ | |
| 105 | + this.heartbeatManager.createInstance(form); | |
| 106 | + return UtilResultInfo.getSuccess("创建成功"); | |
| 107 | + } | |
| 108 | + | |
| 109 | + /** | |
| 110 | + * @api {DELETE} /v1/wxorderauthoper/{ssid} 删除ssid对应的wxorderauthoper | |
| 111 | + * @apiDescription 删除ssid对应的wxorderauthoper数据 | |
| 112 | + * | |
| 113 | + * @apiGroup wxorderauthoper | |
| 114 | + * @apiName 删除实体数据 | |
| 115 | + * @apiVersion 1.0.0 | |
| 116 | + * @apiHeader Authorization | |
| 117 | + * | |
| 118 | + * @apiUse ResultInfo | |
| 119 | + */ | |
| 120 | + @DeleteMapping("/{code}") | |
| 121 | + public ResultInfo delete(@PathVariable String code){ | |
| 122 | + this.heartbeatManager.deleteInstance(code); | |
| 123 | + return UtilResultInfo.getSuccess("删除成功"); | |
| 124 | + } | |
| 125 | + | |
| 126 | + /** | |
| 127 | + * @api {PUT} /v1/wxorderauthoper/{ssid} 修改wxorderauthoper数据 | |
| 128 | + * @apiDescription 修改wxorderauthoper数据 | |
| 129 | + * | |
| 130 | + * @apiGroup wxorderauthoper | |
| 131 | + * @apiName 修改实体数据 | |
| 132 | + * @apiVersion 1.0.0 | |
| 133 | + * @apiHeader Authorization | |
| 134 | + * | |
| 135 | + * @apiUse ResultInfo | |
| 136 | + */ | |
| 137 | + @PutMapping("/{code}") | |
| 138 | + public ResultInfo put(@PathVariable String code, @RequestBody HeartbeatInstanceUpdateForm form){ | |
| 139 | + this.heartbeatManager.updateInstance(code, form); | |
| 140 | + return UtilResultInfo.getSuccess("更新成功"); | |
| 141 | + } | |
| 142 | + | |
| 143 | + @PutMapping("/{code}/enable") | |
| 144 | + public ResultInfo putEnable(@PathVariable String code){ | |
| 145 | + this.heartbeatManager.enableInstanceByCode(code); | |
| 146 | + return UtilResultInfo.getSuccess("监控启用成功"); | |
| 147 | + } | |
| 148 | + | |
| 149 | + @PutMapping("/{code}/disable") | |
| 150 | + public ResultInfo putDisable(@PathVariable String code){ | |
| 151 | + this.heartbeatManager.disableInstanceByCode(code); | |
| 152 | + return UtilResultInfo.getSuccess("监控停用成功"); | |
| 153 | + } | |
| 154 | +} | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java
src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java
| 1 | 1 | package com.taover.bazhuayun.analysis.web.form; |
| 2 | 2 | |
| 3 | 3 | import javax.persistence.Column; |
| 4 | -import javax.persistence.Id; | |
| 5 | 4 | |
| 6 | 5 | public class HeartbeatInstanceUpdateForm extends BaseUpdateForm { |
| 7 | 6 | @Column(name="url") |
| ... | ... | @@ -13,16 +12,7 @@ public class HeartbeatInstanceUpdateForm extends BaseUpdateForm { |
| 13 | 12 | public void setUrl(java.lang.String url){ |
| 14 | 13 | this.url = url; |
| 15 | 14 | } |
| 16 | - | |
| 17 | - private java.lang.String code; | |
| 18 | 15 | |
| 19 | - public java.lang.String getCode(){ | |
| 20 | - return code; | |
| 21 | - } | |
| 22 | - public void setCode(java.lang.String code){ | |
| 23 | - this.code = code; | |
| 24 | - } | |
| 25 | - | |
| 26 | 16 | @Column(name="fix_rate_sec") |
| 27 | 17 | private java.lang.Integer fixRateSec; |
| 28 | 18 | |
| ... | ... | @@ -97,20 +87,7 @@ public class HeartbeatInstanceUpdateForm extends BaseUpdateForm { |
| 97 | 87 | public void setReformPhone(java.lang.String reformPhone){ |
| 98 | 88 | this.reformPhone = reformPhone; |
| 99 | 89 | } |
| 100 | - | |
| 101 | - /** | |
| 102 | - * 可用状态:0-注销,1-使用中 | |
| 103 | - */ | |
| 104 | - @Column(name="status") | |
| 105 | - private java.lang.Integer status; | |
| 106 | - | |
| 107 | - public java.lang.Integer getStatus(){ | |
| 108 | - return status; | |
| 109 | - } | |
| 110 | - public void setStatus(java.lang.Integer status){ | |
| 111 | - this.status = status; | |
| 112 | - } | |
| 113 | - | |
| 90 | + | |
| 114 | 91 | /** |
| 115 | 92 | * |
| 116 | 93 | */ | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java
| ... | ... | @@ -26,7 +26,7 @@ public interface HeartbeatManager { |
| 26 | 26 | * 修改监控实例 |
| 27 | 27 | * @param form |
| 28 | 28 | */ |
| 29 | - void updateInstance(HeartbeatInstanceUpdateForm form); | |
| 29 | + void updateInstance(String code, HeartbeatInstanceUpdateForm form); | |
| 30 | 30 | |
| 31 | 31 | /** |
| 32 | 32 | * 停用监控实例 |
| ... | ... | @@ -56,4 +56,10 @@ public interface HeartbeatManager { |
| 56 | 56 | * 向服务器发送心跳 |
| 57 | 57 | */ |
| 58 | 58 | void sendServerHeartbeat(); |
| 59 | + | |
| 60 | + /** | |
| 61 | + * 删除实例 | |
| 62 | + * @param id | |
| 63 | + */ | |
| 64 | + void deleteInstance(String code); | |
| 59 | 65 | } | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java
| ... | ... | @@ -271,13 +271,13 @@ public class HeartbeatManagerImpl implements HeartbeatManager { |
| 271 | 271 | } |
| 272 | 272 | |
| 273 | 273 | @Override |
| 274 | - public void updateInstance(HeartbeatInstanceUpdateForm form) { | |
| 274 | + public void updateInstance(String code, HeartbeatInstanceUpdateForm form) { | |
| 275 | 275 | form.trimByRegexS(); |
| 276 | 276 | AnalysisHeartbeatInstanceEntity instance = null; |
| 277 | 277 | try { |
| 278 | - instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+form.getCode()+"'", null); | |
| 278 | + instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null); | |
| 279 | 279 | } catch (NotFoundException | MultiRowException e1) { |
| 280 | - throw new RuntimeException("code="+form.getCode()+"对应的实例数据异常(未找到或存在多条重复记录),请技术人员核实"); | |
| 280 | + throw new RuntimeException("code="+code+"对应的实例数据异常(未找到或存在多条重复记录),请技术人员核实"); | |
| 281 | 281 | } |
| 282 | 282 | this.analysisHeartbeatInstanceRepository.updateEntityById(form.getSQLUpdateList(), instance.getId(), null); |
| 283 | 283 | try { |
| ... | ... | @@ -326,4 +326,16 @@ public class HeartbeatManagerImpl implements HeartbeatManager { |
| 326 | 326 | UtilLog.error("注销监控实例出现异常,code["+instance.getCode()+"]", e, this.getClass()); |
| 327 | 327 | } |
| 328 | 328 | } |
| 329 | + | |
| 330 | + @Override | |
| 331 | + public void deleteInstance(String code) { | |
| 332 | + AnalysisHeartbeatInstanceEntity instance = null; | |
| 333 | + try { | |
| 334 | + instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null); | |
| 335 | + } catch (NotFoundException | MultiRowException e1) { | |
| 336 | + throw new RuntimeException("code="+code+"对应的实例数据异常(未找到或存在多条重复记录),请技术人员核实"); | |
| 337 | + } | |
| 338 | + this.disableInstanceByCode(instance.getCode()); | |
| 339 | + this.analysisHeartbeatInstanceRepository.deleteEntityByID(instance.getId(), null); | |
| 340 | + } | |
| 329 | 341 | } | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java
0 → 100644
| ... | ... | @@ -0,0 +1,38 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.permission; | |
| 2 | + | |
| 3 | +/** | |
| 4 | + * jwt相关配置 | |
| 5 | + * @author gaoming | |
| 6 | + * | |
| 7 | + */ | |
| 8 | +public class Audience { | |
| 9 | + private String clientId = "098f6bcd4621d373cade4e832627b4f6"; | |
| 10 | + private String base64Secret = "MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY"; | |
| 11 | + private String name = "admin"; | |
| 12 | + private int expiresSecond = 604800; | |
| 13 | + | |
| 14 | + public String getClientId() { | |
| 15 | + return clientId; | |
| 16 | + } | |
| 17 | + public void setClientId(String clientId) { | |
| 18 | + this.clientId = clientId; | |
| 19 | + } | |
| 20 | + public String getBase64Secret() { | |
| 21 | + return base64Secret; | |
| 22 | + } | |
| 23 | + public void setBase64Secret(String base64Secret) { | |
| 24 | + this.base64Secret = base64Secret; | |
| 25 | + } | |
| 26 | + public String getName() { | |
| 27 | + return name; | |
| 28 | + } | |
| 29 | + public void setName(String name) { | |
| 30 | + this.name = name; | |
| 31 | + } | |
| 32 | + public int getExpiresSecond() { | |
| 33 | + return expiresSecond; | |
| 34 | + } | |
| 35 | + public void setExpiresSecond(int expiresSecond) { | |
| 36 | + this.expiresSecond = expiresSecond; | |
| 37 | + } | |
| 38 | +} | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java
0 → 100644
| ... | ... | @@ -0,0 +1,39 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.permission; | |
| 2 | + | |
| 3 | +import io.jsonwebtoken.Claims; | |
| 4 | + | |
| 5 | +public class BzyClaims { | |
| 6 | + | |
| 7 | + private Long tenantId; | |
| 8 | + private Long userId; | |
| 9 | + private Claims claims; | |
| 10 | + | |
| 11 | + private BzyClaims(){} | |
| 12 | + | |
| 13 | + public BzyClaims(Claims claims,Long tennatId,Long userId){ | |
| 14 | + this.claims = claims; | |
| 15 | + this.tenantId = tennatId; | |
| 16 | + this.userId = userId; | |
| 17 | + } | |
| 18 | + | |
| 19 | + public Long getTenantId() { | |
| 20 | + return tenantId; | |
| 21 | + } | |
| 22 | + public void setTenantId(Long tenantId) { | |
| 23 | + this.tenantId = tenantId; | |
| 24 | + } | |
| 25 | + public Long getUserId() { | |
| 26 | + return userId; | |
| 27 | + } | |
| 28 | + public void setUserId(Long userId) { | |
| 29 | + this.userId = userId; | |
| 30 | + } | |
| 31 | + public Claims getClaims() { | |
| 32 | + return claims; | |
| 33 | + } | |
| 34 | + public void setClaims(Claims claims) { | |
| 35 | + this.claims = claims; | |
| 36 | + } | |
| 37 | + | |
| 38 | + | |
| 39 | +} | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java
0 → 100644
| ... | ... | @@ -0,0 +1,64 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.permission; | |
| 2 | + | |
| 3 | +import java.io.IOException; | |
| 4 | + | |
| 5 | +import javax.servlet.Filter; | |
| 6 | +import javax.servlet.FilterChain; | |
| 7 | +import javax.servlet.FilterConfig; | |
| 8 | +import javax.servlet.ServletException; | |
| 9 | +import javax.servlet.ServletRequest; | |
| 10 | +import javax.servlet.ServletResponse; | |
| 11 | +import javax.servlet.http.HttpServletRequest; | |
| 12 | +import javax.servlet.http.HttpServletResponse; | |
| 13 | + | |
| 14 | +import com.alibaba.fastjson.JSONObject; | |
| 15 | +import com.taover.util.UtilLog; | |
| 16 | +import com.taover.util.bean.UtilResultInfo; | |
| 17 | + | |
| 18 | +public class JwtFilter implements Filter { | |
| 19 | + private int adminUserId; | |
| 20 | + | |
| 21 | + public JwtFilter(int userId) { | |
| 22 | + this.adminUserId = userId; | |
| 23 | + } | |
| 24 | + | |
| 25 | + @Override | |
| 26 | + public void doFilter(final ServletRequest req, final ServletResponse res, final FilterChain chain) throws IOException, ServletException { | |
| 27 | + final HttpServletRequest request = (HttpServletRequest) req; | |
| 28 | + final HttpServletResponse response = (HttpServletResponse) res; | |
| 29 | + if ("OPTIONS".equals(request.getMethod())) { | |
| 30 | + response.setStatus(HttpServletResponse.SC_OK); | |
| 31 | + } else { | |
| 32 | + //切换为当前用户 | |
| 33 | + String authHeader = request.getHeader("authorization"); | |
| 34 | + if(authHeader == null || !authHeader.startsWith(JwtUtil.TOKEN_PREFFIX)) { | |
| 35 | + response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized(""))); | |
| 36 | + return; | |
| 37 | + }else { | |
| 38 | + try { | |
| 39 | + //检查是否有权限访问 | |
| 40 | + BzyClaims claims = JwtUtil.parseJWT(authHeader.substring(JwtUtil.TOKEN_START_INDEX)); | |
| 41 | + if(claims.getUserId().intValue() != adminUserId) { | |
| 42 | + response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized("not admin,no permission"))); | |
| 43 | + return; | |
| 44 | + } | |
| 45 | + }catch (Exception e) { | |
| 46 | + response.addHeader("Content-Type", "application/json;charset=UTF-8"); | |
| 47 | + response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized(e.getMessage()))); | |
| 48 | + return; | |
| 49 | + } | |
| 50 | + } | |
| 51 | + } | |
| 52 | + chain.doFilter(req, res); | |
| 53 | + } | |
| 54 | + | |
| 55 | + @Override | |
| 56 | + public void init(FilterConfig filterConfig) throws ServletException { | |
| 57 | + UtilLog.infoForMessage("JwtFilter:init", this.getClass()); | |
| 58 | + } | |
| 59 | + | |
| 60 | + @Override | |
| 61 | + public void destroy() { | |
| 62 | + UtilLog.infoForMessage("JwtFilter:destroy", this.getClass()); | |
| 63 | + } | |
| 64 | +} | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java
0 → 100644
| ... | ... | @@ -0,0 +1,23 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.permission; | |
| 2 | + | |
| 3 | +import org.springframework.beans.factory.annotation.Value; | |
| 4 | +import org.springframework.boot.web.servlet.FilterRegistrationBean; | |
| 5 | +import org.springframework.context.annotation.Bean; | |
| 6 | +import org.springframework.context.annotation.Configuration; | |
| 7 | + | |
| 8 | +@Configuration | |
| 9 | +public class JwtFilterConfig { | |
| 10 | + @Value("${db.user.userid.admin}") | |
| 11 | + private int adminUserId; | |
| 12 | + | |
| 13 | + public static final int ORDER_JWT_FILTER = 1; | |
| 14 | + | |
| 15 | + @Bean | |
| 16 | + public FilterRegistrationBean<JwtFilter> jwtFilter() { | |
| 17 | + FilterRegistrationBean<JwtFilter> registrationBean = new FilterRegistrationBean<JwtFilter>(); | |
| 18 | + registrationBean.setFilter(new JwtFilter(adminUserId)); | |
| 19 | + registrationBean.addUrlPatterns("/manage/*"); | |
| 20 | + registrationBean.setOrder(ORDER_JWT_FILTER); | |
| 21 | + return registrationBean; | |
| 22 | + } | |
| 23 | +} | ... | ... |
src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java
0 → 100644
| ... | ... | @@ -0,0 +1,88 @@ |
| 1 | +package com.taover.bazhuayun.analysis.web.permission; | |
| 2 | + | |
| 3 | +import java.io.IOException; | |
| 4 | +import java.security.Key; | |
| 5 | +import java.util.Date; | |
| 6 | + | |
| 7 | +import javax.crypto.spec.SecretKeySpec; | |
| 8 | +import javax.servlet.ServletException; | |
| 9 | +import javax.xml.bind.DatatypeConverter; | |
| 10 | + | |
| 11 | +import io.jsonwebtoken.Claims; | |
| 12 | +import io.jsonwebtoken.JwtBuilder; | |
| 13 | +import io.jsonwebtoken.JwtParser; | |
| 14 | +import io.jsonwebtoken.Jwts; | |
| 15 | +import io.jsonwebtoken.SignatureAlgorithm; | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | +/** | |
| 20 | + * Reserved claims(保留),它的含义就像是编程语言的保留字一样,属于JWT标准里面规定的一些claim。JWT标准里面定好的claim有: | |
| 21 | + | |
| 22 | + iss(Issuser):代表这个JWT的签发主体; | |
| 23 | + sub(Subject):代表这个JWT的主体,即它的所有人; | |
| 24 | + aud(Audience):代表这个JWT的接收对象; | |
| 25 | + exp(Expiration time):是一个时间戳,代表这个JWT的过期时间; | |
| 26 | + nbf(Not Before):是一个时间戳,代表这个JWT生效的开始时间,意味着在这个时间之前验证JWT是会失败的; | |
| 27 | + iat(Issued at):是一个时间戳,代表这个JWT的签发时间; | |
| 28 | + jti(JWT ID):是JWT的唯一标识。 | |
| 29 | + * @param req | |
| 30 | + * @param res | |
| 31 | + * @param chain | |
| 32 | + * @throws IOException | |
| 33 | + * @throws ServletException | |
| 34 | + */ | |
| 35 | +public class JwtUtil { | |
| 36 | + public static String TOKEN_PREFFIX = "Bearer=="; | |
| 37 | + public static int TOKEN_START_INDEX = TOKEN_PREFFIX.length(); | |
| 38 | + | |
| 39 | + private static Audience audience = new Audience(); | |
| 40 | + private static JwtParser jwtParser; | |
| 41 | + private static JwtBuilder jwtBuilder; | |
| 42 | + | |
| 43 | + static { | |
| 44 | + //生成签名密钥 | |
| 45 | + byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(audience.getBase64Secret()); | |
| 46 | + | |
| 47 | + //初始化jwtParser | |
| 48 | + jwtParser = Jwts.parser().setSigningKey(apiKeySecretBytes); | |
| 49 | + | |
| 50 | + //初始化jwtBuilder | |
| 51 | + Key signingKey = new SecretKeySpec(apiKeySecretBytes, SignatureAlgorithm.HS256.getJcaName()); | |
| 52 | + jwtBuilder = Jwts.builder() | |
| 53 | + .setHeaderParam("typ", "JWT") | |
| 54 | + .setIssuer(audience.getName()) | |
| 55 | + .setAudience(audience.getClientId()) | |
| 56 | + .signWith(SignatureAlgorithm.HS256, signingKey); | |
| 57 | + } | |
| 58 | + | |
| 59 | + /** | |
| 60 | + * 解析jwt | |
| 61 | + */ | |
| 62 | + public static BzyClaims parseJWT(String token) { | |
| 63 | + Claims claims = jwtParser.parseClaimsJws(token).getBody(); | |
| 64 | + Long userid = Long.valueOf(claims.get("userid", Object.class).toString()); | |
| 65 | + Long tenantId = Long.valueOf(claims.get("tenant", Object.class).toString()); | |
| 66 | + return new BzyClaims(claims,tenantId,userid); | |
| 67 | + } | |
| 68 | + | |
| 69 | + /** | |
| 70 | + * 构建jwt | |
| 71 | + */ | |
| 72 | + public static String createJWT(String mobile, Long userId, Long tenantId) { | |
| 73 | + //添加构成JWT的参数 | |
| 74 | + jwtBuilder.claim("tenant", tenantId.toString()) | |
| 75 | + .claim("username", mobile) | |
| 76 | + .claim("userid", userId.toString()); | |
| 77 | + //添加Token过期时间 | |
| 78 | + if (audience.getExpiresSecond() >= 0) { | |
| 79 | + long nowMillis = System.currentTimeMillis(); | |
| 80 | + Date now = new Date(nowMillis); | |
| 81 | + Date exp = new Date(nowMillis + audience.getExpiresSecond()*1000); | |
| 82 | + jwtBuilder.setExpiration(exp).setNotBefore(now); | |
| 83 | + } | |
| 84 | + //生成JWT | |
| 85 | + return jwtBuilder.compact(); | |
| 86 | + } | |
| 87 | + | |
| 88 | +} | |
| 0 | 89 | \ No newline at end of file | ... | ... |
src/main/resources/application-local.properties
src/main/resources/application-production.properties