refactor: 修改为使用框架封装的类

src/main/java/com/dragonsoft/dcuc/approvegateway/filter/BimTokenPreFilter.java

@@ -1,100 +0,0 @@
-package com.dragonsoft.dcuc.approvegateway.filter;
-
-import com.alibaba.fastjson.JSON;
-import com.dragonsoft.approve.component.TokenOperate;
-import com.dragonsoft.approve.model.TokenInfo;
-import com.dragonsoft.dcuc.approvegateway.Constants;
-import com.dragonsoft.dcuc.approvegateway.business.BimBusiness;
-import com.dragonsoft.dcuc.approvegateway.properties.DcucApproveProperties;
-import com.dragonsoft.duceap.web.SecurityProperties;
-import com.netflix.zuul.ZuulFilter;
-import com.netflix.zuul.context.RequestContext;
-import com.netflix.zuul.exception.ZuulException;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.time.DateUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import java.util.Date;
-
-/**
- * @Author: qiuyu huangzqa
- * @Date: 2021/1/14 10:57
- * @Description:
- */
-@Slf4j
-@Component
-public class BimTokenPreFilter extends ZuulFilter {
-
-    private static final Logger logger = LoggerFactory.getLogger(BimTokenPreFilter.class);
-
-    @Autowired
-    private SecurityProperties securityProperties;
-
-    @Autowired
-    private TokenOperate tokenComponent;
-
-    @Autowired
-    private BimBusiness bimBusiness;
-
-    @Autowired
-    private DcucApproveProperties dcucApproveProperties;
-
-    @Override
-    public String filterType() {
-        return "pre";
-    }
-
-    @Override
-    public int filterOrder() {
-        return -11;
-    }
-
-    @Override
-    public boolean shouldFilter() {
-        String type = securityProperties.getType();
-        return type.equalsIgnoreCase(Constants.HUAWEI);
-    }
-
-    @Override
-    public Object run() throws ZuulException {
-        RequestContext ctx = RequestContext.getCurrentContext();
-        ctx.set(Constants.BIM_TOKEN, getTokenOauth());
-        return null;
-    }
-
-    /**
-     * 获取token信息
-     *
-     * @return token信息
-     */
-    public TokenInfo getTokenOauth() {
-        TokenInfo tokenInfo = tokenComponent.fetchTokenInfo();
-
-        Date currentDate = new Date();
-        //token正常直接返回
-        if (null != tokenInfo && currentDate.before(tokenInfo.getOverdueTime())) {
-            logger.debug("HwTokenInfo=【{}】", JSON.toJSONString(tokenInfo));
-            return tokenInfo;
-        }
-
-        if (tokenInfo != null) {
-            String accessToken = tokenInfo.getAccessToken();
-            bimBusiness.logoutToken(accessToken);
-        }
-
-        //调用竹云认证获取 token
-        String token = bimBusiness.getToken();
-        tokenInfo = new TokenInfo();
-        tokenInfo.setAccessToken(token);
-
-        //设置缓存
-        Integer bimTokenExpireSecond = dcucApproveProperties.getBimTokenExpireSecond();
-        tokenInfo.setOverdueTime(DateUtils.addSeconds(currentDate, bimTokenExpireSecond));
-        tokenComponent.pushHwTokenInfo(tokenInfo);
-        return tokenInfo;
-    }
-
-}

src/main/java/com/dragonsoft/dcuc/approvegateway/filter/BimUserInfoPreFilter.java

@@ -1,147 +0,0 @@
-package com.dragonsoft.dcuc.approvegateway.filter;
-
-import com.alibaba.fastjson.JSONObject;
-import com.dragonsoft.approve.common.ErrorCode;
-import com.dragonsoft.approve.model.TokenInfo;
-import com.dragonsoft.dcuc.approvegateway.Constants;
-import com.dragonsoft.dcuc.approvegateway.business.BimBusiness;
-import com.dragonsoft.dcuc.approvegateway.pojo.BimUserInfoItemRespVO;
-import com.dragonsoft.dcuc.approvegateway.properties.DcucApproveProperties;
-import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
-import com.dragonsoft.duceap.base.entity.security.BaseSecurityUser;
-import com.dragonsoft.duceap.base.exception.ApplicationException;
-import com.dragonsoft.duceap.base.utils.UserContextUtils;
-import com.dragonsoft.duceap.commons.util.UrlMatcher;
-import com.dragonsoft.duceap.commons.util.json.JsonUtils;
-import com.dragonsoft.duceap.security.jwt.JwtTokenUtils;
-import com.dragonsoft.duceap.web.SecurityProperties;
-import com.netflix.zuul.ZuulFilter;
-import com.netflix.zuul.context.RequestContext;
-import com.netflix.zuul.exception.ZuulException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.web.ServerProperties;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * @author huangzqa
- */
-@Component
-public class BimUserInfoPreFilter extends ZuulFilter {
-
-    private static final Logger logger = LoggerFactory.getLogger(BimUserInfoPreFilter.class);
-
-    @Autowired
-    private SecurityProperties securityProperties;
-
-    @Autowired
-    private ServerProperties serverProperties;
-
-    @Autowired
-    private DcucApproveProperties dcucApproveProperties;
-
-    @Autowired
-    private BimBusiness bimBusiness;
-
-    @Override
-    public String filterType() {
-        return "pre";
-    }
-
-    @Override
-    public int filterOrder() {
-        return -10;
-    }
-
-    @Override
-    public boolean shouldFilter() {
-        String type = securityProperties.getType();
-        return type.equalsIgnoreCase(Constants.HUAWEI);
-    }
-
-    @Override
-    public Object run() throws ZuulException {
-        RequestContext ctx = RequestContext.getCurrentContext();
-        HttpServletRequest request = ctx.getRequest();
-        String contextPath = serverProperties.getServlet().getContextPath();
-        String requestUri = request.getRequestURI();
-
-        if (!isNeedUserInfo(contextPath, requestUri)) {
-            return null;
-        }
-
-        BaseSecurityUser currentUser = UserContextUtils.getCurrentUser();
-        logger.info("====登录用户信息：{}====", JSONObject.toJSONString(currentUser));
-        if (currentUser != null) {
-            String jwtToken = JwtTokenUtils.getAlgorithmGen(JwtTokenUtils.AlgorithmType.HS256).sign(currentUser);
-            ctx.addZuulRequestHeader(JwtTokenUtils.AUTHORIZATION_HEADER, JwtTokenUtils.TOKEN_PREFIX + jwtToken);
-            logger.info("登录jwtToken：{}", jwtToken);
-        } else {
-            currentUser = getSecurityUser();
-            UserContextUtils.setCurrentUser(currentUser);
-        }
-
-        if (currentUser == null) {
-            //无获取到用户信息不对该请求进行路由
-            ctx.setSendZuulResponse(false);
-            ResponseStatus responseStatus = ResponseStatus.fail("未登陆");
-            ctx.setResponseBody(JsonUtils.toJSONString(responseStatus));
-        }
-
-        return null;
-    }
-
-    private BaseSecurityUser getSecurityUser() {
-        RequestContext ctx = RequestContext.getCurrentContext();
-        HttpServletRequest request = ctx.getRequest();
-
-        String userToken = request.getHeader("userToken");
-
-        BaseSecurityUser baseSecurityUser;
-        try {
-            String accessToken = ((TokenInfo) ctx.get(Constants.BIM_TOKEN)).getAccessToken();
-            BimUserInfoItemRespVO bimUserInfoItemRespVO = bimBusiness.getUserInfoByUserToken(userToken, accessToken);
-            baseSecurityUser = new BaseSecurityUser();
-            baseSecurityUser.setId(bimUserInfoItemRespVO.getYhId());
-            baseSecurityUser.setName(bimUserInfoItemRespVO.getXm());
-            baseSecurityUser.setPoliceNo(bimUserInfoItemRespVO.getJh());
-            baseSecurityUser.setSecurityOrg(bimUserInfoItemRespVO.getDwdm());
-        } catch (Exception e) {
-            logger.error("用户信息获取失败", e);
-            throw new ApplicationException(ErrorCode.USER_INFO_ERROR.getCode(), ErrorCode.USER_INFO_ERROR.getMsg());
-        }
-
-        return baseSecurityUser;
-    }
-
-    /**
-     * 是否需要用户信息
-     *
-     * @param contextPath 上下文
-     * @param requestUri  请求路径
-     * @return 是否需要
-     */
-    public boolean isNeedUserInfo(String contextPath, String requestUri) {
-
-        logger.debug("Security filter origin uri:{}", requestUri);
-
-        // 去除上下文
-        requestUri = requestUri.substring(contextPath.length());
-
-        logger.debug("Security filter not context uri:{}", requestUri);
-
-        String huaweiLoginFilterUrl = dcucApproveProperties.getHuaweiLoginFilterUrl();
-        String[] splitUrls = huaweiLoginFilterUrl.split(",");
-
-        logger.debug("splitUrls:{} .", JsonUtils.toJSONString(splitUrls));
-
-        if (UrlMatcher.matches(requestUri, splitUrls)) {
-            logger.debug("URI:{} Not need get user info.", requestUri);
-            return false;
-        }
-        return true;
-    }
-}

src/main/java/com/dragonsoft/dcuc/approvegateway/filter/SecurityAccessTokenResolver.java

@@ -0,0 +1,155 @@
+package com.dragonsoft.dcuc.approvegateway.filter;
+
+import cn.hutool.core.util.StrUtil;
+import com.alibaba.fastjson.JSON;
+import com.dragonsoft.approve.component.TokenOperate;
+import com.dragonsoft.approve.model.TokenInfo;
+import com.dragonsoft.dcuc.approvegateway.Constants;
+import com.dragonsoft.dcuc.approvegateway.business.BimBusiness;
+import com.dragonsoft.dcuc.approvegateway.pojo.BimUserInfoItemRespVO;
+import com.dragonsoft.dcuc.approvegateway.properties.DcucApproveProperties;
+import com.dragonsoft.duceap.base.api.security.ISecurityAccessTokenResolver;
+import com.dragonsoft.duceap.base.entity.security.BaseSecurityUser;
+import com.dragonsoft.duceap.base.entity.security.SecurityUser;
+import com.dragonsoft.duceap.commons.util.UrlMatcher;
+import com.dragonsoft.duceap.commons.util.json.JsonUtils;
+import com.dragonsoft.duceap.security.jwt.securityaccess.SecurityAccessTokenProperties;
+import com.dragonsoft.duceap.security.jwt.securityaccess.SecurityAccessUserCacheResolver;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.time.DateUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.web.ServerProperties;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Date;
+
+/**
+ * @author huangzqa
+ * @date 2021/4/15
+ **/
+@Slf4j
+@Component
+public class SecurityAccessTokenResolver implements ISecurityAccessTokenResolver {
+
+    @Autowired
+    private SecurityAccessTokenProperties secAccessProp;
+
+    @Autowired(required = false)
+    private SecurityAccessUserCacheResolver cacheResolver;
+
+    @Autowired
+    private ServerProperties serverProperties;
+
+    @Autowired
+    private BimBusiness bimBusiness;
+
+    @Autowired
+    private DcucApproveProperties dcucApproveProperties;
+
+    @Autowired
+    private TokenOperate tokenComponent;
+
+
+    @Override
+    public BaseSecurityUser resolve(HttpServletRequest request) {
+        String contextPath = serverProperties.getServlet().getContextPath();
+        String requestUri = request.getRequestURI();
+        log.debug("Security filter origin uri:{}", requestUri);
+
+        // 去除上下文
+        requestUri = requestUri.substring(contextPath.length());
+
+        log.debug("Security filter not context uri:{}", requestUri);
+        String huaweiLoginFilterUrl = dcucApproveProperties.getHuaweiLoginFilterUrl();
+        String[] splitUrls = huaweiLoginFilterUrl.split(StrUtil.COMMA);
+
+        log.debug("splitUrls:{} .", JsonUtils.toJSONString(splitUrls));
+
+        String userInfoUri = "/api/user/info";
+        if (!requestUri.equalsIgnoreCase(userInfoUri)) {
+            if (UrlMatcher.matches(requestUri, splitUrls)) {
+                log.debug("URI:{} Not need get user info.", requestUri);
+                return null;
+            }
+        }
+
+
+        String userToken = request.getHeader(secAccessProp.getUserTokenHeaderName());
+        String appToken = request.getHeader(Constants.APP_TOKEN);
+
+        log.info("userToken:{},appToken:{}", userToken, appToken);
+
+        if (cacheResolver != null) {
+            //从缓存中取
+            SecurityUser securityUserCache = (SecurityUser) cacheResolver.getIfPresent(cacheResolver.cacheKey(userToken));
+
+            if (securityUserCache != null) {
+                log.info("Cache securityUserCache:{}", JsonUtils.toJSONString(securityUserCache));
+
+                return securityUserCache;
+            }
+        }
+
+        if (StrUtil.isBlank(userToken)) {
+            return null;
+        }
+        TokenInfo tokenOauth = getTokenOauth();
+        String token = tokenOauth.getAccessToken();
+        BimUserInfoItemRespVO userInfoItemRespVO = bimBusiness.getUserInfoByUserToken(userToken, token);
+        String sfzh = userInfoItemRespVO.getSfzh();
+
+        log.info("idcard:{}, userInfo :{}", sfzh, JsonUtils.toJSONString(userInfoItemRespVO));
+
+        SecurityUser securityUser = new SecurityUser();
+        securityUser.setId(userInfoItemRespVO.getYhId());
+        securityUser.setName(userInfoItemRespVO.getXm());
+        securityUser.setUserName(userInfoItemRespVO.getSfzh());
+        securityUser.setPoliceNo(userInfoItemRespVO.getJh());
+        securityUser.setIdcard(userInfoItemRespVO.getSfzh());
+        securityUser.setSecurityOrg(userInfoItemRespVO.getDwdm());
+        securityUser.setSecurityOrgName(userInfoItemRespVO.getDwmc());
+
+        //放入缓存
+        if (cacheResolver != null) {
+            cacheResolver.put(cacheResolver.cacheKey(userToken), securityUser);
+        }
+
+        log.info("return idcard:{}, securityUser :{}", sfzh, JsonUtils.toJSONString(securityUser));
+
+        return securityUser;
+    }
+
+    /**
+     * 获取token信息
+     *
+     * @return token信息
+     */
+    public TokenInfo getTokenOauth() {
+        TokenInfo tokenInfo = tokenComponent.fetchTokenInfo();
+
+        Date currentDate = new Date();
+        //token正常直接返回
+        if (null != tokenInfo && currentDate.before(tokenInfo.getOverdueTime())) {
+            log.debug("HwTokenInfo=【{}】", JSON.toJSONString(tokenInfo));
+            return tokenInfo;
+        }
+
+        if (tokenInfo != null) {
+            String accessToken = tokenInfo.getAccessToken();
+            bimBusiness.logoutToken(accessToken);
+        }
+
+        //调用竹云认证获取 token
+        String token = bimBusiness.getToken();
+        tokenInfo = new TokenInfo();
+        tokenInfo.setAccessToken(token);
+
+        //设置缓存
+        Integer bimTokenExpireSecond = dcucApproveProperties.getBimTokenExpireSecond();
+        tokenInfo.setOverdueTime(DateUtils.addSeconds(currentDate, bimTokenExpireSecond));
+        tokenComponent.pushHwTokenInfo(tokenInfo);
+        return tokenInfo;
+    }
+
+}

src/main/resources/application-base.yml

@@ -43,7 +43,7 @@ duceap:
       host: http://192.168.10.27:8070 #配置中心地址(portal端)
   security:
     ##配置登陆方式，dids、dssoac、dcuc、huawei
-    type: dcuc
+    type: huawei
     ##dids登录配置#
     dids2:
       ##应用代码
@@ -68,6 +68,10 @@ duceap:
       ignorePattern: /v2/api-docs,/api/v1/process-types,api/v1/process-type,api/v1/apply,services,hessian,commons,install.action,.xml,/install,/widgets-src/,/authorizationPage.html,/importAuthorizationFile.html,/license/LicenseManagerServlet,/authorizationFile/
       ApiUrl: http://192.168.10.2:8860/dcuc
       appCode: YHZX0000000000000001
+  security-access:
+    jwt:
+      enabled: true
+      user-token-header-name: userToken
 dcuc:
   approve:
     bim-identity-url: https://127.0.0.1:8443/bim-server

src/test/java/com/dragonsoft/dcuc/approvegateway/filter/BimUserInfoPreFilterTest.java

@@ -1,39 +0,0 @@
-package com.dragonsoft.dcuc.approvegateway.filter;
-
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.web.ServerProperties;
-import org.springframework.boot.test.context.SpringBootTest;
-
-/**
- * <p>
- *
- * </p>
- *
- * @author huangzqa
- * @date 2021/6/21
- */
-@SpringBootTest
-class BimUserInfoPreFilterTest {
-
-    @Autowired
-    private BimUserInfoPreFilter bimUserInfoPreFilter;
-
-    @Autowired
-    private ServerProperties serverProperties;
-
-    @Test
-    void isNeedUserInfo() {
-        String contextPath = serverProperties.getServlet().getContextPath();
-
-        boolean needUserInfo = bimUserInfoPreFilter.isNeedUserInfo(contextPath, contextPath + "/api/v1/process-types");
-
-        Assertions.assertFalse(needUserInfo);
-
-        boolean needUserInfo1 = bimUserInfoPreFilter.isNeedUserInfo(contextPath, contextPath + "/user/info");
-
-        Assertions.assertTrue(needUserInfo1);
-
-    }
-}