Merge pull request #5278 from dataease/pr@dev@fix_ak_sk_lic

feat(lic): ak/sk增加许可验证逻辑
2023-05-23 11:13:22 +08:00 · 2023-05-23 11:13:22 +08:00 · 32cbe7f1fa
commit 32cbe7f1fa
parent 01c177f7f5 483de19224
1 changed files with 23 additions and 4 deletions
--- a/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
@ -2,17 +2,16 @@ package io.dataease.auth.filter;

 import io.dataease.auth.entity.ASKToken;
 import io.dataease.auth.entity.JWTToken;
-
 import io.dataease.auth.handler.ApiKeyHandler;
-
+import io.dataease.commons.license.DefaultLicenseService;
+import io.dataease.commons.license.F2CLicenseResponse;
+import io.dataease.commons.utils.CommonBeanFactory;
 import io.dataease.commons.utils.LogUtil;
 import io.dataease.commons.utils.TokenCacheUtils;
-
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
-
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.RequestMethod;

@ -26,6 +25,7 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {


    public final static String expireMessage = "Login token is expire.";
+    public final static String licMessage = "license invalid";


    /**
@ -49,6 +49,17 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {

        if (ApiKeyHandler.isApiKeyCall(httpServletRequest)) {

+            DefaultLicenseService licenseService = CommonBeanFactory.getBean(DefaultLicenseService.class);
+            F2CLicenseResponse licenseResponse = null;
+            try {
+                licenseResponse = licenseService.validateLicense();
+            } catch (Exception e) {
+                throw new AuthenticationException(licMessage);
+            }
+            if (licenseResponse.getStatus() != F2CLicenseResponse.Status.valid) {
+                throw new AuthenticationException(licMessage);
+            }
+
            ASKToken askToken = ApiKeyHandler.buildToken(httpServletRequest);

            getSubject(request, response).login(askToken);
@ -87,6 +98,8 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
                LogUtil.error(e);
                if (e instanceof AuthenticationException && StringUtils.equals(e.getMessage(), expireMessage)) {
                    responseExpire(request, response, e);
+                } else if (StringUtils.equals(licMessage, e.getMessage())) {
+                    responseLicError(request, response, e);
                } else {
                    tokenError(request, response, e);
                }
@ -127,4 +140,10 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
        httpServletResponse.setHeader("authentication-status", "login_expire");
    }

+    private void responseLicError(ServletRequest req, ServletResponse resp, Exception e1) {
+        HttpServletResponse httpServletResponse = (HttpServletResponse) resp;
+        httpServletResponse.addHeader("Access-Control-Expose-Headers", "authentication-status");
+        httpServletResponse.setHeader("authentication-status", licMessage);
+    }
+
 }