perf: 优化社区版token机制

2024-09-30 15:47:38 +08:00 · 2024-09-30 15:47:38 +08:00 · b3bb62b123
commit b3bb62b123
parent 631da3aee4
4 changed files with 92 additions and 79 deletions
--- a/sdk/common/src/main/java/io/dataease/auth/filter/CommunityTokenFilter.java
+++ b/sdk/common/src/main/java/io/dataease/auth/filter/CommunityTokenFilter.java
@ -0,0 +1,79 @@
+package io.dataease.auth.filter;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import com.auth0.jwt.interfaces.Verification;
+import io.dataease.auth.bo.TokenUserBO;
+import io.dataease.auth.config.SubstituleLoginConfig;
+import io.dataease.license.utils.LicenseUtil;
+import io.dataease.utils.*;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpStatusCode;
+import org.springframework.http.ResponseEntity;
+import org.springframework.util.ReflectionUtils;
+
+import java.io.IOException;
+import java.lang.reflect.Method;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.util.Objects;
+
+public class CommunityTokenFilter implements Filter {
+
+    private static final String headName = "DE-GATEWAY-FLAG";
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        Long userId = null;
+        String token = ServletUtils.getToken();
+        TokenUserBO userBO = null;
+        if (StringUtils.isNotBlank(token) && ObjectUtils.isNotEmpty(userBO = AuthUtils.getUser()) && ObjectUtils.isNotEmpty(userId = userBO.getUserId()) && !LicenseUtil.licenseValid()) {
+            String secret = null;
+            if (ObjectUtils.isEmpty(CommonBeanFactory.getBean("loginServer"))) {
+                String pwd = SubstituleLoginConfig.getPwd();
+                secret = Md5Utils.md5(pwd);
+            } else {
+                Object apisixTokenManage = CommonBeanFactory.getBean("apisixTokenManage");
+                Method method = DeReflectUtil.findMethod(apisixTokenManage.getClass(), "userCacheBO");
+                Object o = ReflectionUtils.invokeMethod(method, apisixTokenManage, userId);
+                Method pwdMethod = DeReflectUtil.findMethod(o.getClass(), "getPwd");
+                Object pwdObj = ReflectionUtils.invokeMethod(pwdMethod, o);
+                secret = pwdObj.toString();
+            }
+            try {
+                Algorithm algorithm = Algorithm.HMAC256(secret);
+                Verification verification = JWT.require(algorithm).withClaim("uid", userId).withClaim("oid", userBO.getDefaultOid());
+                JWTVerifier verifier = verification.build();
+                DecodedJWT decode = JWT.decode(token);
+                algorithm.verify(decode);
+                verifier.verify(token);
+            } catch (Exception e) {
+                HttpServletResponse res = (HttpServletResponse) servletResponse;
+                LogUtil.error(e.getMessage(), e);
+                HttpHeaders headers = new HttpHeaders();
+                String msg = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8).replace("+", "%20");
+                headers.add(headName, msg);
+                sendResponseEntity(res, new ResponseEntity<>(e.getMessage(), headers, HttpStatus.UNAUTHORIZED));
+            }
+        }
+
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
+
+    private void sendResponseEntity(HttpServletResponse httpResponse, ResponseEntity<String> responseEntity) throws IOException {
+        HttpHeaders headers = responseEntity.getHeaders();
+        HttpStatusCode statusCode = responseEntity.getStatusCode();
+        httpResponse.setStatus(statusCode.value());
+        for (String name : headers.keySet()) {
+            httpResponse.setHeader(name, headers.getFirst(name));
+        }
+        httpResponse.getWriter().write(Objects.requireNonNull(responseEntity.getBody()));
+    }
+}
--- a/sdk/common/src/main/java/io/dataease/auth/filter/FilterConfig.java
+++ b/sdk/common/src/main/java/io/dataease/auth/filter/FilterConfig.java
@ -16,4 +16,14 @@ public class FilterConfig {
        filter.setOrder(0);
        return filter;
    }
+
+    @Bean
+    public FilterRegistrationBean communityFilter() {
+        FilterRegistrationBean filter = new FilterRegistrationBean<>();
+        filter.setName("communityTokenFilter");
+        filter.setFilter(new CommunityTokenFilter());
+        filter.addUrlPatterns("/*");
+        filter.setOrder(5);
+        return filter;
+    }
 }
--- a/sdk/common/src/main/java/io/dataease/auth/filter/TokenFilter.java
+++ b/sdk/common/src/main/java/io/dataease/auth/filter/TokenFilter.java
@ -3,28 +3,15 @@ package io.dataease.auth.filter;
 import io.dataease.auth.bo.TokenUserBO;
 import io.dataease.constant.AuthConstant;
 import io.dataease.utils.*;
-import jakarta.servlet.FilterConfig;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.HttpStatusCode;
-import org.springframework.http.ResponseEntity;

 import java.io.IOException;
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
 import java.util.Objects;

 public class TokenFilter implements Filter {

-    private static final String headName = "DE-GATEWAY-FLAG";
-
-    @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
-    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
@ -57,41 +44,9 @@ public class TokenFilter implements Filter {
            return;
        }
        String token = ServletUtils.getToken();
-        TokenUserBO userBO = null;
-        try {
-            userBO = TokenUtils.validate(token);
-            UserUtils.setUserInfo(userBO);
-        } catch (Exception e) {
-            HttpServletResponse res = (HttpServletResponse) servletResponse;
-            LogUtil.error(e.getMessage(), e);
-            HttpHeaders headers = new HttpHeaders();
-            String msg = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8).replace("+", "%20");
-            headers.add(headName, msg);
-            sendResponseEntity(res, new ResponseEntity<>(e.getMessage(), headers, HttpStatus.UNAUTHORIZED));
-            return;
-        }
+        TokenUserBO userBO = TokenUtils.validate(token);
+        UserUtils.setUserInfo(userBO);
        filterChain.doFilter(servletRequest, servletResponse);
    }

-    @Override
-    public void destroy() {
-    }
-
-    private void sendResponseEntity(HttpServletResponse httpResponse, ResponseEntity<String> responseEntity) throws IOException {
-        HttpHeaders headers = responseEntity.getHeaders();
-        HttpStatusCode statusCode = responseEntity.getStatusCode();
-
-        // 设置状态码
-        httpResponse.setStatus(statusCode.value());
-
-        // 设置响应头
-        if (headers != null) {
-            for (String name : headers.keySet()) {
-                httpResponse.setHeader(name, headers.getFirst(name));
-            }
-        }
-
-        // 设置响应体
-        httpResponse.getWriter().write(responseEntity.getBody());
-    }
 }
--- a/sdk/common/src/main/java/io/dataease/utils/TokenUtils.java
+++ b/sdk/common/src/main/java/io/dataease/utils/TokenUtils.java
@ -1,19 +1,11 @@
 package io.dataease.utils;

 import com.auth0.jwt.JWT;
-import com.auth0.jwt.JWTVerifier;
-import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.interfaces.DecodedJWT;
-import com.auth0.jwt.interfaces.Verification;
 import io.dataease.auth.bo.TokenUserBO;
-import io.dataease.auth.config.SubstituleLoginConfig;
 import io.dataease.exception.DEException;
-import io.dataease.license.utils.LicenseUtil;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.util.ReflectionUtils;
-
-import java.lang.reflect.Method;

 public class TokenUtils {

@ -36,30 +28,7 @@ public class TokenUtils {
        if (StringUtils.length(token) < 100) {
            DEException.throwException("token is invalid");
        }
-        TokenUserBO userBO = userBOByToken(token);
-        if (ObjectUtils.isEmpty(userBO) || LicenseUtil.licenseValid()) {
-            return userBO;
-        }
-        Long userId = userBO.getUserId();
-        String secret = null;
-        if (ObjectUtils.isEmpty(CommonBeanFactory.getBean("loginServer"))) {
-            String pwd = SubstituleLoginConfig.getPwd();
-            secret = Md5Utils.md5(pwd);
-        } else {
-            Object apisixTokenManage = CommonBeanFactory.getBean("apisixTokenManage");
-            Method method = DeReflectUtil.findMethod(apisixTokenManage.getClass(), "userCacheBO");
-            Object o = ReflectionUtils.invokeMethod(method, apisixTokenManage, userId);
-            Method pwdMethod = DeReflectUtil.findMethod(o.getClass(), "getPwd");
-            Object pwdObj = ReflectionUtils.invokeMethod(pwdMethod, o);
-            secret = pwdObj.toString();
-        }
-        Algorithm algorithm = Algorithm.HMAC256(secret);
-        Verification verification = JWT.require(algorithm).withClaim("uid", userId).withClaim("oid", userBO.getDefaultOid());
-        JWTVerifier verifier = verification.build();
-        DecodedJWT decode = JWT.decode(token);
-        algorithm.verify(decode);
-        verifier.verify(token);
-        return userBO;
+        return userBOByToken(token);
    }