wangliwen
/
share-platform
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

...

This commit is contained in:
wangliwen 2022-05-12 11:31:48 +08:00
parent 5583c2b609
commit d5f249ccb6
2 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
renren-admin/pom.xml
View File

@ -286,6 +286,13 @@
<descriptors> <descriptors>
<descriptor>src/main/resources/assembly/assembly.xml</descriptor> <descriptor>src/main/resources/assembly/assembly.xml</descriptor>
</descriptors> </descriptors>
<archive>
<manifest>
<addClasspath>true</addClasspath>
<classpathPrefix>libs/</classpathPrefix>
</manifest>
</archive>
</configuration> </configuration>
</execution> </execution>
</executions> </executions>

22
renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
View File

@ -5,7 +5,6 @@ import com.yawei.pso.PSORequest;
import com.yawei.pso.SSOResponse; import com.yawei.pso.SSOResponse;
import com.yawei.pso.TicketManager; import com.yawei.pso.TicketManager;
import io.renren.common.constant.Constant; import io.renren.common.constant.Constant;
import io.renren.common.exception.ErrorCode;
import io.renren.common.interceptor.Validator; import io.renren.common.interceptor.Validator;
import io.renren.common.interceptor.YaweiSSOProperties; import io.renren.common.interceptor.YaweiSSOProperties;
import io.renren.common.utils.HttpContextUtils; import io.renren.common.utils.HttpContextUtils;
@ -15,17 +14,13 @@ import org.apache.http.HttpStatus;
import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter; import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.ServletRequest; import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
@ -36,11 +31,10 @@ import java.util.Map;
/** /**
* oauth2过滤器 * oauth2过滤器
*
*/ */
@Component() @Component()
@Scope("prototype") @Scope("prototype")
public class Oauth2Filter extends AuthenticatingFilter { public class Oauth2Filter extends AuthenticatingFilter {
public final static String SEESION_USER = "seesion_user"; public final static String SEESION_USER = "seesion_user";
@ -52,7 +46,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
//获取请求token //获取请求token
String token = getRequestToken((HttpServletRequest) request); String token = getRequestToken((HttpServletRequest) request);
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
return null; return null;
} }
@ -61,7 +55,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
@Override @Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){ if (((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())) {
return true; return true;
} }
@ -74,9 +68,9 @@ public class Oauth2Filter extends AuthenticatingFilter {
//获取请求token如果token不存在直接返回401 //获取请求token如果token不存在直接返回401
String token = getRequestToken((HttpServletRequest) request); String token = getRequestToken((HttpServletRequest) request);
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
yaweiHandle((HttpServletRequest)request, (HttpServletResponse)response); yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);
// HttpServletResponse httpResponse = (HttpServletResponse) response; // HttpServletResponse httpResponse = (HttpServletResponse) response;
// httpResponse.setContentType("application/json;charset=utf-8"); // httpResponse.setContentType("application/json;charset=utf-8");
@ -117,12 +111,12 @@ public class Oauth2Filter extends AuthenticatingFilter {
/** /**
* 获取请求的token * 获取请求的token
*/ */
private String getRequestToken(HttpServletRequest httpRequest){ private String getRequestToken(HttpServletRequest httpRequest) {
//从header中获取token //从header中获取token
String token = httpRequest.getHeader(Constant.TOKEN_HEADER); String token = httpRequest.getHeader(Constant.TOKEN_HEADER);
//如果header中不存在token则从参数中获取token //如果header中不存在token则从参数中获取token
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
token = httpRequest.getParameter(Constant.TOKEN_HEADER); token = httpRequest.getParameter(Constant.TOKEN_HEADER);
} }
@ -132,7 +126,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
public boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception { public boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
// 获取当前请求的url // 获取当前请求的url
String requestUri = request.getHeader("REQUESTURI"); String requestUri = request.getHeader("REQUESTURI");
if (requestUri == null){ if (requestUri == null) {
requestUri = request.getRequestURI(); requestUri = request.getRequestURI();
} }