david 提交，处理相同浏览器数据过滤的问题，优化获取平台

33eb30ef · david.zhong · 4b2a686e · 33eb30ef · 33eb30ef · 33eb30ef
Commit 33eb30ef authored Mar 26, 2019 by david.zhong
3 changed files
--- a/src/main/java/com/ost/micro/modules/security/controller/LoginController.java
+++ b/src/main/java/com/ost/micro/modules/security/controller/LoginController.java
@@ -13,6 +13,8 @@ import com.ost.micro.common.utils.IpUtils;
 import com.ost.micro.common.utils.Result;
 import com.ost.micro.common.validator.AssertUtils;
 import com.ost.micro.common.validator.ValidatorUtils;
+import com.ost.micro.config.CustomFilterConfig;
+import com.ost.micro.core.utils.GsonUtil;
 import com.ost.micro.modules.log.entity.SysLogLoginEntity;
 import com.ost.micro.modules.log.enums.LoginOperationEnum;
 import com.ost.micro.modules.log.enums.LoginStatusEnum;
@@ -32,7 +34,9 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
 import org.springframework.http.HttpHeaders;
+import org.springframework.util.CollectionUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -43,9 +47,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.awt.image.BufferedImage;
 import java.io.IOException;
-import java.util.Date;
+import java.util.*;
-import java.util.HashMap;
-import java.util.Map;
 /**
 * 登录
@@ -65,6 +67,9 @@ public class LoginController {
 	@Autowired
 	private SysLogLoginService sysLogLoginService;
+	@Autowired
+	private CustomFilterConfig customFilterConfig;
 	@GetMapping("captcha")
 	@ApiOperation(value = "验证码", produces="application/octet-stream")
 	@ApiImplicitParam(paramType = "query", dataType="string", name = "uuid", required = true)
@@ -88,6 +93,22 @@ public class LoginController {
 		log.info("开始登录>>>>>>>>>>>>>>>");
 		String url = request.getScheme()+"://"+request.getServerName();
 		log.info("请求url为:{}",url);
+		//解析配置文件
+		String[] domains = customFilterConfig.getDomains();
+		List<String> domainsList = new LinkedList<>();
+		if (domains.length > 0) {
+			for (int i=0;i<domains.length ; i++) {
+				String itemInfo = domains[i];
+				if (StringUtils.isNotEmpty(itemInfo)) {
+					String[] info = itemInfo.split(":");
+					String domain = info[0];
+					domainsList.add(domain);
+				}
+			}
+		}
+		log.info("解析配置文件域名信息结果为:{}", GsonUtil.toJson(domainsList,true));
 		//效验数据
 		ValidatorUtils.validateEntity(login);
@@ -109,7 +130,19 @@ public class LoginController {
 		sysLog.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT));
 		//sysLog.setIp(IpUtils.getIpAddr(request));
 		// 判断是商户登录还是商家登录,通过url去判断
-		if (url.contains("backmch")) {//商户后台登录
+		String backstage = "";
+		String backmch = "";
+		if (domainsList.size() == 1 ) {
+			backstage = StringUtils.isEmpty(domainsList.get(0)) ?  "backstage":domainsList.get(0);
+			backmch = "backmch";
+		}
+		if (domainsList.size() == 2 ) {
+			backstage = StringUtils.isEmpty(domainsList.get(0)) ?  "backstage":domainsList.get(0);
+			backmch = StringUtils.isEmpty(domainsList.get(1)) ?  "backmch":domainsList.get(1);
+		}
+		log.info("backstage = {},backmch = {}",backstage,backmch);
+		if (url.contains(backmch)) {//商户后台登录
 			if ("admin".equals(login.getUsername())) {
 				sysLog.setStatus(LoginStatusEnum.FAIL.value());
 				sysLog.setCreaterName(login.getUsername());
@@ -124,7 +157,7 @@ public class LoginController {
 				sysLogLoginService.save(sysLog);
 				throw new RenException("商家号为空或者错误",ErrorCode.BIZID_ERROR_OR_NULL);
 			}
-		}else if (url.contains("backstage")) {//运营商后台登录
+		}else if (url.contains(backstage)) {//运营商后台登录
 			if (null != user) {
 				String bizId = user.getBizId();
 				if (StringUtils.isNotEmpty(bizId)) {

--- a/src/main/java/com/ost/micro/modules/security/oauth2/Oauth2Filter.java
+++ b/src/main/java/com/ost/micro/modules/security/oauth2/Oauth2Filter.java
@@ -13,19 +13,30 @@ import com.ost.micro.common.constant.Constant;
 import com.ost.micro.common.exception.ErrorCode;
 import com.ost.micro.common.utils.HttpContextUtils;
 import com.ost.micro.common.utils.Result;
+import com.ost.micro.config.CustomFilterConfig;
+import com.ost.micro.core.utils.GsonUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpStatus;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.RequestMethod;
+import org.yaml.snakeyaml.Yaml;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
 /**
 * oauth2过滤器
@@ -33,8 +44,16 @@ import java.io.IOException;
 * @author Mark sunlightcs@gmail.com
 */
 @Slf4j
+@Component
 public class Oauth2Filter extends AuthenticatingFilter {
+    @Autowired
+    private CustomFilterConfig customFilterConfig;
+    private static Map<String, Map<String, Object>> properties;
    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
        //获取请求token
@@ -57,6 +76,57 @@ public class Oauth2Filter extends AuthenticatingFilter {
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
+        //读取yml数据
+        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+        String bizId = httpServletRequest.getHeader("bizId");
+        getYml();
+        Map<String, Object> urlFilter = properties.get("url-filter");
+        Object domainsObject = urlFilter.get("domains");
+        List<String> domainsList = new LinkedList<>();
+        if (null != urlFilter) {
+            String domainsStr = domainsObject.toString();
+            if (domainsStr.indexOf(",") >= 0 ) {
+                String[] domains = domainsStr.split(",");
+                if (domains.length > 0) {
+                    for (int i=0;i<domains.length ; i++) {
+                        String itemInfo = domains[i];
+                        if (org.apache.commons.lang.StringUtils.isNotEmpty(itemInfo)) {
+                            String[] info = itemInfo.split(":");
+                            String domain = info[0];
+                            domainsList.add(domain);
+                        }
+                    }
+                }
+            }
+        }
+        log.info("解析配置文件域名信息结果为:{}", GsonUtil.toJson(domainsList,true));
+        String url = request.getScheme()+"://"+request.getServerName();
+        log.info("url is {}",url);
+        // 判断是商户登录还是商家登录,通过url去判断
+        String backstage = "";
+        String backmch = "";
+        if (domainsList.size() == 1 ) {
+            backstage = org.apache.commons.lang.StringUtils.isEmpty(domainsList.get(0)) ?  "backstage":domainsList.get(0);
+            backmch = "backmch";
+        }
+        if (domainsList.size() == 2 ) {
+            backstage = org.apache.commons.lang.StringUtils.isEmpty(domainsList.get(0)) ?  "backstage":domainsList.get(0);
+            backmch = org.apache.commons.lang.StringUtils.isEmpty(domainsList.get(1)) ?  "backmch":domainsList.get(1);
+        }
+        log.info("backmch is {} , bizId is {}",backmch,bizId);
+        if (url.contains(backmch) && StringUtils.isEmpty(bizId)) {
+            log.info("商家需要重新登录====");
+            HttpServletResponse httpResponse = (HttpServletResponse) response;
+            httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
+            httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
+            String json = new Gson().toJson(new Result().error(ErrorCode.UNAUTHORIZED));
+            httpResponse.getWriter().print(json);
+            return false;
+        }
        //获取请求token，如果token不存在，直接返回401
        String token = getRequestToken((HttpServletRequest) request);
        log.info(((HttpServletRequest) request).getRequestURL()+"请求的token为:{}",token);
@@ -110,4 +180,18 @@ public class Oauth2Filter extends AuthenticatingFilter {
        return token;
    }
+    /**
+     *
+     * @throws FileNotFoundException
+     */
+    private void  getYml() throws FileNotFoundException {
+        Yaml yaml = new Yaml();
+        InputStream in  = Oauth2Filter.class.getClassLoader().getResourceAsStream("application.yml");
+        if (in != null) {
+            //获取test.yaml文件中的配置数据，然后转换为obj，
+            properties = yaml.loadAs(in, HashMap.class);
+        }
+    }
 }
\ No newline at end of file
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -90,7 +90,7 @@ url-filter:
  name: com.ost.micro.filter.UrlFilter
 # url 中包含如下关键字这不会进入过滤器
  urlExclude: login,logout,captcha,webjars,druid,swagger,/v2/api-docs,swagger-ui.html,swagger-resources,service,editor-app,diagram-viewer,modeler.html,favicon.ico,sys,actuator,searchorder,searchAlipaySuccess
-  # 根据域名分发到下游服务
+  # 根据域名分发到下游服务, backstage: 运营商后台放到第一,backmch: 商家后台放到第二, backagent: 代理商后台放到第三
  domains: backstage:api:micro-project-as-pay-operation,backmch:mch:micro-project-as-pay-merchant
 hystrix: