|
|
@@ -1,5 +1,7 @@
|
|
|
package com.fd.shiro;
|
|
|
|
|
|
+import com.alibaba.fastjson.JSONObject;
|
|
|
+import com.fd.exception.JwtAuthenticationException;
|
|
|
import lombok.extern.log4j.Log4j2;
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
import org.apache.shiro.authc.AuthenticationException;
|
|
|
@@ -7,11 +9,13 @@ import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
|
|
|
import org.springframework.http.HttpStatus;
|
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
|
|
|
|
+import javax.servlet.ServletOutputStream;
|
|
|
import javax.servlet.ServletRequest;
|
|
|
import javax.servlet.ServletResponse;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
import java.io.IOException;
|
|
|
+import java.io.PrintWriter;
|
|
|
|
|
|
|
|
|
/**
|
|
|
@@ -23,38 +27,19 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
|
|
|
|
|
|
|
|
/**
|
|
|
- * 判断用户是否想要登入。
|
|
|
- * 检测header里面是否包含Authorization字段即可
|
|
|
- */
|
|
|
- @Override
|
|
|
- protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) {
|
|
|
- HttpServletRequest req = (HttpServletRequest) request;
|
|
|
- String authorization = req.getHeader("Authorization");
|
|
|
-
|
|
|
- if (StringUtils.isEmpty(authorization)) {
|
|
|
- log.info("error Authorization is null");
|
|
|
-
|
|
|
- // 先这样抛出异常,这个种不是接口的形式
|
|
|
- throw new AuthenticationException("Authorization is null ");
|
|
|
- }
|
|
|
-
|
|
|
- return true;
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
- /**
|
|
|
* 执行登录验证
|
|
|
*/
|
|
|
@Override
|
|
|
protected boolean executeLogin(ServletRequest request, ServletResponse response) {
|
|
|
-// LOGGER.warn("run executeLogin");
|
|
|
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
|
|
|
String authorization = httpServletRequest.getHeader("Authorization");
|
|
|
- JWTToken token = new JWTToken(authorization);
|
|
|
|
|
|
- // 判断token 是否跟redis
|
|
|
+ if (authorization == null) {
|
|
|
+ throw new JwtAuthenticationException(5005, "Authorization is null");
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ JWTToken token = new JWTToken(authorization);
|
|
|
|
|
|
// 提交给realm进行登入,如果错误他会抛出异常并被捕获
|
|
|
getSubject(request, response).login(token);
|
|
|
@@ -81,21 +66,35 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
|
|
*/
|
|
|
@Override
|
|
|
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
|
|
|
-// LOGGER.warn("run isAccessAllowed");
|
|
|
- if (isLoginAttempt(request, response)) {
|
|
|
-// try {
|
|
|
-// executeLogin(request, response);
|
|
|
-// } catch (Exception e) {
|
|
|
-//// response401(request, response);
|
|
|
-// throw new AuthenticationException("Authorization is null 123");
|
|
|
-// }
|
|
|
-
|
|
|
+ try {
|
|
|
executeLogin(request, response);
|
|
|
+ return true;
|
|
|
+ } catch (Exception e) {
|
|
|
+ /** 这个异常需要自己写,全局捕获不了*/
|
|
|
+
|
|
|
+ // 认证出现异常,传递错误信息msg
|
|
|
+ String msg = e.getMessage();
|
|
|
+ // 获取应用异常(该Cause是导致抛出此throwable(异常)的throwable(异常))
|
|
|
+ Throwable throwable = e.getCause();
|
|
|
+ JSONObject jsonObject = new JSONObject();
|
|
|
+ if (throwable instanceof JwtAuthenticationException) {
|
|
|
+ jsonObject.put("status", ((JwtAuthenticationException) throwable).getCode());
|
|
|
+ jsonObject.put("message", ((JwtAuthenticationException) throwable).getMsg());
|
|
|
+ }else{
|
|
|
+ log.error(msg);
|
|
|
+ jsonObject.put("status", 5002);
|
|
|
+ jsonObject.put("message", "token invalid");
|
|
|
+ }
|
|
|
+ // 直接返回Response信息
|
|
|
+ this.writeResponse(response, jsonObject);
|
|
|
+
|
|
|
+ return false;
|
|
|
}
|
|
|
- // return false 前端没有响应,接收不到异常
|
|
|
- return true;
|
|
|
}
|
|
|
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
/**
|
|
|
* 对跨域提供支持
|
|
|
* 只对需要token验证的有效,不需要验证的还是需要用注解处理一下
|
|
|
@@ -116,15 +115,25 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
|
|
return super.preHandle(request, response);
|
|
|
}
|
|
|
|
|
|
+
|
|
|
/**
|
|
|
- * 将非法请求跳转到 /401
|
|
|
+ * 无需转发,直接返回Response信息
|
|
|
+ *
|
|
|
*/
|
|
|
- private void response401(ServletRequest req, ServletResponse resp) {
|
|
|
+ private void writeResponse(ServletResponse response, JSONObject msg) {
|
|
|
+ response.setCharacterEncoding("UTF-8");
|
|
|
+ response.setContentType("application/json; charset=utf-8");
|
|
|
+ ServletOutputStream outputStream = null;
|
|
|
try {
|
|
|
- HttpServletResponse httpServletResponse = (HttpServletResponse) resp;
|
|
|
- httpServletResponse.sendRedirect("/401");
|
|
|
+ outputStream = response.getOutputStream();
|
|
|
} catch (IOException e) {
|
|
|
- log.error(e.getMessage());
|
|
|
+ e.printStackTrace();
|
|
|
}
|
|
|
+ assert outputStream != null;
|
|
|
+ PrintWriter printWriter = new PrintWriter(outputStream, true);
|
|
|
+ printWriter.write(msg.toString());//直接将json输出到页面
|
|
|
+ printWriter.flush();
|
|
|
+ printWriter.close();
|
|
|
+
|
|
|
}
|
|
|
}
|
wuweihao