验证码oauth2.0放行操作

5 years ago · 97667dae87
2 changed files with 196 additions and 0 deletions
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/web/WebUtils.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/web/WebUtils.java
@ -0,0 +1,184 @@
 package com.ruoyi.common.core.utils.web;
 import com.alibaba.fastjson.JSON;
 import com.ruoyi.common.core.exception.CheckedException;
 import org.bouncycastle.util.encoders.Base64;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.method.HandlerMethod;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.UnsupportedEncodingException;
 import java.nio.charset.StandardCharsets;
 public class WebUtils extends org.springframework.web.util.WebUtils
 {
    private final Logger logger = LoggerFactory.getLogger(WebUtils.class);
    private static final String BASIC_ = "Basic ";
 //    /**
 //     * 判断是否ajax请求 spring ajax 返回含有 ResponseBody 或者 RestController注解
 //     *
 //     * @param handlerMethod HandlerMethod
 //     * @return 是否ajax请求
 //     */
 //    public boolean isBody(HandlerMethod handlerMethod)
 //    {
 //        ResponseBody responseBody = ClassUtils.getAnnotation(handlerMethod, ResponseBody.class);
 //        return responseBody != null;
 //    }
    /**
     * 读取cookie
     *
     * @param name cookie name
     * @return cookie value
     */
    public String getCookieVal(String name)
    {
        HttpServletRequest request = WebUtils.getRequest();
        Assert.notNull(request, "request from RequestContextHolder is null");
        return getCookieVal(request, name);
    }
    /**
     * 读取cookie
     *
     * @param request HttpServletRequest
     * @param name cookie name
     * @return cookie value
     */
    public String getCookieVal(HttpServletRequest request, String name)
    {
        Cookie cookie = getCookie(request, name);
        return cookie != null ? cookie.getValue() : null;
    }
    /**
     * 清除 某个指定的cookie
     *
     * @param response HttpServletResponse
     * @param key cookie key
     */
    public void removeCookie(HttpServletResponse response, String key)
    {
        setCookie(response, key, null, 0);
    }
    /**
     * 设置cookie
     *
     * @param response HttpServletResponse
     * @param name cookie name
     * @param value cookie value
     * @param maxAgeInSeconds maxage
     */
    public void setCookie(HttpServletResponse response, String name, String value, int maxAgeInSeconds)
    {
        Cookie cookie = new Cookie(name, value);
        cookie.setPath("/");
        cookie.setMaxAge(maxAgeInSeconds);
        cookie.setHttpOnly(true);
        response.addCookie(cookie);
    }
    /**
     * 获取 HttpServletRequest
     *
     * @return {HttpServletRequest}
     */
    public static HttpServletRequest getRequest()
    {
        return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
    }
    /**
     * 获取 HttpServletResponse
     *
     * @return {HttpServletResponse}
     */
    public HttpServletResponse getResponse()
    {
        return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
    }
    /**
     * 返回json
     *
     * @param response HttpServletResponse
     * @param result 结果对象
     */
    public void renderJson(HttpServletResponse response, Object result)
    {
        renderJson(response, result, MediaType.APPLICATION_JSON_VALUE);
    }
    /**
     * 返回json
     *
     * @param response HttpServletResponse
     * @param result 结果对象
     * @param contentType contentType
     */
    public void renderJson(HttpServletResponse response, Object result, String contentType)
    {
        response.setCharacterEncoding("UTF-8");
        response.setContentType(contentType);
        try (PrintWriter out = response.getWriter())
        {
            out.append(JSON.toJSONString(result));
        }
        catch (IOException e)
        {
            logger.error(e.getMessage(), e);
        }
    }
    /**
     * 从request 获取CLIENT_ID
     *
     * @return
     * @throws UnsupportedEncodingException
     */
    public static String[] getClientId(ServerHttpRequest request) throws UnsupportedEncodingException
    {
        String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
        if (header == null || !header.startsWith(BASIC_))
        {
            throw new CheckedException("请求头中client信息为空");
        }
        byte[] base64Token = header.substring(6).getBytes("UTF-8");
        byte[] decoded;
        try
        {
            decoded = Base64.decode(base64Token);
        }
        catch (IllegalArgumentException e)
        {
            throw new CheckedException("Failed to decode basic authentication token");
        }
        String token = new String(decoded, StandardCharsets.UTF_8);
        int delim = token.indexOf(":");
        if (delim == -1)
        {
            throw new CheckedException("Invalid basic authentication token");
        }
        return new String[] { token.substring(0, delim), token.substring(delim + 1) };
    }
 }
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
@ -1,5 +1,7 @@
 package com.ruoyi.gateway.filter;
 import com.ruoyi.common.core.utils.web.WebUtils;
 import com.ruoyi.gateway.config.properties.IgnoreClientProperties;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
@ -25,6 +27,9 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
    @Autowired
    private ValidateCodeService validateCodeService;
    @Autowired
    private IgnoreClientProperties ignoreClient;
    @Override
    public GatewayFilter apply(Object config)
    {
@ -38,6 +43,13 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
            }
            try
            {
                // swagger的oauth2.0验证码放行操作
                String[] clientInfos = WebUtils.getClientId(request);
                if (ignoreClient.getClients().contains(clientInfos[0]))
                {
                    return chain.filter(exchange);
                }
                validateCodeService.checkCapcha(request.getQueryParams().getFirst("code"),
                        request.getQueryParams().getFirst("uuid"));
            }