|
|
@@ -71,53 +71,53 @@ public class JwtStatelessAccessControlFilter extends AccessControlFilter {
|
|
|
*/
|
|
|
@Override
|
|
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
|
|
-// logger.debug("StatelessAuthcFilter.onAccessDenied()");
|
|
|
-// try {
|
|
|
-// // 1、获取header里的Token
|
|
|
-// String jwt = ((HttpServletRequest)request).getHeader(ShiroConstant.HEADERS_AUTHORIZATION);
|
|
|
-// logger.debug(jwt);
|
|
|
-// // header里没有,取cookies
|
|
|
-// if (jwt == null){
|
|
|
-// jwt = HttpUtils.getCookie(ShiroConstant.HEADERS_AUTHORIZATION, (HttpServletRequest) request);
|
|
|
-// }
|
|
|
-// if (jwt == null){
|
|
|
-// throw new ShiroJwtException("Token丢失");
|
|
|
-// } else {
|
|
|
-// ApplicationContextProvider.choseContext(AnnotationConfigServletWebServerApplicationContext.class);
|
|
|
-// Caches caches = ApplicationContextProvider.getBean("caches");
|
|
|
-// Object obj = caches.getOneHourCache()
|
|
|
-// .get(ShiroConstant.JWT_ACCESS_INVALID_PRE
|
|
|
-// + MD5Utils.INSTANCE.getMD5ofStr(jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "")),
|
|
|
-// String.class);
|
|
|
-// if(obj != null) {
|
|
|
-// if(((String)obj).equals(jwt)) {
|
|
|
-// throw new ShiroJwtException("Token丢失");
|
|
|
-// }
|
|
|
-// }
|
|
|
-// if (!jwt.startsWith(ShiroConstant.AUTH_BEARER_START)) {
|
|
|
-// throw new ShiroJwtException("Token无效");
|
|
|
-// }
|
|
|
-// jwt = jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "");
|
|
|
-// }
|
|
|
-// // token失效
|
|
|
-// try {
|
|
|
-// JwtUtils.getPayload(jwt, UserPayload.class);
|
|
|
-// } catch (ShiroJwtException e){
|
|
|
-// throw new AuthenticationException(e.getMessage());
|
|
|
-// }
|
|
|
-// // 2、生成无状态Token
|
|
|
-// StatelessToken token = new StatelessToken(jwt, request.getParameterMap());
|
|
|
-// // 3、委托给Realm进行登录
|
|
|
-// getSubject(request, response).login(token);
|
|
|
-// } catch (UnknownAccountException e){
|
|
|
-// logger.debug(e.getMessage());
|
|
|
-// return false;
|
|
|
-// }
|
|
|
-///* } catch (Exception e) {
|
|
|
-// logger.debug(e.getMessage());
|
|
|
-// // 就直接返回给请求者.
|
|
|
-// return false;
|
|
|
-// }*/
|
|
|
+ logger.debug("StatelessAuthcFilter.onAccessDenied()");
|
|
|
+ try {
|
|
|
+ // 1、获取header里的Token
|
|
|
+ String jwt = ((HttpServletRequest)request).getHeader(ShiroConstant.HEADERS_AUTHORIZATION);
|
|
|
+ logger.debug(jwt);
|
|
|
+ // header里没有,取cookies
|
|
|
+ if (jwt == null){
|
|
|
+ jwt = HttpUtils.getCookie(ShiroConstant.HEADERS_AUTHORIZATION, (HttpServletRequest) request);
|
|
|
+ }
|
|
|
+ if (jwt == null){
|
|
|
+ throw new ShiroJwtException("Token丢失");
|
|
|
+ } else {
|
|
|
+ ApplicationContextProvider.choseContext(AnnotationConfigServletWebServerApplicationContext.class);
|
|
|
+ Caches caches = ApplicationContextProvider.getBean("caches");
|
|
|
+ Object obj = caches.getOneHourCache()
|
|
|
+ .get(ShiroConstant.JWT_ACCESS_INVALID_PRE
|
|
|
+ + MD5Utils.INSTANCE.getMD5ofStr(jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "")),
|
|
|
+ String.class);
|
|
|
+ if(obj != null) {
|
|
|
+ if(((String)obj).equals(jwt)) {
|
|
|
+ throw new ShiroJwtException("Token丢失");
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if (!jwt.startsWith(ShiroConstant.AUTH_BEARER_START)) {
|
|
|
+ throw new ShiroJwtException("Token无效");
|
|
|
+ }
|
|
|
+ jwt = jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "");
|
|
|
+ }
|
|
|
+ // token失效
|
|
|
+ try {
|
|
|
+ JwtUtils.getPayload(jwt, UserPayload.class);
|
|
|
+ } catch (ShiroJwtException e){
|
|
|
+ throw new AuthenticationException(e.getMessage());
|
|
|
+ }
|
|
|
+ // 2、生成无状态Token
|
|
|
+ StatelessToken token = new StatelessToken(jwt, request.getParameterMap());
|
|
|
+ // 3、委托给Realm进行登录
|
|
|
+ getSubject(request, response).login(token);
|
|
|
+ } catch (UnknownAccountException e){
|
|
|
+ logger.debug(e.getMessage());
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+/* } catch (Exception e) {
|
|
|
+ logger.debug(e.getMessage());
|
|
|
+ // 就直接返回给请求者.
|
|
|
+ return false;
|
|
|
+ }*/
|
|
|
return true;
|
|
|
}
|
|
|
}
|
