|
@@ -71,53 +71,53 @@ public class JwtStatelessAccessControlFilter extends AccessControlFilter {
|
|
|
*/
|
|
|
@Override
|
|
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
+ logger.debug("StatelessAuthcFilter.onAccessDenied()");
|
|
|
+ try {
|
|
|
+
|
|
|
+ String jwt = ((HttpServletRequest)request).getHeader(ShiroConstant.HEADERS_AUTHORIZATION);
|
|
|
+ logger.debug(jwt);
|
|
|
+
|
|
|
+ if (jwt == null){
|
|
|
+ jwt = HttpUtils.getCookie(ShiroConstant.HEADERS_AUTHORIZATION, (HttpServletRequest) request);
|
|
|
+ }
|
|
|
+ if (jwt == null){
|
|
|
+ throw new ShiroJwtException("Token丢失");
|
|
|
+ } else {
|
|
|
+ ApplicationContextProvider.choseContext(AnnotationConfigServletWebServerApplicationContext.class);
|
|
|
+ Caches caches = ApplicationContextProvider.getBean("caches");
|
|
|
+ Object obj = caches.getOneHourCache()
|
|
|
+ .get(ShiroConstant.JWT_ACCESS_INVALID_PRE
|
|
|
+ + MD5Utils.INSTANCE.getMD5ofStr(jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "")),
|
|
|
+ String.class);
|
|
|
+ if(obj != null) {
|
|
|
+ if(((String)obj).equals(jwt)) {
|
|
|
+ throw new ShiroJwtException("Token丢失");
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if (!jwt.startsWith(ShiroConstant.AUTH_BEARER_START)) {
|
|
|
+ throw new ShiroJwtException("Token无效");
|
|
|
+ }
|
|
|
+ jwt = jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "");
|
|
|
+ }
|
|
|
+
|
|
|
+ try {
|
|
|
+ JwtUtils.getPayload(jwt, UserPayload.class);
|
|
|
+ } catch (ShiroJwtException e){
|
|
|
+ throw new AuthenticationException(e.getMessage());
|
|
|
+ }
|
|
|
+
|
|
|
+ StatelessToken token = new StatelessToken(jwt, request.getParameterMap());
|
|
|
+
|
|
|
+ getSubject(request, response).login(token);
|
|
|
+ } catch (UnknownAccountException e){
|
|
|
+ logger.debug(e.getMessage());
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+
|
|
|
+ logger.debug(e.getMessage());
|
|
|
+
|
|
|
+ return false;
|
|
|
+ }*/
|
|
|
return true;
|
|
|
}
|
|
|
}
|