lrl-2021-11-1

src/main/java/com/steerinfo/auth/shiro/jwt/JwtStatelessAccessControlFilter.java

@@ -71,53 +71,53 @@ public class JwtStatelessAccessControlFilter extends AccessControlFilter {
      */
     @Override
     protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
-//        logger.debug("StatelessAuthcFilter.onAccessDenied()");
-//        try {
-//            // 1、获取header里的Token
-//            String jwt = ((HttpServletRequest)request).getHeader(ShiroConstant.HEADERS_AUTHORIZATION);
-//            logger.debug(jwt);
-//            // header里没有，取cookies
-//            if (jwt == null){
-//                jwt = HttpUtils.getCookie(ShiroConstant.HEADERS_AUTHORIZATION, (HttpServletRequest) request);
-//            }
-//            if (jwt == null){
-//                throw new ShiroJwtException("Token丢失");
-//            } else {
-//            	ApplicationContextProvider.choseContext(AnnotationConfigServletWebServerApplicationContext.class);
-//    			Caches caches = ApplicationContextProvider.getBean("caches");
-//				Object obj = caches.getOneHourCache()
-//						.get(ShiroConstant.JWT_ACCESS_INVALID_PRE
-//								+ MD5Utils.INSTANCE.getMD5ofStr(jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "")),
-//								String.class);
-//				if(obj != null) {
-//					if(((String)obj).equals(jwt)) {
-//						throw new ShiroJwtException("Token丢失");
-//					}
-//				}
-//                if (!jwt.startsWith(ShiroConstant.AUTH_BEARER_START)) {
-//                    throw new ShiroJwtException("Token无效");
-//                }
-//                jwt = jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "");
-//            }
-//            // token失效
-//            try {
-//                JwtUtils.getPayload(jwt, UserPayload.class);
-//            } catch (ShiroJwtException e){
-//                throw new AuthenticationException(e.getMessage());
-//            }
-//            // 2、生成无状态Token
-//            StatelessToken token = new StatelessToken(jwt, request.getParameterMap());
-//            // 3、委托给Realm进行登录
-//            getSubject(request, response).login(token);
-//        } catch (UnknownAccountException e){
-//            logger.debug(e.getMessage());
-//            return false;
-//        }
-///*        } catch (Exception e) {
-//            logger.debug(e.getMessage());
-//            // 就直接返回给请求者.
-//            return false;
-//        }*/
+        logger.debug("StatelessAuthcFilter.onAccessDenied()");
+        try {
+            // 1、获取header里的Token
+            String jwt = ((HttpServletRequest)request).getHeader(ShiroConstant.HEADERS_AUTHORIZATION);
+            logger.debug(jwt);
+            // header里没有，取cookies
+            if (jwt == null){
+                jwt = HttpUtils.getCookie(ShiroConstant.HEADERS_AUTHORIZATION, (HttpServletRequest) request);
+            }
+            if (jwt == null){
+                throw new ShiroJwtException("Token丢失");
+            } else {
+            	ApplicationContextProvider.choseContext(AnnotationConfigServletWebServerApplicationContext.class);
+    			Caches caches = ApplicationContextProvider.getBean("caches");
+				Object obj = caches.getOneHourCache()
+						.get(ShiroConstant.JWT_ACCESS_INVALID_PRE
+								+ MD5Utils.INSTANCE.getMD5ofStr(jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "")),
+								String.class);
+				if(obj != null) {
+					if(((String)obj).equals(jwt)) {
+						throw new ShiroJwtException("Token丢失");
+					}
+				}
+                if (!jwt.startsWith(ShiroConstant.AUTH_BEARER_START)) {
+                    throw new ShiroJwtException("Token无效");
+                }
+                jwt = jwt.replaceFirst(ShiroConstant.AUTH_BEARER_START, "");
+            }
+            // token失效
+            try {
+                JwtUtils.getPayload(jwt, UserPayload.class);
+            } catch (ShiroJwtException e){
+                throw new AuthenticationException(e.getMessage());
+            }
+            // 2、生成无状态Token
+            StatelessToken token = new StatelessToken(jwt, request.getParameterMap());
+            // 3、委托给Realm进行登录
+            getSubject(request, response).login(token);
+        } catch (UnknownAccountException e){
+            logger.debug(e.getMessage());
+            return false;
+        }
+/*        } catch (Exception e) {
+            logger.debug(e.getMessage());
+            // 就直接返回给请求者.
+            return false;
+        }*/
         return true;
     }
 }