blame | history | raw
xiaoyong931011
2021-07-23 f3642777d395234ab33aa35f1f49a5c1ee9e9f15 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

package com.xzx.gc.filter; 


 


import cn.hutool.core.util.StrUtil; 


import com.xzx.gc.common.constant.Constants; 


import com.xzx.gc.common.request.HeaderMapRequestWrapper; 


import com.xzx.gc.common.utils.BusinessUtil; 


import com.xzx.gc.common.utils.SecurityUtil; 


import com.xzx.gc.common.utils.SpringUtil; 


import lombok.extern.slf4j.Slf4j; 


import org.springframework.beans.factory.annotation.Autowired; 


 


import javax.servlet.*; 


import javax.servlet.http.HttpServletRequest; 


import java.io.IOException; 


import java.util.List; 


 


/** 


 * created with IntelliJ IDEA. 


 * author: fxbin 


 * date: 2018/9/9 


 * time: 14:22 


 * description: 


 */ 


@Slf4j 


public class GlobalFilter implements Filter { 


 


 


 


    @Autowired 


    private BusinessUtil businessUtil; 


 


    @Override 


    public void init(FilterConfig filterConfig) { 


        log.trace("GlobalFilter init..."); 


    } 


 


    @Override 


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { 


        HttpServletRequest request = (HttpServletRequest) servletRequest; 


 


        if(!businessUtil.isAuthUrl(request.getRequestURI())||(SpringUtil.isDev()&&"true".equals(request.getHeader("swagger")))){ 


            filterChain.doFilter(request, servletResponse); 


        }else { 


            String version = request.getHeader("version"); 


            String authkey = request.getHeader("authkey"); 


 


            if (businessUtil.isAuth(version) && !request.getRequestURI().contains("/admin")) { 


                HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(request); 


                //解密 头部的用户ID和签名和token 


                String userId = request.getHeader("userId"); 


                //rsa解密 


                authkey = SecurityUtil.decrypt(authkey); 


 


                if (StrUtil.isNotBlank(userId)) { 


                    String decrypt = SecurityUtil.decrypt(authkey, userId); 


                    requestWrapper.addHeader("userId", decrypt); 


                } 


                String sign = request.getHeader("sign"); 


                if (StrUtil.isNotBlank(sign)) { 


                    String decrypt = SecurityUtil.decrypt(authkey, sign); 


                    requestWrapper.addHeader("sign", decrypt); 


                } 


                String token = request.getHeader("token"); 


                if (StrUtil.isNotBlank(token)) { 


                    String decrypt = SecurityUtil.decrypt(authkey, token); 


                    requestWrapper.addHeader("token", decrypt); 


                } 


                filterChain.doFilter(requestWrapper, servletResponse); 


            } else { 


 


                filterChain.doFilter(request, servletResponse); 


            } 


        } 


    } 


 


    @Override 


    public void destroy() { 


        log.trace("GlobalFilter destroy..."); 


    } 


}