From d9a37dbeba0258facbe6fc5d9a080d3cefd4827c Mon Sep 17 00:00:00 2001 From: WuLang <48200100+wulangcode@users.noreply.github.com> Date: Tue, 8 Nov 2022 12:09:54 +0800 Subject: [PATCH] hippo4j-auth CheckStyle (#940) * style:hippo4j-auth CheckStyle * style:hippo4j-auth CheckStyle --- .../cn/hippo4j/auth/config/FilterConfig.java | 2 +- .../cn/hippo4j/auth/constant/Constants.java | 2 ++ .../auth/filter/JWTAuthenticationFilter.java | 4 +-- .../auth/filter/JWTAuthorizationFilter.java | 30 ++++++++++++------- .../auth/filter/RewriteUserInfoApiFilter.java | 12 +++++--- .../cn/hippo4j/auth/model/PermissionInfo.java | 7 ++++- .../java/cn/hippo4j/auth/model/RoleInfo.java | 7 ++++- .../java/cn/hippo4j/auth/model/UserInfo.java | 7 ++++- .../auth/security/JwtTokenManager.java | 6 ++-- .../cn/hippo4j/auth/toolkit/AuthUtil.java | 10 +++++-- .../cn/hippo4j/auth/toolkit/JwtTokenUtil.java | 2 +- .../java/cn/hippo4j/auth/toolkit/ReturnT.java | 2 ++ .../cn/hippo4j/auth/toolkit/AuthUtilTest.java | 2 +- 13 files changed, 65 insertions(+), 28 deletions(-) diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/FilterConfig.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/FilterConfig.java index ae53a759..688d6747 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/FilterConfig.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/FilterConfig.java @@ -35,4 +35,4 @@ public class FilterConfig { registration.addUrlPatterns("/*"); return registration; } -} \ No newline at end of file +} diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/constant/Constants.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/constant/Constants.java index 59139763..e305d471 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/constant/Constants.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/constant/Constants.java @@ -27,4 +27,6 @@ public class Constants { public static final String SPLIT_COMMA = ","; public static final long TOKEN_VALIDITY_IN_SECONDS = 18000L; + + public static final long STEP = 1000L; } diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java index f77f579a..997fb078 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java @@ -96,7 +96,7 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte String token = JwtTokenUtil.createToken(jwtUser.getId(), jwtUser.getUsername(), role, isRemember); response.setHeader("token", JwtTokenUtil.TOKEN_PREFIX + token); response.setCharacterEncoding("UTF-8"); - Map maps = new HashMap(MAP_INITIAL_CAPACITY); + Map maps = new HashMap<>(MAP_INITIAL_CAPACITY); maps.put("data", JwtTokenUtil.TOKEN_PREFIX + token); maps.put("roles", role.split(SPLIT_COMMA)); response.getWriter().write(JSONUtil.toJSONString(Results.success(maps))); @@ -108,6 +108,6 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException { response.setCharacterEncoding("UTF-8"); - response.getWriter().write(JSONUtil.toJSONString(new ReturnT(-1, "Server Error"))); + response.getWriter().write(JSONUtil.toJSONString(new ReturnT(ReturnT.JWT_FAIL_CODE, "Server Error"))); } } diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java index 78f3bee5..a1ad3ed3 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java @@ -59,22 +59,28 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { + boolean checkAccessTokenOrTokenHeader = false; // Token when verifying client interaction. String accessToken = request.getParameter(ACCESS_TOKEN); + String tokenHeader = request.getHeader(JwtTokenUtil.TOKEN_HEADER); if (StringUtil.isNotBlank(accessToken)) { tokenManager.validateToken(accessToken); Authentication authentication = this.tokenManager.getAuthentication(accessToken); SecurityContextHolder.getContext().setAuthentication(authentication); - chain.doFilter(request, response); - return; + checkAccessTokenOrTokenHeader = true; + } else if (checkTokenHeader(tokenHeader)) { + // If there is no Authorization information in the request header, it will be released directly. + checkAccessTokenOrTokenHeader = true; } - // If there is no Authorization information in the request header, it will be released directly. - String tokenHeader = request.getHeader(JwtTokenUtil.TOKEN_HEADER); - if (tokenHeader == null || !tokenHeader.startsWith(JwtTokenUtil.TOKEN_PREFIX)) { + if (checkAccessTokenOrTokenHeader) { chain.doFilter(request, response); - return; + } else { + filterInternal(request, response, chain, tokenHeader); } - // If there is a Token in the request header, it is parsed and the authentication information is set. + } + + private void filterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain, + String tokenHeader) throws IOException, ServletException { try { SecurityContextHolder.getContext().setAuthentication(getAuthentication(tokenHeader)); } catch (Exception ex) { @@ -90,17 +96,21 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter { return; } try { - super.doFilterInternal(request, response, chain); + doFilterInternal(request, response, chain); } finally { UserContext.clear(); } } + private boolean checkTokenHeader(String tokenHeader) { + return tokenHeader == null || !tokenHeader.startsWith(JwtTokenUtil.TOKEN_PREFIX); + } + /** * Obtain user information from Token and create a new Token. * - * @param tokenHeader - * @return + * @param tokenHeader tokenHeader + * @return UsernamePasswordAuthenticationToken */ private UsernamePasswordAuthenticationToken getAuthentication(String tokenHeader) { String token = tokenHeader.replace(JwtTokenUtil.TOKEN_PREFIX, ""); diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/RewriteUserInfoApiFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/RewriteUserInfoApiFilter.java index 8144f7bc..57885bd5 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/RewriteUserInfoApiFilter.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/RewriteUserInfoApiFilter.java @@ -19,14 +19,18 @@ package cn.hippo4j.auth.filter; import cn.hippo4j.auth.toolkit.AuthUtil; -import javax.servlet.*; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import java.io.IOException; /** * When anonymous login is enabled, an error will be reported when viewing the current user information. * Modify the URI to query the default administrator information. - * + *

* before:hippo4j/v1/cs/auth/users/info or hippo4j/v1/cs/auth/users/info/xxx * after:hippo4j/v1/cs/auth/users/info/admin */ @@ -34,7 +38,7 @@ public class RewriteUserInfoApiFilter implements Filter { @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { - boolean enableAuthentication = AuthUtil.ENABLE_AUTHENTICATION; + boolean enableAuthentication = AuthUtil.isEnableAuthentication(); HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; String path = httpRequest.getRequestURI(); if (!enableAuthentication && path.contains("users/info")) { @@ -43,4 +47,4 @@ public class RewriteUserInfoApiFilter implements Filter { } filterChain.doFilter(servletRequest, servletResponse); } -} \ No newline at end of file +} diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/PermissionInfo.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/PermissionInfo.java index 93e05f6f..bb108545 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/PermissionInfo.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/PermissionInfo.java @@ -17,7 +17,12 @@ package cn.hippo4j.auth.model; -import com.baomidou.mybatisplus.annotation.*; +import com.baomidou.mybatisplus.annotation.FieldFill; +import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableLogic; +import com.baomidou.mybatisplus.annotation.TableName; import lombok.Data; import java.util.Date; diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/RoleInfo.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/RoleInfo.java index 85ab766b..8dd2646a 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/RoleInfo.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/RoleInfo.java @@ -17,7 +17,12 @@ package cn.hippo4j.auth.model; -import com.baomidou.mybatisplus.annotation.*; +import com.baomidou.mybatisplus.annotation.FieldFill; +import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableLogic; +import com.baomidou.mybatisplus.annotation.TableName; import lombok.Data; import java.util.Date; diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/UserInfo.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/UserInfo.java index 994ae605..e9818615 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/UserInfo.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/UserInfo.java @@ -17,7 +17,12 @@ package cn.hippo4j.auth.model; -import com.baomidou.mybatisplus.annotation.*; +import com.baomidou.mybatisplus.annotation.FieldFill; +import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableLogic; +import com.baomidou.mybatisplus.annotation.TableName; import lombok.Data; import java.util.Date; diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java index 2abd58d6..08441bb5 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java @@ -31,6 +31,7 @@ import org.springframework.stereotype.Component; import java.util.Date; import java.util.List; +import static cn.hippo4j.auth.constant.Constants.STEP; import static cn.hippo4j.auth.constant.Constants.TOKEN_VALIDITY_IN_SECONDS; import static cn.hippo4j.auth.toolkit.JwtTokenUtil.SECRET; import static cn.hippo4j.common.constant.Constants.AUTHORITIES_KEY; @@ -50,14 +51,13 @@ public class JwtTokenManager { public String createToken(String userName) { long now = System.currentTimeMillis(); Date validity; - validity = new Date(now + TOKEN_VALIDITY_IN_SECONDS * 1000L); + validity = new Date(now + TOKEN_VALIDITY_IN_SECONDS * STEP); Claims claims = Jwts.claims().setSubject(userName); - String token = Jwts.builder() + return Jwts.builder() .setClaims(claims) .setExpiration(validity) .signWith(SignatureAlgorithm.HS512, SECRET) .compact(); - return token; } /** diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/AuthUtil.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/AuthUtil.java index 62e0371f..c1c17a30 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/AuthUtil.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/AuthUtil.java @@ -29,10 +29,14 @@ public class AuthUtil { /** * Enable authentication */ - public static boolean ENABLE_AUTHENTICATION; + private static boolean enableAuthentication; @Value("${hippo4j.core.auth.enabled:true}") public void setEnableAuthentication(boolean enabled) { - AuthUtil.ENABLE_AUTHENTICATION = enabled; + AuthUtil.enableAuthentication = enabled; } -} \ No newline at end of file + + public static boolean isEnableAuthentication() { + return enableAuthentication; + } +} diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/JwtTokenUtil.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/JwtTokenUtil.java index 40a831c0..033c2efa 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/JwtTokenUtil.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/JwtTokenUtil.java @@ -77,7 +77,7 @@ public class JwtTokenUtil { .setIssuer(ISS) .setSubject(id + Constants.SPLIT_COMMA + username) .setIssuedAt(new Date()) - .setExpiration(new Date(System.currentTimeMillis() + expiration * 1000)) + .setExpiration(new Date(System.currentTimeMillis() + expiration * Constants.STEP)) .compact(); } diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java index 47743239..ed76b4f5 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java @@ -35,6 +35,8 @@ public class ReturnT implements Serializable { public static final int FAIL_CODE = 500; + public static final int JWT_FAIL_CODE = -1; + public static final ReturnT SUCCESS = new ReturnT<>(null); public static final ReturnT FAIL = new ReturnT<>(FAIL_CODE, null); diff --git a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/AuthUtilTest.java b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/AuthUtilTest.java index dd522658..f831a2f7 100644 --- a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/AuthUtilTest.java +++ b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/AuthUtilTest.java @@ -33,6 +33,6 @@ public final class AuthUtilTest { @Test public void assertGetEnableAuthentication() { - Assert.isTrue(AuthUtil.ENABLE_AUTHENTICATION); + Assert.isTrue(AuthUtil.isEnableAuthentication()); } }