飞滴出行网约车2022-乘客服务传入refreshToken刷新双token代码实现

3 years ago · 0300588111
parent 23178477c6
commit 0300588111
5 changed files with 141 additions and 45 deletions
--- a/api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java
+++ b/api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java
@ -0,0 +1,27 @@
+package com.mashibing.apipassenger.controller;
+
+import com.mashibing.apipassenger.service.TokenService;
+import com.mashibing.internalcommon.dto.ResponseResult;
+import com.mashibing.internalcommon.response.TokenResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class TokenController {
+
+
+    @Autowired
+    private TokenService tokenService;
+
+    @PostMapping("/token-refresh")
+    public ResponseResult getTokenRefresh(@RequestBody TokenResponse tokenResponse){
+
+        String refreshTokenSrc = tokenResponse.getRefreshToken();
+        System.out.println("refreshTokenSrc = " + refreshTokenSrc);
+
+        return tokenService.refreshToken(refreshTokenSrc);
+    }
+
+}
--- a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java
+++ b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java
@ -31,9 +31,8 @@ public class JwtInterceptor implements HandlerInterceptor {
        // 返回 信息字符串
        String resutltString = "" ;

+        // 解析 请求参数
        String token = null;
-        TokenResult tokenResult = null;
-
        try {
            token = request.getHeader ( "Authorization") ;
        }catch (Exception e) {
@ -41,52 +40,28 @@ public class JwtInterceptor implements HandlerInterceptor {
            result = false;
        }

-        try {
-            // 判断是否 token 是否能合法解析
-            tokenResult = JwtUtils.parseToken(token);
-        }catch (SignatureVerificationException e){
-            resutltString="token sign error";
-            result=false;
-        }catch (TokenExpiredException e){
-            resutltString="token time out";
-            result = false;
-        }catch (AlgorithmMismatchException e){
-            resutltString="token AlgorithmMismatchException";
-            result=false;
-        }catch (Exception e) {
-            resutltString = "token gotError";
-            result = false;
-        }
+        // 封装方法
+        TokenResult tokenResult = JwtUtils.checkToken(token);

-        if(! StringUtils.isBlank(token)){
+        // 判断 解析传入token
+        if (tokenResult == null ) {
+            resutltString = "token invalid ";
+            result = false;
+        }else{
+            String phone = tokenResult.getPhone();
+            String indentiny = tokenResult.getIndentiny();
+            // 从redis中取出token
+            String rdisAccessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny,TokenConstants.ACCESS_TOKEN_TYPE);
+            String redisAccessToken = redisTemplate.opsForValue().get(rdisAccessTokenKey);

-            // 判断 解析传入token
-            if (tokenResult == null ) {
+            // 判断 redis 中是否存在值
+            if( (StringUtils.isBlank(redisAccessToken)) || !StringUtils.equals(token.trim(),redisAccessToken.trim()) ){
                resutltString = "token invalid ";
                result = false;
            }else{
-                String phone = tokenResult.getPhone();
-                String indentiny = tokenResult.getIndentiny();
-                // 从redis中取出token
-                String rdisTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny,TokenConstants.ACCESS_TOKEN_TYPE);
-                String redisToken = redisTemplate.opsForValue().get(rdisTokenKey);
-
-                // 判断 redis 中是否存在值
-                if(StringUtils.isBlank(redisToken) ){
-                    resutltString = "token invalid ";
-                    result = false;
-                }
-                if(!StringUtils.equals(token.trim(),redisToken.trim())){
-                    resutltString = "token Has invalid ";
-                    result = false;
-                }else{
-                    resutltString = "token verfiy pass ";
-                    result = true;
-                }
+                resutltString = "token verfiy pass ";
+                result = true;
            }
-        }else{
-            resutltString = "token invalid ";
-            result = false;
        }


--- a/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java
+++ b/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java
@ -0,0 +1,62 @@
+package com.mashibing.apipassenger.service;
+
+import com.mashibing.internalcommon.constant.CommonStatusEnum;
+import com.mashibing.internalcommon.constant.TokenConstants;
+import com.mashibing.internalcommon.dto.ResponseResult;
+import com.mashibing.internalcommon.dto.TokenResult;
+import com.mashibing.internalcommon.response.TokenResponse;
+import com.mashibing.internalcommon.util.JwtUtils;
+import com.mashibing.internalcommon.util.RedisPrefixUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Service;
+import org.apache.commons.lang.StringUtils;
+
+import java.util.concurrent.TimeUnit;
+
+@Service
+public class TokenService {
+
+    @Autowired
+    private StringRedisTemplate redisTemplate;
+
+    /**
+     * 刷新 服务端 双token值并向 客户端 传递
+     * @param refreshTokenSrc
+     * @return
+     */
+    public ResponseResult refreshToken(String refreshTokenSrc){
+
+        // 解析客户端传入 refreshToken 参数值，并获取元数据
+        TokenResult tokenResult = JwtUtils.parseToken(refreshTokenSrc);
+        if(tokenResult == null){
+            return ResponseResult.fail(CommonStatusEnum.FAIL.getCode(),CommonStatusEnum.FAIL.getValue());
+        }
+        String phone = tokenResult.getPhone();
+        String indentiny = tokenResult.getIndentiny();
+
+        // 读取 redis 中 refreshToken
+        String refreshTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE);
+        String redisRefreshToken = redisTemplate.opsForValue().get(refreshTokenKey);
+
+        // 校验 两token 是否合法
+        if( (StringUtils.isBlank(redisRefreshToken)) || !StringUtils.equals(refreshTokenSrc.trim(),redisRefreshToken.trim()) ){
+            return ResponseResult.fail(CommonStatusEnum.FAIL.getCode(),CommonStatusEnum.FAIL.getValue());
+        }
+
+        // 生成新的双token，存入redis中
+        String refreshToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE);
+        String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE);
+        String accessToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE);
+
+        redisTemplate.opsForValue().set(accessTokenKey,accessToken,30,TimeUnit.DAYS);
+        redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,31,TimeUnit.DAYS);
+
+        TokenResponse tokenResponse = new TokenResponse();
+        tokenResponse.setAccessToken(accessToken);
+        tokenResponse.setRefreshToken(refreshToken);
+
+        return ResponseResult.success(tokenResponse);
+    }
+
+}
--- a/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java
+++ b/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java
@ -5,16 +5,26 @@ public enum  CommonStatusEnum {
    /**
     * 1:成功
     */
-    SUCCESS(1,"success"),
+    SUCCESS(1,"success")
    /**
     * 0:失败
     */
-    FAIL(0,"fail"),
+    ,FAIL(0,"fail")

    /**
     * 验证码错误提示：1000-1099
     */
-    VERIFICATION_CODE_ERROR(1099,"验证码错误！");
+    ,VERIFICATION_CODE_ERROR(1099,"验证码错误！")
+
+    /**
+     *Token类提示：1100-1199
+     */
+    ,TOKEN_ERROR(1199,"token错误")
+
+
+
+    ;
+

    private Integer code;

--- a/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java
+++ b/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java
@ -3,8 +3,12 @@ package com.mashibing.internalcommon.util;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.JWTCreator;
 import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.AlgorithmMismatchException;
+import com.auth0.jwt.exceptions.SignatureVerificationException;
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.DecodedJWT;
+import com.mashibing.internalcommon.dto.ResponseResult;
 import com.mashibing.internalcommon.dto.TokenResult;

 import java.util.Calendar;
@ -74,4 +78,22 @@ public class JwtUtils {
 //        System.out.println("根据生成token解析出的有效数据是 " + parseToken(token));
 //    }

+    /**
+     * 校验token,主要判断token是否异常
+     * @param token
+     * @return
+     */
+    public static TokenResult checkToken(String token){
+
+        TokenResult tokenResult = null;
+        try {
+            // 判断是否 token 是否能合法解析
+            tokenResult = JwtUtils.parseToken(token);
+        }catch (Exception e) {
+
+        }
+
+        return null;
+    }
+
 }