From 03005881114cd06ac3f0bf7089723f9820b94480 Mon Sep 17 00:00:00 2001 From: yh <1844516659@qq.com> Date: Sun, 17 Jul 2022 11:15:13 +0800 Subject: [PATCH] =?UTF-8?q?=E9=A3=9E=E6=BB=B4=E5=87=BA=E8=A1=8C=E7=BD=91?= =?UTF-8?q?=E7=BA=A6=E8=BD=A62022-=E4=B9=98=E5=AE=A2=E6=9C=8D=E5=8A=A1=20?= =?UTF-8?q?=E4=BC=A0=E5=85=A5refreshToken=E5=88=B7=E6=96=B0=E5=8F=8Ctoken?= =?UTF-8?q?=E4=BB=A3=E7=A0=81=E5=AE=9E=E7=8E=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/TokenController.java | 27 ++++++++ .../interceptor/JwtInterceptor.java | 59 +++++------------- .../apipassenger/service/TokenService.java | 62 +++++++++++++++++++ .../constant/CommonStatusEnum.java | 16 ++++- .../internalcommon/util/JwtUtils.java | 22 +++++++ 5 files changed, 141 insertions(+), 45 deletions(-) create mode 100644 api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java create mode 100644 api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java b/api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java new file mode 100644 index 0000000..fa30f97 --- /dev/null +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/controller/TokenController.java @@ -0,0 +1,27 @@ +package com.mashibing.apipassenger.controller; + +import com.mashibing.apipassenger.service.TokenService; +import com.mashibing.internalcommon.dto.ResponseResult; +import com.mashibing.internalcommon.response.TokenResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class TokenController { + + + @Autowired + private TokenService tokenService; + + @PostMapping("/token-refresh") + public ResponseResult getTokenRefresh(@RequestBody TokenResponse tokenResponse){ + + String refreshTokenSrc = tokenResponse.getRefreshToken(); + System.out.println("refreshTokenSrc = " + refreshTokenSrc); + + return tokenService.refreshToken(refreshTokenSrc); + } + +} diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java index c7a090f..bfc6961 100644 --- a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java @@ -31,9 +31,8 @@ public class JwtInterceptor implements HandlerInterceptor { // 返回 信息字符串 String resutltString = "" ; + // 解析 请求参数 String token = null; - TokenResult tokenResult = null; - try { token = request.getHeader ( "Authorization") ; }catch (Exception e) { @@ -41,52 +40,28 @@ public class JwtInterceptor implements HandlerInterceptor { result = false; } - try { - // 判断是否 token 是否能合法解析 - tokenResult = JwtUtils.parseToken(token); - }catch (SignatureVerificationException e){ - resutltString="token sign error"; - result=false; - }catch (TokenExpiredException e){ - resutltString="token time out"; - result = false; - }catch (AlgorithmMismatchException e){ - resutltString="token AlgorithmMismatchException"; - result=false; - }catch (Exception e) { - resutltString = "token gotError"; - result = false; - } + // 封装方法 + TokenResult tokenResult = JwtUtils.checkToken(token); - if(! StringUtils.isBlank(token)){ + // 判断 解析传入token + if (tokenResult == null ) { + resutltString = "token invalid "; + result = false; + }else{ + String phone = tokenResult.getPhone(); + String indentiny = tokenResult.getIndentiny(); + // 从redis中取出token + String rdisAccessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny,TokenConstants.ACCESS_TOKEN_TYPE); + String redisAccessToken = redisTemplate.opsForValue().get(rdisAccessTokenKey); - // 判断 解析传入token - if (tokenResult == null ) { + // 判断 redis 中是否存在值 + if( (StringUtils.isBlank(redisAccessToken)) || !StringUtils.equals(token.trim(),redisAccessToken.trim()) ){ resutltString = "token invalid "; result = false; }else{ - String phone = tokenResult.getPhone(); - String indentiny = tokenResult.getIndentiny(); - // 从redis中取出token - String rdisTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny,TokenConstants.ACCESS_TOKEN_TYPE); - String redisToken = redisTemplate.opsForValue().get(rdisTokenKey); - - // 判断 redis 中是否存在值 - if(StringUtils.isBlank(redisToken) ){ - resutltString = "token invalid "; - result = false; - } - if(!StringUtils.equals(token.trim(),redisToken.trim())){ - resutltString = "token Has invalid "; - result = false; - }else{ - resutltString = "token verfiy pass "; - result = true; - } + resutltString = "token verfiy pass "; + result = true; } - }else{ - resutltString = "token invalid "; - result = false; } diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java b/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java new file mode 100644 index 0000000..5d041fd --- /dev/null +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java @@ -0,0 +1,62 @@ +package com.mashibing.apipassenger.service; + +import com.mashibing.internalcommon.constant.CommonStatusEnum; +import com.mashibing.internalcommon.constant.TokenConstants; +import com.mashibing.internalcommon.dto.ResponseResult; +import com.mashibing.internalcommon.dto.TokenResult; +import com.mashibing.internalcommon.response.TokenResponse; +import com.mashibing.internalcommon.util.JwtUtils; +import com.mashibing.internalcommon.util.RedisPrefixUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.redis.core.StringRedisTemplate; +import org.springframework.stereotype.Service; +import org.apache.commons.lang.StringUtils; + +import java.util.concurrent.TimeUnit; + +@Service +public class TokenService { + + @Autowired + private StringRedisTemplate redisTemplate; + + /** + * 刷新 服务端 双token值并向 客户端 传递 + * @param refreshTokenSrc + * @return + */ + public ResponseResult refreshToken(String refreshTokenSrc){ + + // 解析客户端传入 refreshToken 参数值,并获取元数据 + TokenResult tokenResult = JwtUtils.parseToken(refreshTokenSrc); + if(tokenResult == null){ + return ResponseResult.fail(CommonStatusEnum.FAIL.getCode(),CommonStatusEnum.FAIL.getValue()); + } + String phone = tokenResult.getPhone(); + String indentiny = tokenResult.getIndentiny(); + + // 读取 redis 中 refreshToken + String refreshTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE); + String redisRefreshToken = redisTemplate.opsForValue().get(refreshTokenKey); + + // 校验 两token 是否合法 + if( (StringUtils.isBlank(redisRefreshToken)) || !StringUtils.equals(refreshTokenSrc.trim(),redisRefreshToken.trim()) ){ + return ResponseResult.fail(CommonStatusEnum.FAIL.getCode(),CommonStatusEnum.FAIL.getValue()); + } + + // 生成新的双token,存入redis中 + String refreshToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE); + String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE); + String accessToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE); + + redisTemplate.opsForValue().set(accessTokenKey,accessToken,30,TimeUnit.DAYS); + redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,31,TimeUnit.DAYS); + + TokenResponse tokenResponse = new TokenResponse(); + tokenResponse.setAccessToken(accessToken); + tokenResponse.setRefreshToken(refreshToken); + + return ResponseResult.success(tokenResponse); + } + +} diff --git a/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java b/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java index e8078c8..9c12680 100644 --- a/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java +++ b/internal-common/src/main/java/com/mashibing/internalcommon/constant/CommonStatusEnum.java @@ -5,16 +5,26 @@ public enum CommonStatusEnum { /** * 1:成功 */ - SUCCESS(1,"success"), + SUCCESS(1,"success") /** * 0:失败 */ - FAIL(0,"fail"), + ,FAIL(0,"fail") /** * 验证码错误提示:1000-1099 */ - VERIFICATION_CODE_ERROR(1099,"验证码错误!"); + ,VERIFICATION_CODE_ERROR(1099,"验证码错误!") + + /** + *Token类提示:1100-1199 + */ + ,TOKEN_ERROR(1199,"token错误") + + + + ; + private Integer code; diff --git a/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java b/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java index 7c6d624..88cfa8c 100644 --- a/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java +++ b/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java @@ -3,8 +3,12 @@ package com.mashibing.internalcommon.util; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTCreator; import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.exceptions.AlgorithmMismatchException; +import com.auth0.jwt.exceptions.SignatureVerificationException; +import com.auth0.jwt.exceptions.TokenExpiredException; import com.auth0.jwt.interfaces.Claim; import com.auth0.jwt.interfaces.DecodedJWT; +import com.mashibing.internalcommon.dto.ResponseResult; import com.mashibing.internalcommon.dto.TokenResult; import java.util.Calendar; @@ -74,4 +78,22 @@ public class JwtUtils { // System.out.println("根据生成token解析出的有效数据是 " + parseToken(token)); // } + /** + * 校验token,主要判断token是否异常 + * @param token + * @return + */ + public static TokenResult checkToken(String token){ + + TokenResult tokenResult = null; + try { + // 判断是否 token 是否能合法解析 + tokenResult = JwtUtils.parseToken(token); + }catch (Exception e) { + + } + + return null; + } + }