Merge branch 'feature/java11' into 'develop'

token expire See merge request o2oa/o2oa!1561

Merge branch 'feature/java11' into 'develop'
token expire See merge request o2oa/o2oa!1561
bcbddd69 · o2null · 8aa0cc9b · 795add76 · bcbddd69
隐藏空白更改
内联并排

Showing with 33 addition and 35 deletion

o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/HttpToken.java ...src/main/java/com/x/base/core/project/http/HttpToken.java +33 -35

未找到文件。
--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/HttpToken.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/HttpToken.java
 package com.x.base.core.project.http;
 import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.Date;
-import java.util.Enumeration;
 import java.util.Objects;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -41,13 +41,14 @@ public class HttpToken {
 		effectivePerson.setRemoteAddress(this.remoteAddress(request));
 		effectivePerson.setUserAgent(this.userAgent(request));
 		effectivePerson.setUri(request.getRequestURI());
-		/* 加入调试标记 */
+		// 加入调试标记
 		Object debugger = request.getHeader(HttpToken.X_Debugger);
-		if (null != debugger && BooleanUtils.toBoolean(Objects.toString(debugger))) {
+		effectivePerson.setDebugger((null != debugger) && BooleanUtils.toBoolean(Objects.toString(debugger)));
-			effectivePerson.setDebugger(true);
+//		if (null != debugger && BooleanUtils.toBoolean(Objects.toString(debugger))) {
-		} else {
+//			effectivePerson.setDebugger(true);
-			effectivePerson.setDebugger(false);
+//		} else {
-		}
+//			effectivePerson.setDebugger(false);
+//		}
 		setAttribute(request, effectivePerson);
 		setToken(request, response, effectivePerson);
 		return effectivePerson;
@@ -69,7 +70,7 @@ public class HttpToken {
 			Pattern pattern = Pattern.compile(RegularExpression_Token, Pattern.CASE_INSENSITIVE);
 			Matcher matcher = pattern.matcher(plain);
 			if (!matcher.find()) {
-				/* 不报错,跳过错误,将用户设置为anonymous */
+				// 不报错,跳过错误,将用户设置为anonymous
 				logger.warn("token format error:{}.", plain);
 				return EffectivePerson.anonymous();
 			}
@@ -79,21 +80,18 @@ public class HttpToken {
 			diff = Math.abs(diff);
 			if (TokenType.user.equals(tokenType) || TokenType.manager.equals(tokenType)) {
 				if (diff > (60000L * Config.person().getTokenExpiredMinutes())) {
-					// throw new Exception("token expired." + token);
+					// 不报错,跳过错误,将用户设置为anonymous
-					/* 不报错,跳过错误,将用户设置为anonymous */
+					logger.warn("token expired, user:{}, token:{}.",
-					logger.warn("token expired:{}.", plain);
+							URLDecoder.decode(matcher.group(3), StandardCharsets.UTF_8.name()), plain);
 					return EffectivePerson.anonymous();
 				}
 			}
-			if (TokenType.cipher.equals(tokenType)) {
+			if (TokenType.cipher.equals(tokenType) && (diff > (60000 * 20))) {
-				if (diff > (60000 * 20)) {
+				// 不报错,跳过错误,将用户设置为anonymous
-					/* 不报错,跳过错误,将用户设置为anonymous */
+				return EffectivePerson.anonymous();
-					return EffectivePerson.anonymous();
-				}
 			}
-			EffectivePerson effectivePerson = new EffectivePerson(URLDecoder.decode(matcher.group(3), "utf-8"),
+			return new EffectivePerson(URLDecoder.decode(matcher.group(3), StandardCharsets.UTF_8.name()), tokenType,
-					tokenType, key);
+					key);
-			return effectivePerson;
 		} catch (Exception e) {
 			e.printStackTrace();
 		}
@@ -112,20 +110,20 @@ public class HttpToken {
 	public void setToken(HttpServletRequest request, HttpServletResponse response, EffectivePerson effectivePerson)
 			throws Exception {
 		switch (effectivePerson.getTokenType()) {
-			case anonymous:
+		case anonymous:
-				// this.deleteToken(request, response);
+			// this.deleteToken(request, response);
-				break;
+			break;
-			case user:
+		case user:
-				this.setResponseToken(request, response, effectivePerson);
+			this.setResponseToken(request, response, effectivePerson);
-				break;
+			break;
-			case manager:
+		case manager:
-				this.setResponseToken(request, response, effectivePerson);
+			this.setResponseToken(request, response, effectivePerson);
-				break;
+			break;
-			case cipher:
+		case cipher:
-				this.deleteToken(request, response);
+			this.deleteToken(request, response);
-				break;
+			break;
-			default:
+		default:
-				break;
+			break;
 		}
 	}
@@ -138,8 +136,8 @@ public class HttpToken {
 		}
 	}
-	public void setResponseToken(HttpServletRequest request, HttpServletResponse response,
+	public void setResponseToken(HttpServletRequest request, HttpServletResponse response, String tokenName,
-								  String tokenName, String token) throws Exception {
+			String token) throws Exception {
 		if (!StringUtils.isEmpty(token)) {
 			String cookie = tokenName + "=" + token + "; path=/; domain=" + this.domain(request);
 			response.setHeader("Set-Cookie", cookie);