Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
lzh_me
Sureness
提交
eae1ab44
Sureness
项目概览
lzh_me
/
Sureness
与 Fork 源项目一致
Fork自
sureness / Sureness
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
Sureness
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
未验证
提交
eae1ab44
编写于
4月 18, 2021
作者:
sinat_25235033
提交者:
GitHub
4月 18, 2021
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
use SurenessConstant instead of common str (#90)
上级
6075466e
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
82 addition
and
72 deletion
+82
-72
core/src/main/java/com/usthe/sureness/handler/AttachSessionServletHandler.java
...m/usthe/sureness/handler/AttachSessionServletHandler.java
+5
-8
core/src/main/java/com/usthe/sureness/subject/creater/BasicSubjectJaxRsCreator.java
...he/sureness/subject/creater/BasicSubjectJaxRsCreator.java
+5
-6
core/src/main/java/com/usthe/sureness/subject/creater/BasicSubjectServletCreator.java
.../sureness/subject/creater/BasicSubjectServletCreator.java
+5
-6
core/src/main/java/com/usthe/sureness/subject/creater/DigestSubjectJaxRsCreator.java
...e/sureness/subject/creater/DigestSubjectJaxRsCreator.java
+5
-6
core/src/main/java/com/usthe/sureness/subject/creater/DigestSubjectServletCreator.java
...sureness/subject/creater/DigestSubjectServletCreator.java
+5
-6
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectJaxRsCreator.java
...sthe/sureness/subject/creater/JwtSubjectJaxRsCreator.java
+7
-9
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectServletCreator.java
...he/sureness/subject/creater/JwtSubjectServletCreator.java
+7
-9
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectWsJaxRsCreator.java
...he/sureness/subject/creater/JwtSubjectWsJaxRsCreator.java
+3
-4
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectWsServletCreator.java
.../sureness/subject/creater/JwtSubjectWsServletCreator.java
+3
-4
core/src/main/java/com/usthe/sureness/subject/creater/SessionSubjectServletCreator.java
...ureness/subject/creater/SessionSubjectServletCreator.java
+5
-8
core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
...c/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
+6
-6
core/src/main/java/com/usthe/sureness/util/SurenessConstant.java
...c/main/java/com/usthe/sureness/util/SurenessConstant.java
+26
-0
未找到文件。
core/src/main/java/com/usthe/sureness/handler/AttachSessionServletHandler.java
浏览文件 @
eae1ab44
package
com.usthe.sureness.handler
;
import
com.usthe.sureness.subject.SubjectSum
;
import
com.usthe.sureness.util.SurenessConstant
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpSession
;
...
...
@@ -12,19 +13,15 @@ import javax.servlet.http.HttpSession;
*/
public
class
AttachSessionServletHandler
implements
SuccessHandler
{
private
static
final
String
PRINCIPAL
=
"principal"
;
private
static
final
String
PRINCIPALS
=
"principals"
;
private
static
final
String
ROLES
=
"roles"
;
@Override
public
void
processHandler
(
SubjectSum
subjectSum
,
Object
request
)
{
if
(
request
instanceof
HttpServletRequest
)
{
HttpServletRequest
servletRequest
=
(
HttpServletRequest
)
request
;
HttpSession
httpSession
=
servletRequest
.
getSession
();
if
(
httpSession
.
isNew
()
||
httpSession
.
getAttribute
(
PRINCIPAL
)
==
null
)
{
httpSession
.
setAttribute
(
PRINCIPAL
,
subjectSum
.
getPrincipal
());
httpSession
.
setAttribute
(
PRINCIPALS
,
subjectSum
.
getPrincipalMap
());
httpSession
.
setAttribute
(
ROLES
,
subjectSum
.
getRoles
());
if
(
httpSession
.
isNew
()
||
httpSession
.
getAttribute
(
SurenessConstant
.
PRINCIPAL
)
==
null
)
{
httpSession
.
setAttribute
(
SurenessConstant
.
PRINCIPAL
,
subjectSum
.
getPrincipal
());
httpSession
.
setAttribute
(
SurenessConstant
.
PRINCIPALS
,
subjectSum
.
getPrincipalMap
());
httpSession
.
setAttribute
(
SurenessConstant
.
ROLES
,
subjectSum
.
getRoles
());
}
}
...
...
core/src/main/java/com/usthe/sureness/subject/creater/BasicSubjectJaxRsCreator.java
浏览文件 @
eae1ab44
...
...
@@ -3,6 +3,7 @@ package com.usthe.sureness.subject.creater;
import
com.usthe.sureness.subject.Subject
;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.PasswordSubject
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -20,16 +21,14 @@ public class BasicSubjectJaxRsCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
BasicSubjectJaxRsCreator
.
class
);
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
private
static
final
String
BASIC
=
"Basic"
;
private
static
final
int
COUNT_2
=
2
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// ("Authorization", "Basic YWRtaW46YWRtaW4=") --- basic auth
if
(
context
instanceof
ContainerRequestContext
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
return
authorization
!=
null
&&
authorization
.
startsWith
(
BASIC
);
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
return
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BASIC
);
}
else
{
return
false
;
}
...
...
@@ -37,9 +36,9 @@ public class BasicSubjectJaxRsCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
//basic auth
String
basicAuth
=
authorization
.
replace
(
BASIC
,
""
).
trim
();
String
basicAuth
=
authorization
.
replace
(
SurenessConstant
.
BASIC
,
""
).
trim
();
try
{
basicAuth
=
new
String
(
Base64
.
getDecoder
().
decode
(
basicAuth
),
StandardCharsets
.
UTF_8
);
}
catch
(
Exception
e
)
{
...
...
core/src/main/java/com/usthe/sureness/subject/creater/BasicSubjectServletCreator.java
浏览文件 @
eae1ab44
...
...
@@ -3,6 +3,7 @@ package com.usthe.sureness.subject.creater;
import
com.usthe.sureness.subject.Subject
;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.PasswordSubject
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -20,16 +21,14 @@ public class BasicSubjectServletCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
BasicSubjectServletCreator
.
class
);
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
private
static
final
String
BASIC
=
"Basic"
;
private
static
final
int
COUNT_2
=
2
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// ("Authorization", "Basic YWRtaW46YWRtaW4=") --- basic auth
if
(
context
instanceof
HttpServletRequest
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
return
authorization
!=
null
&&
authorization
.
startsWith
(
BASIC
);
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
return
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BASIC
);
}
else
{
return
false
;
}
...
...
@@ -37,9 +36,9 @@ public class BasicSubjectServletCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
//basic auth
String
basicAuth
=
authorization
.
replace
(
BASIC
,
""
).
trim
();
String
basicAuth
=
authorization
.
replace
(
SurenessConstant
.
BASIC
,
""
).
trim
();
try
{
basicAuth
=
new
String
(
Base64
.
getDecoder
().
decode
(
basicAuth
),
StandardCharsets
.
UTF_8
);
}
catch
(
Exception
e
)
{
...
...
core/src/main/java/com/usthe/sureness/subject/creater/DigestSubjectJaxRsCreator.java
浏览文件 @
eae1ab44
...
...
@@ -3,6 +3,7 @@ package com.usthe.sureness.subject.creater;
import
com.usthe.sureness.subject.Subject
;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.DigestSubject
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -21,8 +22,6 @@ public class DigestSubjectJaxRsCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
DigestSubjectJaxRsCreator
.
class
);
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
private
static
final
String
DIGEST
=
"Digest "
;
private
static
final
String
USERNAME
=
"username"
;
private
static
final
String
NONCE
=
"nonce"
;
private
static
final
String
QOP
=
"qop"
;
...
...
@@ -37,8 +36,8 @@ public class DigestSubjectJaxRsCreator implements SubjectCreate {
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
if
(
context
instanceof
ContainerRequestContext
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
return
authorization
==
null
||
authorization
.
startsWith
(
DIGEST
);
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
return
authorization
==
null
||
authorization
.
startsWith
(
SurenessConstant
.
DIGEST
);
}
else
{
return
false
;
}
...
...
@@ -46,12 +45,12 @@ public class DigestSubjectJaxRsCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
==
null
)
{
return
new
DigestSubject
();
}
else
{
// digest auth
String
digestAuth
=
authorization
.
replace
(
DIGEST
,
""
).
trim
();
String
digestAuth
=
authorization
.
replace
(
SurenessConstant
.
DIGEST
,
""
).
trim
();
try
{
final
Map
<
String
,
String
>
digestMap
=
new
HashMap
<>(
8
);
Arrays
.
stream
(
digestAuth
.
split
(
","
)).
forEach
(
auth
->
{
...
...
core/src/main/java/com/usthe/sureness/subject/creater/DigestSubjectServletCreator.java
浏览文件 @
eae1ab44
...
...
@@ -3,6 +3,7 @@ package com.usthe.sureness.subject.creater;
import
com.usthe.sureness.subject.Subject
;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.DigestSubject
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -21,8 +22,6 @@ public class DigestSubjectServletCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
DigestSubjectServletCreator
.
class
);
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
private
static
final
String
DIGEST
=
"Digest "
;
private
static
final
String
USERNAME
=
"username"
;
private
static
final
String
NONCE
=
"nonce"
;
private
static
final
String
QOP
=
"qop"
;
...
...
@@ -37,8 +36,8 @@ public class DigestSubjectServletCreator implements SubjectCreate {
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
if
(
context
instanceof
HttpServletRequest
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
return
authorization
==
null
||
authorization
.
startsWith
(
DIGEST
);
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
return
authorization
==
null
||
authorization
.
startsWith
(
SurenessConstant
.
DIGEST
);
}
else
{
return
false
;
}
...
...
@@ -46,12 +45,12 @@ public class DigestSubjectServletCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
==
null
)
{
return
new
DigestSubject
();
}
else
{
// digest auth
String
digestAuth
=
authorization
.
replace
(
DIGEST
,
""
).
trim
();
String
digestAuth
=
authorization
.
replace
(
SurenessConstant
.
DIGEST
,
""
).
trim
();
try
{
final
Map
<
String
,
String
>
digestMap
=
new
HashMap
<>(
8
);
Arrays
.
stream
(
digestAuth
.
split
(
","
)).
forEach
(
auth
->
{
...
...
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectJaxRsCreator.java
浏览文件 @
eae1ab44
...
...
@@ -4,6 +4,7 @@ import com.usthe.sureness.subject.Subject;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.JwtSubject
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -20,17 +21,14 @@ public class JwtSubjectJaxRsCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
JwtSubjectJaxRsCreator
.
class
);
private
static
final
String
BEARER
=
"Bearer"
;
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// support bearer jwt
// ("Authorization", "Bearer eyJhbGciOiJIUzUxMi...") --- jwt auth
if
(
context
instanceof
ContainerRequestContext
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
BEARER
))
{
String
jwtValue
=
authorization
.
replace
(
BEARER
,
""
).
trim
();
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BEARER
))
{
String
jwtValue
=
authorization
.
replace
(
SurenessConstant
.
BEARER
,
""
).
trim
();
return
!
JsonWebTokenUtil
.
isNotJsonWebToken
(
jwtValue
);
}
}
...
...
@@ -39,10 +37,10 @@ public class JwtSubjectJaxRsCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
BEARER
))
{
String
authorization
=
((
ContainerRequestContext
)
context
).
getHeaderString
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BEARER
))
{
// jwt token
String
jwtValue
=
authorization
.
replace
(
BEARER
,
""
).
trim
();
String
jwtValue
=
authorization
.
replace
(
SurenessConstant
.
BEARER
,
""
).
trim
();
if
(
JsonWebTokenUtil
.
isNotJsonWebToken
(
jwtValue
))
{
if
(
logger
.
isInfoEnabled
())
{
logger
.
info
(
"can not create JwtSubject by this request message, is not jwt"
);
...
...
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectServletCreator.java
浏览文件 @
eae1ab44
...
...
@@ -4,6 +4,7 @@ import com.usthe.sureness.subject.Subject;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.JwtSubject
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
com.usthe.sureness.util.SurenessConstant
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -19,17 +20,14 @@ public class JwtSubjectServletCreator implements SubjectCreate {
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
JwtSubjectServletCreator
.
class
);
private
static
final
String
BEARER
=
"Bearer"
;
private
static
final
String
AUTHORIZATION
=
"Authorization"
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// support bearer jwt
// ("Authorization", "Bearer eyJhbGciOiJIUzUxMi...") --- jwt auth
if
(
context
instanceof
HttpServletRequest
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
BEARER
))
{
String
jwtValue
=
authorization
.
replace
(
BEARER
,
""
).
trim
();
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BEARER
))
{
String
jwtValue
=
authorization
.
replace
(
SurenessConstant
.
BEARER
,
""
).
trim
();
return
!
JsonWebTokenUtil
.
isNotJsonWebToken
(
jwtValue
);
}
}
...
...
@@ -38,10 +36,10 @@ public class JwtSubjectServletCreator implements SubjectCreate {
@Override
public
Subject
createSubject
(
Object
context
)
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
BEARER
))
{
String
authorization
=
((
HttpServletRequest
)
context
).
getHeader
(
SurenessConstant
.
AUTHORIZATION
);
if
(
authorization
!=
null
&&
authorization
.
startsWith
(
SurenessConstant
.
BEARER
))
{
// jwt token
String
jwtValue
=
authorization
.
replace
(
BEARER
,
""
).
trim
();
String
jwtValue
=
authorization
.
replace
(
SurenessConstant
.
BEARER
,
""
).
trim
();
if
(
JsonWebTokenUtil
.
isNotJsonWebToken
(
jwtValue
))
{
if
(
logger
.
isInfoEnabled
())
{
logger
.
info
(
"can not create JwtSubject by this request message, is not jwt"
);
...
...
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectWsJaxRsCreator.java
浏览文件 @
eae1ab44
...
...
@@ -4,6 +4,7 @@ import com.usthe.sureness.subject.Subject;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.JwtSubject
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
com.usthe.sureness.util.SurenessConstant
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.ws.rs.container.ContainerRequestContext
;
...
...
@@ -16,14 +17,12 @@ import javax.ws.rs.container.ContainerRequestContext;
*/
public
class
JwtSubjectWsJaxRsCreator
implements
SubjectCreate
{
private
static
final
String
TOKEN
=
"token"
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// support token jwt
// requestUri?token=jwt0-eyJhbGciOiJIUzUxMi --- jwt auth
if
(
context
instanceof
ContainerRequestContext
)
{
Object
token
=
((
ContainerRequestContext
)
context
).
getProperty
(
TOKEN
);
Object
token
=
((
ContainerRequestContext
)
context
).
getProperty
(
SurenessConstant
.
TOKEN
);
return
token
instanceof
String
&&
!
JsonWebTokenUtil
.
isNotJsonWebToken
((
String
)
token
);
}
return
false
;
...
...
@@ -33,7 +32,7 @@ public class JwtSubjectWsJaxRsCreator implements SubjectCreate {
public
Subject
createSubject
(
Object
context
)
{
// support token jwt
// requestUri?token=jwt0-eyJhbGciOiJIUzUxMi --- jwt auth
Object
token
=
((
ContainerRequestContext
)
context
).
getProperty
(
TOKEN
);
Object
token
=
((
ContainerRequestContext
)
context
).
getProperty
(
SurenessConstant
.
TOKEN
);
if
(
token
instanceof
String
)
{
String
jwtToken
=
((
String
)
token
).
trim
();
String
remoteHost
=
((
HttpServletRequest
)
context
).
getRemoteHost
();
...
...
core/src/main/java/com/usthe/sureness/subject/creater/JwtSubjectWsServletCreator.java
浏览文件 @
eae1ab44
...
...
@@ -4,6 +4,7 @@ import com.usthe.sureness.subject.Subject;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.JwtSubject
;
import
com.usthe.sureness.util.JsonWebTokenUtil
;
import
com.usthe.sureness.util.SurenessConstant
;
import
javax.servlet.http.HttpServletRequest
;
...
...
@@ -15,14 +16,12 @@ import javax.servlet.http.HttpServletRequest;
*/
public
class
JwtSubjectWsServletCreator
implements
SubjectCreate
{
private
static
final
String
TOKEN
=
"token"
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
// support token jwt
// requestUri?token=jwt0-eyJhbGciOiJIUzUxMi --- jwt auth
if
(
context
instanceof
HttpServletRequest
)
{
String
token
=
((
HttpServletRequest
)
context
).
getParameter
(
TOKEN
);
String
token
=
((
HttpServletRequest
)
context
).
getParameter
(
SurenessConstant
.
TOKEN
);
return
!
JsonWebTokenUtil
.
isNotJsonWebToken
(
token
);
}
return
false
;
...
...
@@ -32,7 +31,7 @@ public class JwtSubjectWsServletCreator implements SubjectCreate {
public
Subject
createSubject
(
Object
context
)
{
// support token jwt
// requestUri?token=jwt0-eyJhbGciOiJIUzUxMi --- jwt auth
String
jwtToken
=
((
HttpServletRequest
)
context
).
getParameter
(
TOKEN
);
String
jwtToken
=
((
HttpServletRequest
)
context
).
getParameter
(
SurenessConstant
.
TOKEN
);
if
(
jwtToken
!=
null
)
{
jwtToken
=
jwtToken
.
trim
();
String
remoteHost
=
((
HttpServletRequest
)
context
).
getRemoteHost
();
...
...
core/src/main/java/com/usthe/sureness/subject/creater/SessionSubjectServletCreator.java
浏览文件 @
eae1ab44
...
...
@@ -4,6 +4,7 @@ import com.usthe.sureness.subject.PrincipalMap;
import
com.usthe.sureness.subject.Subject
;
import
com.usthe.sureness.subject.SubjectCreate
;
import
com.usthe.sureness.subject.support.SessionSubject
;
import
com.usthe.sureness.util.SurenessConstant
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpSession
;
...
...
@@ -16,15 +17,11 @@ import java.util.List;
*/
public
class
SessionSubjectServletCreator
implements
SubjectCreate
{
private
static
final
String
PRINCIPAL
=
"principal"
;
private
static
final
String
PRINCIPALS
=
"principals"
;
private
static
final
String
ROLES
=
"roles"
;
@Override
public
boolean
canSupportSubject
(
Object
context
)
{
if
(
context
instanceof
HttpServletRequest
)
{
HttpSession
httpSession
=
((
HttpServletRequest
)
context
).
getSession
(
false
);
return
httpSession
!=
null
&&
httpSession
.
getAttribute
(
PRINCIPAL
)
!=
null
;
return
httpSession
!=
null
&&
httpSession
.
getAttribute
(
SurenessConstant
.
PRINCIPAL
)
!=
null
;
}
else
{
return
false
;
}
...
...
@@ -35,13 +32,13 @@ public class SessionSubjectServletCreator implements SubjectCreate {
public
Subject
createSubject
(
Object
context
)
{
HttpServletRequest
servletRequest
=
(
HttpServletRequest
)
context
;
HttpSession
httpSession
=
servletRequest
.
getSession
(
false
);
String
principal
=
(
String
)
httpSession
.
getAttribute
(
PRINCIPAL
);
String
principal
=
(
String
)
httpSession
.
getAttribute
(
SurenessConstant
.
PRINCIPAL
);
if
(
principal
==
null
||
""
.
equals
(
principal
.
trim
()))
{
return
null
;
}
Object
principalMapTmp
=
httpSession
.
getAttribute
(
PRINCIPALS
);
Object
principalMapTmp
=
httpSession
.
getAttribute
(
SurenessConstant
.
PRINCIPALS
);
PrincipalMap
principalMap
=
principalMapTmp
==
null
?
null
:
(
PrincipalMap
)
principalMapTmp
;
Object
rolesTmp
=
httpSession
.
getAttribute
(
ROLES
);
Object
rolesTmp
=
httpSession
.
getAttribute
(
SurenessConstant
.
ROLES
);
List
<
String
>
roles
=
rolesTmp
==
null
?
null
:
(
List
<
String
>)
rolesTmp
;
String
remoteHost
=
((
HttpServletRequest
)
context
).
getRemoteHost
();
String
requestUri
=
((
HttpServletRequest
)
context
).
getRequestURI
();
...
...
core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
浏览文件 @
eae1ab44
...
...
@@ -59,7 +59,7 @@ public class JsonWebTokenUtil {
List
<
String
>
roles
,
List
<
String
>
permissions
,
Boolean
isRefresh
)
{
Map
<
String
,
Object
>
customClaimMap
=
new
HashMap
<>(
4
);
customClaimMap
.
put
(
"roles"
,
roles
);
customClaimMap
.
put
(
SurenessConstant
.
ROLES
,
roles
);
customClaimMap
.
put
(
"perms"
,
permissions
);
customClaimMap
.
put
(
"isRefresh"
,
isRefresh
);
return
issueJwtAll
(
id
,
subject
,
issuer
,
period
,
null
,
null
,
...
...
@@ -76,7 +76,7 @@ public class JsonWebTokenUtil {
* @return java.lang.String jwt
*/
public
static
String
issueJwt
(
String
id
,
String
subject
,
String
issuer
,
Long
period
,
List
<
String
>
roles
)
{
Map
<
String
,
Object
>
customClaimMap
=
Collections
.
singletonMap
(
"roles"
,
roles
);
Map
<
String
,
Object
>
customClaimMap
=
Collections
.
singletonMap
(
SurenessConstant
.
ROLES
,
roles
);
return
issueJwtAll
(
id
,
subject
,
issuer
,
period
,
null
,
null
,
null
,
null
,
customClaimMap
);
}
...
...
@@ -99,9 +99,9 @@ public class JsonWebTokenUtil {
String
audience
,
String
payload
,
Long
notBefore
,
List
<
String
>
roles
,
Map
<
String
,
Object
>
headerMap
,
Map
<
String
,
Object
>
customClaimMap
){
if
(
customClaimMap
==
null
)
{
customClaimMap
=
Collections
.
singletonMap
(
"roles"
,
roles
);
customClaimMap
=
Collections
.
singletonMap
(
SurenessConstant
.
ROLES
,
roles
);
}
else
{
customClaimMap
.
put
(
"roles"
,
roles
);
customClaimMap
.
put
(
SurenessConstant
.
ROLES
,
roles
);
}
return
issueJwtAll
(
id
,
subject
,
issuer
,
period
,
audience
,
payload
,
notBefore
,
headerMap
,
customClaimMap
);
}
...
...
@@ -119,9 +119,9 @@ public class JsonWebTokenUtil {
public
static
String
issueJwt
(
String
id
,
String
subject
,
String
issuer
,
Long
period
,
List
<
String
>
roles
,
Map
<
String
,
Object
>
customClaimMap
){
if
(
customClaimMap
==
null
)
{
customClaimMap
=
Collections
.
singletonMap
(
"roles"
,
roles
);
customClaimMap
=
Collections
.
singletonMap
(
SurenessConstant
.
ROLES
,
roles
);
}
else
{
customClaimMap
.
put
(
"roles"
,
roles
);
customClaimMap
.
put
(
SurenessConstant
.
ROLES
,
roles
);
}
return
issueJwtAll
(
id
,
subject
,
issuer
,
period
,
null
,
null
,
null
,
null
,
customClaimMap
);
...
...
core/src/main/java/com/usthe/sureness/util/SurenessConstant.java
0 → 100644
浏览文件 @
eae1ab44
package
com.usthe.sureness.util
;
/**
* sureness public constant
* @author tomsun28
* @date 2021/4/18 16:12
*/
public
class
SurenessConstant
{
/** the principal for subject,like appId, username **/
public
static
final
String
PRINCIPAL
=
"principal"
;
/** multiple principal **/
public
static
final
String
PRINCIPALS
=
"principals"
;
/** the roles user have **/
public
static
final
String
ROLES
=
"roles"
;
/** the request header auth key **/
public
static
final
String
AUTHORIZATION
=
"Authorization"
;
/** Basic auth header **/
public
static
final
String
BASIC
=
"Basic"
;
/** Digest auth header **/
public
static
final
String
DIGEST
=
"Digest "
;
/** Bearer token auth header **/
public
static
final
String
BEARER
=
"Bearer"
;
/** Token auth key **/
public
static
final
String
TOKEN
=
"token"
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录