SpringGateway 过滤器中鉴权及添加参数
SpringGateway中对请求头中的Token进行验证,并获取到相应的账号信息,通过添加参数的方式传递到后续的服务中
package cn.lixuelong.gateway.config;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.cloud.gateway.support.ServerWebExchangeUtils;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.util.UriComponentsBuilder;
import com.alibaba.fastjson2.JSONObject;
import cn.lixuelong.gateway.util.JwtUtils;
import reactor.core.publisher.Mono;
/**
* xToken验证,并将xToken转化为对应的用户ID添加到请求参数中,便于后续的服务直接获取到当前用户
*/
@Component
public class LoginStatusConvertFilter implements GlobalFilter, Ordered{
Logger logger = LoggerFactory.getLogger(LoginStatusConvertFilter.class);
private final String TOKEN_NAME = "xToken";
String[] passUrls = {"/login"};
@Override
public int getOrder() {
//必须是高优先级,否则添加的参数无法传递到后续服务
return Ordered.HIGHEST_PRECEDENCE;
}
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String path = exchange.getRequest().getURI().getPath();
for (String pass : passUrls) {
if(pass.startsWith(path)){
return chain.filter(exchange);
}
}
String jwtToken = exchange.getRequest().getHeaders().getFirst(TOKEN_NAME);
if(!StringUtils.hasLength(jwtToken)){
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.UNAUTHORIZED);
JSONObject error = new JSONObject();
error.put("error", "未登录");
DataBuffer buffer = response.bufferFactory().wrap(error.toString().getBytes(StandardCharsets.UTF_8));
return response.writeWith(Mono.just(buffer));
}
// jwt验证,并取到用户ID
String userId = JwtUtils.verifyToken(jwtToken);
// 实现方式参考于AddRequestParameterGatewayFilterFactory
URI uri = exchange.getRequest().getURI();
StringBuilder query = new StringBuilder();
String originalQuery = uri.getRawQuery();
// 添加参数
if (StringUtils.hasText(originalQuery)) {
query.append(originalQuery);
if (originalQuery.charAt(originalQuery.length() - 1) != '&') {
query.append('&');
}
}
String value = ServerWebExchangeUtils.expand(exchange, userId);
query.append("baseAccount");
query.append('=');
query.append(value);
try {
// 构建一个新的request
URI newUri = UriComponentsBuilder.fromUri(uri).replaceQuery(query.toString()).build(true).toUri();
ServerHttpRequest request = exchange.getRequest().mutate().uri(newUri).build();
return chain.filter(exchange.mutate().request(request).build());
}
catch (RuntimeException ex) {
throw new IllegalStateException("Invalid URI query: \"" + query.toString() + "\"");
}
}
}