feature: 对接网关,增加对header中key的处理,如果包含用户标识,则处理放入SecurityContext中.

pom.xml

@@ -151,6 +151,11 @@
             <scope>compile</scope>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+            <optional>true</optional>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-redis</artifactId>

src/main/java/cn/quantgroup/tech/security/AuthenticationByGatewayProcessingFilter.java

+package cn.quantgroup.tech.security;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+
+/**
+ * 对header中的key进行处理,如果包含用户标识,则处理放入SecurityContext中.
+ *
+ * @author jinsong.zhu
+ * @date 2018/1/16
+ */
+@Slf4j
+public class AuthenticationByGatewayProcessingFilter implements Filter {
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        // do nothing.
+    }
+
+    @Override
+    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
+        final HttpServletRequest request = (HttpServletRequest) req;
+
+        ZUser user = SecurityUtil.extractHeader(request);
+        if (user == null) {
+            // clear context to remove user.
+            SecurityContextHolder.clearContext();
+        } else {
+            Authentication authResult = new ZuulAuthentication(user);
+            SecurityContextHolder.getContext().setAuthentication(authResult);
+        }
+
+        chain.doFilter(req, res);
+    }
+
+    @Override
+    public void destroy() {
+        // do nothing.
+    }
+
+}

src/main/java/cn/quantgroup/tech/security/SecurityContext.java

+package cn.quantgroup.tech.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+/**
+ * 获取当前登录用户.
+ *
+ * @author jinsong.zhu
+ * @date 2018/1/17
+ */
+public class SecurityContext {
+
+    /**
+     * try to get user from security context.
+     *
+     * @return return null if has no authenticated user.
+     */
+    public static final ZUser getUser() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        Object principal = authentication.getPrincipal();
+        if (principal instanceof ZUser) {
+            ZUser user = (ZUser) principal;
+            return user;
+        }
+        return null;
+    }
+
+    public static final Long getUserId() {
+        ZUser user = getUser();
+        if (user == null) {
+            return null;
+        }
+        return user.getUserId();
+    }
+
+    public static final String getUserPhoneNo() {
+        ZUser user = getUser();
+        if (user == null) {
+            return null;
+        }
+        return user.getPhoneNo();
+    }
+
+    public static final String getUserUuid() {
+        ZUser user = getUser();
+        if (user == null) {
+            return null;
+        }
+        return user.getUuid();
+    }
+
+}

src/main/java/cn/quantgroup/tech/security/SecurityUtil.java

+package cn.quantgroup.tech.security;
+
+import org.apache.commons.lang3.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author jinsong.zhu
+ * @date 2018/1/17
+ */
+public class SecurityUtil {
+
+
+    public static ZUser extractHeader(HttpServletRequest request) {
+        String uuid = request.getHeader(ZUser.HEADER_UUID);
+        if (StringUtils.isNotEmpty(uuid)) {
+            String userIdStr = request.getHeader(ZUser.HEADER_USER_ID);
+            Long userId = parseLong(userIdStr);
+            if (userId == null) {
+                // ignore.
+                return null;
+            }
+            String phoneNo = request.getHeader(ZUser.HEADER_PHONE_NO);
+            if (StringUtils.isEmpty(phoneNo)) {
+                // ignore.
+                return null;
+            }
+            ZUser user = new ZUser(uuid, userId, phoneNo);
+            return user;
+        }
+        return null;
+    }
+
+    public static Long parseLong(String str) {
+        return parseLong(str, null);
+    }
+
+    public static Long parseLong(String str, Long defaultValue) {
+        try {
+            return Long.parseLong(str);
+        } catch (Exception e) {
+            return defaultValue;
+        }
+    }
+}

src/main/java/cn/quantgroup/tech/security/ZUser.java

+package cn.quantgroup.tech.security;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Arrays;
+import java.util.Collection;
+
+/**
+ * 登录用户模型.
+ * <p>
+ * @author jinsong.zhu
+ * @date 2018/1/17
+ */
+@Data
+@NoArgsConstructor
+public class ZUser implements UserDetails {
+
+    public static final String DEFAULT_PASS = "";
+    public static final String HEADER_USER_ID = "z-user-id";
+    public static final String HEADER_UUID = "z-user-uuid";
+    public static final String HEADER_PHONE_NO = "z-user-phone-no";
+
+    private String uuid;
+    private Long userId;
+    private String phoneNo;
+
+    public ZUser(String uuid, Long userId, String phoneNo) {
+        this.uuid = uuid;
+        this.userId = userId;
+        this.phoneNo = phoneNo;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
+    }
+
+    @Override
+    public String getPassword() {
+        return DEFAULT_PASS;
+    }
+
+    @Override
+    public String getUsername() {
+        return null;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return this.uuid != null;
+    }
+}

src/main/java/cn/quantgroup/tech/security/ZuulAuthentication.java

+package cn.quantgroup.tech.security;
+
+import org.springframework.security.authentication.AbstractAuthenticationToken;
+
+/**
+ * @author jinsong.zhu
+ * @date 2018/1/17
+ */
+public class ZuulAuthentication extends AbstractAuthenticationToken {
+
+    private static final long serialVersionUID = -4809832298438307319L;
+
+    private final ZUser user;
+
+    public ZuulAuthentication(ZUser user) {
+        super(user.getAuthorities());
+        this.user = user;
+    }
+
+    @Override
+    public Object getCredentials() {
+        return "";
+    }
+
+    @Override
+    public Object getPrincipal() {
+        return user;
+    }
+
+    @Override
+    public boolean isAuthenticated() {
+        return true;
+    }
+
+    @Override
+    public void eraseCredentials() {
+        super.eraseCredentials();
+    }
+
+}