From 767a02be51885bb45325e09dbd9085c2a358edde Mon Sep 17 00:00:00 2001 From: fshenye <512914587@qq.com> Date: Fri, 21 Oct 2022 09:53:02 +0800 Subject: [PATCH] =?UTF-8?q?1.=20=E4=BB=A3=E7=90=86IP=E5=A4=84=E7=90=8602?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/endpoint/SictTokenEndpoint.java | 5 +- .../sict/cloud/common/core/util/WebUtils.java | 502 +++++++++--------- .../gateway/filter/RequestGlobalFilter.java | 2 +- 3 files changed, 255 insertions(+), 254 deletions(-) diff --git a/cloud-auth/src/main/java/cn/sh/stc/sict/cloud/auth/endpoint/SictTokenEndpoint.java b/cloud-auth/src/main/java/cn/sh/stc/sict/cloud/auth/endpoint/SictTokenEndpoint.java index dea25cb..b0410cd 100644 --- a/cloud-auth/src/main/java/cn/sh/stc/sict/cloud/auth/endpoint/SictTokenEndpoint.java +++ b/cloud-auth/src/main/java/cn/sh/stc/sict/cloud/auth/endpoint/SictTokenEndpoint.java @@ -80,10 +80,7 @@ public class SictTokenEndpoint { String tokenValue = authHeader.replaceAll("(?i)Bearer", "").trim(); OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); if (accessToken == null || StrUtil.isBlank(accessToken.getValue())) { - return R.builder() - .code(Constant.BYTE_NO) - .data(Boolean.FALSE) - .msg("退出失败,token 无效").build(); + return new R(); } OAuth2Authentication auth2Authentication = tokenStore.readAuthentication(accessToken); diff --git a/cloud-common/cloud-common-core/src/main/java/cn/sh/stc/sict/cloud/common/core/util/WebUtils.java b/cloud-common/cloud-common-core/src/main/java/cn/sh/stc/sict/cloud/common/core/util/WebUtils.java index 004e1e9..9dd5b44 100644 --- a/cloud-common/cloud-common-core/src/main/java/cn/sh/stc/sict/cloud/common/core/util/WebUtils.java +++ b/cloud-common/cloud-common-core/src/main/java/cn/sh/stc/sict/cloud/common/core/util/WebUtils.java @@ -39,279 +39,283 @@ import java.util.*; @Slf4j @UtilityClass public class WebUtils extends org.springframework.web.util.WebUtils { - private final String BASIC_ = "Basic "; - private final String UNKNOWN = "unknown"; + private final String BASIC_ = "Basic "; + private final String UNKNOWN = "unknown"; - /** - * 判断是否ajax请求 - * spring ajax 返回含有 ResponseBody 或者 RestController注解 - * - * @param handlerMethod HandlerMethod - * @return 是否ajax请求 - */ - public boolean isBody(HandlerMethod handlerMethod) { - ResponseBody responseBody = ClassUtils.getAnnotation(handlerMethod, ResponseBody.class); - return responseBody != null; - } + /** + * 判断是否ajax请求 + * spring ajax 返回含有 ResponseBody 或者 RestController注解 + * + * @param handlerMethod HandlerMethod + * @return 是否ajax请求 + */ + public boolean isBody(HandlerMethod handlerMethod) { + ResponseBody responseBody = ClassUtils.getAnnotation(handlerMethod, ResponseBody.class); + return responseBody != null; + } - /** - * 读取cookie - * - * @param name cookie name - * @return cookie value - */ - public String getCookieVal(String name) { - HttpServletRequest request = WebUtils.getRequest(); - Assert.notNull(request, "request from RequestContextHolder is null"); - return getCookieVal(request, name); - } + /** + * 读取cookie + * + * @param name cookie name + * @return cookie value + */ + public String getCookieVal(String name) { + HttpServletRequest request = WebUtils.getRequest(); + Assert.notNull(request, "request from RequestContextHolder is null"); + return getCookieVal(request, name); + } - /** - * 读取cookie - * - * @param request HttpServletRequest - * @param name cookie name - * @return cookie value - */ - public String getCookieVal(HttpServletRequest request, String name) { - Cookie cookie = getCookie(request, name); - return cookie != null ? cookie.getValue() : null; - } + /** + * 读取cookie + * + * @param request HttpServletRequest + * @param name cookie name + * @return cookie value + */ + public String getCookieVal(HttpServletRequest request, String name) { + Cookie cookie = getCookie(request, name); + return cookie != null ? cookie.getValue() : null; + } - /** - * 清除 某个指定的cookie - * - * @param response HttpServletResponse - * @param key cookie key - */ - public void removeCookie(HttpServletResponse response, String key) { - setCookie(response, key, null, 0); - } + /** + * 清除 某个指定的cookie + * + * @param response HttpServletResponse + * @param key cookie key + */ + public void removeCookie(HttpServletResponse response, String key) { + setCookie(response, key, null, 0); + } - /** - * 设置cookie - * - * @param response HttpServletResponse - * @param name cookie name - * @param value cookie value - * @param maxAgeInSeconds maxage - */ - public void setCookie(HttpServletResponse response, String name, String value, int maxAgeInSeconds) { - Cookie cookie = new Cookie(name, value); - cookie.setPath("/"); - cookie.setMaxAge(maxAgeInSeconds); - cookie.setHttpOnly(true); - response.addCookie(cookie); - } + /** + * 设置cookie + * + * @param response HttpServletResponse + * @param name cookie name + * @param value cookie value + * @param maxAgeInSeconds maxage + */ + public void setCookie(HttpServletResponse response, String name, String value, int maxAgeInSeconds) { + Cookie cookie = new Cookie(name, value); + cookie.setPath("/"); + cookie.setMaxAge(maxAgeInSeconds); + cookie.setHttpOnly(true); + response.addCookie(cookie); + } - /** - * 获取 HttpServletRequest - * - * @return {HttpServletRequest} - */ - public HttpServletRequest getRequest() { - return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); - } + /** + * 获取 HttpServletRequest + * + * @return {HttpServletRequest} + */ + public HttpServletRequest getRequest() { + return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); + } - /** - * 获取 HttpServletResponse - * - * @return {HttpServletResponse} - */ - public HttpServletResponse getResponse() { - return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse(); - } + /** + * 获取 HttpServletResponse + * + * @return {HttpServletResponse} + */ + public HttpServletResponse getResponse() { + return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse(); + } - /** - * 返回json - * - * @param response HttpServletResponse - * @param result 结果对象 - */ - public void renderJson(HttpServletResponse response, Object result) { - renderJson(response, result, MediaType.APPLICATION_JSON_UTF8_VALUE); - } + /** + * 返回json + * + * @param response HttpServletResponse + * @param result 结果对象 + */ + public void renderJson(HttpServletResponse response, Object result) { + renderJson(response, result, MediaType.APPLICATION_JSON_UTF8_VALUE); + } - /** - * 返回json - * - * @param response HttpServletResponse - * @param result 结果对象 - * @param contentType contentType - */ - public void renderJson(HttpServletResponse response, Object result, String contentType) { - response.setCharacterEncoding("UTF-8"); - response.setContentType(contentType); - try (PrintWriter out = response.getWriter()) { - out.append(JSONUtil.toJsonStr(result)); - } catch (IOException e) { - log.error(e.getMessage(), e); - } - } + /** + * 返回json + * + * @param response HttpServletResponse + * @param result 结果对象 + * @param contentType contentType + */ + public void renderJson(HttpServletResponse response, Object result, String contentType) { + response.setCharacterEncoding("UTF-8"); + response.setContentType(contentType); + try (PrintWriter out = response.getWriter()) { + out.append(JSONUtil.toJsonStr(result)); + } catch (IOException e) { + log.error(e.getMessage(), e); + } + } - /** - * 获取ip - * - * @return {String} - */ - public String getIP() { - return getIP(WebUtils.getRequest()); - } + /** + * 获取ip + * + * @return {String} + */ + public String getIP() { + return getIP(WebUtils.getRequest()); + } - public String getSession(){ - return WebUtils.getSessionId(WebUtils.getRequest()); - } + public String getSession() { + return WebUtils.getSessionId(WebUtils.getRequest()); + } - /** - * 获取ip - * - * @param request HttpServletRequest - * @return {String} - */ - public String getIP(HttpServletRequest request) { - Assert.notNull(request, "HttpServletRequest is null"); - String ip = request.getHeader("X-Requested-For"); - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getHeader("X-Forwarded-For"); - } - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getHeader("Proxy-Client-IP"); - } - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getHeader("WL-Proxy-Client-IP"); - } - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getHeader("HTTP_CLIENT_IP"); - } - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getHeader("HTTP_X_FORWARDED_FOR"); - } - if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { - ip = request.getRemoteAddr(); - } + /** + * 获取ip + * + * @param request HttpServletRequest + * @return {String} + */ + public String getIP(HttpServletRequest request) { + Assert.notNull(request, "HttpServletRequest is null"); + String ip = request.getHeader("X-Requested-For"); + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getHeader("X-Forwarded-For"); + } + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getHeader("Proxy-Client-IP"); + } + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getHeader("WL-Proxy-Client-IP"); + } + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getHeader("HTTP_CLIENT_IP"); + } + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getHeader("HTTP_X_FORWARDED_FOR"); + } + if (StringUtils.isBlank(ip) || UNKNOWN.equalsIgnoreCase(ip)) { + ip = request.getRemoteAddr(); + } - return StringUtils.isBlank(ip) ? null : ip.split(",")[0]; - } + return StringUtils.isBlank(ip) ? null : ip.split(",")[0]; + } - public String getIP(ServerHttpRequest request) { - HttpHeaders headers = request.getHeaders(); - String ip = headers.getFirst("x-forwarded-for"); - log.error("getIp.ip = {}", ip); - if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) { - // 多次反向代理后会有多个ip值,第一个ip才是真实ip - if (ip.indexOf(",") != -1) { - ip = ip.split(",")[0]; - } - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = headers.getFirst("Proxy-Client-IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = headers.getFirst("WL-Proxy-Client-IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = headers.getFirst("HTTP_CLIENT_IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = headers.getFirst("HTTP_X_FORWARDED_FOR"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = headers.getFirst("X-Real-IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = request.getRemoteAddress().getAddress().getHostAddress(); - } - return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip; - } + public String getIP(ServerHttpRequest request) { + HttpHeaders headers = request.getHeaders(); + String ip = headers.getFirst("x-forwarded-for"); + log.error("headers = {}", JSONUtil.toJsonStr(headers)); + if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) { + // 多次反向代理后会有多个ip值,第一个ip才是真实ip + if (ip.indexOf(",") != -1) { + if ("127.0.0.1".equals(ip.split(",")[0])) { + ip = ip.split(",")[1]; + } else { + ip = ip.split(",")[0]; + } + } + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = headers.getFirst("Proxy-Client-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = headers.getFirst("WL-Proxy-Client-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = headers.getFirst("HTTP_CLIENT_IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = headers.getFirst("HTTP_X_FORWARDED_FOR"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = headers.getFirst("X-Real-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getRemoteAddress().getAddress().getHostAddress(); + } + return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip; + } - /** - * 从request 获取CLIENT_ID - * - * @return - */ - @SneakyThrows - public String[] getClientId(ServerHttpRequest request) { - String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION); + /** + * 从request 获取CLIENT_ID + * + * @return + */ + @SneakyThrows + public String[] getClientId(ServerHttpRequest request) { + String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION); - if (header == null || !header.startsWith(BASIC_)) { - throw new CheckedException("请求头中client信息为空"); - } - byte[] base64Token = header.substring(6).getBytes("UTF-8"); - byte[] decoded; - try { - decoded = Base64.decode(base64Token); - } catch (IllegalArgumentException e) { - throw new CheckedException( - "Failed to decode basic authentication token"); - } + if (header == null || !header.startsWith(BASIC_)) { + throw new CheckedException("请求头中client信息为空"); + } + byte[] base64Token = header.substring(6).getBytes("UTF-8"); + byte[] decoded; + try { + decoded = Base64.decode(base64Token); + } catch (IllegalArgumentException e) { + throw new CheckedException( + "Failed to decode basic authentication token"); + } - String token = new String(decoded, StandardCharsets.UTF_8); + String token = new String(decoded, StandardCharsets.UTF_8); - int delim = token.indexOf(":"); + int delim = token.indexOf(":"); - if (delim == -1) { - throw new CheckedException("Invalid basic authentication token"); - } - return new String[]{token.substring(0, delim), token.substring(delim + 1)}; - } + if (delim == -1) { + throw new CheckedException("Invalid basic authentication token"); + } + return new String[]{token.substring(0, delim), token.substring(delim + 1)}; + } - /** - * - * @param request HttpServletRequest - * tip: 不可使用WebUtils.getRequest()获取 - * @param allowSuffix 文件后缀名 多个以","逗号分隔 - * @return - */ - public MultipartFile getRequestFile(@NonNull HttpServletRequest request, @NonNull String allowSuffix){ - String errorMsg = StrUtil.EMPTY; + /** + * @param request HttpServletRequest + * tip: 不可使用WebUtils.getRequest()获取 + * @param allowSuffix 文件后缀名 多个以","逗号分隔 + * @return + */ + public MultipartFile getRequestFile(@NonNull HttpServletRequest request, @NonNull String allowSuffix) { + String errorMsg = StrUtil.EMPTY; - String[] suffixs = allowSuffix.split(","); - Set suffixSet = new HashSet(Arrays.asList(suffixs)); + String[] suffixs = allowSuffix.split(","); + Set suffixSet = new HashSet(Arrays.asList(suffixs)); - Map fileMap = ((MultipartHttpServletRequest) request).getFileMap(); - MultipartFile file = null; - for (Map.Entry fileEntity : fileMap.entrySet()) { - file = fileEntity.getValue(); - String originalFilename = file.getOriginalFilename(); - String suffix = originalFilename.substring(originalFilename.lastIndexOf('.') + 1); - if(suffixSet.contains(suffix)){ - break; - } - errorMsg = "文件类型不支持"; - } + Map fileMap = ((MultipartHttpServletRequest) request).getFileMap(); + MultipartFile file = null; + for (Map.Entry fileEntity : fileMap.entrySet()) { + file = fileEntity.getValue(); + String originalFilename = file.getOriginalFilename(); + String suffix = originalFilename.substring(originalFilename.lastIndexOf('.') + 1); + if (suffixSet.contains(suffix)) { + break; + } + errorMsg = "文件类型不支持"; + } - Assert.isTrue(StrUtil.isBlank(errorMsg), errorMsg); - Objects.requireNonNull(file,"excel导入 ---------->>>>>>> 未检测到上传文件"); + Assert.isTrue(StrUtil.isBlank(errorMsg), errorMsg); + Objects.requireNonNull(file, "excel导入 ---------->>>>>>> 未检测到上传文件"); - return file; - } + return file; + } - /** - * 导出excel - * @param list 数据 - * @param writer - * @param name 文件名 - */ - @SneakyThrows - public void exportExcel(@NonNull List list,@NonNull ExcelWriter writer, String name) { - writer.setOnlyAlias(true); - HttpServletResponse response = WebUtils.getResponse(); - //response为HttpServletResponse对象 - response.setContentType("application/vnd.ms-excel;charset=utf-8"); - //codes.xls是弹出下载对话框的文件名,不能为中文,中文需自行编码 - response.setHeader("Content-Disposition", "attachment;filename=data.xlsx"); - ServletOutputStream out = response.getOutputStream(); - try { - writer.write(list); - writer.flush(out); - } catch (Exception e) { - log.error("下载[{}]excel异常 =====>>>>> {}", name, e.getMessage()); - } finally { - // 关闭writer,释放内存 - writer.close(); - //关闭输出Servlet流 - IoUtil.close(out); - } - } + /** + * 导出excel + * + * @param list 数据 + * @param writer + * @param name 文件名 + */ + @SneakyThrows + public void exportExcel(@NonNull List list, @NonNull ExcelWriter writer, String name) { + writer.setOnlyAlias(true); + HttpServletResponse response = WebUtils.getResponse(); + //response为HttpServletResponse对象 + response.setContentType("application/vnd.ms-excel;charset=utf-8"); + //codes.xls是弹出下载对话框的文件名,不能为中文,中文需自行编码 + response.setHeader("Content-Disposition", "attachment;filename=data.xlsx"); + ServletOutputStream out = response.getOutputStream(); + try { + writer.write(list); + writer.flush(out); + } catch (Exception e) { + log.error("下载[{}]excel异常 =====>>>>> {}", name, e.getMessage()); + } finally { + // 关闭writer,释放内存 + writer.close(); + //关闭输出Servlet流 + IoUtil.close(out); + } + } } diff --git a/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/RequestGlobalFilter.java b/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/RequestGlobalFilter.java index 91fd417..e75496e 100644 --- a/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/RequestGlobalFilter.java +++ b/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/RequestGlobalFilter.java @@ -65,7 +65,7 @@ public class RequestGlobalFilter implements GlobalFilter, Ordered { // IP白名单 String ip = WebUtils.getIP(request); - // log.error("RemoteAddress = {}, ip = {}", request.getRemoteAddress(), ip); + log.error("RemoteAddress = {}, ip = {}", request.getRemoteAddress(), ip); try { if (whitIPConfig.getLimitFlag() && !IPStrUtil.matches(ip, whitIPConfig.getWhites())) { ServerHttpResponse response = exchange.getResponse(); -- 2.22.0