• Home
• cn.wic4j.security
• wic4j-security-resource-server
• 2023.0.0.2-alpha.3
• source code
• ResourceServerOpaqueTokenIntrospector.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.wic4j.security.resource.handler.ResourceServerOpaqueTokenIntrospector Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache license, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the license for the specific language governing permissions and
 * limitations under the license.
 */
package cn.wic4j.security.resource.handler;

import cn.wi4j.security.core.SecurityConstant;
import cn.wic4j.common.context.UserBO;
import cn.wic4j.common.context.UserContent;
import cn.wic4j.security.resource.ResourceService;
import cn.wic4j.security.resource.Wic4jOauth2UserDetails;
import jakarta.annotation.Resource;
import org.springframework.beans.factory.BeanFactoryAware;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;

import java.util.Map;

/**
 * token拦截器

 *
 * @author Max
 * @version 2023.0.0.0
 * @since 2023/7/11 21:15
 */
@ConditionalOnMissingBean(name = "resourceServerOpaqueTokenIntrospector")
public class ResourceServerOpaqueTokenIntrospector implements OpaqueTokenIntrospector, InitializingBean {


    /**
     * Spring 上下文
     */
    @Resource
    private ApplicationContext context;

    /**
     * 资源服务器接口
     */
    @Autowired(required = false)
    private ResourceService resourceService;

    /**
     * Introspect and verify the given token, returning its attributes.
     * 

     * Returning a {@link Map} is indicative that the token is valid.
     *
     * @param token the token to introspect
     * @return the token's attributes
     */
    @Override
    public OAuth2AuthenticatedPrincipal introspect(String token) {
        JwtDecoder jwtDecoder = context.getBean(JwtDecoder.class);
        Jwt jwt;
        try {
            jwt = jwtDecoder.decode(token);
        } catch (Exception exception) {
            throw new InvalidBearerTokenException(exception.getMessage());
        }
        String userId = (String) jwt.getClaims().get(SecurityConstant.USER_ID);
        // 针对不同微服务都需要实现这个接口，用来获取用户授权信息
        Wic4jOauth2UserDetails auth2AuthenticatedPrincipal = resourceService.getOauth2AuthenticatedPrincipal(userId);
        if (null == auth2AuthenticatedPrincipal) {
            throw new InvalidBearerTokenException("auth2AuthenticatedPrincipal is empty");
        }
        // 构建用户信息上下文
        UserBO userBO = new UserBO();
        userBO.setAvatar(auth2AuthenticatedPrincipal.getAvatar());
        userBO.setId(auth2AuthenticatedPrincipal.getId());
        userBO.setUsername(auth2AuthenticatedPrincipal.getUsername());
        userBO.setRoleIds(auth2AuthenticatedPrincipal.getRoles());
        userBO.setNickName(auth2AuthenticatedPrincipal.getNickName());
        UserContent.setUserContext(userBO);
        return auth2AuthenticatedPrincipal;
    }

    /**
     * Invoked by the containing {@code BeanFactory} after it has set all bean properties
     * and satisfied {@link BeanFactoryAware}, {@code ApplicationContextAware} etc.
     * 
This method allows the bean instance to perform validation of its overall
     * configuration and final initialization when all bean properties have been set.
     *
     * @throws Exception in the event of misconfiguration (such as failure to set an
     *                   essential property) or if initialization fails for any other reason
     */
    @Override
    public void afterPropertiesSet() throws Exception {
        if (null == resourceService) {
            throw new IllegalAccessException("resource not implements");
        }
    }
}