面试系列之-分布式统一设置验证token

用户4283147

发布于 2023-11-20 14:59:26

1740

发布于 2023-11-20 14:59:26

文章被收录于专栏：对线JAVA面试对线JAVA面试

Spring Cloud Feign统一设置验证token实现方法解析

实现Feign的拦截器RequestInterceptor

在 Feign 客户端中，我们可以通过实现 RequestInterceptor 接口来实现拦截器。在拦截器中，我们可以设置请求头信息来携带 token。

@Component
public class FeignClientInterceptor implements RequestInterceptor {

    @Override
    public void apply(RequestTemplate requestTemplate) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication instanceof OAuth2Authentication) {
            OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails();
            requestTemplate.header(HttpHeaders.AUTHORIZATION, "Bearer " + details.getTokenValue());
        }
    }
}

通过 SecurityContextHolder 来获取当前的身份验证信息，并从中提取出 token 值。然后通过 RequestTemplate 来设置请求头信息，从而携带 token。

启用 Feign 客户端拦截器

feign:
  client:
    config:
      default:
        interceptor: com.example.FeignClientInterceptor

基于微服务网关gateway的token认证机制

自定义过滤器

可以继承 AbstractGatewayFilterFactory 或实现 GlobalFilter 实现过滤请求功能

import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
 
@Component
public class AuthGatewayFilterFactory extends AbstractGatewayFilterFactory<AuthGatewayFilterFactory.Config> {
 
    public AuthGatewayFilterFactory() {
        super(Config.class);
    }
 
    @Override
    public GatewayFilter apply(Config config) {
        return (exchange, chain) -> {
            System.out.println("Welcome to AuthFilter.");
            String token = exchange.getRequest().getHeaders().getFirst("sign");
            if (Config.secret.equals(token)) {
                return chain.filter(exchange);
            }
            ServerHttpResponse response = exchange.getResponse();
            response.setStatusCode(HttpStatus.UNAUTHORIZED);
            return response.setComplete();
        };
    }
 
    static class Config {
        static String secret = "1234";
    }
}

GlobalFilter

GlobalFilter 可以在全局应用

import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
 
@Component
public class AuthGlobalFilter implements GlobalFilter, Ordered {
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        System.out.println("Welcome to AuthGlobalFilter.");
        ServerHttpRequest request = exchange.getRequest();
        String sign = request.getHeaders().get("sign").get(0);
        String token = "1234";
        if(token.equals(sign)) {
            return chain.filter(exchange);
        }
        ServerHttpResponse response = exchange.getResponse();
        response.setStatusCode(HttpStatus.UNAUTHORIZED);
        return response.setComplete();
    }
 
    @Override
    public int getOrder() {
        return 0;
    }
}