Browse Source

网关服务

zhoutg 6 years ago
parent
commit
84f0477618
20 changed files with 151 additions and 48 deletions
  1. 2 1
      diagbotman-service/src/main/java/com/diagbot/config/ResourceServerConfigurer.java
  2. 1 0
      diagbotman-service/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java
  3. 5 0
      diagbotman-service/src/main/java/com/diagbot/entity/ServiceFilter.java
  4. 1 1
      diagbotman-service/src/main/java/com/diagbot/entity/wrapper/ServiceTokenWrapper.java
  5. 4 3
      diagbotman-service/src/main/java/com/diagbot/facade/ServiceFilterFacade.java
  6. 36 0
      diagbotman-service/src/main/java/com/diagbot/facade/ServiceTokenFacade.java
  7. 5 1
      diagbotman-service/src/main/java/com/diagbot/mapper/ServiceTokenMapper.java
  8. 2 2
      diagbotman-service/src/main/java/com/diagbot/service/ServiceFilterService.java
  9. 7 1
      diagbotman-service/src/main/java/com/diagbot/service/ServiceTokenService.java
  10. 4 7
      diagbotman-service/src/main/java/com/diagbot/service/ServiceFilterServiceImpl.java
  11. 15 1
      diagbotman-service/src/main/java/com/diagbot/service/impl/ServiceTokenServiceImpl.java
  12. 3 5
      diagbotman-service/src/main/java/com/diagbot/web/ServiceFilterController.java
  13. 13 2
      diagbotman-service/src/main/java/com/diagbot/web/ServiceTokenController.java
  14. 1 0
      diagbotman-service/src/main/resources/mapper/ServiceFilterMapper.xml
  15. 5 0
      diagbotman-service/src/main/resources/mapper/ServiceTokenMapper.xml
  16. 1 0
      docs/002.数据库设计/sys-diagbotman.sql
  17. 4 3
      gateway-service/src/main/java/com/diagbot/client/DiagbotmanServiceClient.java
  18. 2 4
      gateway-service/src/main/java/com/diagbot/client/hystrix/DiagbotmanServiceHystrix.java
  19. 22 0
      gateway-service/src/main/java/com/diagbot/entity/ServiceFilter.java
  20. 18 17
      gateway-service/src/main/java/com/diagbot/filter/GlobalGatewayFilter.java

+ 2 - 1
diagbotman-service/src/main/java/com/diagbot/config/ResourceServerConfigurer.java

@@ -25,7 +25,8 @@ public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
         http
                 .csrf().disable()
                 .authorizeRequests()
-                .regexMatchers(".*swagger.*",".*v2.*",".*webjars.*","/druid.*","/actuator.*","/hystrix.*","/service_filter/getAll").permitAll()
+                .regexMatchers(".*swagger.*",".*v2.*",".*webjars.*","/druid.*","/actuator.*","/hystrix.*"
+                        ,"/service_filter/getAll", "/serviceToken/hasPermisson").permitAll()
                 .antMatchers("/**").authenticated();
 //        .antMatchers("/**").permitAll();
     }

+ 1 - 0
diagbotman-service/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java

@@ -35,6 +35,7 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
                     || matchers("/actuator/**", request)
                     || matchers("/hystrix/**", request)
                     || matchers("/service_filter/getAll", request)
+                    || matchers("/serviceToken/hasPermisson", request)
                     || matchers("/", request)){
                 return;
             } else {

+ 5 - 0
diagbotman-service/src/main/java/com/diagbot/entity/ServiceFilter.java

@@ -54,6 +54,11 @@ public class ServiceFilter implements Serializable {
      */
     private String name;
 
+    /**
+     *  产品id
+     */
+    private Long productId;
+
     /**
      * 备注
      */

+ 1 - 1
diagbotman-service/src/main/java/com/diagbot/entity/wrapper/ServiceTokenWrapper.java

@@ -5,7 +5,7 @@ import lombok.Getter;
 import lombok.Setter;
 
 /**
- * @Description: 产品服务过滤
+ * @Description: 服务令牌表扩展表
  * @Author: ztg
  * @Date: 2018/9/18 14:35
  */

+ 4 - 3
diagbotman-service/src/main/java/com/diagbot/facade/ServiceFilterFacade.java

@@ -1,20 +1,21 @@
 package com.diagbot.facade;
 
 import com.diagbot.dto.RespDTO;
-import com.diagbot.service.ServiceFilterServiceImpl;
+import com.diagbot.entity.ServiceFilter;
+import com.diagbot.service.impl.ServiceFilterServiceImpl;
 import org.springframework.stereotype.Component;
 
 import java.util.List;
 
 /**
- * @Description: 品服务过滤
+ * @Description: 品服务过滤
  * @Author: ztg
  * @Date: 2018/9/18 14:45
  */
 @Component
 public class ServiceFilterFacade extends ServiceFilterServiceImpl {
 
-    public RespDTO<List<String>> getServiceFilter() {
+    public RespDTO<List<ServiceFilter>> getServiceFilter() {
         return this.getAll();
     }
 }

+ 36 - 0
diagbotman-service/src/main/java/com/diagbot/facade/ServiceTokenFacade.java

@@ -1,8 +1,16 @@
 package com.diagbot.facade;
 
+import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.ProductService;
+import com.diagbot.entity.ServiceToken;
+import com.diagbot.exception.CommonErrorCode;
+import com.diagbot.exception.CommonException;
 import com.diagbot.service.impl.ServiceTokenServiceImpl;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import java.util.Date;
+
 /**
  * @Description: 用户端token业务层
  * @author: zhaops
@@ -10,4 +18,32 @@ import org.springframework.stereotype.Component;
  */
 @Component
 public class ServiceTokenFacade extends ServiceTokenServiceImpl {
+
+
+    @Autowired
+    ProductServiceFacade productServiceFacade;
+
+    /**
+     * @Description: 获取资源的url
+     * @Author: ztg
+     * @Date: 2018/9/18 16:54
+     */
+    public RespDTO<Boolean> hasPermisson(String appkey, String secret, Long productId) {
+        ServiceToken st = this.getServiceToken(appkey, secret);
+        if(null == st) {
+            throw new CommonException(CommonErrorCode.SERVER_IS_ERROR, "appkey或secret错误,appkey=【" + appkey + "】," + "secret=【" + secret + "】");
+        }
+        ProductService ps = productServiceFacade.getById(st.getProductSeviceId());
+        if(ps == null) {
+            throw new CommonException(CommonErrorCode.SERVER_IS_ERROR, "无权限访问!");
+        }
+        if(!ps.getProductId().equals(productId)) {
+            throw new CommonException(CommonErrorCode.SERVER_IS_ERROR, "无权限访问!");
+        }
+        Date date = new Date();
+        if(st.getExpiringDate().getTime() < date.getTime()) {
+            throw new CommonException(CommonErrorCode.SERVER_IS_ERROR, "访问权限已过期!");
+        }
+        return RespDTO.onSuc(true);
+    }
 }

+ 5 - 1
diagbotman-service/src/main/java/com/diagbot/mapper/ServiceTokenMapper.java

@@ -1,7 +1,9 @@
 package com.diagbot.mapper;
 
-import com.diagbot.entity.ServiceToken;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.diagbot.entity.ServiceToken;
+
+import java.util.Map;
 
 /**
  * <p>
@@ -13,4 +15,6 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
  */
 public interface ServiceTokenMapper extends BaseMapper<ServiceToken> {
 
+
+    public ServiceToken getServiceToken(Map map);
 }

+ 2 - 2
diagbotman-service/src/main/java/com/diagbot/service/ServiceFilterService.java

@@ -14,9 +14,9 @@ import java.util.List;
 public interface ServiceFilterService extends IService<ServiceFilter> {
 
     /**
-     * @Description: 根据Map中的参数取值
+     * @Description: 获取服务列表
      * @Author: ztg
      * @Date: 2018/9/18 14:57
      */
-    public RespDTO<List<String>> getAll();
+    public RespDTO<List<ServiceFilter>> getAll();
 }

+ 7 - 1
diagbotman-service/src/main/java/com/diagbot/service/ServiceTokenService.java

@@ -1,7 +1,7 @@
 package com.diagbot.service;
 
-import com.diagbot.entity.ServiceToken;
 import com.baomidou.mybatisplus.extension.service.IService;
+import com.diagbot.entity.ServiceToken;
 
 /**
  * <p>
@@ -13,4 +13,10 @@ import com.baomidou.mybatisplus.extension.service.IService;
  */
 public interface ServiceTokenService extends IService<ServiceToken> {
 
+    /**
+     * @Description: 根据参数获取服务令牌
+     * @Author: ztg
+     * @Date: 2018/9/18 16:38
+     */
+    public ServiceToken getServiceToken(String appkey, String secret);
 }

+ 4 - 7
diagbotman-service/src/main/java/com/diagbot/service/ServiceFilterServiceImpl.java

@@ -1,9 +1,10 @@
-package com.diagbot.service;
+package com.diagbot.service.impl;
 
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.diagbot.dto.RespDTO;
 import com.diagbot.entity.ServiceFilter;
 import com.diagbot.mapper.ServiceFilterMapper;
+import com.diagbot.service.ServiceFilterService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -22,13 +23,9 @@ public class ServiceFilterServiceImpl extends ServiceImpl<ServiceFilterMapper, S
     ServiceFilterMapper serviceFilterMapper;
 
     @Override
-    public RespDTO<List<String>> getAll() {
+    public RespDTO<List<ServiceFilter>> getAll() {
         List<ServiceFilter> list = serviceFilterMapper.getAll();
-        List<String> service = new ArrayList<>();
-        for(ServiceFilter bean : list) {
-            service.add(bean.getName());
-        }
-        return RespDTO.onSuc(service);
+        return RespDTO.onSuc(list);
     }
 
 

+ 15 - 1
diagbotman-service/src/main/java/com/diagbot/service/impl/ServiceTokenServiceImpl.java

@@ -1,11 +1,15 @@
 package com.diagbot.service.impl;
 
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.diagbot.entity.ServiceToken;
 import com.diagbot.mapper.ServiceTokenMapper;
 import com.diagbot.service.ServiceTokenService;
-import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * <p>
  * 服务令牌表 服务实现类
@@ -17,4 +21,14 @@ import org.springframework.stereotype.Service;
 @Service
 public class ServiceTokenServiceImpl extends ServiceImpl<ServiceTokenMapper, ServiceToken> implements ServiceTokenService {
 
+    @Autowired
+    ServiceTokenMapper serviceTokenMapper;
+
+    @Override
+    public ServiceToken getServiceToken(String appkey, String secret) {
+        Map<String,Object> paramMap = new HashMap<>();
+        paramMap.put("appkey", appkey);
+        paramMap.put("secret", secret);
+        return serviceTokenMapper.getServiceToken(paramMap);
+    }
 }

+ 3 - 5
diagbotman-service/src/main/java/com/diagbot/web/ServiceFilterController.java

@@ -1,6 +1,7 @@
 package com.diagbot.web;
 
 import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.ServiceFilter;
 import com.diagbot.facade.ServiceFilterFacade;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -21,15 +22,12 @@ public class ServiceFilterController {
     ServiceFilterFacade serviceFilterFacade;
 
     @RequestMapping("/getAll")
-    public RespDTO<List<String>> getServiceFilter() {
+    public RespDTO<List<ServiceFilter>> getServiceFilter() {
         return serviceFilterFacade.getAll();
     }
 
 
-    @RequestMapping("/getPermissonUrl")
-    public RespDTO<List<String>> getPermissonUrl(String appkey, String secret) {
-        return serviceFilterFacade.getPermissonUrl(appkey, secret);
-    }
+
 
 }
 

+ 13 - 2
diagbotman-service/src/main/java/com/diagbot/web/ServiceTokenController.java

@@ -1,9 +1,11 @@
 package com.diagbot.web;
 
 
-import org.springframework.web.bind.annotation.RequestMapping;
-
+import com.diagbot.dto.RespDTO;
+import com.diagbot.facade.ServiceTokenFacade;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
 
 /**
  * <p>
@@ -17,5 +19,14 @@ import org.springframework.stereotype.Controller;
 @RequestMapping("/serviceToken")
 public class ServiceTokenController {
 
+    @Autowired
+    ServiceTokenFacade serviceTokenFacade;
+
+
+    @RequestMapping("/hasPermisson")
+    public RespDTO<Boolean> hasPermission(String appkey, String secret, Long productId) {
+        return serviceTokenFacade.hasPermisson(appkey, secret, productId);
+    }
+
 }
 

+ 1 - 0
diagbotman-service/src/main/resources/mapper/ServiceFilterMapper.xml

@@ -11,6 +11,7 @@
         <result column="creator" property="creator" />
         <result column="modifier" property="modifier" />
         <result column="name" property="name" />
+        <result column="product_id" property="productId" />
         <result column="remark" property="remark" />
     </resultMap>
 

+ 5 - 0
diagbotman-service/src/main/resources/mapper/ServiceTokenMapper.xml

@@ -20,4 +20,9 @@
         <result column="remark" property="remark" />
     </resultMap>
 
+
+    <select id="getServiceToken" resultMap="BaseResultMap" parameterType="java.util.Map">
+        SELECT a.* FROM `diag_service_token` a  and a.is_deleted = 'N' and a.app_key_id = #{appkey} and a.app_key_secret = #{secret}
+    </select>
+
 </mapper>

+ 1 - 0
docs/002.数据库设计/sys-diagbotman.sql

@@ -49,6 +49,7 @@ CREATE TABLE `diag_service_filter` (
   `creator` varchar(20) NOT NULL DEFAULT '0' COMMENT '创建人,0表示无创建人值',
   `modifier` varchar(20) NOT NULL DEFAULT '0' COMMENT '修改人,如果为0则表示纪录未修改',
   `name` varchar(255) NOT NULL DEFAULT '' COMMENT '名称',
+  `product_id` bigint(20) NOT NULL DEFAULT 0 COMMENT '产品id',
   `remark` varchar(255) NOT NULL DEFAULT '' COMMENT '备注',
   PRIMARY KEY (`id`),
   UNIQUE KEY `name` (`name`)

+ 4 - 3
gateway-service/src/main/java/com/diagbot/client/DiagbotmanServiceClient.java

@@ -2,6 +2,7 @@ package com.diagbot.client;
 
 import com.diagbot.client.hystrix.DiagbotmanServiceHystrix;
 import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.ServiceFilter;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -18,10 +19,10 @@ import java.util.List;
 public interface DiagbotmanServiceClient {
 
     @PostMapping("/service_filter/getAll")
-    RespDTO<List<String>> getAll();
+    RespDTO<List<ServiceFilter>> getAll();
 
-    @PostMapping("/service_filter/getPermissonUrl")
-    RespDTO<List<String>> getPermissonUrl(@RequestParam("appkey")String appkey, @RequestParam("secret")String secret);
+    @PostMapping("/serviceToken/hasPermisson")
+    RespDTO<Boolean> hasPermission(@RequestParam("appkey") String appkey, @RequestParam("secret") String secret, @RequestParam("productId") Long productId);
 
 }
 

+ 2 - 4
gateway-service/src/main/java/com/diagbot/client/hystrix/DiagbotmanServiceHystrix.java

@@ -6,8 +6,6 @@ import com.diagbot.dto.RespDTO;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
-import java.util.List;
-
 /**
  * @Description: 产品服务客户端(请求失败熔断)
  * @Author: ztg
@@ -24,8 +22,8 @@ public class DiagbotmanServiceHystrix implements DiagbotmanServiceClient {
     }
 
     @Override
-    public RespDTO<List<String>> getPermissonUrl(String appkey, String secret) {
-        log.error("【hystrix】调用{}异常","getPermissonUrl");
+    public RespDTO<Boolean> hasPermission(String appkey, String secret, Long productId) {
+        log.error("【hystrix】调用{}异常","hasPermisson");
         return null;
     }
 }

+ 22 - 0
gateway-service/src/main/java/com/diagbot/entity/ServiceFilter.java

@@ -0,0 +1,22 @@
+package com.diagbot.entity;
+
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.Serializable;
+
+/**
+ * @Description: 产品服务过滤接受类
+ * @Author: ztg
+ * @Date: 2018/9/18 14:35
+ */
+@Getter
+@Setter
+public class ServiceFilter implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+    private String name;
+    private Long productId;
+
+
+}

+ 18 - 17
gateway-service/src/main/java/com/diagbot/filter/GlobalGatewayFilter.java

@@ -3,8 +3,7 @@ package com.diagbot.filter;
 import com.diagbot.client.DiagbotmanServiceClient;
 import com.diagbot.client.UserServiceClient;
 import com.diagbot.dto.RespDTO;
-import com.diagbot.exception.CommonErrorCode;
-import com.diagbot.exception.CommonException;
+import com.diagbot.entity.ServiceFilter;
 import com.diagbot.exception.ErrorCode;
 import com.diagbot.util.GsonUtil;
 import lombok.extern.slf4j.Slf4j;
@@ -22,10 +21,11 @@ import reactor.core.publisher.Mono;
 
 import java.net.URI;
 import java.nio.charset.StandardCharsets;
-import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.Iterator;
 import java.util.LinkedHashSet;
 import java.util.List;
+import java.util.Map;
 
 /**
  * @Description: 全局过滤器
@@ -38,7 +38,7 @@ public class GlobalGatewayFilter implements GlobalFilter {
 
     private static final String GATE_WAY_PREFIX = "/api";
     private static final Boolean IS_GENERATE = false;
-    private static List<String> SERVICE_FILTER = new ArrayList<>();
+    private static Map<String, Long> SERVICE_FILTER = new HashMap<>();
 
     @Autowired
     UserServiceClient userServiceClient;
@@ -65,20 +65,21 @@ public class GlobalGatewayFilter implements GlobalFilter {
         }
         log.info("APIURL:{}", requestUri);
         log.info("SERVICENAME:{}", serviceName);
-        //
 
-//        if(!IS_GENERATE) {
-//            SERVICE_FILTER = diagbotmanServiceClient.getAll().data;
-//        }
-//        if(SERVICE_FILTER.contains(serviceName)) {
-//            String appkey = request.getHeaders().getFirst("appkey");
-//            String secret = request.getHeaders().getFirst("secret");
-//            //获取appkey,secret对应的
-//            RespDTO<Permission> res = userServiceClient.getPermission(appkey, secret);
-//        }
-//        if(1 == 1) {
-//            throw new CommonException(CommonErrorCode.PARAM_IS_ERROR, "出错了!");
-//        }
+        if(!IS_GENERATE) {
+            List<ServiceFilter> list =  diagbotmanServiceClient.getAll().data;
+            for(ServiceFilter bean : list) {
+                SERVICE_FILTER.put(bean.getName(), bean.getProductId());
+            }
+        }
+        if(SERVICE_FILTER.get(serviceName) != null) {
+            String appkey = request.getHeaders().getFirst("appkey");
+            String secret = request.getHeaders().getFirst("secret");
+            Long productId = SERVICE_FILTER.get(SERVICE_FILTER.get(serviceName));
+
+            //获取appkey,secret对应的
+            RespDTO<Boolean> res = diagbotmanServiceClient.hasPermission(appkey, secret, productId);
+        }
 
 //        if(1==1){
 //            return getVoidMono(serverWebExchange, CommonErrorCode.NO_PERMISSION);