hhyykk/ipms-sjy
1
1
Fork 0
mirror of https://gitee.com/hhyykk/ipms-sjy.git synced 2025-07-23 23:45:08 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: 积木报表 API 数据集解析时 token 未正确解析的问题

Browse Source
This commit is contained in:
gaibu
2023-01-07 02:08:22 +08:00
parent 717dd1ab7c
commit ee454ace9d
5 changed files with 151 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/jmreport/config/JmReportConfiguration.java
View File

@ -1,8 +1,11 @@
package cn.iocoder.yudao.module.visualization.framework.jmreport.config;
import cn.iocoder.yudao.framework.common.enums.WebFilterOrderEnum;
import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
import cn.iocoder.yudao.module.visualization.framework.jmreport.core.service.JmReportTokenServiceImpl;
import cn.iocoder.yudao.module.visualization.framework.jmreport.core.web.JmReportTokenFilter;
import org.jeecg.modules.jmreport.api.JmReportTokenServiceI;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
@ -22,4 +25,12 @@ public class JmReportConfiguration {
return new JmReportTokenServiceImpl(oAuth2TokenApi);
}
@Bean
@SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
public FilterRegistrationBean<JmReportTokenFilter> registerMyAnotherFilter(OAuth2TokenApi oAuth2TokenApi){
FilterRegistrationBean<JmReportTokenFilter> bean = new FilterRegistrationBean<>();
bean.setOrder(WebFilterOrderEnum.JM_TOKEN_FILTER);
bean.setFilter(new JmReportTokenFilter(oAuth2TokenApi));
return bean;
}
}

132
yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/jmreport/core/web/JmReportTokenFilter.java Normal file
View File

@ -0,0 +1,132 @@
package cn.iocoder.yudao.module.visualization.framework.jmreport.core.web;
import cn.hutool.core.util.StrUtil;
import cn.iocoder.yudao.framework.security.core.LoginUser;
import cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils;
import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenCheckRespDTO;
import lombok.RequiredArgsConstructor;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
/**
* 积木报表 token 处理,将积木报表请求头中的 token 转换成 spring security 的 auth head
*/
@RequiredArgsConstructor
public class JmReportTokenFilter implements Filter {
/**
* 积木 token 请求头
*/
private static final String JM_TOKEN_HEADER = "X-Access-Token";
/**
* 系统内置请求头
*/
private static final String TOKEN_HEADER = "Authorization";
/**
* auth 相关格式
*/
private static final String AUTHORIZATION_FORMAT = "Bearer %s";
private final OAuth2TokenApi oauth2TokenApi;
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// 积木请求头
HttpServletRequest req = (HttpServletRequest) servletRequest;
String token = req.getHeader(JM_TOKEN_HEADER);
if (StrUtil.isNotEmpty(token)) {
// 1. 增加请求头
HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(req);
requestWrapper.addHeader(TOKEN_HEADER, String.format(AUTHORIZATION_FORMAT, token));
OAuth2AccessTokenCheckRespDTO resp = oauth2TokenApi.checkAccessToken(token);
Optional<LoginUser> optUser = Optional.ofNullable(resp)
.map(
t -> new LoginUser().setId(t.getUserId())
.setUserType(t.getUserType())
.setTenantId(t.getTenantId())
.setScopes(t.getScopes())
);
if (optUser.isPresent()) {
// 2. 设置登录用户类型
WebFrameworkUtils.setLoginUserType(servletRequest, optUser.get().getUserType());
filterChain.doFilter(requestWrapper, servletResponse);
return;
}
}
filterChain.doFilter(servletRequest, servletResponse);
}
/**
* request 包装类,用于修改 head
*
* <a href="https://stackoverflow.com/questions/2811769/adding-an-http-header-to-the-request-in-a-servlet-filter">add request head</a>
*/
public class HeaderMapRequestWrapper extends HttpServletRequestWrapper {
/**
* construct a wrapper for this request
*
* @param request
*/
public HeaderMapRequestWrapper(HttpServletRequest request) {
super(request);
}
private Map<String, String> headerMap = new HashMap<String, String>();
/**
* add a header with given name and value
*
* @param name
* @param value
*/
public void addHeader(String name, String value) {
headerMap.put(name, value);
}
@Override
public String getHeader(String name) {
String headerValue = super.getHeader(name);
if (headerMap.containsKey(name)) {
headerValue = headerMap.get(name);
}
return headerValue;
}
/**
* get the Header names
*/
@Override
public Enumeration<String> getHeaderNames() {
List<String> names = Collections.list(super.getHeaderNames());
for (String name : headerMap.keySet()) {
names.add(name);
}
return Collections.enumeration(names);
}
@Override
public Enumeration<String> getHeaders(String name) {
List<String> values = Collections.list(super.getHeaders(name));
if (headerMap.containsKey(name)) {
values.add(headerMap.get(name));
}
return Collections.enumeration(values);
}
}
}