| ¶Ô±ÈÐÂÎļþ |
| | |
|---|
| | | /* |
|---|
| | | * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
|---|
| | | * |
|---|
| | | * Redistribution and use in source and binary forms, with or without |
|---|
| | | * modification, are permitted provided that the following conditions are met: |
|---|
| | | * |
|---|
| | | * Redistributions of source code must retain the above copyright notice, |
|---|
| | | * this list of conditions and the following disclaimer. |
|---|
| | | * Redistributions in binary form must reproduce the above copyright |
|---|
| | | * notice, this list of conditions and the following disclaimer in the |
|---|
| | | * documentation and/or other materials provided with the distribution. |
|---|
| | | * Neither the name of the dreamlu.net developer nor the names of its |
|---|
| | | * contributors may be used to endorse or promote products derived from |
|---|
| | | * this software without specific prior written permission. |
|---|
| | | * Author: Chill åºéª (smallchill@163.com) |
|---|
| | | */ |
|---|
| | | package org.springblade.core.secure.interceptor; |
|---|
| | | |
|---|
| | | import lombok.AllArgsConstructor; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | | import org.springblade.core.secure.auth.AuthFun; |
|---|
| | | import org.springblade.core.secure.props.AuthSecure; |
|---|
| | | import org.springblade.core.secure.provider.HttpMethod; |
|---|
| | | import org.springblade.core.secure.provider.ResponseProvider; |
|---|
| | | import org.springblade.core.tool.jackson.JsonUtil; |
|---|
| | | import org.springblade.core.tool.utils.WebUtil; |
|---|
| | | import org.springframework.expression.EvaluationContext; |
|---|
| | | import org.springframework.expression.ExpressionParser; |
|---|
| | | import org.springframework.expression.spel.standard.SpelExpressionParser; |
|---|
| | | import org.springframework.expression.spel.support.StandardEvaluationContext; |
|---|
| | | import org.springframework.lang.NonNull; |
|---|
| | | import org.springframework.util.AntPathMatcher; |
|---|
| | | import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; |
|---|
| | | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | import java.util.List; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * èªå®ä¹æææ¦æªå¨æ ¡éª |
|---|
| | | * |
|---|
| | | * @author Chill |
|---|
| | | */ |
|---|
| | | @Slf4j |
|---|
| | | @AllArgsConstructor |
|---|
| | | public class AuthInterceptor extends HandlerInterceptorAdapter { |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 表达å¼å¤ç |
|---|
| | | */ |
|---|
| | | private static final ExpressionParser EXPRESSION_PARSER = new SpelExpressionParser(); |
|---|
| | | private static final EvaluationContext EVALUATION_CONTEXT = new StandardEvaluationContext(new AuthFun()); |
|---|
| | | private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher(); |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * ææéå |
|---|
| | | */ |
|---|
| | | private final List<AuthSecure> authSecures; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) { |
|---|
| | | boolean check = authSecures.stream().filter(authSecure -> checkAuth(request, authSecure)).findFirst().map( |
|---|
| | | authSecure -> checkExpression(authSecure.getExpression()) |
|---|
| | | ).orElse(Boolean.TRUE); |
|---|
| | | if (!check) { |
|---|
| | | log.warn("ææ认è¯å¤±è´¥ï¼è¯·æ±æ¥å£ï¼{}ï¼è¯·æ±IPï¼{}ï¼è¯·æ±åæ°ï¼{}", request.getRequestURI(), WebUtil.getIP(request), JsonUtil.toJson(request.getParameterMap())); |
|---|
| | | ResponseProvider.write(response); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * æ£æµææ |
|---|
| | | */ |
|---|
| | | private boolean checkAuth(HttpServletRequest request, AuthSecure authSecure) { |
|---|
| | | return checkMethod(request, authSecure.getMethod()) && checkPath(request, authSecure.getPattern()); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * æ£æµè¯·æ±æ¹æ³ |
|---|
| | | */ |
|---|
| | | private boolean checkMethod(HttpServletRequest request, HttpMethod method) { |
|---|
| | | return method == HttpMethod.ALL || ( |
|---|
| | | method != null && method == HttpMethod.of(request.getMethod()) |
|---|
| | | ); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * æ£æµè·¯å¾å¹é
|
|---|
| | | */ |
|---|
| | | private boolean checkPath(HttpServletRequest request, String pattern) { |
|---|
| | | String servletPath = request.getServletPath(); |
|---|
| | | String pathInfo = request.getPathInfo(); |
|---|
| | | if (pathInfo != null && pathInfo.length() > 0) { |
|---|
| | | servletPath = servletPath + pathInfo; |
|---|
| | | } |
|---|
| | | return ANT_PATH_MATCHER.match(pattern, servletPath); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * æ£æµè¡¨è¾¾å¼ |
|---|
| | | */ |
|---|
| | | private boolean checkExpression(String expression) { |
|---|
| | | Boolean result = EXPRESSION_PARSER.parseExpression(expression).getValue(EVALUATION_CONTEXT, Boolean.class); |
|---|
| | | return result != null ? result : false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
