/* * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * Neither the name of the dreamlu.net developer nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * Author: Chill 庄骞 (smallchill@163.com) */ package org.springblade.core.secure.utils; import io.jsonwebtoken.Claims; import org.springblade.core.jwt.JwtUtil; import org.springblade.core.jwt.props.JwtProperties; import org.springblade.core.launch.constant.TokenConstant; import org.springblade.core.secure.BladeUser; import org.springblade.core.tool.constant.RoleConstant; import org.springblade.core.tool.support.Kv; import org.springblade.core.tool.utils.*; import javax.servlet.http.HttpServletRequest; import java.util.Map; import java.util.Objects; /** * Auth工具类 * * @author Chill */ public class AuthUtil { private static final String BLADE_USER_REQUEST_ATTR = "_BLADE_USER_REQUEST_ATTR_"; private final static String HEADER = TokenConstant.HEADER; private final static String ACCOUNT = TokenConstant.ACCOUNT; private final static String USER_NAME = TokenConstant.USER_NAME; private final static String NICK_NAME = TokenConstant.NICK_NAME; private final static String USER_ID = TokenConstant.USER_ID; private final static String DEPT_ID = TokenConstant.DEPT_ID; private final static String POST_ID = TokenConstant.POST_ID; private final static String ROLE_ID = TokenConstant.ROLE_ID; private final static String ROLE_NAME = TokenConstant.ROLE_NAME; private final static String TENANT_ID = TokenConstant.TENANT_ID; private final static String OAUTH_ID = TokenConstant.OAUTH_ID; private final static String CLIENT_ID = TokenConstant.CLIENT_ID; private final static String DETAIL = TokenConstant.DETAIL; private static JwtProperties jwtProperties; /** * 获取配置类 * * @return jwtProperties */ private static JwtProperties getJwtProperties() { if (jwtProperties == null) { jwtProperties = SpringUtil.getBean(JwtProperties.class); } return jwtProperties; } /** * 获取用户信息 * * @return BladeUser */ public static BladeUser getUser() { HttpServletRequest request = WebUtil.getRequest(); if (request == null) { return null; } // 优先从 request 中获取 Object bladeUser = request.getAttribute(BLADE_USER_REQUEST_ATTR); if (bladeUser == null) { bladeUser = getUser(request); if (bladeUser != null) { // 设置到 request 中 request.setAttribute(BLADE_USER_REQUEST_ATTR, bladeUser); } } return (BladeUser) bladeUser; } /** * 获取用户信息 * * @param request request * @return BladeUser */ @SuppressWarnings("unchecked") public static BladeUser getUser(HttpServletRequest request) { Claims claims = getClaims(request); if (claims == null) { return null; } String clientId = Func.toStr(claims.get(AuthUtil.CLIENT_ID)); Long userId = Func.toLong(claims.get(AuthUtil.USER_ID)); String tenantId = Func.toStr(claims.get(AuthUtil.TENANT_ID)); String oauthId = Func.toStr(claims.get(AuthUtil.OAUTH_ID)); String deptId = Func.toStrWithEmpty(claims.get(AuthUtil.DEPT_ID), StringPool.MINUS_ONE); String postId = Func.toStrWithEmpty(claims.get(AuthUtil.POST_ID), StringPool.MINUS_ONE); String roleId = Func.toStrWithEmpty(claims.get(AuthUtil.ROLE_ID), StringPool.MINUS_ONE); String account = Func.toStr(claims.get(AuthUtil.ACCOUNT)); String roleName = Func.toStr(claims.get(AuthUtil.ROLE_NAME)); String userName = Func.toStr(claims.get(AuthUtil.USER_NAME)); String nickName = Func.toStr(claims.get(AuthUtil.NICK_NAME)); String tenantName = Func.toStr(claims.get("tenantName")); String email = Func.toStr(claims.get("email")); String deptName = Func.toStr(claims.get("deptName")); String secretGrade = Func.toStr(claims.get("secretGrade")); Kv detail = Kv.create().setAll((Map) claims.get(AuthUtil.DETAIL)); BladeUser bladeUser = new BladeUser(); bladeUser.setClientId(clientId); bladeUser.setUserId(userId); bladeUser.setTenantId(tenantId); bladeUser.setOauthId(oauthId); bladeUser.setAccount(account); bladeUser.setDeptId(deptId); bladeUser.setPostId(postId); bladeUser.setRoleId(roleId); bladeUser.setRoleName(roleName); bladeUser.setUserName(userName); bladeUser.setNickName(nickName); detail.put("tenantName",tenantName); detail.put("deptName",deptName); detail.put("email",email); detail.put("secretGrade",secretGrade); bladeUser.setDetail(detail); return bladeUser; } /** * 是否为超管 * * @return boolean */ public static boolean isAdministrator() { return StringUtil.containsAny(getUserRole(), RoleConstant.ADMINISTRATOR); } /** * 是否为管理员 * * @return boolean */ public static boolean isAdmin() { return StringUtil.containsAny(getUserRole(), RoleConstant.ADMIN); } /** * 获取用户id * * @return userId */ public static Long getUserId() { BladeUser user = getUser(); return (null == user) ? -1 : user.getUserId(); } /** * 获取用户id * * @param request request * @return userId */ public static Long getUserId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? -1 : user.getUserId(); } /** * 获取用户账号 * * @return userAccount */ public static String getUserAccount() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getAccount(); } /** * 获取用户账号 * * @param request request * @return userAccount */ public static String getUserAccount(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getAccount(); } /** * 获取用户名 * * @return userName */ public static String getUserName() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getUserName(); } /** * 获取用户名 * * @param request request * @return userName */ public static String getUserName(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getUserName(); } /** * 获取昵称 * * @return userName */ public static String getNickName() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getNickName(); } /** * 获取昵称 * * @param request request * @return userName */ public static String getNickName(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getNickName(); } /** * 获取用户部门 * * @return userName */ public static String getDeptId() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getDeptId(); } /** * 获取用户部门 * * @param request request * @return userName */ public static String getDeptId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getDeptId(); } /** * 获取用户岗位 * * @return userName */ public static String getPostId() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getPostId(); } /** * 获取用户岗位 * * @param request request * @return userName */ public static String getPostId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getPostId(); } /** * 获取用户角色 * * @return userName */ public static String getUserRole() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getRoleName(); } /** * 获取用角色 * * @param request request * @return userName */ public static String getUserRole(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getRoleName(); } /** * 获取租户ID * * @return tenantId */ public static String getTenantId() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getTenantId(); } /** * 获取租户ID * * @param request request * @return tenantId */ public static String getTenantId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getTenantId(); } /** * 获取第三方认证ID * * @return tenantId */ public static String getOauthId() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getOauthId(); } /** * 获取第三方认证ID * * @param request request * @return tenantId */ public static String getOauthId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getOauthId(); } /** * 获取客户端id * * @return clientId */ public static String getClientId() { BladeUser user = getUser(); return (null == user) ? StringPool.EMPTY : user.getClientId(); } /** * 获取客户端id * * @param request request * @return clientId */ public static String getClientId(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? StringPool.EMPTY : user.getClientId(); } /** * 获取用户详情 * * @return clientId */ public static Kv getDetail() { BladeUser user = getUser(); return (null == user) ? Kv.create() : user.getDetail(); } /** * 获取用户详情 * * @param request request * @return clientId */ public static Kv getDetail(HttpServletRequest request) { BladeUser user = getUser(request); return (null == user) ? Kv.create() : user.getDetail(); } /** * 获取Claims * * @param request request * @return Claims */ public static Claims getClaims(HttpServletRequest request) { String auth = request.getHeader(AuthUtil.HEADER); Claims claims = null; String token; // 获取 Token 参数 if (StringUtil.isNotBlank(auth)) { token = JwtUtil.getToken(auth); } else { String parameter = request.getParameter(AuthUtil.HEADER); token = JwtUtil.getToken(parameter); } // 获取 Token 值 if (StringUtil.isNotBlank(token)) { claims = AuthUtil.parseJWT(token); } // 判断 Token 状态 if (ObjectUtil.isNotEmpty(claims) && getJwtProperties().getState()) { String tenantId = Func.toStr(claims.get(AuthUtil.TENANT_ID)); String userId = Func.toStr(claims.get(AuthUtil.USER_ID)); String accessToken = JwtUtil.getAccessToken(tenantId, userId, token); if (!token.equalsIgnoreCase(accessToken)) { return null; } } return claims; } /** * 获取请求头 * * @return header */ public static String getHeader() { return getHeader(Objects.requireNonNull(WebUtil.getRequest())); } /** * 获取请求头 * * @param request request * @return header */ public static String getHeader(HttpServletRequest request) { return request.getHeader(HEADER); } /** * 解析jsonWebToken * * @param jsonWebToken jsonWebToken * @return Claims */ public static Claims parseJWT(String jsonWebToken) { return JwtUtil.parseJWT(jsonWebToken); } }