当前位置:网站首页>RestTemplate、Feign实现Token传递
RestTemplate、Feign实现Token传递
2022-07-06 06:08:00 【雪峰.贵】
文章目录
Fegin 方式
客户端与服务端
一、加依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
二、定义注解
public @interface CheckLogin {
}
三、定义切面
import com.itmuch.contentcenter.util.JwtOperator;
import io.jsonwebtoken.Claims;
import lombok.RequiredArgsConstructor;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
@Aspect //切面注解
@Component
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
public class CheckLoginAspect {
private final JwtOperator jwtOperator;
//AOP的Advice(before,after returning,after throwing,around)的其中一个
@Around("@annotation(com.itmuch.contentcenter.auth.CheckLogin)")//加了@CheckLogin的方法都会走到这里
public Object checkLogin(ProceedingJoinPoint point) throws Throwable {
checkToken();
return point.proceed();
}
private void checkToken() {
try {
// 1. 从header里面获取token
HttpServletRequest request = getHttpServletRequest();
String token = request.getHeader("X-Token");
// 2. 校验token是否合法&是否过期;如果不合法或已过期直接抛异常;如果合法放行
Boolean isValid = jwtOperator.validateToken(token);
if (!isValid) {
throw new SecurityException("Token不合法!");
}
// 3. 如果校验成功,那么就将用户的信息设置到request的attribute里面
Claims claims = jwtOperator.getClaimsFromToken(token);
request.setAttribute("id", claims.get("id"));
request.setAttribute("wxNickname", claims.get("wxNickname"));
request.setAttribute("role", claims.get("role"));
} catch (Throwable throwable) {
throw new SecurityException("Token不合法");
}
}
private HttpServletRequest getHttpServletRequest() {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
return attributes.getRequest();
}
}
四、客户端创建Fegin的拦截器
import feign.RequestInterceptor;
import feign.RequestTemplate;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
public class TokenRelayRequestIntecepor implements RequestInterceptor {
@Override
public void apply(RequestTemplate requestTemplate) {
// 1. 从header里面获取token
HttpServletRequest request = getHttpServletRequest();
String token = request.getHeader("X-Token");
if(!StringUtils.isEmpty(token)){
requestTemplate.header("X-Token",token);
}
}
private HttpServletRequest getHttpServletRequest() {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
return attributes.getRequest();
}
}
四、客户端加配置
feign:
client:
config:
default: #全局
loggerLevel: full
requestInterceptors:
- com.itmuch.contentcenter.feignclient.interceptor.TokenRelayRequestIntecepor
五、测试
传入客户端token,token会通过Fegin的拦截器把token加上。
所有Fegin的接口都会带上token
RestTemplate方式
1.创建RestTemplate的拦截器
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
import org.springframework.http.client.ClientHttpRequestExecution;
import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
public class RestTemplateRequestInterceptor implements ClientHttpRequestInterceptor {
@Override
public ClientHttpResponse intercept(HttpRequest httpRequest, byte[] body, ClientHttpRequestExecution clientHttpRequestExecution) throws IOException {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
HttpServletRequest request = attributes.getRequest();
String token = request.getHeader("X-Token");
HttpHeaders headers = httpRequest.getHeaders();
headers.add("X-Token", token);
// 保证请求继续执行
return clientHttpRequestExecution.execute(httpRequest, body);
}
}
2.RestTemplate实例
@Bean
@LoadBalanced
@SentinelRestTemplate(
blockHandler = "handleBlock",
fallback = "handleFallback",
fallbackClass = SentinelBlockHandler.class,
blockHandlerClass = SentinelBlockHandler.class)
public RestTemplate restTemplate(){
//把配置的拦截器加到实例里
RestTemplate restTemplate = new RestTemplate();
restTemplate.setInterceptors(
Collections.singletonList(new RestTemplateRequestInterceptor())
);
return restTemplate;
}
边栏推荐
- Buuctf-[gxyctf2019] no dolls (xiaoyute detailed explanation)
- selenium源码通读·9 |DesiredCapabilities类分析
- Function of activation function
- [Baiwen smart home] first day of the course_ Learn Embedded and understand the development mode of bare metal and RTOS
- 【LeetCode】Day96-第一个唯一字符&赎金信&字母异位词
- HCIA review
- 把el-tree选中的数组转换为数组对象
- IDEA 新UI使用
- 【API接口工具】postman-界面使用介绍
- Novice entry SCM must understand those things
猜你喜欢
Idea new UI usage
Application of Lie group in gtsam
Sqlmap tutorial (III) practical skills II
ICLR 2022 spotlight | analog transformer: time series anomaly detection method based on correlation difference
H3C V7 switch configuration IRF
The difference and usage between continue and break
GTSAM中李群的运用
把el-tree选中的数组转换为数组对象
[course notes] Compilation Principle
曼哈顿距离和-打印菱形
随机推荐
Buuctf-[[gwctf 2019] I have a database (xiaoyute detailed explanation)
Raised a kitten
Seven imperceptible truths in software testing
【Postman】Monitors 监测API可定时周期运行
黑猫带你学UFS协议第18篇:UFS如何配置逻辑单元(LU Management)
IP day 16 VLAN MPLS configuration
[postman] collections configuration running process
The ECU of 21 Audi q5l 45tfsi brushes is upgraded to master special adjustment, and the horsepower is safely and stably increased to 305 horsepower
【C语言】qsort函数
isam2运行流程
Eigen sparse matrix operation
A complete collection of necessary learning websites for office programmers
Investment strategy discussion and market scale prediction report of China's solid state high power amplifier industry from 2022 to 2028
[C language syntax] the difference between typedef struct and struct
曼哈顿距离和-打印菱形
LAN communication process in the same network segment
LeetCode 1200. 最小绝对差
What are the test sites for tunnel engineering?
selenium源码通读·9 |DesiredCapabilities类分析
Application du Groupe Li dans gtsam