当前位置:网站首页>RestTemplate、Feign实现Token传递
RestTemplate、Feign实现Token传递
2022-07-06 06:08:00 【雪峰.贵】
文章目录
Fegin 方式
客户端与服务端
一、加依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
二、定义注解
public @interface CheckLogin {
}
三、定义切面
import com.itmuch.contentcenter.util.JwtOperator;
import io.jsonwebtoken.Claims;
import lombok.RequiredArgsConstructor;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
@Aspect //切面注解
@Component
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
public class CheckLoginAspect {
private final JwtOperator jwtOperator;
//AOP的Advice(before,after returning,after throwing,around)的其中一个
@Around("@annotation(com.itmuch.contentcenter.auth.CheckLogin)")//加了@CheckLogin的方法都会走到这里
public Object checkLogin(ProceedingJoinPoint point) throws Throwable {
checkToken();
return point.proceed();
}
private void checkToken() {
try {
// 1. 从header里面获取token
HttpServletRequest request = getHttpServletRequest();
String token = request.getHeader("X-Token");
// 2. 校验token是否合法&是否过期;如果不合法或已过期直接抛异常;如果合法放行
Boolean isValid = jwtOperator.validateToken(token);
if (!isValid) {
throw new SecurityException("Token不合法!");
}
// 3. 如果校验成功,那么就将用户的信息设置到request的attribute里面
Claims claims = jwtOperator.getClaimsFromToken(token);
request.setAttribute("id", claims.get("id"));
request.setAttribute("wxNickname", claims.get("wxNickname"));
request.setAttribute("role", claims.get("role"));
} catch (Throwable throwable) {
throw new SecurityException("Token不合法");
}
}
private HttpServletRequest getHttpServletRequest() {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
return attributes.getRequest();
}
}
四、客户端创建Fegin的拦截器
import feign.RequestInterceptor;
import feign.RequestTemplate;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
public class TokenRelayRequestIntecepor implements RequestInterceptor {
@Override
public void apply(RequestTemplate requestTemplate) {
// 1. 从header里面获取token
HttpServletRequest request = getHttpServletRequest();
String token = request.getHeader("X-Token");
if(!StringUtils.isEmpty(token)){
requestTemplate.header("X-Token",token);
}
}
private HttpServletRequest getHttpServletRequest() {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
return attributes.getRequest();
}
}
四、客户端加配置
feign:
client:
config:
default: #全局
loggerLevel: full
requestInterceptors:
- com.itmuch.contentcenter.feignclient.interceptor.TokenRelayRequestIntecepor
五、测试
传入客户端token,token会通过Fegin的拦截器把token加上。
所有Fegin的接口都会带上token
RestTemplate方式
1.创建RestTemplate的拦截器
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
import org.springframework.http.client.ClientHttpRequestExecution;
import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
public class RestTemplateRequestInterceptor implements ClientHttpRequestInterceptor {
@Override
public ClientHttpResponse intercept(HttpRequest httpRequest, byte[] body, ClientHttpRequestExecution clientHttpRequestExecution) throws IOException {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes attributes = (ServletRequestAttributes) requestAttributes;
HttpServletRequest request = attributes.getRequest();
String token = request.getHeader("X-Token");
HttpHeaders headers = httpRequest.getHeaders();
headers.add("X-Token", token);
// 保证请求继续执行
return clientHttpRequestExecution.execute(httpRequest, body);
}
}
2.RestTemplate实例
@Bean
@LoadBalanced
@SentinelRestTemplate(
blockHandler = "handleBlock",
fallback = "handleFallback",
fallbackClass = SentinelBlockHandler.class,
blockHandlerClass = SentinelBlockHandler.class)
public RestTemplate restTemplate(){
//把配置的拦截器加到实例里
RestTemplate restTemplate = new RestTemplate();
restTemplate.setInterceptors(
Collections.singletonList(new RestTemplateRequestInterceptor())
);
return restTemplate;
}
边栏推荐
- Fault, error, failure of functional safety
- Web service connector: Servlet
- [C language syntax] the difference between typedef struct and struct
- Coordinatorlayout+nestedscrollview+recyclerview pull up the bottom display is incomplete
- IDEA 新UI使用
- Investment strategy discussion and market scale prediction report of China's solid state high power amplifier industry from 2022 to 2028
- 黑猫带你学eMMC协议第10篇:eMMC读写操作详解(read & write)
- Novice entry SCM must understand those things
- 进程和线程的理解
- Manhattan distance and Manhattan rectangle - print back font matrix
猜你喜欢
ICLR 2022 spotlight | analog transformer: time series anomaly detection method based on correlation difference
Seven imperceptible truths in software testing
Manhattan distance sum - print diamond
LAN communication process in the same network segment
CoordinatorLayout+NestedScrollView+RecyclerView 上拉底部显示不全
Baidu online AI competition - image processing challenge: the 8th program of handwriting erasure
nodejs实现微博第三方登录
异常检测方法总结
10m25dcf484c8g (FPGA) amy-6m-0002 BGA GPS module
【Postman】测试(Tests)脚本编写和断言详解
随机推荐
黑猫带你学UFS协议第18篇:UFS如何配置逻辑单元(LU Management)
About PHP startup, mongodb cannot find the specified module
GTSAM中ISAM2和IncrementalFixedLagSmoother说明
Buuctf-[bjdctf2020]zjctf, but so (xiaoyute detailed explanation)
nodejs实现微博第三方登录
2022 software testing workflow to know
leaflet 地图
JDBC Requset 对应内容及功能介绍
【eolink】PC客户端安装
Company video accelerated playback
LeetCode 1200. 最小绝对差
Function of contenttype
As3013 fire endurance test of cable distribution system
[web security] nodejs prototype chain pollution analysis
误差的基本知识
(中)苹果有开源,但又怎样呢?
Application du Groupe Li dans gtsam
Luogu p1460 [usaco2.1] healthy Holstein cows
多线程应用的测试与调试
Eigen sparse matrix operation