You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by wu...@apache.org on 2022/11/14 09:00:36 UTC
[shardingsphere-elasticjob-ui] branch master updated: Revise AuthenticationFilter from #174 (#176)
This is an automated email from the ASF dual-hosted git repository.
wuweijie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere-elasticjob-ui.git
The following commit(s) were added to refs/heads/master by this push:
new 0194826 Revise AuthenticationFilter from #174 (#176)
0194826 is described below
commit 01948262fdee1b77e72b69e936b131ce8e4b37f1
Author: 吴伟杰 <wu...@apache.org>
AuthorDate: Mon Nov 14 17:00:30 2022 +0800
Revise AuthenticationFilter from #174 (#176)
---
.../lite/ui/security/AuthenticationFilter.java | 35 ++++++++++++----------
.../elasticjob/lite/ui/security/OAuthCode.java | 2 +-
.../src/views/login/casdoor.js | 3 +-
3 files changed, 21 insertions(+), 19 deletions(-)
diff --git a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/AuthenticationFilter.java b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/AuthenticationFilter.java
index c65de49..6d66eee 100644
--- a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/AuthenticationFilter.java
+++ b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/AuthenticationFilter.java
@@ -27,7 +27,13 @@ import org.casbin.casdoor.service.CasdoorAuthService;
import org.springframework.context.ApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
-import javax.servlet.*;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@@ -51,8 +57,6 @@ public final class AuthenticationFilter implements Filter {
private CasdoorAuthService casdoorAuthService;
- private String loginMethod = "default";
-
@Override
public void init(final FilterConfig filterConfig) {
ServletContext servletContext = filterConfig.getServletContext();
@@ -78,16 +82,9 @@ public final class AuthenticationFilter implements Filter {
return;
}
String accessToken = httpRequest.getHeader("Access-Token");
- if(loginMethod == "default"){
- if (Strings.isNullOrEmpty(accessToken) || !userAuthenticationService.isValidToken(accessToken)) {
- respondWithUnauthorized(httpResponse);
- return;
- }
- }else{
- if(casdoorAuthService.parseJwtToken(accessToken) == null){
- respondWithUnauthorized(httpResponse);
- return;
- }
+ if (Strings.isNullOrEmpty(accessToken) || !userAuthenticationService.isValidToken(accessToken) && !isValidCasdoorToken(accessToken)) {
+ respondWithUnauthorized(httpResponse);
+ return;
}
filterChain.doFilter(httpRequest, httpResponse);
}
@@ -109,7 +106,6 @@ public final class AuthenticationFilter implements Filter {
Map<String, Object> result = new HashMap<>(2, 1);
result.put("username", authenticationResult.getUsername());
result.put("accessToken", userAuthenticationService.getToken(authenticationResult.getUsername()));
- loginMethod = "default";
objectMapper.writeValue(httpResponse.getWriter(), ResponseResultUtil.build(result));
} catch (IOException e) {
e.printStackTrace();
@@ -124,7 +120,6 @@ public final class AuthenticationFilter implements Filter {
httpResponse.setCharacterEncoding("UTF-8");
Map<String, Object> result = new HashMap<>(1, 1);
result.put("casdoorLoginUrl", url);
- loginMethod = "casdoor";
objectMapper.writeValue(httpResponse.getWriter(), ResponseResultUtil.build(result));
} catch (IOException e) {
e.printStackTrace();
@@ -146,7 +141,15 @@ public final class AuthenticationFilter implements Filter {
e.printStackTrace();
}
}
-
+
+ private boolean isValidCasdoorToken(final String accessToken) {
+ try {
+ return null == casdoorAuthService.parseJwtToken(accessToken);
+ } catch (final Exception ignored) {
+ return false;
+ }
+ }
+
private void respondWithUnauthorized(final HttpServletResponse httpResponse) throws IOException {
httpResponse.setContentType("application/json");
httpResponse.setCharacterEncoding("UTF-8");
diff --git a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/OAuthCode.java b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/OAuthCode.java
index 0336478..842d83d 100644
--- a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/OAuthCode.java
+++ b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-backend/src/main/java/org/apache/shardingsphere/elasticjob/lite/ui/security/OAuthCode.java
@@ -30,4 +30,4 @@ public final class OAuthCode {
private String code;
private String state;
-}
\ No newline at end of file
+}
diff --git a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-frontend/src/views/login/casdoor.js b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-frontend/src/views/login/casdoor.js
index 25f561a..cf42604 100644
--- a/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-frontend/src/views/login/casdoor.js
+++ b/shardingsphere-elasticjob-lite-ui/shardingsphere-elasticjob-lite-ui-frontend/src/views/login/casdoor.js
@@ -31,9 +31,8 @@ export default {
const store = window.localStorage
store.setItem('Access-Token', data.accessToken)
store.setItem('username', data.username)
- store.setItem('isGuest', data.isGuest)
location.href = '/#/registry-center'
})
}
}
-}
\ No newline at end of file
+}