摘要:
{MethodInterceptorHolderholder=MethodInterceptor holder.create(methodInvocation);MethodInterceptorsContextparamContext=holder.createParamContext();AuthContextcontext=newAuthContext(身份验证;
import org.aopalliance.intercept.MethodInterceptor;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.aop.support.StaticMethodMatcherPointcutAdvisor;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Set;
/**
* Authorize切点
**/
public class AopAuthorizeAdvisor extends StaticMethodMatcherPointcutAdvisor {
public static final String THREAD_LOCAL_AUTH_CONTEXT = "authContext";
public AopAuthorizeAdvisor(AuthorizeService authorizeService) {
super((MethodInterceptor) methodInvocation -> {
MethodInterceptorHolder holder = MethodInterceptorHolder.create(methodInvocation);
MethodInterceptorContext paramContext = holder.createParamContext();
Authentication authentication = Authentication.current().orElseThrow(UnauthorizedException::new);
AuthContext context = new AuthContext(authentication, paramContext);
ThreadLocalUtil.put(THREAD_LOCAL_AUTH_CONTEXT, context);
authorizeService.handle(context);
Set<String> tempIncludes = new HashSet<>();
Set<String> tempExcludes = new HashSet<>();
paramContext.getParameter(Param.class).ifPresent(
param -> {
tempIncludes.addAll(param.getIncludes());
tempExcludes.addAll(param.getExcludes());
}
);
Object obj = methodInvocation.proceed();
ThreadLocalUtil.remove(THREAD_LOCAL_AUTH_CONTEXT);
if (obj != null && obj instanceof ResponseMessage) {
ResponseMessage responseMessage = (ResponseMessage) obj;
if (CollectionUtils.isNotEmpty(tempIncludes)) {
// 设置可以显示的字段
responseMessage.setFields(new LinkedHashSet<>(CollectionUtils.removeAll(tempIncludes, tempExcludes)));
} else {
responseMessage.setFields(new LinkedHashSet<>());
}
}
return obj;
});
}
@Override
public boolean matches(Method method, Class<?> aClass) {
//对controller进行控制, 只判断类, 或者父类上是否有Authorize标签.
return ClassUtil.getAnnotation(aClass, Authorize.class) != null;
}
}
@Bean
public AuthenticationSupplier authenticationSupplier() {
return () -> {
if (SecurityContextHolder.getContext().getAuthentication() == null) {
return null;
} else {
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if (principal == null) {
return null;
} else {
return principal instanceof AuthUserDetails ? ((AuthUserDetails)principal).getAuthentication() : null;
}
}
};
}