接口调整

2026-03-24 14:13:45 +08:00
parent 0eddb928e2
commit 10d4d6104c
9 changed files with 117 additions and 95 deletions
--- a/rdms-gateway/src/main/java/com/njcn/rdms/gateway/filter/security/TokenAuthenticationFilter.java
+++ b/rdms-gateway/src/main/java/com/njcn/rdms/gateway/filter/security/TokenAuthenticationFilter.java
@@ -6,15 +6,18 @@ import com.google.common.cache.CacheLoader;
 import com.google.common.cache.LoadingCache;
 import com.njcn.rdms.framework.common.biz.system.oauth2.OAuth2TokenCommonApi;
 import com.njcn.rdms.framework.common.biz.system.oauth2.dto.OAuth2AccessTokenCheckRespDTO;
+import com.njcn.rdms.framework.common.exception.ServiceException;
+import com.njcn.rdms.framework.common.exception.enums.GlobalErrorCodeConstants;
 import com.njcn.rdms.framework.common.pojo.CommonResult;
 import com.njcn.rdms.framework.common.util.date.LocalDateTimeUtils;
 import com.njcn.rdms.framework.common.util.json.JsonUtils;
 import com.njcn.rdms.gateway.util.SecurityFrameworkUtils;
+import com.njcn.rdms.gateway.util.WebFrameworkUtils;
+import com.njcn.rdms.module.system.enums.ErrorCodeConstants;
 import org.springframework.cloud.client.loadbalancer.reactive.ReactorLoadBalancerExchangeFilterFunction;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
-import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
 import org.springframework.web.reactive.function.client.WebClient;
 import org.springframework.web.server.ServerWebExchange;
@@ -42,7 +45,7 @@ public class TokenAuthenticationFilter implements GlobalFilter, Ordered {
                @Override
                public LoginUser load(String token) {
                    String body = checkAccessToken(token).block();
-                    return buildUser(body);
+                    return buildUser(body, token);
                }

            });
@@ -61,29 +64,36 @@ public class TokenAuthenticationFilter implements GlobalFilter, Ordered {
        }

        ServerWebExchange finalExchange = exchange;
-        return getLoginUser(token).defaultIfEmpty(LOGIN_USER_EMPTY).flatMap(user -> {
-            if (user == LOGIN_USER_EMPTY
-                    || user.getExpiresTime() == null
-                    || LocalDateTimeUtils.beforeNow(user.getExpiresTime())) {
-                return chain.filter(finalExchange);
-            }
+        return getLoginUser(token)
+                .flatMap(user -> {
+                    if (user.getExpiresTime() == null) {
+                        return chain.filter(finalExchange);
+                    }
+                    if (LocalDateTimeUtils.beforeNow(user.getExpiresTime())) {
+                        loginUserCache.invalidate(token);
+                        return WebFrameworkUtils.writeJSON(finalExchange,
+                                CommonResult.error(ErrorCodeConstants.OAUTH2_ACCESS_TOKEN_EXPIRE));
+                    }

-            SecurityFrameworkUtils.setLoginUser(finalExchange, user);
-            ServerWebExchange newExchange = finalExchange.mutate()
-                    .request(builder -> SecurityFrameworkUtils.setLoginUserHeader(builder, user))
-                    .build();
-            return chain.filter(newExchange);
-        });
+                    SecurityFrameworkUtils.setLoginUser(finalExchange, user);
+                    ServerWebExchange newExchange = finalExchange.mutate()
+                            .request(builder -> SecurityFrameworkUtils.setLoginUserHeader(builder, user))
+                            .build();
+                    return chain.filter(newExchange);
+                })
+                .switchIfEmpty(Mono.defer(() -> chain.filter(finalExchange)))
+                .onErrorResume(ServiceException.class, ex ->
+                        WebFrameworkUtils.writeJSON(finalExchange, CommonResult.error(ex)));
    }

    private Mono<LoginUser> getLoginUser(String token) {
        LoginUser localUser = loginUserCache.getIfPresent(token);
        if (localUser != null) {
-            return Mono.just(localUser);
+            return localUser == LOGIN_USER_EMPTY ? Mono.empty() : Mono.just(localUser);
        }

        return checkAccessToken(token).flatMap((Function<String, Mono<LoginUser>>) body -> {
-            LoginUser remoteUser = buildUser(body);
+            LoginUser remoteUser = buildUser(body, token);
            if (remoteUser != null) {
                loginUserCache.put(token, remoteUser);
                return Mono.just(remoteUser);
@@ -99,16 +109,17 @@ public class TokenAuthenticationFilter implements GlobalFilter, Ordered {
                .bodyToMono(String.class);
    }

-    private LoginUser buildUser(String body) {
+    private LoginUser buildUser(String body, String token) {
        CommonResult<OAuth2AccessTokenCheckRespDTO> result = JsonUtils.parseObject(body, CHECK_RESULT_TYPE_REFERENCE);
        if (result == null) {
            return null;
        }
        if (result.isError()) {
-            if (Objects.equals(result.getCode(), HttpStatus.UNAUTHORIZED.value())) {
+            if (Objects.equals(result.getCode(), GlobalErrorCodeConstants.UNAUTHORIZED.getCode())) {
+                loginUserCache.put(token, LOGIN_USER_EMPTY);
                return LOGIN_USER_EMPTY;
            }
-            return null;
+            throw new ServiceException(result.getCode(), result.getMsg());
        }

        OAuth2AccessTokenCheckRespDTO tokenInfo = result.getData();