|
@@ -11,10 +11,10 @@ import org.springframework.data.redis.core.RedisTemplate;
|
|
|
import org.springframework.http.server.ServerHttpRequest;
|
|
|
import org.springframework.http.server.ServerHttpResponse;
|
|
|
import org.springframework.http.server.ServletServerHttpRequest;
|
|
|
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
-import org.springframework.security.core.authority.AuthorityUtils;
|
|
|
-import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
|
|
+//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
+//import org.springframework.security.core.authority.AuthorityUtils;
|
|
|
+//import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
+//import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
|
|
import org.springframework.web.socket.WebSocketHandler;
|
|
|
import org.springframework.web.socket.server.HandshakeInterceptor;
|
|
|
|
|
@@ -27,29 +27,29 @@ public class SystemMessageInterceptor implements HandshakeInterceptor {
|
|
|
}
|
|
|
@Override
|
|
|
public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) throws Exception {
|
|
|
- RedisTemplate redisTemplate = applicationContext.getBean(RedisTemplate.class);
|
|
|
+ RedisTemplate redisTemplate = applicationContext.getBean("redisTemplate",RedisTemplate.class);
|
|
|
if (request instanceof ServletServerHttpRequest){
|
|
|
- ServletServerHttpRequest httpRequest = (ServletServerHttpRequest) request;
|
|
|
- String token = httpRequest.getServletRequest().getParameter("token");
|
|
|
- if (StringUtils.isBlank(token)){
|
|
|
- return false;
|
|
|
- }
|
|
|
- String json = EncryptUtil.decodeUTF8StringBase64(token);
|
|
|
- //将token转成json对象
|
|
|
- JSONObject jsonObject = JSON.parseObject(json);
|
|
|
- //用户身份信息
|
|
|
- String username = jsonObject.getString("principal");
|
|
|
- Object object = redisTemplate.opsForValue().get(username + "_info");
|
|
|
- EduTenantPO eduTenant = JSON.parseObject(object.toString(), EduTenantPO.class);
|
|
|
+// ServletServerHttpRequest httpRequest = (ServletServerHttpRequest) request;
|
|
|
+// String token = httpRequest.getServletRequest().getParameter("token");
|
|
|
+// if (StringUtils.isBlank(token)){
|
|
|
+// return false;
|
|
|
+// }
|
|
|
+// String json = EncryptUtil.decodeUTF8StringBase64(token);
|
|
|
+// 将token转成json对象
|
|
|
+// JSONObject jsonObject = JSON.parseObject(json);
|
|
|
+// 用户身份信息
|
|
|
+// String username = jsonObject.getString("principal");
|
|
|
+// Object object = redisTemplate.opsForValue().get(username + "_info");
|
|
|
+// EduTenantPO eduTenant = JSON.parseObject(object.toString(), EduTenantPO.class);
|
|
|
//用户权限
|
|
|
- JSONArray authoritiesArray = jsonObject.getJSONArray("authorities");
|
|
|
- String[] authorities = authoritiesArray.toArray(new String[authoritiesArray.size()]);
|
|
|
+// JSONArray authoritiesArray = jsonObject.getJSONArray("authorities");
|
|
|
+// String[] authorities = authoritiesArray.toArray(new String[authoritiesArray.size()]);
|
|
|
//将用户信息和权限填充 到用户身份token对象中
|
|
|
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(eduTenant, null, AuthorityUtils.createAuthorityList(authorities));
|
|
|
- authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest.getServletRequest()));
|
|
|
+// UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(eduTenant, null, AuthorityUtils.createAuthorityList(authorities));
|
|
|
+// authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest.getServletRequest()));
|
|
|
//将authenticationToken填充到安全上下文
|
|
|
- SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
|
|
- attributes.put("user", eduTenant);
|
|
|
+// SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
|
|
+ attributes.put("user", ((ServletServerHttpRequest) request).getServletRequest().getParameter("token"));
|
|
|
return true;
|
|
|
}
|
|
|
return false;
|