feat: 封装判断是否内部调用的方法

cadecode · cadecode · commit e9b01d321291 · 2023-08-08T15:27:12.000+08:00
diff --git a/framework/framework_api/src/main/java/com/github/cadecode/uniboot/framework/api/security/filter/TokenAuthFilterService.java b/framework/framework_api/src/main/java/com/github/cadecode/uniboot/framework/api/security/filter/TokenAuthFilterService.java
@@ -1,7 +1,6 @@
 package com.github.cadecode.uniboot.framework.api.security.filter;
 
 import cn.hutool.core.util.CharsetUtil;
-import cn.hutool.core.util.EscapeUtil;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import cn.hutool.http.ContentType;
@@ -10,7 +9,7 @@
 import com.github.cadecode.uniboot.common.core.util.JacksonUtil;
 import com.github.cadecode.uniboot.common.core.web.response.ApiResult;
 import com.github.cadecode.uniboot.framework.api.bean.dto.SysUserDto.SysUserDetailsDto;
-import com.github.cadecode.uniboot.framework.api.consts.SecurityConst;
+import com.github.cadecode.uniboot.framework.api.util.RequestUtil;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -63,18 +62,12 @@ protected void writeResponse(HttpServletResponse response, ApiErrorCode errorCod
      * 由 handler 方法提供处理
      */
     public void filter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
-        // 根据请求头判断是否是内部请求
-        String source = ServletUtil.getHeader(request, SecurityConst.HEAD_SOURCE, CharsetUtil.CHARSET_UTF_8);
-        if (ObjectUtil.equal(source, SecurityConst.HEAD_SOURCE_VALUE)) {
-            // 从请求头中提取来自其他服务调用传递得用户信息
-            String escapedUserDetailsJson = ServletUtil.getHeader(request, SecurityConst.HEAD_USER_DETAILS, CharsetUtil.CHARSET_UTF_8);
-            if (ObjectUtil.isNotEmpty(escapedUserDetailsJson)) {
-                SysUserDetailsDto userDetailsDto = JacksonUtil.toBean(EscapeUtil.unescape(escapedUserDetailsJson), SysUserDetailsDto.class);
-                if (ObjectUtil.isNotNull(userDetailsDto)) {
-                    setAuthentication(request, userDetailsDto);
-                    filterChain.doFilter(request, response);
-                    return;
-                }
+        if (RequestUtil.isInnerRequest(request)) {
+            SysUserDetailsDto userDetailsDto = RequestUtil.getInnerUserDetails(request);
+            if (ObjectUtil.isNotNull(userDetailsDto)) {
+                setAuthentication(request, userDetailsDto);
+                filterChain.doFilter(request, response);
+                return;
             }
         }
         handler(request, response, filterChain);
diff --git a/framework/framework_api/src/main/java/com/github/cadecode/uniboot/framework/api/util/RequestUtil.java b/framework/framework_api/src/main/java/com/github/cadecode/uniboot/framework/api/util/RequestUtil.java
@@ -1,6 +1,12 @@
 package com.github.cadecode.uniboot.framework.api.util;
 
+import cn.hutool.core.util.CharsetUtil;
+import cn.hutool.core.util.EscapeUtil;
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.extra.servlet.ServletUtil;
+import com.github.cadecode.uniboot.common.core.util.JacksonUtil;
+import com.github.cadecode.uniboot.framework.api.bean.dto.SysUserDto.SysUserDetailsDto;
+import com.github.cadecode.uniboot.framework.api.consts.SecurityConst;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
@@ -30,4 +36,42 @@ public static HttpServletResponse getResponse() {
         }
         return requestAttributes.getResponse();
     }
+
+    /**
+     * 根据请求头判断是否是内部请求
+     *
+     * @param request 请求对象，为 null 时自动从上下文获取
+     * @return 是否是内部请求
+     */
+    public static boolean isInnerRequest(HttpServletRequest request) {
+        if (ObjectUtil.isNull(request)) {
+            request = getRequest();
+        }
+        if (ObjectUtil.isNull(request)) {
+            return false;
+        }
+        String source = ServletUtil.getHeader(request, SecurityConst.HEAD_SOURCE, CharsetUtil.CHARSET_UTF_8);
+        return ObjectUtil.equal(source, SecurityConst.HEAD_SOURCE_VALUE);
+    }
+
+    /**
+     * 根据请求头获取内部请求携带的用户信息
+     *
+     * @param request 请求对象，为 null 时自动从上下文获取
+     * @return 内部请求携带的用户信息
+     */
+    public static SysUserDetailsDto getInnerUserDetails(HttpServletRequest request) {
+        if (ObjectUtil.isNull(request)) {
+            request = getRequest();
+        }
+        if (ObjectUtil.isNull(request)) {
+            return null;
+        }
+        // feign 拦截器填充时做了转义处理
+        String escapedUserDetailsJson = ServletUtil.getHeader(request, SecurityConst.HEAD_USER_DETAILS, CharsetUtil.CHARSET_UTF_8);
+        if (ObjectUtil.isNotEmpty(escapedUserDetailsJson)) {
+            return JacksonUtil.toBean(EscapeUtil.unescape(escapedUserDetailsJson), SysUserDetailsDto.class);
+        }
+        return null;
+    }
 }
