本次案例工具为:SpringBoot <version>1.5.19.RELEASE</version>
Code:
1、annotations
package com.mlq.annotations;
import java.lang.annotation.Documented;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.ElementType.METHOD;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
@Documented
@Retention(RUNTIME)
@Target(METHOD)
public @interface ActionAuth {
enum Type {
DEMO, TEST
}
/**
* 操作类型
*
* @return
*/
Type value() default Type.DEMO;
/**
* 操作名称
*
* @return
*/
String name() default "";
/**
* 操作Code
*
* @return
*/
String code() default "";
}
2、config
package com.mlq.config;
import com.mlq.interceptors.AppInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* @Description: 拦截器config
*/
@Configuration
public class WebConfigurerConfig extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new AppInterceptor()).addPathPatterns("/**");
}
}
3、controller
package com.mlq.controller;
import com.mlq.annotations.ActionAuth;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/signature/")
public class SignatureTest {
@RequestMapping("getSignature")
public Object getSignature() {
return "验证通过";
}
@ActionAuth(value = ActionAuth.Type.DEMO, name = "ok", code = "ok")
@RequestMapping("ok")
public Object ok() {
return "验证通过";
}
}
4、exception
package com.mlq.exception;
import com.mlq.tools.ErrorPrintUtils;
public abstract class AbstractException extends RuntimeException {
private static final long serialVersionUID = -5992753399315247713L;
private String errorCode;
private String errorMsg;
private String stackTraceMsg;
private String level;
private String messageID;
private boolean sendMsg = true;
public AbstractException(String code, String message, String... level) {
super(code + "|" + message);
this.handleExceptionMessage(code, message, code + "|" + message);
}
public AbstractException(String code, String message, Throwable th) {
super(code + "|" + message, th);
this.handleExceptionMessage(code, message, ErrorPrintUtils.printStackTrace(th));
}
public final void handleExceptionMessage(String code, String message, String stackTraceMsg) {
this.errorCode = code;
this.errorMsg = message;
this.stackTraceMsg = stackTraceMsg;
}
public AbstractException(Throwable cause) {
super(cause);
AbstractException.ErrorDesc errorDesc = this.getErrorDesc(cause);
if (errorDesc != null) {
this.errorCode = errorDesc.errorCode;
this.errorMsg = errorDesc.errorMsg;
}
}
public AbstractException(String message) {
super(message);
}
public abstract AbstractException.ErrorDesc getErrorDesc(Throwable var1);
public String getErrorCode() {
return this.errorCode;
}
public String getErrorMsg() {
return this.errorMsg;
}
public void setErrorCode(String errorCode) {
this.errorCode = errorCode;
}
public void setErrorMsg(String errorMsg) {
this.errorMsg = errorMsg;
}
public String getStackTraceMsg() {
return this.stackTraceMsg;
}
public void setStackTraceMsg(String stackTraceMsg) {
this.stackTraceMsg = stackTraceMsg;
}
public String getLevel() {
return this.level;
}
public void setLevel(String level) {
this.level = level;
}
public String getMessageID() {
return this.messageID;
}
public void setMessageID(String messageID) {
this.messageID = messageID;
}
public boolean isSendMsg() {
return this.sendMsg;
}
public void setSendMsg(boolean sendMsg) {
this.sendMsg = sendMsg;
}
public static class ErrorDesc {
public String errorCode;
public String errorMsg;
public ErrorDesc(String errorCode, String errorMsg) {
this.errorCode = errorCode;
this.errorMsg = errorMsg;
}
}
}
package com.mlq.exception;
public class ControllerException extends AbstractException {
private static final long serialVersionUID = 8307533385237791476L;
public ControllerException(String code, String message) {
super(code, message, new String[0]);
}
public ControllerException(String code, String message, Throwable th) {
super(code, message, th);
}
public AbstractException.ErrorDesc getErrorDesc(Throwable var1) {
return null;
}
}
package com.mlq.exception;
/**
* JsonException
*/
public class JsonException extends ControllerException {
private static final long serialVersionUID = -5605565877150120787L;
public JsonException(String code, String message) {
super(code, message);
}
public JsonException(String code, String message, Throwable th) {
super(code, message, th);
}
}
5、interceptors
package com.mlq.interceptors;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.mlq.annotations.ActionAuth;
import com.mlq.exception.JsonException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.ObjectUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
/**
* 权限拦截器
*/
public class AppInterceptor implements HandlerInterceptor {
/**
* 日志输出
*/
private static final Logger LOGGER = LoggerFactory.getLogger(AppInterceptor.class);
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//判断是否为处理程序方法
if (handler instanceof HandlerMethod) {
//强制类型转换
HandlerMethod method = (HandlerMethod) handler;
//获取方法指定签名
ActionAuth actionAuth = method.getMethodAnnotation(ActionAuth.class);
LOGGER.info("授权对象:actionAuth={}", actionAuth != null);
if (!ObjectUtils.isEmpty(actionAuth)) {
if (actionAuth.value().equals(ActionAuth.Type.DEMO)) {
return true;
} else {
throw new JsonException("500", "缺少权限配置");
}
} else {
throw new JsonException("500", "缺少权限配置:缺少签名配置");
}
/*
* 验证请求的方法上有没有固定签名设置...
* */
}
// Ajax 请求
if (checkAjaxRequest(request)) {
}
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
LOGGER.info("后期处理!!!");
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
LOGGER.info("完成处理!!!");
}
/**
* Ajax 请求
*
* @param request
* @return
*/
private boolean checkAjaxRequest(HttpServletRequest request) {
String requestType = request.getHeader("X-Requested-With");
// Ajax请求
if (!ObjectUtils.isEmpty(requestType) && "XMLHttpRequest".equals(requestType)) {
return true;
}
return false;
}
}
6、tools
package com.mlq.tools;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
public class ErrorPrintUtils {
public ErrorPrintUtils() {
}
public static String printStackTrace(Throwable exception) {
StringWriter sw = null;
PrintWriter pw = null;
try {
sw = new StringWriter();
pw = new PrintWriter(sw);
exception.printStackTrace(pw);
} finally {
if (sw != null) {
try {
sw.close();
} catch (IOException var8) {
;
}
}
if (pw != null) {
pw.close();
}
}
return sw.toString();
}
}
提示:所有请求都会被拦截 要是不满足签名规范则会抛出异常