zoukankan      html  css  js  c++  java
  • dubbo源码阅读-Filter默认实现(十一)之TokenFilter

    文档

    http://dubbo.apache.org/zh-cn/docs/user/demos/token-authorization.html

    随机生成token

    详情见:https://www.cnblogs.com/LQBlog/p/12469007.html#autoid-6-11-0

     //是否有token配置 将token配置到map
            if (!ConfigUtils.isEmpty(token)) {
                if (ConfigUtils.isDefault(token)) {
                    map.put(Constants.TOKEN_KEY, UUID.randomUUID().toString());
                } else {
                    map.put(Constants.TOKEN_KEY, token);
                }
            }

    发送Token

      public RpcInvocation(Invocation invocation, Invoker<?> invoker) {
            this(invocation.getMethodName(), invocation.getParameterTypes(),
                    invocation.getArguments(), new HashMap<String, String>(invocation.getAttachments()),
                    invocation.getInvoker());
            if (invoker != null) {
                URL url = invoker.getUrl();
                setAttachment(Constants.PATH_KEY, url.getPath());
                if (url.hasParameter(Constants.INTERFACE_KEY)) {
                    setAttachment(Constants.INTERFACE_KEY, url.getParameter(Constants.INTERFACE_KEY));
                }
                if (url.hasParameter(Constants.GROUP_KEY)) {
                    setAttachment(Constants.GROUP_KEY, url.getParameter(Constants.GROUP_KEY));
                }
                if (url.hasParameter(Constants.VERSION_KEY)) {
                    setAttachment(Constants.VERSION_KEY, url.getParameter(Constants.VERSION_KEY, "0.0.0"));
                }
                if (url.hasParameter(Constants.TIMEOUT_KEY)) {
                    setAttachment(Constants.TIMEOUT_KEY, url.getParameter(Constants.TIMEOUT_KEY));
                }
                //是否含有token 如果有 则设置到attachment
                if (url.hasParameter(Constants.TOKEN_KEY)) {
                    setAttachment(Constants.TOKEN_KEY, url.getParameter(Constants.TOKEN_KEY));
                }
                if (url.hasParameter(Constants.APPLICATION_KEY)) {
                    setAttachment(Constants.APPLICATION_KEY, url.getParameter(Constants.APPLICATION_KEY));
                }
            }
        }

    认证token

    /**
     * TokenInvokerFilter
     * provider和consumer可用 含有参数 token
     * 文档:http://dubbo.apache.org/zh-cn/docs/user/demos/token-authorization.html
     */
    @Activate(group = Constants.PROVIDER, value = Constants.TOKEN_KEY)
    public class TokenFilter implements Filter {
    
        @Override
        public Result invoke(Invoker<?> invoker, Invocation inv)
                throws RpcException {
            // 获得服务提供者配置的 Token 值
            String token = invoker.getUrl().getParameter(Constants.TOKEN_KEY);
            if (ConfigUtils.isNotEmpty(token)) {
                Class<?> serviceType = invoker.getInterface();
                Map<String, String> attachments = inv.getAttachments();
                //获取消费者传入的tokne
                String remoteToken = attachments == null ? null : attachments.get(Constants.TOKEN_KEY);
                //进行校验
                if (!token.equals(remoteToken)) {
                    throw new RpcException("Invalid token! Forbid invoke remote service " + serviceType + " method " + inv.getMethodName() + "() from consumer " + RpcContext.getContext().getRemoteHost() + " to provider " + RpcContext.getContext().getLocalHost());
                }
            }
            return invoker.invoke(inv);
        }
    
    }
  • 相关阅读:
    POJ 3970(最小公倍数LCM)
    06005_Jedis入门
    雷林鹏分享:C# 字符串(String)
    雷林鹏分享:C# 类(Class)
    雷林鹏分享:C# 枚举(Enum)
    雷林鹏分享:C# 运算符重载
    雷林鹏分享:C# 多态性
    雷林鹏分享:C# 命名空间(Namespace)
    雷林鹏分享:C# 接口(Interface)
    雷林鹏分享:C# 正则表达式
  • 原文地址:https://www.cnblogs.com/LQBlog/p/12504635.html
Copyright © 2011-2022 走看看