springmvc中restful服務動態刷新token信息

時間 2021-05-16

標籤安全架構 app rest token get 源碼 class 欄目 Spring 简体版

原文原文鏈接

由於要考慮服務端token的動態刷新，並且還要單獨啓動定時調度任務去刷新token信息，保證token的時效及安全問題，直接分享動態刷新token的代碼：（企業架構源碼能夠加求球：三五三六二四七二五九）安全

@RestController
@RequestMapping(value = "/rest/soa")
public class SoaServiceResource {
private static final Logger logger = Logger.getLogger(SoaServiceResource.class);
@Autowired
private SoaAppSecretService soaAppSecretService;
/**
* 刷新應用token信息
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/refAppSecret", method = RequestMethod.GET)
public ResponseVO refAppSecret(@RequestParam(required=false) String appname, HttpServletRequest request, HttpServletResponse response){
try {
if(StringUtils.isEmpty(appname)){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_NULL, null);
}
//根據應用名獲取祕鑰信息
SoaAppSecret appSecret = soaAppSecretService.findAppSecretByAppName(appname);
if(null == appSecret){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_EXIST, null);
}
String appsecret = appSecret.getAppsecret();
if(StringUtils.isNotEmpty(appsecret)){
long afterTime = DateUtils.getAfterTime(new Date());
String token = EncryptUtil2.encryptToAES(EncryptUtil2.AESKey, appname + EncryptUtil2.CONNECTOR + appsecret + EncryptUtil2.CONNECTOR + afterTime);
SoaAppSecret soaAppSecret = new SoaAppSecret();
soaAppSecret.setToken(token);
soaAppSecret.setAppname(appname);
soaAppSecret.setUpdateDate(new Date());
soaAppSecretService.refAppSecret(soaAppSecret);
JSONObject data = new JSONObject();
data.put("token", token);
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPSECRET_NOT_EXIST, null);
} catch (Exception e) {
logger.error("SoaServiceResource >> refAppSecret >> Exception " + e.getMessage());
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.SYSTEM_ERROR, null);
}
}
/**
* 批量刷新應用祕鑰信息
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/batchRefAppSecret", method = RequestMethod.GET)
public ResponseVO batchRefAppSecret(HttpServletRequest request, HttpServletResponse response){
List<SoaAppSecret> appSecretList = soaAppSecretService.findList(new SoaAppSecret());
if(null != appSecretList && appSecretList.size() > 0){
for(SoaAppSecret soaAppSecret : appSecretList){
try {
String appsecret = soaAppSecret.getAppsecret();
if(StringUtils.isNotEmpty(appsecret)){
long afterTime = DateUtils.getAfterTime(new Date());
String token = EncryptUtil2.encryptToAES(EncryptUtil2.AESKey, soaAppSecret.getAppname() + EncryptUtil2.CONNECTOR + appsecret + EncryptUtil2.CONNECTOR + afterTime);
soaAppSecret.setToken(token);
soaAppSecret.setUpdateDate(new Date());
soaAppSecretService.refAppSecret(soaAppSecret);
JSONObject data = new JSONObject();
data.put("token", token);
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
logger.info("SoaServiceResource >> batchRefAppSecret >> 刷新應用祕鑰信息成功,應用名： " + soaAppSecret.getAppname() + ",新的token信息： " + soaAppSecret.getToken() );
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPSECRET_NOT_EXIST, null);
} catch (Exception e) {
logger.error("SoaServiceResource >> batchRefAppSecret >> Exception " + e.getMessage());
}
}
}
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, true);
}
/**
* 獲取應用token
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/findAppSecret", method = RequestMethod.GET)
public ResponseVO findAppSecret(@RequestParam(required=false) String appname, HttpServletRequest request, HttpServletResponse response){
if(StringUtils.isEmpty(appname)){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_NULL, null);
}
SoaAppSecret appSecret = soaAppSecretService.findAppSecretByAppName(appname);
if(null == appSecret){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_EXIST, null);
}
JSONObject data = new JSONObject();
data.put("token", appSecret.getToken());
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
}