Example 1 with UserSession
use of com.mendmix.security.model.UserSession in project jeesuite-libs by vakinge.
the class SecurityDelegating method updateSession.
public static UserSession updateSession(AuthUser userInfo) {
UserSession session = getCurrentSession();
if (session == null)
session = UserSession.create();
session.setUser(userInfo);
if (getInstance().decisionProvider.kickOff()) {
UserSession otherSession = getInstance().sessionManager.getLoginSessionByUserId(userInfo);
if (otherSession != null && !otherSession.getSessionId().equals(session.getSessionId())) {
getInstance().sessionManager.removeLoginSession(otherSession.getSessionId());
}
}
getInstance().sessionManager.storageLoginSession(session);
return session;
}
Also used :
UserSession(com.mendmix.security.model.UserSession)
Example 2 with UserSession
use of com.mendmix.security.model.UserSession in project jeesuite-libs by vakinge.
the class SecuritySessionManager method removeLoginSession.
public void removeLoginSession(String sessionId) {
String key = sessionId;
UserSession session = getLoginSession(sessionId);
if (session != null && !session.isAnonymous()) {
storageManager.getCache(cacheName).remove(key);
key = buildUserSessionUniqueKey(session.getUser());
storageManager.getCache(cacheName).remove(key);
}
}
Also used :
UserSession(com.mendmix.security.model.UserSession)
Example 3 with UserSession
use of com.mendmix.security.model.UserSession in project jeesuite-libs by vakinge.
the class ReactiveSecurityDelegatingFilter method filter.
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
try {
if ((matchUriPrefix != null && !request.getPath().value().startsWith(matchUriPrefix)) || (matchUriPrefixs != null && !matchUriPrefixs.stream().anyMatch(o -> request.getPath().value().startsWith(o)))) {
return chain.filter(exchange);
}
if (request.getMethod().equals(HttpMethod.OPTIONS)) {
return chain.filter(exchange);
}
exchange.getAttributes().clear();
ReactiveRequestContextAdapter.init(request);
if (customAuthnHandler != null) {
customAuthnHandler.beforeAuthentication(exchange);
}
ServerHttpResponse response = exchange.getResponse();
UserSession userSession = null;
try {
if (customAuthnHandler == null || !customAuthnHandler.customAuthentication(exchange)) {
userSession = SecurityDelegating.doAuthorization(request.getMethodValue(), request.getPath().value());
}
} catch (UnauthorizedException e) {
if (isAjax(request) || SecurityDelegating.getConfigurerProvider().error401Page() == null) {
byte[] bytes = JsonUtils.toJsonBytes(WrapperResponse.fail(e));
return response.writeWith(Mono.just(response.bufferFactory().wrap(bytes)));
} else {
response.getHeaders().setLocation(URI.create(SecurityDelegating.getConfigurerProvider().error401Page()));
return chain.filter(exchange);
}
} catch (ForbiddenAccessException e) {
if (isAjax(request) || SecurityDelegating.getConfigurerProvider().error403Page() == null) {
byte[] bytes = JsonUtils.toJsonBytes(WrapperResponse.fail(e));
return response.writeWith(Mono.just(response.bufferFactory().wrap(bytes)));
} else {
response.getHeaders().setLocation(URI.create(SecurityDelegating.getConfigurerProvider().error403Page()));
return chain.filter(exchange);
}
}
//
if (customAuthnHandler != null) {
customAuthnHandler.afterAuthentication(exchange, userSession);
}
return //
chain.filter(exchange).doFinally(s -> {
exchange.getAttributes().clear();
});
} catch (Exception e) {
logger.error("_global_filter_error", e);
ThreadLocalContext.unset();
exchange.getAttributes().clear();
byte[] bytes = JsonUtils.toJsonBytes(WrapperResponse.fail(e));
return exchange.getResponse().writeWith(Mono.just(exchange.getResponse().bufferFactory().wrap(bytes)));
}
}
Also used :
ServerHttpRequest(org.springframework.http.server.reactive.ServerHttpRequest)
UserSession(com.mendmix.security.model.UserSession)
UnauthorizedException(com.mendmix.common.exception.UnauthorizedException)
ForbiddenAccessException(com.mendmix.common.exception.ForbiddenAccessException)
ServerHttpResponse(org.springframework.http.server.reactive.ServerHttpResponse)
ForbiddenAccessException(com.mendmix.common.exception.ForbiddenAccessException)
UnauthorizedException(com.mendmix.common.exception.UnauthorizedException)
Example 4 with UserSession
use of com.mendmix.security.model.UserSession in project jeesuite-libs by vakinge.
the class SecurityDelegating method createOauth2AccessToken.
public static AccessToken createOauth2AccessToken(AuthUser user) {
UserSession session = getCurrentSession();
session.setUser(user);
getInstance().sessionManager.storageLoginSession(session);
//
AccessToken accessToken = new AccessToken();
accessToken.setAccess_token(session.getSessionId());
accessToken.setRefresh_token(TokenGenerator.generate());
accessToken.setExpires_in(session.getExpiresIn());
return accessToken;
}
Also used :
AccessToken(com.mendmix.security.model.AccessToken)
UserSession(com.mendmix.security.model.UserSession)
Example 5 with UserSession
use of com.mendmix.security.model.UserSession in project jeesuite-libs by vakinge.
the class SecurityDelegating method doAuthorization.
/**
* 鉴权
* @param userId
* @param uri
*/
public static UserSession doAuthorization(String method, String uri) throws UnauthorizedException, ForbiddenAccessException {
UserSession session = getCurrentSession();
// 续租
if (session != null) {
long interval = System.currentTimeMillis() - getInstance().sessionManager.getUpdateTime(session);
if (interval > SESSION_INTERVAL_MILLS) {
getInstance().sessionManager.storageLoginSession(session);
}
}
boolean isAdmin = session != null && session.getUser() != null && session.getUser().isAdmin();
if (!isAdmin && !getInstance().resourceManager.isAnonymous(uri)) {
if (session == null || session.isAnonymous()) {
throw new UnauthorizedException();
}
if (getInstance().decisionProvider.apiAuthzEnabled()) {
String permissionKey = ApiPermssionCheckHelper.buildPermissionKey(method, uri);
PermissionLevel permissionLevel = ApiPermssionCheckHelper.matchPermissionLevel(getInstance().resourceManager, permissionKey);
// 如果需鉴权
if (permissionLevel == PermissionLevel.PermissionRequired) {
List<String> permissions = getInstance().resourceManager.getUserPermissions(session);
if (!ApiPermssionCheckHelper.checkPermissions(getInstance().resourceManager, permissionKey, permissions)) {
throw new ForbiddenAccessException();
}
}
}
}
//
if (session != null) {
CurrentRuntimeContext.setAuthUser(session.getUser());
if (StringUtils.isNotBlank(session.getTenantId())) {
CurrentRuntimeContext.setTenantId(session.getTenantId());
}
}
return session;
}
Also used :
UserSession(com.mendmix.security.model.UserSession)
UnauthorizedException(com.mendmix.common.exception.UnauthorizedException)
PermissionLevel(com.mendmix.common.constants.PermissionLevel)
ForbiddenAccessException(com.mendmix.common.exception.ForbiddenAccessException)
Aggregations
UserSession (com.mendmix.security.model.UserSession)7
ForbiddenAccessException (com.mendmix.common.exception.ForbiddenAccessException)3
UnauthorizedException (com.mendmix.common.exception.UnauthorizedException)3
PermissionLevel (com.mendmix.common.constants.PermissionLevel)1
AccessToken (com.mendmix.security.model.AccessToken)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
ServerHttpRequest (org.springframework.http.server.reactive.ServerHttpRequest)1
ServerHttpResponse (org.springframework.http.server.reactive.ServerHttpResponse)1
