修复服务器域名白名单规则

2024-03-26 20:00:13 +08:00
parent e0d8894b34
commit 0ecf57ab74
3 changed files with 12 additions and 8 deletions
--- a/src/main/java/com/gxwebsoft/common/core/security/JwtAuthenticationFilter.java
+++ b/src/main/java/com/gxwebsoft/common/core/security/JwtAuthenticationFilter.java
@@ -42,9 +42,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
  @Resource
  private UserService userService;
  @Resource
-  private LoginRecordService loginRecordService;
-  @Resource
  private RedisUtil redisUtil;
+  @Resource
+  private LoginRecordService loginRecordService;

  @Override
  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
@@ -56,12 +56,14 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
        Claims claims = JwtUtil.parseToken(access_token, configProperties.getTokenKey());
        JwtSubject jwtSubject = JwtUtil.getJwtSubject(claims);

-        // 校验服务器白名单
+        // 校验服务器域名白名单
        final SignCheckUtil checkUtil = new SignCheckUtil();
        String key = "WhiteDomain:" + jwtSubject.getTenantId();
        List<String> whiteDomains = redisUtil.get(key, List.class);
-        if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) {
-          throw new UsernameNotFoundException("The requested domain name is not on the whitelist");
+        if (whiteDomains != null) {
+          if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) {
+            throw new UsernameNotFoundException("The requested domain name is not on the whitelist");
+          }
        }

        User user = userService.getByUsername(jwtSubject.getUsername(), jwtSubject.getTenantId());
--- a/src/main/java/com/gxwebsoft/common/core/utils/SignCheckUtil.java
+++ b/src/main/java/com/gxwebsoft/common/core/utils/SignCheckUtil.java
@@ -182,9 +182,10 @@ public class SignCheckUtil {
    if (whiteDomains.isEmpty()) {
      return true;
    }
-    // 服务器白名单列表
-    whiteDomains.add("gxwebsoft.com");
-    whiteDomains.add("wsdns.cn");
+    // 服务器域名白名单列表
+    whiteDomains.add("oa.gxwebsoft.com");
+    whiteDomains.add("admin.gxwebsoft.com");
+    whiteDomains.add("adm.wsdns.cn");
    for(String item: whiteDomains){
      if(Objects.equals(item, domainName)){
        return true;
--- a/src/main/java/com/gxwebsoft/common/system/controller/MainController.java
+++ b/src/main/java/com/gxwebsoft/common/system/controller/MainController.java
@@ -43,6 +43,7 @@ import io.swagger.annotations.ApiOperation;
 import net.sf.jsqlparser.expression.LongValue;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.transaction.annotation.Isolation;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;