gxwebsoft/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复服务器域名白名单规则

Browse Source
This commit is contained in:
gxwebsoft
2024-03-26 20:00:13 +08:00
parent e0d8894b34
commit 0ecf57ab74
3 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/java/com/gxwebsoft/common/core/security/JwtAuthenticationFilter.java
View File

@@ -42,9 +42,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
@Resource @Resource
private UserService userService; private UserService userService;
@Resource @Resource
private LoginRecordService loginRecordService;
@Resource
private RedisUtil redisUtil; private RedisUtil redisUtil;
@Resource
private LoginRecordService loginRecordService;
@Override @Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
@@ -56,12 +56,14 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
Claims claims = JwtUtil.parseToken(access_token, configProperties.getTokenKey()); Claims claims = JwtUtil.parseToken(access_token, configProperties.getTokenKey());
JwtSubject jwtSubject = JwtUtil.getJwtSubject(claims); JwtSubject jwtSubject = JwtUtil.getJwtSubject(claims);
// 校验服务器白名单 // 校验服务器域名白名单
final SignCheckUtil checkUtil = new SignCheckUtil(); final SignCheckUtil checkUtil = new SignCheckUtil();
String key = "WhiteDomain:" + jwtSubject.getTenantId(); String key = "WhiteDomain:" + jwtSubject.getTenantId();
List<String> whiteDomains = redisUtil.get(key, List.class); List<String> whiteDomains = redisUtil.get(key, List.class);
if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) { if (whiteDomains != null) {
throw new UsernameNotFoundException("The requested domain name is not on the whitelist"); if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) {
throw new UsernameNotFoundException("The requested domain name is not on the whitelist");
}
} }
User user = userService.getByUsername(jwtSubject.getUsername(), jwtSubject.getTenantId()); User user = userService.getByUsername(jwtSubject.getUsername(), jwtSubject.getTenantId());

7
src/main/java/com/gxwebsoft/common/core/utils/SignCheckUtil.java
View File

@@ -182,9 +182,10 @@ public class SignCheckUtil {
if (whiteDomains.isEmpty()) { if (whiteDomains.isEmpty()) {
return true; return true;
} }
// 服务器白名单列表 // 服务器域名白名单列表
whiteDomains.add("gxwebsoft.com"); whiteDomains.add("oa.gxwebsoft.com");
whiteDomains.add("wsdns.cn"); whiteDomains.add("admin.gxwebsoft.com");
whiteDomains.add("adm.wsdns.cn");
for(String item: whiteDomains){ for(String item: whiteDomains){
if(Objects.equals(item, domainName)){ if(Objects.equals(item, domainName)){
return true; return true;

1
src/main/java/com/gxwebsoft/common/system/controller/MainController.java
View File

@@ -43,6 +43,7 @@ import io.swagger.annotations.ApiOperation;
import net.sf.jsqlparser.expression.LongValue; import net.sf.jsqlparser.expression.LongValue;
import org.springframework.scheduling.annotation.Async; import org.springframework.scheduling.annotation.Async;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.transaction.annotation.Isolation; import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils; import org.springframework.util.CollectionUtils;