sso接口支持签名参数

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/api/SsoUserApi.java

@@ -1,5 +1,7 @@
 package com.usoftchina.sso.api;
 
+import com.usoftchina.sso.auth.Signature;
+import com.usoftchina.sso.config.SsoFeignConfig;
 import com.usoftchina.sso.dto.SsoResult;
 import com.usoftchina.sso.dto.SsoUser;
 import com.usoftchina.sso.dto.SsoUserSpaceList;
@@ -13,7 +15,8 @@ import org.springframework.web.bind.annotation.RequestParam;
  * @author yingp
  * @date 2018/11/23
  */
-@FeignClient(url = "${sso.base-url}", name = "sso-server", fallback = SsoUserApi.DefaultFallback.class)
+@FeignClient(url = "${sso.base-url}", name = "sso-server", configuration = SsoFeignConfig.class,
+        fallback = SsoUserApi.DefaultFallback.class)
 @RequestMapping("/api/user")
 public interface SsoUserApi {
 
@@ -33,6 +36,7 @@ public interface SsoUserApi {
      * @return
      */
     @GetMapping("/getSpace")
+    @Signature
     @Deprecated
     SsoUserSpaceList getUserSpacesByMobile(@RequestParam("mobile") String mobile);
 

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/auth/Signature.java

@@ -0,0 +1,37 @@
+package com.usoftchina.sso.auth;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 自动添加签名串
+ *
+ * @author yingp
+ * @date 2018/11/23
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Signature {
+    /**
+     * 签名参数
+     *
+     * @return
+     */
+    String value() default "_signature";
+
+    /**
+     * 添加时间戳参数
+     *
+     * @return
+     */
+    boolean withTimestamp() default true;
+
+    /**
+     * 时间戳参数
+     *
+     * @return
+     */
+    String timestampParam() default "_timestamp";
+}

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/auth/feign/SignatureConstant.java

@@ -0,0 +1,11 @@
+package com.usoftchina.sso.auth.feign;
+
+/**
+ * @author yingp
+ * @date 2018/11/23
+ */
+public class SignatureConstant {
+    public final static String WITH_TIMESTAMP_HEADER = "X-With-Timestamp";
+
+    public final static String WITH_SIGNATURE_HEADER = "X-With-Signature";
+}

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/auth/feign/SignatureContract.java

@@ -0,0 +1,30 @@
+package com.usoftchina.sso.auth.feign;
+
+import com.usoftchina.sso.auth.Signature;
+import feign.MethodMetadata;
+import org.springframework.cloud.openfeign.support.SpringMvcContract;
+import org.springframework.core.annotation.AnnotatedElementUtils;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Method;
+
+import static com.usoftchina.sso.auth.feign.SignatureConstant.*;
+
+/**
+ * @author yingp
+ * @date 2018/11/23
+ */
+public class SignatureContract extends SpringMvcContract{
+
+    @Override
+    protected void processAnnotationOnMethod(MethodMetadata data, Annotation methodAnnotation, Method method) {
+        super.processAnnotationOnMethod(data, methodAnnotation, method);
+        if (Signature.class.isInstance(methodAnnotation) || methodAnnotation.annotationType().isAnnotationPresent(Signature.class)) {
+            Signature signature = AnnotatedElementUtils.findMergedAnnotation(method, Signature.class);
+            if (signature.withTimestamp()) {
+                data.template().header(WITH_TIMESTAMP_HEADER, signature.timestampParam());
+            }
+            data.template().header(WITH_SIGNATURE_HEADER, signature.value());
+        }
+    }
+}

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/auth/feign/SignatureInterceptor.java

@@ -0,0 +1,43 @@
+package com.usoftchina.sso.auth.feign;
+
+import com.usoftchina.saas.utils.http.HmacUtils;
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Collection;
+import java.util.Map;
+
+import static com.usoftchina.sso.auth.feign.SignatureConstant.*;
+
+/**
+ * @author yingp
+ * @date 2018/11/23
+ */
+public class SignatureInterceptor implements RequestInterceptor{
+
+    private Logger logger = LoggerFactory.getLogger(SignatureInterceptor.class);
+
+    private final String baseUrl;
+
+    public SignatureInterceptor(String baseUrl) {
+        this.baseUrl = baseUrl;
+    }
+
+    @Override
+    public void apply(RequestTemplate requestTemplate) {
+        Map<String, Collection<String>> headers = requestTemplate.headers();
+        if (headers.containsKey(WITH_TIMESTAMP_HEADER)) {
+            requestTemplate.query(headers.get(WITH_TIMESTAMP_HEADER).iterator().next(),
+                    String.valueOf(System.currentTimeMillis()));
+        }
+        if (headers.containsKey(WITH_SIGNATURE_HEADER)) {
+            String url = baseUrl + requestTemplate.url() + requestTemplate.queryLine();
+            requestTemplate.query(headers.get(WITH_SIGNATURE_HEADER).iterator().next(),
+                    HmacUtils.encode(url));
+            logger.debug("origin url: {}\nsigned url: {}", url,
+                    baseUrl + requestTemplate.url() + requestTemplate.queryLine());
+        }
+    }
+}

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/config/SsoFeignConfig.java

@@ -0,0 +1,28 @@
+package com.usoftchina.sso.config;
+
+import com.usoftchina.sso.auth.feign.SignatureContract;
+import com.usoftchina.sso.auth.feign.SignatureInterceptor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author yingp
+ * @date 2018/11/23
+ */
+@Configuration
+public class SsoFeignConfig {
+
+    @Value("${sso.base-url}")
+    private String baseUrl;
+
+    @Bean
+    public SignatureContract signatureContract() {
+        return new SignatureContract();
+    }
+
+    @Bean
+    public SignatureInterceptor signatureInterceptor() {
+        return new SignatureInterceptor(baseUrl);
+    }
+}

base-servers/auth/sso-api/src/test/resources/application.yml

@@ -1,3 +1,3 @@
 sso:
-  base-url: http://192.168.253.12:32323
-#  base-url: https://sso.ubtob.com
+#  base-url: http://192.168.253.12:32323
+  base-url: https://sso.ubtob.com