【edit】 添加auth模块

pig-config/src/main/resources/config/pig-gateway.yml

@@ -1,2 +1,12 @@
+zuul:
+  ignoredServices: '*'
+  host:
+    connect-timeout-millis: 20000
+    socket-timeout-millis: 20000
+  routes:
+    auth-service:
+      path: /auth/**
+      serviceId: pig-service-auth
+
 server:
   port: 1000

pig-config/src/main/resources/config/pig-service-auth.yml

@@ -0,0 +1,10 @@
+server:
+  port: 3000
+
+jwt:
+  header: Authorization
+  secret: mySecret
+  expiration: 604800
+  token:
+    header: "Bearer "
+

pig-gateway/pom.xml

@@ -1,52 +1,52 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
 
-	<groupId>com.github.pig</groupId>
-	<artifactId>pig-gateway</artifactId>
-	<version>0.0.1-SNAPSHOT</version>
-	<packaging>jar</packaging>
+    <groupId>com.github.pig</groupId>
+    <artifactId>pig-gateway</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <packaging>jar</packaging>
 
-	<name>pig-gateway</name>
-	<description>服务网关</description>
+    <name>pig-gateway</name>
+    <description>服务网关</description>
 
-	<parent>
-		<groupId>com.github</groupId>
-		<artifactId>pig</artifactId>
-		<version>1.0-SNAPSHOT</version>
-	</parent>
+    <parent>
+        <groupId>com.github</groupId>
+        <artifactId>pig</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
 
-	<dependencies>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework.cloud</groupId>
-			<artifactId>spring-cloud-starter-eureka</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework.cloud</groupId>
-			<artifactId>spring-cloud-starter-config</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-test</artifactId>
-			<scope>test</scope>
-		</dependency>
-	</dependencies>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-zuul</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-eureka</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
 
-	<build>
-		<plugins>
-			<plugin>
-				<groupId>org.springframework.boot</groupId>
-				<artifactId>spring-boot-maven-plugin</artifactId>
-			</plugin>
-		</plugins>
-	</build>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
 </project>

pig-gateway/src/main/java/com/github/pig/PigGatewayApplication.java

@@ -3,7 +3,9 @@ package com.github.pig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 
+@EnableZuulProxy
 @EnableDiscoveryClient
 @SpringBootApplication
 public class PigGatewayApplication {

pig-gateway/src/test/java/com/github/pig/PigGatewayApplicationTests.java

@@ -1,16 +0,0 @@
-package com.github.pig;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest
-public class PigGatewayApplicationTests {
-
-	@Test
-	public void contextLoads() {
-	}
-
-}

pig-service-auth/src/main/java/com/github/pig/controller/AuthController.java

@@ -0,0 +1,62 @@
+package com.github.pig.controller;
+
+import com.github.pig.service.AuthService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author lengleng
+ * @date 2017/10/13
+ */
+@RestController
+public class AuthController {
+    @Value("${jwt.token.header}")
+    private String tokenHeader;
+
+    @Autowired
+    private AuthService authService;
+
+    @RequestMapping(value = "token", method = RequestMethod.POST)
+    public ResponseEntity<?> createAuthenticationToken(
+            String username, String password) throws Exception {
+        final String token = authService.login(username, password);
+        return ResponseEntity.ok(token);
+    }
+
+    @RequestMapping(value = "refresh", method = RequestMethod.GET)
+    public ResponseEntity<?> refreshAndGetAuthenticationToken(
+            HttpServletRequest request) {
+        String token = request.getHeader(tokenHeader);
+        String refreshedToken = authService.refresh(token);
+        if (refreshedToken == null) {
+            return ResponseEntity.badRequest().body(null);
+        } else {
+            return ResponseEntity.ok(refreshedToken);
+        }
+    }
+
+    @RequestMapping(value = "verify", method = RequestMethod.GET)
+    public ResponseEntity<?> verify(String token) throws Exception {
+        authService.validate(token);
+        return ResponseEntity.ok(true);
+    }
+
+    @RequestMapping(value = "invalid", method = RequestMethod.POST)
+    public ResponseEntity<?> invalid(@RequestHeader("access-token") String token) {
+        authService.invalid(token);
+        return ResponseEntity.ok(true);
+    }
+
+    @RequestMapping(value = "user", method = RequestMethod.GET)
+    public ResponseEntity<?> getUserInfo(String token) throws Exception {
+        String username = authService.getUserNameByToken(token);
+        return ResponseEntity.ok(username);
+    }
+}

pig-service-auth/src/main/java/com/github/pig/service/AuthService.java

@@ -0,0 +1,10 @@
+package com.github.pig.service;
+
+
+public interface AuthService {
+    String login(String username, String password) throws Exception;
+    String refresh(String oldToken);
+    void validate(String token) throws Exception;
+    Boolean invalid(String token);
+    String getUserNameByToken(String token);
+}

pig-service-auth/src/main/java/com/github/pig/service/ClientService.java

@@ -0,0 +1,21 @@
+package com.github.pig.service;
+
+
+import java.util.List;
+
+/**
+ * Created by ace on 2017/9/10.
+ */
+public interface ClientService {
+    public String apply(String clientId, String secret) throws Exception;
+
+    /**
+     * 获取授权的客户端列表
+     * @param serviceId
+     * @param secret
+     * @return
+     */
+    public List<String> getAllowedClient(String serviceId, String secret);
+
+    public void registryClient();
+}

pig-service-auth/src/main/java/com/github/pig/service/JwtTokenUtil.java

@@ -0,0 +1,123 @@
+package com.github.pig.service;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import java.io.Serializable;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author lengleng
+ * @date 2017/10/13
+ */
+@Component
+public class JwtTokenUtil implements Serializable {
+
+    private static final long serialVersionUID = -3301605591108950415L;
+
+    private static final String CLAIM_KEY_USERNAME = "sub";
+    private static final String CLAIM_KEY_CREATED = "created";
+
+    @Value("${jwt.secret}")
+    private String secret;
+
+    @Value("${jwt.expiration}")
+    private Long expiration;
+
+    public String getUsernameFromToken(String token) {
+        String username;
+        try {
+            final Claims claims = getClaimsFromToken(token);
+            username = claims.getSubject();
+        } catch (Exception e) {
+            username = null;
+        }
+        return username;
+    }
+
+    public Date getCreatedDateFromToken(String token) {
+        Date created;
+        try {
+            final Claims claims = getClaimsFromToken(token);
+            created = new Date((Long) claims.get(CLAIM_KEY_CREATED));
+        } catch (Exception e) {
+            created = null;
+        }
+        return created;
+    }
+
+    public Date getExpirationDateFromToken(String token) {
+        Date expiration;
+        try {
+            final Claims claims = getClaimsFromToken(token);
+            expiration = claims.getExpiration();
+        } catch (Exception e) {
+            expiration = null;
+        }
+        return expiration;
+    }
+
+    private Claims getClaimsFromToken(String token) {
+        Claims claims;
+        try {
+            claims = Jwts.parser()
+                    .setSigningKey(secret)
+                    .parseClaimsJws(token)
+                    .getBody();
+        } catch (Exception e) {
+            claims = null;
+        }
+        return claims;
+    }
+
+    private Date generateExpirationDate() {
+        return new Date(System.currentTimeMillis() + expiration * 1000);
+    }
+
+    private Boolean isTokenExpired(String token) {
+        final Date expiration = getExpirationDateFromToken(token);
+        return expiration.before(new Date());
+    }
+
+    private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) {
+        return (lastPasswordReset != null && created.before(lastPasswordReset));
+    }
+
+    public String generateToken(String username) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put(CLAIM_KEY_USERNAME, username);
+        claims.put(CLAIM_KEY_CREATED, new Date());
+        return generateToken(claims);
+    }
+
+    String generateToken(Map<String, Object> claims) {
+        return Jwts.builder()
+                .setClaims(claims)
+                .setExpiration(generateExpirationDate())
+                .signWith(SignatureAlgorithm.HS512, secret)
+                .compact();
+    }
+
+    public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) {
+        final Date created = getCreatedDateFromToken(token);
+        return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset)
+                && !isTokenExpired(token);
+    }
+
+    public String refreshToken(String token) {
+        String refreshedToken;
+        try {
+            final Claims claims = getClaimsFromToken(token);
+            claims.put(CLAIM_KEY_CREATED, new Date());
+            refreshedToken = generateToken(claims);
+        } catch (Exception e) {
+            refreshedToken = null;
+        }
+        return refreshedToken;
+    }
+}

pig-service-auth/src/main/java/com/github/pig/service/impl/AuthServiceImpl.java

@@ -0,0 +1,36 @@
+package com.github.pig.service.impl;
+
+import com.github.pig.service.AuthService;
+import com.github.pig.service.JwtTokenUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AuthServiceImpl implements AuthService {
+    @Autowired
+    private JwtTokenUtil jwtTokenUtil;
+
+    @Override
+    public String login(String username, String password) throws Exception {
+        return jwtTokenUtil.generateToken(username);
+    }
+
+    @Override
+    public void validate(String token) throws Exception {
+    }
+
+    @Override
+    public Boolean invalid(String token) {
+        return null;
+    }
+
+    @Override
+    public String refresh(String oldToken) {
+        return null;
+    }
+
+    @Override
+    public String getUserNameByToken(String token) {
+        return jwtTokenUtil.getUsernameFromToken(token);
+    }
+}

pig-service-auth/src/main/resources/bootstrap.yml

@@ -0,0 +1,16 @@
+spring:
+  application:
+    name: pig-service-auth
+  cloud:
+    config:
+      fail-fast: true
+      discovery:
+        service-id: pig-config-server
+        enabled: true
+
+eureka:
+  instance:
+    prefer-ip-address: true
+  client:
+    serviceUrl:
+      defaultZone: http://eureka.didispace.com/eureka/

pom.xml

@@ -26,6 +26,7 @@
         <module>pig-eureka</module>
         <module>pig-config</module>
         <module>pig-gateway</module>
+        <module>pig-service-auth</module>
     </modules>
 
     <dependencyManagement>