chore: 记录apikeyfilter 报错日志,方便查询
This commit is contained in:
parent
aa4ad894f9
commit
858abed065
|
@ -20,9 +20,12 @@ public class ApiKeyFilter extends AnonymousFilter {
|
||||||
// 不是apikey的通过
|
// 不是apikey的通过
|
||||||
if (!ApiKeyHandler.isApiKeyCall(httpRequest) && !SecurityUtils.getSubject().isAuthenticated()) {
|
if (!ApiKeyHandler.isApiKeyCall(httpRequest) && !SecurityUtils.getSubject().isAuthenticated()) {
|
||||||
// sso 带了token的
|
// sso 带了token的
|
||||||
String userId = SSOSessionHandler.validate(httpRequest);
|
String token = httpRequest.getHeader(SessionConstants.SSO_TOKEN);
|
||||||
if (StringUtils.isNotBlank(userId)) {
|
if (StringUtils.isNotBlank(token)) {
|
||||||
SecurityUtils.getSubject().login(new UsernamePasswordToken(userId, SSOSessionHandler.random));
|
String userId = SSOSessionHandler.validate(httpRequest);
|
||||||
|
if (StringUtils.isNotBlank(userId)) {
|
||||||
|
SecurityUtils.getSubject().login(new UsernamePasswordToken(userId, SSOSessionHandler.random));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,8 @@ import io.metersphere.commons.utils.LogUtil;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
|
|
||||||
public class SSOSessionHandler {
|
public class SSOSessionHandler {
|
||||||
|
@ -30,6 +32,7 @@ public class SSOSessionHandler {
|
||||||
csrfToken = CodingUtil.aesDecrypt(csrfToken, SessionUser.secret, SessionUser.iv);
|
csrfToken = CodingUtil.aesDecrypt(csrfToken, SessionUser.secret, SessionUser.iv);
|
||||||
String[] signatureArray = StringUtils.split(StringUtils.trimToNull(csrfToken), "|");
|
String[] signatureArray = StringUtils.split(StringUtils.trimToNull(csrfToken), "|");
|
||||||
if (signatureArray.length != 4) {
|
if (signatureArray.length != 4) {
|
||||||
|
LogUtil.error("invalid token: {}", signatureArray);
|
||||||
throw new RuntimeException("invalid token");
|
throw new RuntimeException("invalid token");
|
||||||
}
|
}
|
||||||
return signatureArray[0];
|
return signatureArray[0];
|
||||||
|
|
Loading…
Reference in New Issue