场景描述
项目中 有很多的RestTemplate 接口,去调用第三方系统,原来第三方系统没有开启权限认证,可以直接调用。现在第三方系统开启了权限认证,导致 这些 RestTemplate 接口调用的时候,无法获取数据。
思路
RestTemplate 在请求第三方接口之前,为他们增加公共的请求头信息。这样第三方系统在拦截到请求之后,可以通过请求头信息,来判断是否需要进行权限认证,如果是免权限认证的接口请求,那么直接放行。
改造代码
- 改造RestTemplate 配置类,改造前:
package com.ruoyi.web.config;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;import java.util.Collections;@Configuration
public class RestTemplateConfig{private int timeoutms = 5 * 60 *1000;@Beanpublic RestTemplate restTemplate(ClientHttpRequestFactory factory){return new RestTemplate(factory); }@Beanpublic ClientHttpRequestFactory simpleClientHttpRequestFactory(){SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory();factory.setReadTimeout(timeoutms);//msfactory.setConnectTimeout(timeoutms);//msreturn factory;}
}
- 改造后
package com.ruoyi.web.config;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;import java.util.Collections;@Configuration
public class RestTemplateConfig{private int timeoutms = 5 * 60 *1000;@Autowiredprivate TokenClientHttpRequestInterceptor tokenClientHttpRequestInterceptor;@Beanpublic RestTemplate restTemplate(ClientHttpRequestFactory factory){RestTemplate restTemplate = new RestTemplate(factory);restTemplate.setInterceptors(Collections.singletonList(tokenClientHttpRequestInterceptor));return restTemplate;}@Beanpublic ClientHttpRequestFactory simpleClientHttpRequestFactory(){SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory();factory.setReadTimeout(timeoutms);//msfactory.setConnectTimeout(timeoutms);//msreturn factory;}
}
- 增加 自定义的 RestTemplate 请求拦截器类 TokenClientHttpRequestInterceptor
package com.ruoyi.web.config;import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
import org.springframework.http.client.ClientHttpRequestExecution;
import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.stereotype.Component;import java.io.IOException;/*** @Description : 自定义 RestTemplate 请求拦截器* @Date: 2024-01-11 12:06*/
@Component
public class TokenClientHttpRequestInterceptor implements ClientHttpRequestInterceptor {private static final String ADMIN_AUTHORIZATION = "admin_authorization";@Overridepublic ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException {try {HttpHeaders headers = request.getHeaders();headers.add(ADMIN_AUTHORIZATION , ADMIN_AUTHORIZATION );} catch (Exception e) {e.printStackTrace();}return execution.execute(request,body);}
}
- 第三方系统部分代码
/*** 权限拦截** @author xuxueli 2015-12-12 18:09:04*/
@Component
public class PermissionInterceptor extends HandlerInterceptorAdapter {@Resourceprivate LoginService loginService;@Resourceprivate XxlJobUserDao xxlJobUserDao;private static final String ADMIN_AUTHORIZATION = "admin_authorization";@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {if (!(handler instanceof HandlerMethod)) {return super.preHandle(request, response, handler);}// if need loginboolean needLogin = true;boolean needAdminuser = false;HandlerMethod method = (HandlerMethod)handler;String header = request.getHeader(ADMIN_AUTHORIZATION );if (header != null && header.trim().length() > 0){XxlJobUser user = xxlJobUserDao.loadByUserName("admin");request.setAttribute(LoginService.LOGIN_IDENTITY_KEY, user);return super.preHandle(request, response, handler);}
....................................