Merge remote-tracking branch 'origin/dev' into dev

report-core/src/main/java/com/anjiplus/template/gaea/business/code/ResponseCode.java

@@ -132,4 +132,6 @@ public interface ResponseCode {
     String SOURCE_CODE_ISEXIST = "4009";
     String CLASS_NOT_FOUND = "4010";
 
+    String REPORT_SHARE_LINK_INVALID = "report.share.link.invalid";
+
 }

report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java

@@ -6,6 +6,7 @@ import com.anji.plus.gaea.bean.ResponseBean;
 import com.anji.plus.gaea.cache.CacheHelper;
 import com.anji.plus.gaea.utils.JwtBean;
 import com.anjiplus.template.gaea.business.constant.BusinessConstant;
+import com.anjiplus.template.gaea.business.util.JwtUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -68,6 +69,24 @@ public class TokenFilter implements Filter {
             return;
         }
 
+        //针对大屏分享，优先处理
+        String shareToken = request.getHeader("Share-Token");
+        if (StringUtils.isNotBlank(shareToken)) {
+            //两个接口需要处理
+            //  /reportDashboard/getData
+            //  /reportDashboard/{reportCode}
+            String reportCode = JwtUtil.getReportCode(shareToken);
+            if (!uri.endsWith("/getData") && !uri.contains(reportCode)) {
+                ResponseBean responseBean = ResponseBean.builder().code("50014")
+                        .message("分享链接已过期").build();
+                response.getWriter().print(JSONObject.toJSONString(responseBean));
+                return;
+            }
+            filterChain.doFilter(request, response);
+            return;
+        }
+
+
         //获取token
         String token = request.getHeader("Authorization");
         if (StringUtils.isBlank(token)) {

report-core/src/main/java/com/anjiplus/template/gaea/business/modules/reportshare/controller/dto/ReportShareDto.java

@@ -31,6 +31,10 @@ public class ReportShareDto extends GaeaBaseDTO implements Serializable {
     @ApiModelProperty(value = "分享有效期")
     private Date shareValidTime;
 
+    /** 分享token */
+    @ApiModelProperty(value = "分享token")
+    private String shareToken;
+
     /** 分享url */
     @ApiModelProperty(value = "分享url")
     @NotEmpty(message = "6002")

report-core/src/main/java/com/anjiplus/template/gaea/business/modules/reportshare/dao/entity/ReportShare.java

@@ -24,6 +24,9 @@ public class ReportShare extends GaeaBaseEntity {
     /** 分享有效期 */
     private Date shareValidTime;
 
+    /** 分享token */
+    private String shareToken;
+
     /** 分享url */
     private String shareUrl;
 

report-core/src/main/java/com/anjiplus/template/gaea/business/modules/reportshare/service/impl/ReportShareServiceImpl.java

@@ -10,6 +10,7 @@ import com.anjiplus.template.gaea.business.modules.reportshare.dao.ReportShareMa
 import com.anjiplus.template.gaea.business.modules.reportshare.dao.entity.ReportShare;
 import com.anjiplus.template.gaea.business.modules.reportshare.service.ReportShareService;
 import com.anjiplus.template.gaea.business.util.DateUtil;
+import com.anjiplus.template.gaea.business.util.JwtUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import org.springframework.beans.BeanUtils;
@@ -80,6 +81,7 @@ public class ReportShareServiceImpl implements ReportShareService {
                     entity.setShareUrl(entity.getShareUrl() + SHARE_FLAG + shareCode);
                 }
                 entity.setShareValidTime(DateUtil.getFutureDateTmdHms(entity.getShareValidType()));
+                entity.setShareToken(JwtUtil.createToken(entity.getReportCode(), shareCode, entity.getShareValidTime()));
                 break;
             case UPDATE:
                 break;

report-core/src/main/java/com/anjiplus/template/gaea/business/util/JwtUtil.java

@@ -0,0 +1,58 @@
+package com.anjiplus.template.gaea.business.util;
+
+import com.anji.plus.gaea.exception.BusinessExceptionBuilder;
+import com.anjiplus.template.gaea.business.code.ResponseCode;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.Claim;
+import com.auth0.jwt.interfaces.DecodedJWT;
+
+import java.util.Date;
+import java.util.Map;
+
+/**
+ * Created by raodeming on 2021/8/18.
+ */
+public class JwtUtil {
+
+    private static final String JWT_SECRET = "aj-report";
+
+    public static String createToken(String reportCode, String shareCode, Date expires) {
+        String token = JWT.create()
+                .withIssuedAt(new Date())
+                .withExpiresAt(expires)
+                .withClaim("reportCode", reportCode)
+                .withClaim("shareCode", shareCode)
+                .sign(Algorithm.HMAC256(JWT_SECRET));
+        return token;
+    }
+
+
+    public static Map<String, Claim> getClaim(String token) {
+        try {
+            JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(JWT_SECRET)).build();
+            DecodedJWT decodedJwt = jwtVerifier.verify(token);
+            return decodedJwt.getClaims();
+        } catch (Exception e) {
+            throw BusinessExceptionBuilder.build(ResponseCode.REPORT_SHARE_LINK_INVALID, e.getMessage());
+        }
+    }
+
+    public static String getReportCode(String token) {
+        Claim claim = getClaim(token).get("reportCode");
+        if (null == claim) {
+            throw BusinessExceptionBuilder.build(ResponseCode.REPORT_SHARE_LINK_INVALID);
+        }
+        return claim.asString();
+    }
+
+    public static String getShareCode(String token) {
+        Claim claim = getClaim(token).get("shareCode");
+        if (null == claim) {
+            throw BusinessExceptionBuilder.build(ResponseCode.REPORT_SHARE_LINK_INVALID);
+        }
+        return claim.asString();
+    }
+
+}

report-core/src/main/resources/i18n/messages_en_US.properties

@@ -47,3 +47,5 @@ Component.load.check.error={0} Component not load
 4008=The set code does not allow duplication
 4009=The source code does not allow duplication
 4010=Can't auto find match driver class
+
+report.share.link.invalid=report share link invalid

report-core/src/main/resources/i18n/messages_zh_CN.properties

@@ -52,3 +52,4 @@ Component.load.check.error={0}\u7EC4\u4EF6\u672A\u52A0\u8F7D
 
 7001=\u89E3\u6790\u5931\u8D25
 
+report.share.link.invalid=\u5206\u4EAB\u94FE\u63A5\u5DF2\u5931\u6548

report-core/src/test/java/com/anjiplus/template/gaea/business/modules/reportshare/service/impl/ReportShareServiceImplTest.java

@@ -0,0 +1,48 @@
+package com.anjiplus.template.gaea.business.modules.reportshare.service.impl;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import org.junit.jupiter.api.Test;
+
+import java.util.Date;
+
+/**
+ * Created by raodeming on 2021/8/18.
+ */
+public class ReportShareServiceImplTest {
+
+    @Test
+    public void jwtTest() throws InterruptedException {
+
+        long l = System.currentTimeMillis();
+
+
+        String sign = JWT.create()
+                .withIssuedAt(new Date())
+                .withExpiresAt(new Date(l + 5000))
+                .withClaim("reportCode", "report")
+                .withClaim("shareCode", "1234567")
+                .sign(Algorithm.HMAC256("111"));
+
+
+        System.out.println(sign);
+
+        Thread.sleep(8000L);
+
+        DecodedJWT verify = JWT.require(Algorithm.HMAC256("111")).build().verify(sign);
+
+        Date expiresAt = verify.getExpiresAt();
+        String reportCode = verify.getClaim("reportCode").asString();
+        String shareCode = verify.getClaim("shareCode").asString();
+
+
+        System.out.println(expiresAt);
+        System.out.println(reportCode);
+        System.out.println(shareCode);
+
+
+
+    }
+
+}