源代码

001/**
002 * Copyright (c) 2015-2022, Michael Yang 杨福海 (fuhai999@gmail.com).
003 * <p>
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 * <p>
008 * http://www.apache.org/licenses/LICENSE-2.0
009 * <p>
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package io.jboot.support.jwt;
017
018import com.jfinal.aop.Interceptor;
019import com.jfinal.aop.Invocation;
020import com.jfinal.core.Controller;
021import io.jboot.web.controller.JbootController;
022
023import javax.servlet.http.HttpServletResponse;
024import java.util.Map;
025
026/**
027 * @author Michael Yang 杨福海 （fuhai999@gmail.com）
028 * @version V1.0
029 * @Title: 用于对Jwt的设置
030 */
031public class JwtInterceptor implements Interceptor {
032
033    public static final String ISUUED_AT = "isuuedAt";
034
035    @Override
036    public void intercept(Invocation inv) {
037        try {
038            inv.invoke();
039        } finally {
040
041            JbootController jbootController = (JbootController) inv.getController();
042            Map<String, Object> jwtAttrs = jbootController.getJwtAttrs();
043
044            if (jwtAttrs == null) {
045                refreshIfNecessary(jbootController, jbootController.getJwtParas());
046            } else {
047                responseJwt(jbootController, jwtAttrs);
048            }
049        }
050    }
051
052
053    /**
054     * 对 jwt 内容进行刷新
055     * @param controller
056     * @param oldData
057     */
058    private void refreshIfNecessary(Controller controller, Map oldData) {
059        if (oldData == null || oldData.isEmpty()) {
060            return;
061        }
062
063        // Jwt token 的发布时间
064        Long isuuedAtMillis = (Long) oldData.get(ISUUED_AT);
065
066        // 有效期
067        long validityPeriod = JwtManager.getConfig().getValidityPeriod();
068
069        // 永久有效，没必要刷新 Jwt
070        if (isuuedAtMillis == null || validityPeriod <= 0) {
071            return;
072        }
073
074        // 已经发布的时间
075        long savedMillis = System.currentTimeMillis() - isuuedAtMillis;
076
077        // 已经发布的时间 大于有效期的一半，重新刷新
078        if (savedMillis > validityPeriod / 2) {
079            responseJwt(controller, oldData);
080        }
081    }
082
083
084    /**
085     * 输出 jwt 内容到客户端
086     *
087     * @param controller
088     * @param map
089     */
090    private void responseJwt(Controller controller, Map map) {
091        String token = JwtManager.me().createJwtToken(map);
092        HttpServletResponse response = controller.getResponse();
093        response.addHeader(JwtManager.me().getHttpHeaderName(), token);
094    }
095}