AuthorizationHeaderUtils 优化

2026-05-14 12:32:09 +08:00 · 2023-03-03 11:07:52 +08:00
parent c63f6f96d7
commit 39673103fb
3 changed files with 53 additions and 54 deletions
--- a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java
+++ b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java
@@ -14,12 +14,11 @@
 * limitations under the License.
 */

-
 package org.maxkey.util;

 public class AuthorizationHeaderCredential {

-	public static class Credential{
+	public static class Credential {

 		public static final String BASIC = "Basic ";

@@ -37,7 +36,6 @@ public class AuthorizationHeaderCredential {
 		this.credentialType = Credential.BEARER;
 	}

-	
 	public AuthorizationHeaderCredential(String username, String credential) {
 		super();
 		this.username = username;
@@ -63,19 +61,22 @@ public class AuthorizationHeaderCredential {
 	public String getCredential() {
 		return credential;
 	}
+
 	public void setCredential(String credential) {
 		this.credential = credential;
 	}

 	public String transform() {
-		if(credentialType.equalsIgnoreCase(Credential.BASIC)) {
+		if (credentialType.equalsIgnoreCase(Credential.BASIC)) {
 			return AuthorizationHeaderUtils.createBasic(username, credential);
-		}else {
+		} else {
 			return AuthorizationHeaderUtils.createBearer(credential);
 		}
 	}

-	
+	public boolean isBasic() {
+		return credentialType.equals(Credential.BASIC) ? true : false;
+	}

 	@Override
 	public String toString() {
--- a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
+++ b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
@@ -17,8 +17,6 @@

 package org.maxkey.util;

-import java.util.HashMap;
-
 import javax.servlet.http.HttpServletRequest;

 import org.maxkey.crypto.Base64Utils;
@@ -44,6 +42,15 @@ public class AuthorizationHeaderUtils {
        return AuthorizationHeaderCredential.Credential.BASIC + encodedAuthUserPass;
    }
    
+    public static String createBearer(String bearer) {
+        return AuthorizationHeaderCredential.Credential.BEARER + bearer;
+    }
+    
+    public  static AuthorizationHeaderCredential resolve(HttpServletRequest request) {
+    	String authorization = resolveBearer(request);
+    	return resolve(authorization);
+    }
+
    public static AuthorizationHeaderCredential resolve(String authorization) {
        if (StringUtils.isNotBlank(authorization) && isBasic(authorization)) {
            String decodeUserPass = Base64Utils.decode(authorization.split(" ")[1]);
@@ -54,34 +61,6 @@ public class AuthorizationHeaderUtils {
        }
    }

-    public static boolean isBasic(String basic) {
-        if (basic.startsWith(AuthorizationHeaderCredential.Credential.BASIC)) {
-            return true;
-        } else {
-            return false;
-        }
-    }
-    
-    public static String createBearer(String bearer) {
-        return AuthorizationHeaderCredential.Credential.BEARER + bearer;
-    }
-
-    public static String resolveBearer(String bearer) {
-        if (StringUtils.isNotBlank(bearer) && isBearer(bearer)) {
-            return bearer.split(" ")[1];
-        } else {
-            return bearer;
-        }
-    }
-    
-    public static boolean isBearer(String bearer) {
-        if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) {
-            return true;
-        } else {
-            return false;
-        }
-    }
-    
    public  static String resolveBearer(HttpServletRequest request) {
    	String authorization = 
    			StringUtils.isNotBlank(request.getHeader(HEADER_Authorization)) ? 
@@ -92,10 +71,30 @@ public class AuthorizationHeaderUtils {
    	return null;
    }
    
-    public static HashMap<String,String> authorization(String authorization) {
-    	HashMap<String,String> authorizationMap = new HashMap<String,String>();
-    	authorizationMap.put(HEADER_Authorization, authorization);
-    	return authorizationMap;
+    public static boolean isBasic(String basic) {
+        if (basic.startsWith(AuthorizationHeaderCredential.Credential.BASIC)) {
+            return true;
+        } else {
+            return false;
+        }
    }
    
+    static String resolveBearer(String bearer) {
+        if (StringUtils.isNotBlank(bearer) && isBearer(bearer)) {
+            return bearer.split(" ")[1];
+        } else {
+            return bearer;
+        }
+    }
+    
+    static boolean isBearer(String bearer) {
+        if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) {
+            return true;
+        } else {
+            return false;
+        }
+    }
+    
+   
+
 }
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java
@@ -58,9 +58,8 @@ public class Oauth20ApiPermissionAdapter  implements AsyncHandlerInterceptor  {
 	@Override
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
 		 _logger.trace("Oauth20ApiPermissionAdapter preHandle");
-		String  authorization = request.getHeader(AuthorizationHeaderUtils.HEADER_Authorization);
+		 String accessToken = AuthorizationHeaderUtils.resolveBearer(request);
 		 
-		 String accessToken = AuthorizationHeaderUtils.resolveBearer(authorization);
 		 OAuth2Authentication authentication = oauth20TokenServices.loadAuthentication(accessToken);
 		 
 		//判断应用的accessToken信息