soc-modules-deploy模块后台代码迁移-使用gateway模块访问优化

soc-auth/src/main/resources/bootstrap.yml

@@ -14,17 +14,17 @@ spring:
     nacos:
       discovery:
         # 服务注册地址
-        server-addr: 10.87.21.103:8847
-        namespace: ffd30d7d-0a40-4674-ab19-e00aef378714
+        server-addr: 10.87.23.39:8848
+        namespace: c2fe98f1-97c0-4c1a-9df8-4d63e5b625de
       config:
         # 配置中心地址
-        server-addr: 10.87.21.103:8847
+        server-addr: 10.87.23.39:8848
         # 配置文件格式
         file-extension: yml
         # 共享配置
         shared-configs:
           - application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
-        namespace: ffd30d7d-0a40-4674-ab19-e00aef378714
+        namespace: c2fe98f1-97c0-4c1a-9df8-4d63e5b625de
 logging:
   file:
     name: logs/${spring.application.name}/info.log

soc-modules/soc-modules-deploy/src/main/java/com/xunmei/deploy/controller/BeringController.java

@@ -32,6 +32,9 @@ import javax.servlet.http.HttpServletResponse;
 import java.rmi.ServerException;
 import java.util.*;
 
+/**
+ * 主机白令海-请求中心接口（本类下所有接口，原始路径均携带 /api/deploy 前缀）
+ */
 @RestController
 public class BeringController {
 
@@ -58,7 +61,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-推送主机的注册码及机器设备序列号信息，并返回应用秘钥
      */
-    @PostMapping("/api/deploy/register")
+    @PostMapping("/register")
     public Object register(@RequestBody RegisterVo registerVo){
         Map<String,Object> map = new HashMap<>();
         try {
@@ -75,7 +78,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-获取token
      */
-    @PostMapping("/api/deploy/accesstoken")
+    @PostMapping("/accesstoken")
     public Object register(@RequestBody TokenVo tokenVo, HttpServletResponse response){
         Map<String,Object> map = new HashMap<>();
         try {
@@ -98,7 +101,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-上送心跳
      */
-    @PostMapping("/api/deploy/heartbeat")
+    @PostMapping("/heartbeat")
     public Object heartBeat(HttpServletRequest request, @RequestBody HeartBeat heartBeat){
         //获取令牌
         String authorization = request.getHeader("Authorization");
@@ -117,7 +120,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-推送应用清单
      */
-    @PostMapping("/api/deploy/list")
+    @PostMapping("/list")
     public Object putList(@RequestBody PutAppInfoVo putAppInfoVo, HttpServletResponse response, HttpServletRequest request){
         Map<String,Object> map = new HashMap<>();
         logger.info("白令海Rest接口-推送应用清单: 传入参数={}",JSONArray.toJSON(putAppInfoVo).toString());
@@ -157,7 +160,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-获取应用清单
      */
-    @GetMapping("/api/deploy/list")
+    @GetMapping("/list")
     public Object getAppList(HttpServletResponse response, HttpServletRequest request){
 
         try {
@@ -272,7 +275,7 @@ public class BeringController {
     /**
      *  白令海Rest接口-报告应用部署状态（此接口给白令海调用，避免其打印错误日志）
      */
-    @PostMapping("/api/deploy/report")
+    @PostMapping("/report")
     public Object report(){
         return null;
     }
@@ -280,7 +283,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-下载服务升级包
      */
-    @GetMapping("/api/deploy/package/download/{id}")
+    @GetMapping("/package/download/{id}")
     public void getAgentPackage(HttpServletResponse response, HttpServletRequest request, @PathVariable @Value("id") String id){
         UploadAppInfo uploadAppInfo = uploadAppInfoService.getById(id);
         if (null == uploadAppInfo){
@@ -296,7 +299,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-获取任务
      */
-    @GetMapping("/api/deploy/task")
+    @GetMapping("/task")
     public Object getTask(HttpServletRequest request, HttpServletResponse response){
         String authorization = request.getHeader("Authorization");
         authorization = StringUtils.replace(authorization,"Bearer ","");
@@ -313,7 +316,7 @@ public class BeringController {
     /**
      * 白令海Rest接口-上送任务执行状态
      */
-    @PostMapping("/api/deploy/taskReport")
+    @PostMapping("/taskReport")
     public Object taskReport(HttpServletRequest request, HttpServletResponse response, @RequestBody List<TaskVo> tasks){
         //获取令牌
         String authorization = request.getHeader("Authorization");
@@ -331,7 +334,7 @@ public class BeringController {
      * 主机iot服务Rest接口-3100主机获取部署中心系统时间并同步到本地
      * @return
      */
-    @PostMapping(value = "/api/deploy/frontend/synchronDate")
+    @PostMapping(value = "/frontend/synchronDate")
     public JSONObject synchronDate(){
         JSONObject result = new JSONObject();
         String now = UTCTimeUtils.convertDateToStringByFormat(new Date(),"yyyy-MM-dd HH:mm:ss");

soc-modules/soc-modules-deploy/src/main/java/com/xunmei/deploy/interceptor/TokenInterceptor.java

@@ -13,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.servlet.AsyncHandlerInterceptor;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -33,6 +32,9 @@ public class TokenInterceptor implements AsyncHandlerInterceptor {
     private Logger log = LoggerFactory.getLogger(getClass());
 
     @Autowired
+    private WebSecurityService webSecurityConfig;
+
+    @Autowired
     private HostInfoDao hostInfoDao;
 
     @Resource
@@ -50,10 +52,6 @@ public class TokenInterceptor implements AsyncHandlerInterceptor {
         if(!validateInterceptor(path,basePath)){
             return true;
         }
-        /*if(request.getSession().getAttribute("userId") == null){
-            log.error("请求:{},没有用户ID！",path);
-            return false;
-        }*/
         response.setCharacterEncoding("UTF-8");
         response.setContentType("application/json;charset=utf-8");
         //验证消息头是否有token
@@ -121,49 +119,11 @@ public class TokenInterceptor implements AsyncHandlerInterceptor {
     }
 
     /***
-     * @Author gaoxiong
      * @Description 路径是否需要被拦截
-     * @Date 9:58 2021/4/14
-     * @Param
-     * @param path
-     * @param basePath
-     * @return boolean
      **/
     private boolean validateInterceptor(String path,String basePath){
-
         path = path.substring(basePath.length());
-
-/*        if(path.contains("static")){
-            return false;
-        }*/
-
-        if(path.contains("/api/deploy/register")){
-            return false;
-        }
-        if(path.contains("/api/deploy/accesstoken")){
-            return false;
-        }
-        if(path.contains("/api/deploy/package/download")){
-            return false;
-        }
-        if(path.contains("/api/deploy/frontend/synchronDate")){
-            return false;
-        }
-
-
-        if(path.contains("api/deploy/")){
-            return true;
-        }
-
-        if(path.contains("/DeployPage")){
-            return false;
-        }
-
-        if(path.contains("/deployData")){
-            return false;
-        }
-
-        return false;
+        return webSecurityConfig.isNotAllowedUrl(path);
     }
 
 

soc-modules/soc-modules-deploy/src/main/java/com/xunmei/deploy/interceptor/WebSecurityService.java

@@ -0,0 +1,34 @@
+package com.xunmei.deploy.interceptor;
+
+import org.springframework.stereotype.Service;
+import java.util.*;
+
+@Service
+public class WebSecurityService {
+    public static final String URL_NOT_ALLOW_HEART_PATTERN = "/heartbeat";
+    public static final String URL_NOT_ALLOW_LIST_PATTERN = "/list";
+    public static final String URL_NOT_ALLOW_REPORT_PATTERN = "/report";
+    public static final String URL_NOT_ALLOW_TASK_PATTERN = "/task";
+    public static final String URL_NOT_ALLOW_TASK_REPORT_PATTERN = "/taskReport";
+
+    private static final Set<String> NOT_ALLOWED_PATHS = Collections.unmodifiableSet(
+            new HashSet<>(
+                    Arrays.asList(
+                            URL_NOT_ALLOW_HEART_PATTERN,
+                            URL_NOT_ALLOW_LIST_PATTERN,
+                            URL_NOT_ALLOW_REPORT_PATTERN,
+                            URL_NOT_ALLOW_TASK_PATTERN,
+                            URL_NOT_ALLOW_TASK_REPORT_PATTERN
+                    )));
+    
+
+    public boolean isNotAllowedUrl(String url){
+        for(String pattern: NOT_ALLOWED_PATHS){
+            if(url.equals(pattern)){
+                return true;
+            }
+        }
+        return false;
+    }
+
+}