package com.gihon.common.auth; import java.util.Enumeration; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; /** * 当前用户认证工具 * * @author baihe * */ public class AuthUtils { public final static String ROLE_SUPER_ADMIN = "superadmin";// 超级管理员 public final static String ROLE_COMPANY_ADMIN = "companyadmin";// 公司管理员 public final static String REQ_USER = "_req_authuser_"; public final static String REQ_TOKEN = "_req_token_"; public final static String REQ_BLANK = "_req_blank_";// 参数中传递的token public final static Long TOKEN_EXPIRE_TIME = 7200L;// 3个小时 public static ServletRequestAttributes getRequestAttributes() { RequestAttributes r = RequestContextHolder.currentRequestAttributes(); return (ServletRequestAttributes) r; } public static HttpServletRequest getRequest() { ServletRequestAttributes r = getRequestAttributes(); return r == null ? null : r.getRequest(); } public static HttpServletResponse getResponse() { ServletRequestAttributes r = getRequestAttributes(); return r == null ? null : r.getResponse(); } public static String getToken() { HttpServletRequest request = getRequest(); if (request == null) { return null; } return (String) request.getAttribute(AuthUtils.REQ_TOKEN); } public static Long getUserId() { AuthUser user = getUser(); if (user != null) { return user.getId(); } return null; } public static AuthUser getUser() { HttpServletRequest request = getRequest(); if (request == null) { return null; } AuthUser user = null; Object o = request.getAttribute(REQ_USER); if (o != null) { user = (AuthUser) o; } return user; } public static Long getCompanyId() { AuthUser user = getUser(); if (user != null) { return user.getCompanyId(); } return null; } public static void setUser(AuthUser user) { getRequest().setAttribute(REQ_USER, user); } public static String parseToken(HttpServletRequest request) { // first check the header... String token = parseHeaderToken(request); // bearer type allows a request parameter as well if (token == null) { token = request.getParameter(AuthConstans.ACCESS_TOKEN); } return token; } @SuppressWarnings("unchecked") public static String parseHeaderToken(HttpServletRequest request) { Enumeration headers = request.getHeaders(AuthConstans.HEADE_TOKEN); while (headers.hasMoreElements()) { // typically there is only one (most servers enforce that) String value = headers.nextElement(); if ((value.toLowerCase().startsWith(AuthConstans.BEARER_TYPE.toLowerCase()))) { String authHeaderValue = value.substring(AuthConstans.BEARER_TYPE.length()).trim(); int commaIndex = authHeaderValue.indexOf(','); if (commaIndex > 0) { authHeaderValue = authHeaderValue.substring(0, commaIndex); } return authHeaderValue; } else { // todo: support additional authorization schemes for different token types, // e.g. "MAC" specified by // http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token String authHeaderValue = value.trim(); int commaIndex = authHeaderValue.indexOf(','); if (commaIndex > 0) { authHeaderValue = authHeaderValue.substring(0, commaIndex); } return authHeaderValue; } } return request.getHeader(AuthConstans.ACCESS_TOKEN); } }