baihe
/
gihon-component


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124
							package com.gihon.common.auth;

import java.util.Enumeration;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/**
 * 当前用户认证工具
 * 
 * @author baihe
 *
 */
public class AuthUtils {

    public final static String ROLE_SUPER_ADMIN = "superadmin";// 超级管理员

    public final static String ROLE_COMPANY_ADMIN = "companyadmin";// 公司管理员

    public final static String REQ_USER = "_req_authuser_";

    public final static String REQ_TOKEN = "_req_token_";

    public final static String REQ_BLANK = "_req_blank_";// 参数中传递的token

    public final static Long TOKEN_EXPIRE_TIME = 7200L;// 3个小时

    public static ServletRequestAttributes getRequestAttributes() {
        RequestAttributes r = RequestContextHolder.currentRequestAttributes();
        return (ServletRequestAttributes) r;
    }

    public static HttpServletRequest getRequest() {
        ServletRequestAttributes r = getRequestAttributes();
        return r == null ? null : r.getRequest();
    }

    public static HttpServletResponse getResponse() {
        ServletRequestAttributes r = getRequestAttributes();
        return r == null ? null : r.getResponse();
    }

    public static String getToken() {
        HttpServletRequest request = getRequest();
        if (request == null) {
            return null;
        }
        return (String) request.getAttribute(AuthUtils.REQ_TOKEN);
    }
    public static Long getUserId() {
        AuthUser user = getUser();
        if (user != null) {
            return user.getId();
        }
        return null;
    }

    public static AuthUser getUser() {
        HttpServletRequest request = getRequest();
        if (request == null) {
            return null;
        }
        AuthUser user = null;
        Object o = request.getAttribute(REQ_USER);
        if (o != null) {
            user = (AuthUser) o;
        }
        return user;
    }

    public static Long getCompanyId() {
        AuthUser user = getUser();
        if (user != null) {
            return user.getCompanyId();
        }
        return null;
    }

    public static void setUser(AuthUser user) {
        getRequest().setAttribute(REQ_USER, user);
    }

    public static String parseToken(HttpServletRequest request) {
        // first check the header...
        String token = parseHeaderToken(request);
        // bearer type allows a request parameter as well
        if (token == null) {
            token = request.getParameter(AuthConstans.ACCESS_TOKEN);
        }

        return token;
    }

    @SuppressWarnings("unchecked")
    public static String parseHeaderToken(HttpServletRequest request) {
        Enumeration<String> headers = request.getHeaders(AuthConstans.HEADE_TOKEN);
        while (headers.hasMoreElements()) { // typically there is only one (most servers enforce that)
            String value = headers.nextElement();
            if ((value.toLowerCase().startsWith(AuthConstans.BEARER_TYPE.toLowerCase()))) {
                String authHeaderValue = value.substring(AuthConstans.BEARER_TYPE.length()).trim();
                int commaIndex = authHeaderValue.indexOf(',');
                if (commaIndex > 0) {
                    authHeaderValue = authHeaderValue.substring(0, commaIndex);
                }
                return authHeaderValue;
            } else {
                // todo: support additional authorization schemes for different token types,
                // e.g. "MAC" specified by
                // http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token
                String authHeaderValue = value.trim();
                int commaIndex = authHeaderValue.indexOf(',');
                if (commaIndex > 0) {
                    authHeaderValue = authHeaderValue.substring(0, commaIndex);
                }
                return authHeaderValue;
            }
        }
        return request.getHeader(AuthConstans.ACCESS_TOKEN);
    }
}