Skip to content

Commit

Permalink
fix api signuature credential auth bug
Browse files Browse the repository at this point in the history
  • Loading branch information
cyjseagull committed Sep 2, 2024
1 parent f7e5978 commit 828419c
Show file tree
Hide file tree
Showing 7 changed files with 36 additions and 7 deletions.
2 changes: 2 additions & 0 deletions wedpr-adm/conf/application-wedpr.properties
Original file line number Diff line number Diff line change
Expand Up @@ -94,3 +94,5 @@ quartz-cron-report-job=0/2 * * * * ? *

springfox.documentation.enabled=true

server.type=site_end

1 change: 1 addition & 0 deletions wedpr-admin/conf/application-wedpr.properties
Original file line number Diff line number Diff line change
Expand Up @@ -89,4 +89,5 @@ wedpr.user.jwt.publicKey=
wedpr.user.jwt.sessionKey=

springfox.documentation.enabled=true
server.type=admin_end

Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
import org.slf4j.LoggerFactory;

public class MemoryCredentialCache implements CredentialCache {
private static Logger logger = LoggerFactory.getLogger(MemoryCredentialCache.class);
private static final Logger logger = LoggerFactory.getLogger(MemoryCredentialCache.class);

private final ApiCredentialMapper credentialMapper;
private final CredentialToolkit credentialToolkit;
Expand All @@ -55,9 +55,18 @@ public MemoryCredentialCache(
this.credentialToolkit = credentialToolkit;
}

private ApiCredentialDO loadCache(String accessKeyID) {
try {
return cache.get(accessKeyID);
} catch (Exception e) {
logger.warn("get {} failed for ", accessKeyID, e);
return null;
}
}

@Override
public ApiCredentialDO getAccessKey(String accessKeyID) {
return cache.getIfPresent(accessKeyID);
return loadCache(accessKeyID);
}

public ApiCredentialDO fetchCredential(String accessKeyID) throws NoValueInCacheException {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ public MemoryUserCache(
new CacheLoader<String, UserToken>() {
@Override
public UserToken load(String username) throws NoValueInCacheException {
logger.info("从数据库查询用户信息:{}", username);
logger.info("fetch userInformation from DB:{}", username);
// check the existence of user
if (wedprUserService.getWedprUserByNameService(username) != null) {
return fetchUserToken(username);
Expand All @@ -96,7 +96,7 @@ public UserToken load(String username) throws NoValueInCacheException {
public Pair<Boolean, UserToken> getUserToken(HttpServletRequest request) throws Exception {
UserToken userToken = TokenUtils.getLoginUser(request);
String username = userToken.getUsername();
UserToken latestUserToken = userCache.getIfPresent(username);
UserToken latestUserToken = loadUserToken(username);
// the user not exists
if (latestUserToken == null) {
return null;
Expand All @@ -113,10 +113,19 @@ public Pair<Boolean, UserToken> getUserToken(HttpServletRequest request) throws
return new ImmutablePair<>(false, userToken);
}

private UserToken loadUserToken(String userName) {
try {
return userCache.get(userName);
} catch (Exception e) {
logger.warn("get record for {} failed, error: ", e.getMessage());
return null;
}
}

@Override
public UserToken getUserToken(String userName) throws Exception {
wedprUserService.updateAllowedTimeAndTryCount(userName, 0L, 0);
return userCache.getIfPresent(userName);
return loadUserToken(userName);
}

@Override
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import lombok.SneakyThrows;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.StringUtils;

public class APISignatureAuthFilter extends BasicAuthenticationFilter {
private final CredentialVerifier credentialVerifier;
Expand All @@ -47,6 +48,11 @@ public APISignatureAuthFilter(
protected void doFilterInternal(
HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
try {
// auth by token
if (!StringUtils.isEmpty(request.getHeader(Constant.TOKEN_FIELD))) {
chain.doFilter(request, response);
return;
}
ApiCredentialDO credential = this.credentialVerifier.verify(request);
UserToken userToken = userCache.getUserToken(credential.getOwner());
if (userToken == null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,10 @@ protected void doFilterInternal(
response.setHeader(Constant.TOKEN_FIELD, newJwt);
chain.doFilter(request, response);
} catch (Exception e) {
logger.info("认证已过期或token错误,请重新登录: ", e);
logger.info("jwt auth failed, error: ", e);
String wedprResponse =
new WeDPRResponse(Constant.WEDPR_FAILED, "认证已过期或token错误,请重新登录").serialize();
new WeDPRResponse(Constant.WEDPR_FAILED, "auth failed for " + e.getMessage())
.serialize();
TokenUtils.responseToClient(response, wedprResponse, HttpServletResponse.SC_FORBIDDEN);
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,7 @@ private void switchToLeader(String leaderID) {
EventSubParams eventSubParams = new EventSubParams();
eventSubParams.setFromBlock(blockNumber);
eventSubParams.setToBlock(BigInteger.valueOf(-1));
eventSubParams.addAddress(WeDPRSyncConfig.getResourceLogRecordFactoryContractAddress());
int i = 0;
for (String topic : topics) {
eventSubParams.addTopic(i, topic);
Expand Down

0 comments on commit 828419c

Please sign in to comment.