This is an automated email from the ASF dual-hosted git repository.
qiaojialin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb-web-workbench.git
The following commit(s) were added to refs/heads/master by this push:
new 23862b4 Safe Token (#34)
23862b4 is described below
commit 23862b42341237973c5940b74bab9d5c9d9b396d
Author: ljn55966005 <[email protected]>
AuthorDate: Wed Dec 7 15:59:12 2022 +0800
Safe Token (#34)
---
backend/build.gradle | 1 +
backend/pom.xml | 12 ++--
.../admin/common/utils/AuthenticationUtils.java | 17 ++++--
.../apache/iotdb/admin/config/FilterConfig.java | 2 +
.../iotdb/admin/controller/UserController.java | 35 +++--------
.../org/apache/iotdb/admin/filter/TokenFilter.java | 31 ++++------
.../iotdb/admin/service/impl/UserServiceImpl.java | 2 +
.../java/org/apache/iotdb/admin/tool/JJwtTool.java | 68 ++++++++++++++++++++++
.../admin/controller/ConnectionControllerTest.java | 21 +++----
.../admin/controller/IotDBControllerTest.java | 21 +++----
.../admin/controller/QueryControllerTest.java | 21 +++----
.../iotdb/admin/controller/UserControllerTest.java | 21 +++----
12 files changed, 138 insertions(+), 114 deletions(-)
diff --git a/backend/build.gradle b/backend/build.gradle
index 8b92fc3..d3adcfd 100644
--- a/backend/build.gradle
+++ b/backend/build.gradle
@@ -58,6 +58,7 @@ exclude(module: 'protobuf-java')
compile group: 'cn.cisdigital', name: 'exception-component',
version:'1.0.0'
compile group: 'com.dianping.cat', name: 'cat-client', version:'3.0.0'
compile group: 'org.hibernate.validator', name: 'hibernate-validator',
version:'6.0.9.Final'
+ compile group: 'io.jsonwebtoken', name: 'jjwt', version:'0.6.0'
compile group: 'org.aspectj', name: 'aspectjweaver', version:'1.9.6'
testCompile(group: 'org.springframework.boot', name:
'spring-boot-starter-test', version:'2.3.3.RELEASE') {
exclude(module: 'junit-vintage-engine')
diff --git a/backend/pom.xml b/backend/pom.xml
index e3fb378..fb5d805 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -54,6 +54,12 @@
</dependency>
+ <dependency>
+ <groupId>io.jsonwebtoken</groupId>
+ <artifactId>jjwt</artifactId>
+ <version>0.6.0</version>
+ </dependency>
+
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-log4j2</artifactId>
@@ -71,11 +77,7 @@
<version>3.34.0</version>
</dependency>
- <dependency>
- <groupId>com.auth0</groupId>
- <artifactId>java-jwt</artifactId>
- <version>3.4.0</version>
- </dependency>
+
<dependency>
<groupId>org.projectlombok</groupId>
diff --git
a/backend/src/main/java/org/apache/iotdb/admin/common/utils/AuthenticationUtils.java
b/backend/src/main/java/org/apache/iotdb/admin/common/utils/AuthenticationUtils.java
index 1b2e149..9f72d56 100644
---
a/backend/src/main/java/org/apache/iotdb/admin/common/utils/AuthenticationUtils.java
+++
b/backend/src/main/java/org/apache/iotdb/admin/common/utils/AuthenticationUtils.java
@@ -21,9 +21,9 @@ package org.apache.iotdb.admin.common.utils;
import org.apache.iotdb.admin.common.exception.BaseException;
import org.apache.iotdb.admin.common.exception.ErrorCode;
+import org.apache.iotdb.admin.tool.JJwtTool;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.interfaces.DecodedJWT;
+import io.jsonwebtoken.Claims;
import javax.servlet.http.HttpServletRequest;
@@ -35,15 +35,20 @@ public class AuthenticationUtils {
if (userId == null) {
throw new BaseException(ErrorCode.NO_USER, ErrorCode.NO_USER_MSG);
}
- DecodedJWT authorization = JWT.decode(request.getHeader("Authorization"));
- Integer tokenUserId = authorization.getClaim("userId").asInt();
+ String authorization = request.getHeader("Authorization");
+ Claims claimsByToken = JJwtTool.getClaimsByToken(authorization);
+ if (null == claimsByToken) {
+ throw new BaseException(ErrorCode.TOKEN_ERR, ErrorCode.TOKEN_ERR_MSG);
+ }
+ Integer tokenUserId = claimsByToken.get("userId", Integer.class);
if (!tokenUserId.equals(userId)) {
throw new BaseException(ErrorCode.USER_AUTH_FAIL,
ErrorCode.USER_AUTH_FAIL_MSG);
}
}
public static Integer getUserId(HttpServletRequest request) {
- DecodedJWT authentication = JWT.decode(request.getHeader("Authorization"));
- return authentication.getClaim("userId").asInt();
+ String authorization = request.getHeader("Authorization");
+ Claims claimsByToken = JJwtTool.getClaimsByToken(authorization);
+ return claimsByToken.get("userId", Integer.class);
}
}
diff --git
a/backend/src/main/java/org/apache/iotdb/admin/config/FilterConfig.java
b/backend/src/main/java/org/apache/iotdb/admin/config/FilterConfig.java
index 6a6ed82..e935740 100644
--- a/backend/src/main/java/org/apache/iotdb/admin/config/FilterConfig.java
+++ b/backend/src/main/java/org/apache/iotdb/admin/config/FilterConfig.java
@@ -39,6 +39,8 @@ public class FilterConfig implements WebMvcConfigurer {
List<String> paths = new ArrayList();
paths.add("/servers/**");
paths.add("/get");
+ paths.add("/save");
+ paths.add("/delete");
paths.add("/downloadFile/**");
interceptorRegistration.addPathPatterns(paths);
}
diff --git
a/backend/src/main/java/org/apache/iotdb/admin/controller/UserController.java
b/backend/src/main/java/org/apache/iotdb/admin/controller/UserController.java
index b1a7f97..93adb9a 100644
---
a/backend/src/main/java/org/apache/iotdb/admin/controller/UserController.java
+++
b/backend/src/main/java/org/apache/iotdb/admin/controller/UserController.java
@@ -28,10 +28,9 @@ import org.apache.iotdb.admin.model.vo.ConnVO;
import org.apache.iotdb.admin.model.vo.ConnectionVO;
import org.apache.iotdb.admin.service.ConnectionService;
import org.apache.iotdb.admin.service.UserService;
+import org.apache.iotdb.admin.tool.JJwtTool;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
-import com.auth0.jwt.interfaces.DecodedJWT;
+import io.jsonwebtoken.Claims;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.slf4j.Logger;
@@ -42,8 +41,6 @@ import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.net.InetAddress;
-import java.util.Calendar;
import java.util.List;
@RestController
@@ -70,7 +67,7 @@ public class UserController {
int userId = user.getId();
List<ConnVO> connVOs = connectionService.getAllConnections(userId);
ConnectionVO connectionVO = new ConnectionVO(connVOs, userId, name);
- response.addHeader("Authorization", getToken(user));
+ response.addHeader("Authorization", JJwtTool.generateToken(user));
return BaseVO.success("Login successful", connectionVO);
}
@@ -94,11 +91,11 @@ public class UserController {
@ApiOperation("Get information of user")
public BaseVO<User> getUser(HttpServletRequest request) {
String authorization = request.getHeader("Authorization");
- DecodedJWT decode = JWT.decode(authorization);
+ Claims claimsByToken = JJwtTool.getClaimsByToken(authorization);
User user = new User();
- if (decode != null) {
- Integer userId = decode.getClaim("userId").asInt();
- String name = decode.getClaim("name").asString();
+ if (claimsByToken != null) {
+ Integer userId = claimsByToken.get("userId", Integer.class);
+ String name = claimsByToken.get("name", String.class);
user.setId(userId);
user.setName(name);
}
@@ -121,22 +118,4 @@ public class UserController {
+ "</html>";
return str;
}
-
- private String getToken(User user) throws BaseException {
- Calendar instance = Calendar.getInstance();
- try {
- instance.add(Calendar.HOUR, 24);
- String token =
- JWT.create()
- .withClaim("userId", user.getId())
- .withClaim("name", user.getName())
- .withExpiresAt(instance.getTime())
- .sign(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()));
- logger.info(user.getName() + "login successfully");
- return token;
- } catch (Exception e) {
- logger.info(e.getMessage());
- throw new BaseException(ErrorCode.GET_TOKEN_FAIL,
ErrorCode.GET_TOKEN_FAIL_MSG);
- }
- }
}
diff --git
a/backend/src/main/java/org/apache/iotdb/admin/filter/TokenFilter.java
b/backend/src/main/java/org/apache/iotdb/admin/filter/TokenFilter.java
index 22d1242..49b57bd 100644
--- a/backend/src/main/java/org/apache/iotdb/admin/filter/TokenFilter.java
+++ b/backend/src/main/java/org/apache/iotdb/admin/filter/TokenFilter.java
@@ -21,36 +21,29 @@ package org.apache.iotdb.admin.filter;
import org.apache.iotdb.admin.common.exception.BaseException;
import org.apache.iotdb.admin.common.exception.ErrorCode;
+import org.apache.iotdb.admin.tool.JJwtTool;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.JWTVerifier;
-import com.auth0.jwt.algorithms.Algorithm;
+import io.jsonwebtoken.Claims;
+import org.springframework.util.ObjectUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-
public class TokenFilter implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse
response, Object handler)
throws BaseException {
- JWTVerifier jwtVerifier;
- try {
- jwtVerifier =
- JWT.require(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()))
- .build();
- } catch (UnknownHostException e) {
- e.printStackTrace();
- throw new BaseException(ErrorCode.SET_JWT_FAIL,
ErrorCode.SET_JWT_FAIL_MSG);
+ String authorization = request.getHeader("Authorization");
+ if (null == authorization || "".equals(authorization)) {
+ throw new BaseException(ErrorCode.TOKEN_ERR, ErrorCode.TOKEN_ERR_MSG);
+ }
+ Claims claimsByToken = JJwtTool.getClaimsByToken(authorization);
+ if (ObjectUtils.isEmpty(claimsByToken)) {
+ throw new BaseException(ErrorCode.TOKEN_ERR, ErrorCode.TOKEN_ERR_MSG);
}
- try {
- String authorization = request.getHeader("Authorization");
- jwtVerifier.verify(authorization);
- } catch (Exception e) {
- e.printStackTrace();
+ Integer userId = claimsByToken.get("userId", Integer.class);
+ if (null == userId) {
throw new BaseException(ErrorCode.TOKEN_ERR, ErrorCode.TOKEN_ERR_MSG);
}
return true;
diff --git
a/backend/src/main/java/org/apache/iotdb/admin/service/impl/UserServiceImpl.java
b/backend/src/main/java/org/apache/iotdb/admin/service/impl/UserServiceImpl.java
index 7b5e832..4b38f56 100644
---
a/backend/src/main/java/org/apache/iotdb/admin/service/impl/UserServiceImpl.java
+++
b/backend/src/main/java/org/apache/iotdb/admin/service/impl/UserServiceImpl.java
@@ -27,11 +27,13 @@ import org.apache.iotdb.admin.service.UserService;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
@Service
+@Slf4j
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements
UserService {
@Autowired private UserMapper userMapper;
diff --git a/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
new file mode 100644
index 0000000..8804107
--- /dev/null
+++ b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
@@ -0,0 +1,68 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.iotdb.admin.tool;
+
+import org.apache.iotdb.admin.model.entity.User;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import lombok.extern.slf4j.Slf4j;
+
+import java.util.Date;
+
+/** date:2022/12/6 author:yzf project_name:backend */
+@Slf4j
+public class JJwtTool {
+ private static String secret =
+
"HSyJ0eXAiOiJKV1QasdfffffffSd3g8923402347523fffasdfasgwaegwaegawegawegawegawetwgewagagew"
+ +
"asdf23r23DEEasdfawef134t2fawt2g325gafasdfasdfiLCJhbGciOiJIUzI1NiJ9";
+
+ public static String generateToken(User user) {
+ log.info("user=" + user.toString());
+ Date now = new Date();
+ // Calendar instance = Calendar.getInstance();
+ // instance.add(Calendar.HOUR_OF_DAY, 24);
+ Date expireDate = new Date(new Date().getTime() + (1000 * 60 * 60 * 10));
+ return Jwts.builder()
+ .setHeaderParam("type", "JWT")
+ .setSubject(user.getId() + "")
+ .setIssuedAt(now) // 签发时间
+ .claim("userId", user.getId())
+ .claim("name", user.getName())
+ .setExpiration(expireDate) // 过期时间
+ .signWith(SignatureAlgorithm.HS512, secret)
+ .compact();
+ }
+
+ /** 解析token */
+ public static Claims getClaimsByToken(String token) {
+ try {
+ return
Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+ } catch (Exception e) {
+ System.out.println("validate is token error");
+ return null;
+ }
+ }
+
+ /** 判断 token 是否过期 */
+ public boolean isTokenExpired(Date expiration) {
+ return expiration.before(new Date());
+ }
+}
diff --git
a/backend/src/test/java/org/apache/iotdb/admin/controller/ConnectionControllerTest.java
b/backend/src/test/java/org/apache/iotdb/admin/controller/ConnectionControllerTest.java
index cd9d2e8..df96ce2 100644
---
a/backend/src/test/java/org/apache/iotdb/admin/controller/ConnectionControllerTest.java
+++
b/backend/src/test/java/org/apache/iotdb/admin/controller/ConnectionControllerTest.java
@@ -19,8 +19,9 @@
package org.apache.iotdb.admin.controller;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
+import org.apache.iotdb.admin.model.entity.User;
+import org.apache.iotdb.admin.tool.JJwtTool;
+
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -33,9 +34,6 @@ import
org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.context.WebApplicationContext;
-import java.net.InetAddress;
-import java.util.Calendar;
-
@SpringBootTest
class ConnectionControllerTest {
private MockMvc mvc;
@@ -100,16 +98,11 @@ class ConnectionControllerTest {
}
private String getToken() {
- Calendar instance = Calendar.getInstance();
try {
- instance.add(Calendar.HOUR, 24);
- String token =
- JWT.create()
- .withClaim("userId", 1)
- .withClaim("name", "root")
- .withExpiresAt(instance.getTime())
- .sign(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()));
- return token;
+ User user = new User();
+ user.setId(1);
+ user.setName("root");
+ return JJwtTool.generateToken(user);
} catch (Exception e) {
e.printStackTrace();
return null;
diff --git
a/backend/src/test/java/org/apache/iotdb/admin/controller/IotDBControllerTest.java
b/backend/src/test/java/org/apache/iotdb/admin/controller/IotDBControllerTest.java
index 2686573..c24928e 100644
---
a/backend/src/test/java/org/apache/iotdb/admin/controller/IotDBControllerTest.java
+++
b/backend/src/test/java/org/apache/iotdb/admin/controller/IotDBControllerTest.java
@@ -19,8 +19,9 @@
package org.apache.iotdb.admin.controller;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
+import org.apache.iotdb.admin.model.entity.User;
+import org.apache.iotdb.admin.tool.JJwtTool;
+
import org.junit.jupiter.api.MethodOrderer;
import org.junit.jupiter.api.Order;
import org.junit.jupiter.api.Test;
@@ -34,9 +35,6 @@ import
org.springframework.test.web.servlet.result.MockMvcResultMatchers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
-import java.net.InetAddress;
-import java.util.Calendar;
-
@SpringBootTest
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
class IotDBControllerTest {
@@ -46,16 +44,11 @@ class IotDBControllerTest {
private String token = getToken();
private String getToken() {
- Calendar instance = Calendar.getInstance();
try {
- instance.add(Calendar.HOUR, 24);
- String token =
- JWT.create()
- .withClaim("userId", 1)
- .withClaim("name", "root")
- .withExpiresAt(instance.getTime())
- .sign(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()));
- return token;
+ User user = new User();
+ user.setId(1);
+ user.setName("root");
+ return JJwtTool.generateToken(user);
} catch (Exception e) {
e.printStackTrace();
return null;
diff --git
a/backend/src/test/java/org/apache/iotdb/admin/controller/QueryControllerTest.java
b/backend/src/test/java/org/apache/iotdb/admin/controller/QueryControllerTest.java
index 7b1ba85..71e135c 100644
---
a/backend/src/test/java/org/apache/iotdb/admin/controller/QueryControllerTest.java
+++
b/backend/src/test/java/org/apache/iotdb/admin/controller/QueryControllerTest.java
@@ -19,8 +19,9 @@
package org.apache.iotdb.admin.controller;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
+import org.apache.iotdb.admin.model.entity.User;
+import org.apache.iotdb.admin.tool.JJwtTool;
+
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -33,9 +34,6 @@ import
org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.context.WebApplicationContext;
-import java.net.InetAddress;
-import java.util.Calendar;
-
@SpringBootTest
class QueryControllerTest {
@@ -116,16 +114,11 @@ class QueryControllerTest {
}
private String getToken() {
- Calendar instance = Calendar.getInstance();
try {
- instance.add(Calendar.HOUR, 24);
- String token =
- JWT.create()
- .withClaim("userId", 1)
- .withClaim("name", "root")
- .withExpiresAt(instance.getTime())
- .sign(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()));
- return token;
+ User user = new User();
+ user.setId(1);
+ user.setName("root");
+ return JJwtTool.generateToken(user);
} catch (Exception e) {
e.printStackTrace();
return null;
diff --git
a/backend/src/test/java/org/apache/iotdb/admin/controller/UserControllerTest.java
b/backend/src/test/java/org/apache/iotdb/admin/controller/UserControllerTest.java
index 574aa0c..e2f927a 100644
---
a/backend/src/test/java/org/apache/iotdb/admin/controller/UserControllerTest.java
+++
b/backend/src/test/java/org/apache/iotdb/admin/controller/UserControllerTest.java
@@ -19,8 +19,9 @@
package org.apache.iotdb.admin.controller;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
+import org.apache.iotdb.admin.model.entity.User;
+import org.apache.iotdb.admin.tool.JJwtTool;
+
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -31,9 +32,6 @@ import
org.springframework.test.web.servlet.result.MockMvcResultMatchers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
-import java.net.InetAddress;
-import java.util.Calendar;
-
@SpringBootTest
class UserControllerTest {
@@ -65,16 +63,11 @@ class UserControllerTest {
}
private String getToken() {
- Calendar instance = Calendar.getInstance();
try {
- instance.add(Calendar.HOUR, 24);
- String token =
- JWT.create()
- .withClaim("userId", 1)
- .withClaim("name", "root")
- .withExpiresAt(instance.getTime())
- .sign(Algorithm.HMAC256("IOTDB:" +
InetAddress.getLocalHost().getHostAddress()));
- return token;
+ User user = new User();
+ user.setId(1);
+ user.setName("root");
+ return JJwtTool.generateToken(user);
} catch (Exception e) {
e.printStackTrace();
return null;
