因为要考虑服务端token的动态刷新,而且还要单独启动定时调度任务去刷新token信息,(企业架构源码可以加求球:叁五三陆二肆柒二伍玖)保证token的时效及安全问题,直接分享动态刷新token的代码:
@RestController
@RequestMapping(value = "/rest/soa")
public class SoaServiceResource {
private static final Logger logger = Logger.getLogger(SoaServiceResource.class);
@Autowired
private SoaAppSecretService soaAppSecretService;
/**
* 刷新应用token信息
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/refAppSecret", method = RequestMethod.GET)
public ResponseVO refAppSecret(@RequestParam(required=false) String appname, HttpServletRequest request, HttpServletResponse response){
try {
if(StringUtils.isEmpty(appname)){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_NULL, null);
}
//根据应用名获取秘钥信息
SoaAppSecret appSecret = soaAppSecretService.findAppSecretByAppName(appname);
if(null == appSecret){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_EXIST, null);
}
String appsecret = appSecret.getAppsecret();
if(StringUtils.isNotEmpty(appsecret)){
long afterTime = DateUtils.getAfterTime(new Date());
String token = EncryptUtil2.encryptToAES(EncryptUtil2.AESKey, appname + EncryptUtil2.CONNECTOR + appsecret + EncryptUtil2.CONNECTOR + afterTime);
SoaAppSecret soaAppSecret = new SoaAppSecret();
soaAppSecret.setToken(token);
soaAppSecret.setAppname(appname);
soaAppSecret.setUpdateDate(new Date());
soaAppSecretService.refAppSecret(soaAppSecret);
JSONObject data = new JSONObject();
data.put("token", token);
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPSECRET_NOT_EXIST, null);
} catch (Exception e) {
logger.error("SoaServiceResource >> refAppSecret >> Exception " + e.getMessage());
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.SYSTEM_ERROR, null);
}
}
/**
* 批量刷新应用秘钥信息
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/batchRefAppSecret", method = RequestMethod.GET)
public ResponseVO batchRefAppSecret(HttpServletRequest request, HttpServletResponse response){
List<SoaAppSecret> appSecretList = soaAppSecretService.findList(new SoaAppSecret());
if(null != appSecretList && appSecretList.size() > 0){
for(SoaAppSecret soaAppSecret : appSecretList){
try {
String appsecret = soaAppSecret.getAppsecret();
if(StringUtils.isNotEmpty(appsecret)){
long afterTime = DateUtils.getAfterTime(new Date());
String token = EncryptUtil2.encryptToAES(EncryptUtil2.AESKey, soaAppSecret.getAppname() + EncryptUtil2.CONNECTOR + appsecret + EncryptUtil2.CONNECTOR + afterTime);
soaAppSecret.setToken(token);
soaAppSecret.setUpdateDate(new Date());
soaAppSecretService.refAppSecret(soaAppSecret);
JSONObject data = new JSONObject();
data.put("token", token);
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
logger.info("SoaServiceResource >> batchRefAppSecret >> 刷新应用秘钥信息成功,应用名: " + soaAppSecret.getAppname() + ",新的token信息: " + soaAppSecret.getToken() );
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPSECRET_NOT_EXIST, null);
} catch (Exception e) {
logger.error("SoaServiceResource >> batchRefAppSecret >> Exception " + e.getMessage());
}
}
}
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, true);
}
/**
* 获取应用token
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/findAppSecret", method = RequestMethod.GET)
public ResponseVO findAppSecret(@RequestParam(required=false) String appname, HttpServletRequest request, HttpServletResponse response){
if(StringUtils.isEmpty(appname)){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_NULL, null);
}
SoaAppSecret appSecret = soaAppSecretService.findAppSecretByAppName(appname);
if(null == appSecret){
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.APPNAME_NOT_EXIST, null);
}
JSONObject data = new JSONObject();
data.put("token", appSecret.getToken());
return SoaResponseCode.buildEnumResponseVO(SoaServiceEnum.REQUEST_SUCCESS, data);
}
}