一、前言
在上一篇博文中,我们介绍了怎么自定义拦截器添加公共参数和设置请求头参数,在这里,讲解一下,自定义一个拦截器去验证登陆是否过期,然后做一些相应的操作,流程如下:
二、RefreshTokenInterceptor类
/**
* @author Freak
* @date 2019/6/15.
*/
public class RefreshTokenInterceptor implements Interceptor {
@Override
public synchronized Response intercept(Chain chain) throws IOException {
Request request = chain.request();
Response response = chain.proceed(request);
//过滤掉不需要登陆验证的接口
if (!request.url().toString().contains("api")
|| !request.url().toString().contains("api")
|| !request.url().toString().contains("api")
|| !request.url().toString().contains("user")
|| !request.url().toString().contains("user")
|| !request.url().toString().contains("logout")
|| !request.url().toString().contains("send")
) {
if (response.code() == 200) {
String responseBodyString = RefreshTokenResponse.getResponseBody(response.body());
LogUtil.e("responseBodyString-->" + responseBodyString);
HttpResult httpResult = JSONObject.parseObject(responseBodyString, HttpResult.class);
if (httpResult != null) {
if (Constants.LOGIN_OUT_CODE.equals(httpResult.getCode())) {
if (!TextUtils.isEmpty((String) SPUtils.get(App.getInstance().getApplicationContext(),
Constants.TOKEN_REFRESH_TIME, ""))) {
//保存的刷新token时间与系统时间比较 -1:刷新token时间<系统时间 1:刷新token时间=系统时间 2:刷新token时间>系统时间
if (StringUtils.compareTo((String) SPUtils.get(App.getInstance().getApplicationContext(),
Constants.TOKEN_REFRESH_TIME, ""), System.currentTimeMillis() / 1000 + "") == -1) {
LogUtil.e("刷新token" + System.currentTimeMillis() / 1000);
HttpResult result = RefreshTokenSynchronizationRequest.synchronizationRefreshToken();
String token = (String) SPUtils.get(App.getInstance().getApplicationContext(), Constants.ACCESS_TOKEN, "");
if (result != null && Constants.SUCCESS_CODE.equals(result.getCode())) {
LogUtil.e("token-->" + token);
//添加请求头
Request addParamRequest = addHeader(request);
// 新的请求,添加参数
Request newRequest = addParam(addParamRequest);
response = chain.proceed(newRequest);
return response;
}
} else {
LogUtil.e("已经刷新token");
//添加请求头
Request addParamRequest = addHeader(request);
// 新的请求,添加参数
Request newRequest = addParam(addParamRequest);
response = chain.proceed(newRequest);
return response;
}
}
}
}
}
}
return response;
}
/**
* 添加公共参数
*
* @param oldRequest
* @return
*/
private Request addParam(Request oldRequest) {
//过滤掉不需要登陆验证的接口
if (oldRequest.url().toString().contains("api")
|| oldRequest.url().toString().contains("api")
|| oldRequest.url().toString().contains("api")
|| oldRequest.url().toString().contains("user")
|| oldRequest.url().toString().contains("user")
|| oldRequest.url().toString().contains("logout")
|| oldRequest.url().toString().contains("send")
) {
return oldRequest;
}
LogUtil.e("token-->" + (String) SPUtils.get(App.getInstance().getApplicationContext(), Constants.ACCESS_TOKEN, ""));
HttpUrl.Builder builder = oldRequest.url()
.newBuilder()
.setEncodedQueryParameter("access_token", (String) SPUtils.get(App.getInstance().getApplicationContext(), Constants.ACCESS_TOKEN, ""));
Request newRequest = oldRequest.newBuilder()
.method(oldRequest.method(), oldRequest.body())
.url(builder.build())
.build();
return newRequest;
}
/**
* 添加请求头
*
* @param oldRequest
* @return
*/
public Request addHeader(Request oldRequest) {
Request.Builder builder = oldRequest.newBuilder().addHeader("user-agent", "Android-APP");
return builder.build();
}
}
在上面的代码中,我们有几次需要注意的地方,如下所示
注意事项:
- 该自定义拦截器,实现的方法中使用synchronized同步方法(处理同时发起多个异步请求的情况,一个登陆过期就是所有的都登陆过期,在刷新token的时候要控制刷新token的接口获取到结果才能让下一个接口结果进入,这里不控制的话,就会导致,你虽然一个接口刷新了token,但是其他接口去刷新的时候就会刷新失败,导致会退出登录)
- 刷新token要使用同步请求,不能使用异步请求
-
response.body().string()只能读取一次,这里我们要做处理,不能在刷新token的时候去读取了,如果读取了就会失败,剩下的都不会进行了。
- 刷新token接口返回的数据要更登录接口返回的数据一样
- 在登陆成功的时候,要记录一下token过期的时间,用于判断是否刷新了token
三、同步请求刷新token
/**
* 同步请求刷新token
*
* @author Freak
* @date 2019/6/15.
*/
public class RefreshTokenSynchronizationRequest {
private static ApiServer apiService = HttpMethods.getInstance().create(ApiServer.class);
public static synchronized HttpResult synchronizationRefreshToken() throws IOException {
final Call<ResponseBody> call = apiService.synchronizationRefreshToken(
(String) SPUtils.get(App.getInstance().getApplicationContext(), Constants.REFRESH_TOKEN, ""));
// call对象执行同步请求
String result = RefreshTokenResponse.getResponseBody(call.execute().body());
HttpResult refreshHttpResult = JSONObject.parseObject(result, HttpResult.class);
LogUtil.e("result-->" + refreshHttpResult);
if (refreshHttpResult != null) {
if (Constants.SUCCESS_CODE.equals(refreshHttpResult.getCode())) {
//登陆信息的保存
LoginEntity loginEntity = JSONObject.parseObject(new Gson().toJson(refreshHttpResult.getData()), LoginEntity.class);
// SPUtils.saveLoginEntity(App.getInstance().getApplicationContext(), loginEntity);
}
}
return refreshHttpResult;
}
}
四、response.body().string()只能读取一次问题处理
public class RefreshTokenResponse {
public static String getResponseBody(ResponseBody responseBody) throws IOException {
BufferedSource source = responseBody.source();
// 获取全部body的数据
source.request(Long.MAX_VALUE);
Buffer buffer = source.buffer();
// 在读取缓存去之前clone数据,解决response.body().string()只能读取一次的问题
String responseBodyString = buffer.clone().readString(Charset.forName("UTF-8"));
return responseBodyString;
}
}
到此,刷新token拦截器就完成了。