第一步:token在路由地址中进行传输
@ServerEndpoint(value = "/ws/{token}",encoders = { ServerEncoder.class })
@Component
public class OrganHandler extends AbstractHandler{
/**
* 连接
* @param session
* @throws Exception
*/
@OnOpen
public void onOpen(Session session, @PathParam("token") String token, EndpointConfig config) throws Exception {
第二步解析使用jwt的包解析token
<!-- https://mvnrepository.com/artifact/com.auth0/java-jwt -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.8.1</version>
</dependency>
解析token获取扩展内容,拿到用户信息,解析失败,返回客户端错误信息
BaseUser baseUser = AccessTokenUtil.getBaseUserByToken(token);
if(baseUser==null){
session.getBasicRemote().sendText("无效Token!");
session.close();
}
第三步给认证服务器发送验证请求
TokenCheckService authService = (TokenCheckService) SpringUtil.getBean("tokenCheckService");
if(!authService.checkTokenValid(baseUser,token)){
session.getBasicRemote().sendText("token无效或已过期!");
session.close();
}
@Override
public Boolean checkTokenValid(BaseUser baseUser, String token) {
if(!TokenUtil.judgeTokenValid(baseUser.getTelephone(),redisTemplate,token)){
return false;
}
String requestUrl = "https://";
if(Constant.PRO.equals(profiles)){
requestUrl+="XXX";
}else{
requestUrl+="XXX";
}
requestUrl+="/auth/oauth/check_token?token="+token;
try {
Map<Object, ?> result = restTemplate.getForObject(requestUrl, Map.class);
logger.info("result:"+result);
}catch (Exception e){
logger.error("token检查失败:"+e.getMessage());
return false;
}
return true;
}