java source code of CustomAuthorizationFilter

Project: microservice-integration (GitHub Link)

microservice-integration-master
- auth-server
  - src
    - main
      - resources
        application.yml
        mybatis
        config.xml
        mapper
        ClientSecretMapper.xml
        RolePermissionMapper.xml
        PermissionMapper.xml
        UserRoleMapper.xml
        UserAccessMapper.xml
        RoleMapper.xml
        bootstrap.yml
        conf
        generatorConfig.xml
      - java
        com
        blueskykong
        auth
        security
        CustomAuthorizationTokenServices.java
        CustomAuthenticationProvider.java
        CustomTokenEnhancer.java
        CustomCheckPermission.java
        CustomAuthenticationToken.java
        CustomUserDetails.java
        filter
        CustomSecurityFilter.java
        SecurityAccessDecisionManager.java
        CustomLogoutHandler.java
        SecureResourceFilterInvocationDefinitionSource.java
        dto
        ApiClientDTO.java
        RolePermissionDTO.java
        UserRoleDTO.java
        DefaultRoles.java
        DefaultRole.java
        dao
        impl
        MybatisPermissionDAO.java
        MybatisClientSecretDAO.java
        MybatisURoleDAO.java
        MybatisRoleDAO.java
        MybatisUserAccessDAO.java
        MybatisRolePermissionDAO.java
        typehandler
        UuidTypeHandler.java
        RolePermissionDAO.java
        ClientSecretDAO.java
        RoleDAO.java
        UserAccessDAO.java
        PermissionDAO.java
        UserRoleDAO.java
        mapper
        RoleMapper.java
        PermissionMapper.java
        UserAccessMapper.java
        ClientSecretMapper.java
        RolePermissionMapper.java
        UserRoleMapper.java
        utils
        JsonUtil.java
        TimestampAdapter.java
        entity
        RolePermission.java
        UserRole.java
        ClientSecret.java
        Role.java
        constants
        AuthConstants.java
        Permission.java
        ClientSecretStatus.java
        UserAccess.java
        BaseEntity.java
        properties
        RedisProperties.java
        client
        feign
        UserClient.java
        fallback
        UserFallbackClient.java
        config
        ServiceConfig.java
        DatasourceConfig.java
        JerseyConfig.java
        oauth
        OAuth2Config.java
        SecurityConfig.java
        service
        ClientSecretService.java
        SecurityService.java
        exception
        GenericErrorCodes.java
        CustomWebResponseExceptionTranslator.java
        AbstractException.java
        ErrorCodes.java
        RemoteException.java
        ErrorCode.java
        AuthApplication.java
        rest
        ClientSecretResource.java
        UserRoleResource.java
        SecurityResource.java
  - auth.sql
  - pom.xml
- backend-server
  - src
    - main
      - resources
        bootstrap.yml
      - java
        com
        blueskykong
        demo
        security
        SimpleGrantedAuthority.java
        CustomAuthentication.java
        CustomerSecurityExpressionRoot.java
        entity
        Permission.java
        UserAccess.java
        client
        FeignAuthClient.java
        config
        FilterConfig.java
        service
        AuthService.java
        constants
        SecurityConstants.java
        AccessType.java
        annotation
        PreAuth.java
        rest
        DemoController.java
        filter
        AuthAspect.java
        AuthorizationFilter.java
        CustomAuthorizationFilter.java
        UserContext.java
        BackendApplication.java
  - pom.xml
- pom.xml
- LICENSE
- gateway-enhanced
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        banner.txt
      - kotlin
        com
        blueskykong
        gateway
        enhanced
        AdditionalRoutes.kt
      - java
        com
        blueskykong
        gateway
        enhanced
        security
        OAuth2AccessToken.java
        DefaultOAuth2AccessToken.java
        CustomRemoteTokenServices.java
        properties
        ResourceServerProperties.java
        GatewayLimitProperties.java
        ThrottleProperties.java
        PermitAllUrlProperties.java
        config
        WebfluxRouteConfig.java
        ServiceConfig.java
        RouteConfiguration.java
        RemoteAddrKeyResolver.java
        GatewayConfiguration.java
        exception
        AbstractException.java
        ErrorCodes.java
        ErrorCode.java
        ServerException.java
        GlobalErrorAttributes.java
        GlobalErrorWebExceptionHandler.java
        GatewayApplication.java
        http
        HeaderEnhanceFilter.java
        handler
        FallbackHandler.java
        filter
        AuthorizationFilter.java
        ThrottleGatewayFilterFactory.java
        RateLimitByIpGatewayFilter.java
  - pom.xml
- .travis.yml
- README.md
- .gitignore
- docker-compose.yml
- gateway-zuul
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        banner.txt
      - java
        com
        blueskykong
        gateway
        zuul
        security
        HeaderEnhanceFilter.java
        CustomRemoteTokenServices.java
        properties
        PermitAllUrlProperties.java
        config
        ServiceConfig.java
        FilterConfig.java
        ResourceServerConfig.java
        constants
        SecurityConstants.java
        ZuulApplication.java
  - pom.xml

package com.blueskykong.demo.filter;

import com.blueskykong.demo.client.FeignAuthClient;
import com.blueskykong.demo.constants.AccessType;
import com.blueskykong.demo.constants.SecurityConstants;
import com.blueskykong.demo.entity.Permission;
import com.blueskykong.demo.security.SimpleGrantedAuthority;
import lombok.extern.java.Log;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestBody;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.ext.Provider;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;

/**
 * @author keets
 */
@Provider
@Log
public class CustomAuthorizationFilter implements ContainerRequestFilter {

    @Autowired
    private FeignAuthClient feignAuthClient;

    @Override
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        String userId = containerRequestContext.getHeaderString(SecurityConstants.USER_ID_IN_HEADER);

        if (StringUtils.isNotEmpty(userId)) {
            UserContext userContext = new UserContext(UUID.fromString(userId));
            userContext.setAccessType(AccessType.ACCESS_TYPE_NORMAL);
            log.info(userContext.toString());
            List<Permission> permissionList = feignAuthClient.getUserPermissions(userId);
            List<SimpleGrantedAuthority> authorityList = new ArrayList();
            for (Permission permission : permissionList) {
                SimpleGrantedAuthority authority = new SimpleGrantedAuthority();
                authority.setAuthority(permission.getPermission());
                authorityList.add(authority);
            }
            userContext.setAuthorities(authorityList);

            SecurityContextHolder.setContext(userContext);
        }
    }
}