java source code of StatelessFilter

/*
 * Copyright 2017-2018 the original author(https://github.com/wj596)
 * 
 * <p>
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * </p>
 */
package org.jsets.shiro.filter.stateless;

import java.util.Enumeration;
import java.util.List;
import java.util.stream.Stream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.jsets.shiro.config.ShiroProperties;
import org.jsets.shiro.token.HmacToken;
import org.jsets.shiro.token.JwtToken;
import org.jsets.shiro.util.CommonUtils;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;

/**
 * 无状态过滤器--抽象父类
 * 
 * @author wangjie (http://www.jianshu.com/u/ffa3cba4c604) 
 * @date 2016年6月24日 下午2:55:15
 */
public abstract class StatelessFilter extends AccessControlFilter{

	protected boolean isHmacSubmission(ServletRequest request) {

		String appId = request.getParameter(ShiroProperties.PARAM_HMAC_APP_ID);
		String timestamp = request.getParameter(ShiroProperties.PARAM_HMAC_TIMESTAMP);
		String digest= request.getParameter(ShiroProperties.PARAM_HMAC_DIGEST);
		return (request instanceof HttpServletRequest)
							&& !Strings.isNullOrEmpty(appId)
							&& !Strings.isNullOrEmpty(timestamp)
							&& !Strings.isNullOrEmpty(digest);
	}
	
	protected AuthenticationToken createHmacToken(ServletRequest request, ServletResponse response) {
		
		String appId = request.getParameter(ShiroProperties.PARAM_HMAC_APP_ID);
		String timestamp = request.getParameter(ShiroProperties.PARAM_HMAC_TIMESTAMP);
		String digest= request.getParameter(ShiroProperties.PARAM_HMAC_DIGEST);
		List<String> parameterNames = Lists.newLinkedList();
		Enumeration<String> namesEnumeration = request.getParameterNames();
		while(namesEnumeration.hasMoreElements()){
            String parameterName = namesEnumeration.nextElement();
            parameterNames.add(parameterName);
        }
		StringBuilder baseString = new StringBuilder();
		parameterNames.stream()
			.sorted()
			.forEach(name -> {
				if(!ShiroProperties.PARAM_HMAC_APP_ID.equals(name)
					&&!ShiroProperties.PARAM_HMAC_TIMESTAMP.equals(name)
					&&!ShiroProperties.PARAM_HMAC_DIGEST.equals(name))
					baseString.append(request.getParameter(name));
		});
		baseString.append(appId);
		baseString.append(timestamp);
		String host = request.getRemoteHost();
		return new HmacToken( host, appId, timestamp, baseString.toString(), digest);
	}
	
	protected boolean isJwtSubmission(ServletRequest request) {
		String jwt = request.getParameter(ShiroProperties.PARAM_JWT);
		return (request instanceof HttpServletRequest) && !Strings.isNullOrEmpty(jwt);
	}
	
	protected AuthenticationToken createJwtToken(ServletRequest request, ServletResponse response) {
		String host = request.getRemoteHost();
		String jwt = request.getParameter(ShiroProperties.PARAM_JWT);
		return new JwtToken(host,jwt);
	}
	
	protected boolean checkRoles(Subject subject, Object mappedValue){
        String[] rolesArray = (String[]) mappedValue;
        if (rolesArray == null || rolesArray.length == 0) {
            return true;
        }
        return Stream.of(rolesArray)
        			.anyMatch(role->subject.hasRole(role));
	}
	
	protected boolean checkPerms(Subject subject, Object mappedValue){
        String[] perms = (String[]) mappedValue;
        boolean isPermitted = true;
        if (perms != null && perms.length > 0) {
            if (perms.length == 1) {
                if (!subject.isPermitted(perms[0])) {
                    isPermitted = false;
                }
            } else {
                if (!subject.isPermittedAll(perms)) {
                    isPermitted = false;
                }
            }
        }
        return isPermitted;
	}
	
	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        Subject subject = getSubject(request, response);
        //未认证
        if (null == subject || !subject.isAuthenticated()) {
        	CommonUtils.restFailed(WebUtils.toHttp(response)
        								,ShiroProperties.REST_CODE_AUTH_UNAUTHORIZED
        								,ShiroProperties.REST_MESSAGE_AUTH_UNAUTHORIZED);
        //未授权
        } else {
    		CommonUtils.restFailed(WebUtils.toHttp(response)
										,ShiroProperties.REST_CODE_AUTH_FORBIDDEN
										,ShiroProperties.REST_MESSAGE_AUTH_FORBIDDEN);
        }	
        return false;
	}
	
}