1. system 提供 OAuth2TokenApi 接口

2. gateway 通过 feign 引入 OAuth2TokenApi 接口

1. system 提供 OAuth2TokenApi 接口
e89ef549 · YunaiV · 94d62b8d · e89ef549 · e89ef549 · e89ef549
--- a/yudao-gateway/pom.xml
+++ b/yudao-gateway/pom.xml
@@ -16,6 +16,13 @@
    <url>https://github.com/YunaiV/yudao-cloud</url>

    <dependencies>
+        <!-- 业务组件 -->
+        <dependency>
+            <groupId>cn.iocoder.cloud</groupId>
+            <artifactId>yudao-module-system-api</artifactId>
+            <version>${revision}</version>
+        </dependency>
+
        <!-- Gateway 网关相关 -->
        <dependency>
            <groupId>org.springframework.cloud</groupId>
@@ -28,6 +35,11 @@
            <artifactId>spring-cloud-starter-loadbalancer</artifactId>
        </dependency>

+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-openfeign</artifactId>
+        </dependency>
+
        <!-- Registry 注册中心相关 -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>

--- a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java
 package cn.iocoder.yudao.gateway;

+import cn.iocoder.yudao.module.system.api.auth.OAuth2TokenApi;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.openfeign.EnableFeignClients;

 @SpringBootApplication
+@EnableFeignClients(clients = {
+        OAuth2TokenApi.class
+}) // TODO 芋艿：需要改下
 public class GatewayServerApplication {

    public static void main(String[] args) {

--- a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/filter/TokenAuthenticationFilter.java
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/filter/TokenAuthenticationFilter.java
+package cn.iocoder.yudao.gateway.filter;
+
+import cn.iocoder.yudao.module.system.api.auth.OAuth2TokenApi;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.http.HttpHeaders;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+import javax.annotation.Resource;
+import java.util.function.Consumer;
+
+/**
+ * Token 过滤器，验证 token 的有效性
+ * 1. 验证通过时，将 userId、userType、tenantId 通过 Header 转发给服务
+ * 2. 验证不通过，还是会转发给服务。因为，接口是否需要登录的校验，还是交给服务自身处理
+ *
+ * @author 芋道源码
+ */
+@Component // TODO 芋艿：要改成 configuration
+public class TokenAuthenticationFilter implements GlobalFilter, Ordered {
+
+    @Resource
+    private OAuth2TokenApi oauth2TokenApi;
+
+    @Override
+    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+        exchange = exchange.mutate().request(r -> r.headers(new Consumer<HttpHeaders>() {
+            @Override
+            public void accept(HttpHeaders headers) {
+                headers.set("user-id", "1");
+            }
+        })).build();
+        return chain.filter(exchange);
+    }
+
+    @Override
+    public int getOrder() {
+        return -100; // 和 Spring Security Filter 的顺序对齐
+    }
+
+}
--- a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/util/SecurityFrameworkUtils.java
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/util/SecurityFrameworkUtils.java
+package cn.iocoder.yudao.gateway.util;
+
+import org.springframework.util.StringUtils;
+import org.springframework.web.server.ServerWebExchange;
+
+/**
+ * 安全服务工具类
+ *
+ * copy from yudao-spring-boot-starter-security 的 SecurityFrameworkUtils 类
+ *
+ * @author 芋道源码
+ */
+public class SecurityFrameworkUtils {
+
+    public static final String AUTHORIZATION_HEADER = "Authorization";
+
+    public static final String AUTHORIZATION_BEARER = "Bearer";
+
+    private SecurityFrameworkUtils() {}
+
+    /**
+     * 从请求中，获得认证 Token
+     *
+     * @param exchange 请求
+     * @return 认证 Token
+     */
+    public static String obtainAuthorization(ServerWebExchange exchange) {
+        String authorization = exchange.getRequest().getHeaders().getFirst(AUTHORIZATION_HEADER);
+        if (!StringUtils.hasText(authorization)) {
+            return null;
+        }
+        int index = authorization.indexOf(AUTHORIZATION_BEARER + " ");
+        if (index == -1) { // 未找到
+            return null;
+        }
+        return authorization.substring(index + 7).trim();
+    }
+
+}
--- a/yudao-module-system/yudao-module-system-api/pom.xml
+++ b/yudao-module-system/yudao-module-system-api/pom.xml
@@ -29,6 +29,13 @@
            <optional>true</optional>
        </dependency>

+        <!-- RPC 远程调用相关 -->
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-openfeign</artifactId>
+            <optional>true</optional>
+        </dependency>
+
    </dependencies>

 </project>
--- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java
+++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java
@@ -3,6 +3,9 @@ package cn.iocoder.yudao.module.system.api.auth;
 import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenCheckRespDTO;
 import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenCreateReqDTO;
 import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenRespDTO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;

 import javax.validation.Valid;

@@ -11,6 +14,7 @@ import javax.validation.Valid;
 *
 * @author 芋道源码
 */
+@FeignClient(name = "system-server") // TODO 芋艿：fallbackFactory =
 public interface OAuth2TokenApi {

    /**
@@ -19,6 +23,7 @@ public interface OAuth2TokenApi {
     * @param reqDTO 访问令牌的创建信息
     * @return 访问令牌的信息
     */
+    @GetMapping("/tmp")
    OAuth2AccessTokenRespDTO createAccessToken(@Valid OAuth2AccessTokenCreateReqDTO reqDTO);

    /**
@@ -27,7 +32,8 @@ public interface OAuth2TokenApi {
     * @param accessToken 访问令牌
     * @return 访问令牌的信息
     */
-    OAuth2AccessTokenCheckRespDTO checkAccessToken(String accessToken);
+    @GetMapping("/app-api/check")
+    OAuth2AccessTokenCheckRespDTO checkAccessToken(@RequestParam("accessToken") String accessToken);

    /**
     * 移除访问令牌
@@ -35,6 +41,7 @@ public interface OAuth2TokenApi {
     * @param accessToken 访问令牌
     * @return 访问令牌的信息
     */
+    @GetMapping("/tmp2")
    OAuth2AccessTokenRespDTO removeAccessToken(String accessToken);

    /**
@@ -44,6 +51,8 @@ public interface OAuth2TokenApi {
     * @param clientId 客户端编号
     * @return 访问令牌的信息
     */
-    OAuth2AccessTokenRespDTO refreshAccessToken(String refreshToken, String clientId);
+    @GetMapping("/tmp3")
+    OAuth2AccessTokenRespDTO refreshAccessToken(@RequestParam("refreshToken") String refreshToken,
+                                                @RequestParam("clientId") String clientId);

 }
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java
@@ -7,6 +7,7 @@ import cn.iocoder.yudao.module.system.convert.auth.OAuth2TokenConvert;
 import cn.iocoder.yudao.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
 import cn.iocoder.yudao.module.system.service.oauth2.OAuth2TokenService;
 import org.springframework.stereotype.Service;
+import org.springframework.web.bind.annotation.RestController;

 import javax.annotation.Resource;

@@ -15,7 +16,7 @@ import javax.annotation.Resource;
 *
 * @author 芋道源码
 */
-@Service
+@RestController
 public class OAuth2TokenApiImpl implements OAuth2TokenApi {

    @Resource