k
/
SOP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1.12.4

Browse Source
1.x
tanghc 5 years ago
parent 32ea08c78b
commit c850712f8b
18 changed files with 121 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      sop-common/pom.xml
  2. 4
      sop-common/sop-gateway-common/pom.xml
  3. 7
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/bean/ApiConfig.java
  4. 5
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/gateway/param/GatewayParamBuilder.java
  5. 6
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/AbstractConfiguration.java
  6. 38
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/DefaultIPBlacklistManager.java
  7. 16
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/IPBlacklistManager.java
  8. 4
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/ZookeeperContext.java
  9. 2
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/message/ErrorEnum.java
  10. 10
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/param/ApiParam.java
  11. 3
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/param/BaseParamBuilder.java
  12. 14
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java
  13. 2
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/zuul/filter/PreValidateFilter.java
  14. 5
      sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/zuul/param/ZuulParamBuilder.java
  15. 1
      sop-common/sop-gateway-common/src/main/resources/i18n/open/error_en.properties
  16. 1
      sop-common/sop-gateway-common/src/main/resources/i18n/open/error_zh_CN.properties
  17. 2
      sop-common/sop-registry-api/pom.xml
  18. 4
      sop-common/sop-service-common/pom.xml

2
sop-common/pom.xml
Unescape View File

@ -5,7 +5,7 @@
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.gitee.sop</groupId> <groupId>com.gitee.sop</groupId>
<artifactId>sop-common</artifactId> <artifactId>sop-common</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<packaging>pom</packaging> <packaging>pom</packaging>
<properties> <properties>

4
sop-common/sop-gateway-common/pom.xml
Unescape View File

@ -5,11 +5,11 @@
<parent> <parent>
<groupId>com.gitee.sop</groupId> <groupId>com.gitee.sop</groupId>
<artifactId>sop-common</artifactId> <artifactId>sop-common</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>
<artifactId>sop-gateway-common</artifactId> <artifactId>sop-gateway-common</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>sop-gateway-common</name> <name>sop-gateway-common</name>

7
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/bean/ApiConfig.java
Unescape View File

@ -5,10 +5,12 @@ import com.gitee.sop.gatewaycommon.gateway.result.GatewayResult;
import com.gitee.sop.gatewaycommon.gateway.result.GatewayResultExecutor; import com.gitee.sop.gatewaycommon.gateway.result.GatewayResultExecutor;
import com.gitee.sop.gatewaycommon.limit.DefaultLimitManager; import com.gitee.sop.gatewaycommon.limit.DefaultLimitManager;
import com.gitee.sop.gatewaycommon.limit.LimitManager; import com.gitee.sop.gatewaycommon.limit.LimitManager;
import com.gitee.sop.gatewaycommon.manager.DefaultIPBlacklistManager;
import com.gitee.sop.gatewaycommon.manager.DefaultIsvRoutePermissionManager; import com.gitee.sop.gatewaycommon.manager.DefaultIsvRoutePermissionManager;
import com.gitee.sop.gatewaycommon.manager.DefaultLimitConfigManager; import com.gitee.sop.gatewaycommon.manager.DefaultLimitConfigManager;
import com.gitee.sop.gatewaycommon.manager.DefaultRouteConfigManager; import com.gitee.sop.gatewaycommon.manager.DefaultRouteConfigManager;
import com.gitee.sop.gatewaycommon.manager.DefaultServiceErrorManager; import com.gitee.sop.gatewaycommon.manager.DefaultServiceErrorManager;
import com.gitee.sop.gatewaycommon.manager.IPBlacklistManager;
import com.gitee.sop.gatewaycommon.manager.IsvRoutePermissionManager; import com.gitee.sop.gatewaycommon.manager.IsvRoutePermissionManager;
import com.gitee.sop.gatewaycommon.manager.LimitConfigManager; import com.gitee.sop.gatewaycommon.manager.LimitConfigManager;
import com.gitee.sop.gatewaycommon.manager.RouteConfigManager; import com.gitee.sop.gatewaycommon.manager.RouteConfigManager;
@ -115,6 +117,11 @@ public class ApiConfig {
*/ */
private LimitConfigManager limitConfigManager = new DefaultLimitConfigManager(); private LimitConfigManager limitConfigManager = new DefaultLimitConfigManager();
/**
* IP黑名单
*/
private IPBlacklistManager ipBlacklistManager = new DefaultIPBlacklistManager();
/** /**
* 限流管理 * 限流管理
*/ */

5
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/gateway/param/GatewayParamBuilder.java
Unescape View File

@ -17,4 +17,9 @@ public class GatewayParamBuilder extends BaseParamBuilder<ServerWebExchange> {
Map<String, String> params = GatewayContext.getRequestParams(exchange); Map<String, String> params = GatewayContext.getRequestParams(exchange);
return params == null ? Collections.emptyMap() : params; return params == null ? Collections.emptyMap() : params;
} }
@Override
public String getIP(ServerWebExchange ctx) {
return ctx.getRequest().getRemoteAddress().getAddress().getHostAddress();
}
} }

6
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/AbstractConfiguration.java
Unescape View File

@ -53,6 +53,12 @@ public class AbstractConfiguration implements ApplicationContextAware {
LimitConfigManager limitConfigManager() { LimitConfigManager limitConfigManager() {
return ApiConfig.getInstance().getLimitConfigManager(); return ApiConfig.getInstance().getLimitConfigManager();
} }
@Bean
IPBlacklistManager ipBlacklistManager() {
return ApiConfig.getInstance().getIpBlacklistManager();
}
/** /**
* 跨域过滤器 * 跨域过滤器
* *

38
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/DefaultIPBlacklistManager.java
Unescape View File

@ -0,0 +1,38 @@
package com.gitee.sop.gatewaycommon.manager;
import com.google.common.collect.Sets;
import org.apache.commons.lang.StringUtils;
import java.util.Set;
/**
* ip黑名单管理
* @author tanghc
*/
public class DefaultIPBlacklistManager implements IPBlacklistManager {
private static Set<String> ipList = Sets.newConcurrentHashSet();
@Override
public void add(String ip) {
ipList.add(ip);
}
@Override
public void remove(String ip) {
ipList.remove(ip);
}
@Override
public boolean contains(String ip) {
if (StringUtils.isBlank(ip)) {
return false;
}
return ipList.contains(ip);
}
@Override
public void load() {
}
}

16
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/IPBlacklistManager.java
Unescape View File

@ -0,0 +1,16 @@
package com.gitee.sop.gatewaycommon.manager;
import com.gitee.sop.gatewaycommon.bean.BeanInitializer;
/**
* @author tanghc
*/
public interface IPBlacklistManager extends BeanInitializer {
void add(String ip);
void remove(String ip);
boolean contains(String ip);
}

4
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/manager/ZookeeperContext.java
Unescape View File

@ -81,6 +81,10 @@ public class ZookeeperContext {
return SOP_MSG_CHANNEL_PATH + "/limit-conf"; return SOP_MSG_CHANNEL_PATH + "/limit-conf";
} }
public static String getIpBlacklistChannelPath() {
return SOP_MSG_CHANNEL_PATH + "/ipblacklist-conf";
}
public static CuratorFramework getClient() { public static CuratorFramework getClient() {
return client; return client;
} }

2
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/message/ErrorEnum.java
Unescape View File

@ -100,6 +100,8 @@ public enum ErrorEnum {
ISV_ROUTE_NO_PERMISSIONS(Codes.CODE_ISV_PERM, "isv.route-no-permissions"), ISV_ROUTE_NO_PERMISSIONS(Codes.CODE_ISV_PERM, "isv.route-no-permissions"),
/** 禁止访问 */ /** 禁止访问 */
ISV_ACCESS_FORBIDDEN(Codes.CODE_ISV_PERM, "isv.access-forbidden"), ISV_ACCESS_FORBIDDEN(Codes.CODE_ISV_PERM, "isv.access-forbidden"),
/** 禁止IP访问 */
ISV_IP_FORBIDDEN(Codes.CODE_ISV_PERM, "isv.ip-forbidden"),
; ;
private ErrorMeta errorMeta; private ErrorMeta errorMeta;

10
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/param/ApiParam.java
Unescape View File

@ -27,6 +27,8 @@ public class ApiParam extends JSONObject implements Param {
private String restName; private String restName;
private String restVersion; private String restVersion;
private String ip;
private transient ApiUploadContext apiUploadContext; private transient ApiUploadContext apiUploadContext;
public void fitNameVersion() { public void fitNameVersion() {
@ -236,4 +238,12 @@ public class ApiParam extends JSONObject implements Param {
public void setRestVersion(String restVersion) { public void setRestVersion(String restVersion) {
this.restVersion = restVersion; this.restVersion = restVersion;
} }
public void setIp(String ip) {
this.ip = ip;
}
public String fetchIp() {
return ip;
}
} }

3
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/param/BaseParamBuilder.java
Unescape View File

@ -19,6 +19,8 @@ public abstract class BaseParamBuilder<T> implements ParamBuilder<T> {
public abstract Map<String, String> buildRequestParams(T ctx); public abstract Map<String, String> buildRequestParams(T ctx);
public abstract String getIP(T ctx);
@Override @Override
public ApiParam build(T ctx) { public ApiParam build(T ctx) {
ApiParam apiParam = this.newApiParam(ctx); ApiParam apiParam = this.newApiParam(ctx);
@ -27,6 +29,7 @@ public abstract class BaseParamBuilder<T> implements ParamBuilder<T> {
apiParam.put(entry.getKey(), entry.getValue()); apiParam.put(entry.getKey(), entry.getValue());
} }
this.initOtherProperty(apiParam); this.initOtherProperty(apiParam);
apiParam.setIp(this.getIP(ctx));
return apiParam; return apiParam;
} }

14
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java
Unescape View File

@ -6,6 +6,7 @@ import com.gitee.sop.gatewaycommon.bean.BaseRouteDefinition;
import com.gitee.sop.gatewaycommon.bean.Isv; import com.gitee.sop.gatewaycommon.bean.Isv;
import com.gitee.sop.gatewaycommon.bean.RouteConfig; import com.gitee.sop.gatewaycommon.bean.RouteConfig;
import com.gitee.sop.gatewaycommon.bean.TargetRoute; import com.gitee.sop.gatewaycommon.bean.TargetRoute;
import com.gitee.sop.gatewaycommon.manager.IPBlacklistManager;
import com.gitee.sop.gatewaycommon.manager.IsvRoutePermissionManager; import com.gitee.sop.gatewaycommon.manager.IsvRoutePermissionManager;
import com.gitee.sop.gatewaycommon.manager.RouteConfigManager; import com.gitee.sop.gatewaycommon.manager.RouteConfigManager;
import com.gitee.sop.gatewaycommon.manager.RouteRepositoryContext; import com.gitee.sop.gatewaycommon.manager.RouteRepositoryContext;
@ -46,6 +47,7 @@ public class ApiValidator implements Validator {
@Override @Override
public void validate(ApiParam param) { public void validate(ApiParam param) {
checkIP(param);
checkEnable(param); checkEnable(param);
ApiConfig apiConfig = ApiContext.getApiConfig(); ApiConfig apiConfig = ApiContext.getApiConfig();
@ -64,6 +66,18 @@ public class ApiValidator implements Validator {
checkPermission(param); checkPermission(param);
} }
/**
* 是否在IP黑名单中
* @param param 接口参数
*/
protected void checkIP(ApiParam param) {
IPBlacklistManager ipBlacklistManager = ApiConfig.getInstance().getIpBlacklistManager();
String ip = param.fetchIp();
if (ipBlacklistManager.contains(ip)) {
throw ErrorEnum.ISV_IP_FORBIDDEN.getErrorMeta().getException();
}
}
/** /**
* 检测能否访问 * 检测能否访问
* @param param 接口参数 * @param param 接口参数

2
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/zuul/filter/PreValidateFilter.java
Unescape View File

@ -36,7 +36,7 @@ public class PreValidateFilter extends BaseZuulFilter {
try { try {
validator.validate(param); validator.validate(param);
} catch (ApiException e) { } catch (ApiException e) {
log.error("验证失败,params:{}", param.toJSONString(), e); log.error("验证失败,ip:{}, params:{}", param.fetchIp(), param.toJSONString(), e);
throw e; throw e;
} finally { } finally {
param.fitNameVersion(); param.fitNameVersion();

5
sop-common/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/zuul/param/ZuulParamBuilder.java
Unescape View File

@ -62,6 +62,11 @@ public class ZuulParamBuilder extends BaseParamBuilder<RequestContext> {
return params; return params;
} }
@Override
public String getIP(RequestContext ctx) {
return RequestUtil.getIP(ctx.getRequest());
}
@Override @Override
protected ApiParam newApiParam(RequestContext ctx) { protected ApiParam newApiParam(RequestContext ctx) {
ApiParam apiParam = super.newApiParam(ctx); ApiParam apiParam = super.newApiParam(ctx);

1
sop-common/sop-gateway-common/src/main/resources/i18n/open/error_en.properties
Unescape View File

@ -56,3 +56,4 @@ open.error_40006_isv.insufficient-isv-permissions=Insufficient ISV permissions
open.error_40006_isv.insufficient-user-permissions=Insufficient user permissions open.error_40006_isv.insufficient-user-permissions=Insufficient user permissions
open.error_40006_isv.route-no-permissions=No api permissions open.error_40006_isv.route-no-permissions=No api permissions
open.error_40006_isv.access-forbidden=Access forbidden open.error_40006_isv.access-forbidden=Access forbidden
open.error_40006_isv.ip-forbidden=IP access forbidden

1
sop-common/sop-gateway-common/src/main/resources/i18n/open/error_zh_CN.properties
Unescape View File

@ -111,3 +111,4 @@ open.error_40006_isv.insufficient-isv-permissions=\u8bf7\u68c0\u67e5\u914d\u7f6e
open.error_40006_isv.insufficient-user-permissions=\u4ee3\u7406\u7684\u5546\u6237\u6ca1\u6709\u5f53\u524d\u63a5\u53e3\u6743\u9650 open.error_40006_isv.insufficient-user-permissions=\u4ee3\u7406\u7684\u5546\u6237\u6ca1\u6709\u5f53\u524d\u63a5\u53e3\u6743\u9650
open.error_40006_isv.route-no-permissions=\u6ca1\u6709\u5f53\u524d\u63a5\u53e3\u6743\u9650 open.error_40006_isv.route-no-permissions=\u6ca1\u6709\u5f53\u524d\u63a5\u53e3\u6743\u9650
open.error_40006_isv.access-forbidden=\u65e0\u6743\u8bbf\u95ee open.error_40006_isv.access-forbidden=\u65e0\u6743\u8bbf\u95ee
open.error_40006_isv.ip-forbidden=IP\u65e0\u6743\u8bbf\u95ee

2
sop-common/sop-registry-api/pom.xml
Unescape View File

@ -5,7 +5,7 @@
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.gitee.sop</groupId> <groupId>com.gitee.sop</groupId>
<artifactId>sop-registry-api</artifactId> <artifactId>sop-registry-api</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<properties> <properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

4
sop-common/sop-service-common/pom.xml
Unescape View File

@ -6,11 +6,11 @@
<parent> <parent>
<groupId>com.gitee.sop</groupId> <groupId>com.gitee.sop</groupId>
<artifactId>sop-common</artifactId> <artifactId>sop-common</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>
<artifactId>sop-service-common</artifactId> <artifactId>sop-service-common</artifactId>
<version>1.12.4-SNAPSHOT</version> <version>1.13.0-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>sop-service-common</name> <name>sop-service-common</name>

Write Preview
Loading…
Cancel
Save