This is an automated email from the ASF dual-hosted git repository.
xiaoyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shenyu.git
The following commit(s) were added to refs/heads/master by this push:
new 8ca7f57b9c [type:refactor] plugin-jwt SPI extension for parsing JWT
payloads to ensure compatibility with older versions of JWT tools (#5882)
8ca7f57b9c is described below
commit 8ca7f57b9cea25f3c326c6da2e767a38d68384de
Author: SKonst <[email protected]>
AuthorDate: Mon Jan 13 09:59:49 2025 +0800
[type:refactor] plugin-jwt SPI extension for parsing JWT payloads to ensure
compatibility with older versions of JWT tools (#5882)
* fix admin: The error occurs when testing the sandbox API, and the target
method is not a POST request.
* fix admin: Applied Checkstyle to HttpUtils file
* refactor plugin-jwt: SPI extension for parsing JWT payloads to ensure
compatibility with older versions of JWT tools
* [type:upgrade] The field handleType extended by plugin-jwt needs to be
added to the database table.
Upgrade database initialization script and upgrade script
---------
Co-authored-by: aias00 <[email protected]>
Co-authored-by: xiaoyu <[email protected]>
---
db/init/mysql/schema.sql | 2 +
db/init/ob/schema.sql | 2 +
db/init/og/create-table.sql | 2 +
db/init/oracle/schema.sql | 2 +
db/init/pg/create-table.sql | 2 +
db/upgrade/2.7.0-upgrade-2.7.1-mysql.sql | 18 +++++++
db/upgrade/2.7.0-upgrade-2.7.1-og.sql | 18 +++++++
db/upgrade/2.7.0-upgrade-2.7.1-oracle.sql | 19 +++++++
db/upgrade/2.7.0-upgrade-2.7.1-pg.sql | 18 +++++++
db/upgrade/upgrade-guide.md | 62 +++++++++-------------
.../src/main/resources/sql-script/h2/schema.sql | 2 +
.../org/apache/shenyu/plugin/jwt/JwtPlugin.java | 33 ++++--------
.../apache/shenyu/plugin/jwt/config/JwtConfig.java | 22 ++++++++
.../plugin/jwt/handle/JwtPluginDataHandler.java | 6 ++-
.../strategy/DefaultJwtPayloadParseStrategy.java | 44 +++++++++++++++
.../JwtPayloadParseStrategy.java} | 35 +++++-------
.../JwtPayloadParseStrategyFactory.java} | 37 +++++--------
...nyu.plugin.jwt.strategy.JwtPayloadParseStrategy | 17 ++++++
18 files changed, 230 insertions(+), 111 deletions(-)
diff --git a/db/init/mysql/schema.sql b/db/init/mysql/schema.sql
index 1d88800a6e..d744628f11 100644
--- a/db/init/mysql/schema.sql
+++ b/db/init/mysql/schema.sql
@@ -1299,6 +1299,8 @@ INSERT INTO `plugin_handle` VALUES
('1722804548510507029', '20', 'requestUniqueH
INSERT INTO `plugin_handle` VALUES ('1722804548510507030', '20',
'respHeaderUniqueStrategy', 'respHeaderUniqueStrategy', 2, 2, 3,
'{"required":"0","rule":""}', '2024-12-13 22:37:48.239', '2024-12-13
22:37:48.239');
INSERT INTO `plugin_handle` VALUES ('1722804548510507031', '20',
'respUniqueHeaders', 'respUniqueHeaders', 2, 2, 4,
'{"required":"0","rule":""}', '2024-12-13 22:38:05.726', '2024-12-13
22:38:05.726');
+INSERT INTO `plugin_handle` VALUES ('1722804548510507032', '19', 'handleType',
'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02 17:20:50.233',
'2025-01-02 17:20:50.233');
+
-- ----------------------------
-- Table structure for resource
-- ----------------------------
diff --git a/db/init/ob/schema.sql b/db/init/ob/schema.sql
index cf0790759a..018749396f 100644
--- a/db/init/ob/schema.sql
+++ b/db/init/ob/schema.sql
@@ -1292,6 +1292,8 @@ INSERT INTO `plugin_handle` VALUES
('1722804548510507029', '20', 'requestUniqueH
INSERT INTO `plugin_handle` VALUES ('1722804548510507030', '20',
'respHeaderUniqueStrategy', 'respHeaderUniqueStrategy', 2, 2, 3,
'{"required":"0","rule":""}', '2024-12-13 22:37:48.239', '2024-12-13
22:37:48.239');
INSERT INTO `plugin_handle` VALUES ('1722804548510507031', '20',
'respUniqueHeaders', 'respUniqueHeaders', 2, 2, 4,
'{"required":"0","rule":""}', '2024-12-13 22:38:05.726', '2024-12-13
22:38:05.726');
+INSERT INTO `plugin_handle` VALUES ('1722804548510507032', '19', 'handleType',
'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02 17:20:50.233',
'2025-01-02 17:20:50.233');
+
-- ----------------------------
-- Table structure for resource
-- ----------------------------
diff --git a/db/init/og/create-table.sql b/db/init/og/create-table.sql
index 4fed467321..291b3ca0ac 100644
--- a/db/init/og/create-table.sql
+++ b/db/init/og/create-table.sql
@@ -1376,6 +1376,8 @@ INSERT INTO "public"."plugin_handle" VALUES
('1722804548510507029', '20', 'reque
INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507030', '20',
'respHeaderUniqueStrategy', 'respHeaderUniqueStrategy', 2, 2, 3,
'{"required":"0","rule":""}', '2024-12-13 22:37:48.239', '2024-12-13
22:37:48.239');
INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507031', '20',
'respUniqueHeaders', 'respUniqueHeaders', 2, 2, 4,
'{"required":"0","rule":""}', '2024-12-13 22:38:05.726', '2024-12-13
22:38:05.726');
+INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507032', '19',
'handleType', 'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02
17:20:50.233', '2025-01-02 17:20:50.233');
+
-- ----------------------------
-- Table structure for resource
-- ----------------------------
diff --git a/db/init/oracle/schema.sql b/db/init/oracle/schema.sql
index 22463a224e..bdb79719b5 100644
--- a/db/init/oracle/schema.sql
+++ b/db/init/oracle/schema.sql
@@ -2191,6 +2191,8 @@ values ('1722804548510507030', '20',
'respHeaderUniqueStrategy', 'respHeaderUniq
insert /*+ IGNORE_ROW_ON_DUPKEY_INDEX(plugin_handle(plugin_id, field, type))
*/ into plugin_handle (ID, PLUGIN_ID, FIELD, LABEL, DATA_TYPE, TYPE, SORT,
EXT_OBJ)
values ('1722804548510507031', '20', 'respUniqueHeaders', 'respUniqueHeaders',
2, 2, 4, '{"required":"0","rule":""}');
+insert /*+ IGNORE_ROW_ON_DUPKEY_INDEX(plugin_handle(plugin_id, field, type))
*/ into plugin_handle (ID, PLUGIN_ID, FIELD, LABEL, DATA_TYPE, TYPE, SORT,
EXT_OBJ)
+values ('1722804548510507032', '19', 'handleType', 'handleType', 2, 3, 1,
'{"required":"0","rule":""}');
insert /*+ IGNORE_ROW_ON_DUPKEY_INDEX(shenyu_dict(type, dict_code, dict_name))
*/ into SHENYU_DICT (ID, TYPE, DICT_CODE, DICT_NAME, DICT_VALUE, "desc", SORT,
ENABLED)
diff --git a/db/init/pg/create-table.sql b/db/init/pg/create-table.sql
index b49dc04cc5..9a53825742 100644
--- a/db/init/pg/create-table.sql
+++ b/db/init/pg/create-table.sql
@@ -1436,6 +1436,8 @@ INSERT INTO "public"."plugin_handle" VALUES
('1722804548510507029', '20', 'reque
INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507030', '20',
'respHeaderUniqueStrategy', 'respHeaderUniqueStrategy', 2, 2, 3,
'{"required":"0","rule":""}', '2024-12-13 22:37:48.239', '2024-12-13
22:37:48.239');
INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507031', '20',
'respUniqueHeaders', 'respUniqueHeaders', 2, 2, 4,
'{"required":"0","rule":""}', '2024-12-13 22:38:05.726', '2024-12-13
22:38:05.726');
+INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507032', '19',
'handleType', 'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02
17:20:50.233', '2025-01-02 17:20:50.233');
+
-- ----------------------------
-- Table structure for resource
-- ----------------------------
diff --git a/db/upgrade/2.7.0-upgrade-2.7.1-mysql.sql
b/db/upgrade/2.7.0-upgrade-2.7.1-mysql.sql
new file mode 100755
index 0000000000..7e4a8d5c53
--- /dev/null
+++ b/db/upgrade/2.7.0-upgrade-2.7.1-mysql.sql
@@ -0,0 +1,18 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- this file works for MySQL.
+INSERT INTO `plugin_handle` VALUES ('1722804548510507032', '19', 'handleType',
'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02 17:20:50.233',
'2025-01-02 17:20:50.233');
\ No newline at end of file
diff --git a/db/upgrade/2.7.0-upgrade-2.7.1-og.sql
b/db/upgrade/2.7.0-upgrade-2.7.1-og.sql
new file mode 100644
index 0000000000..9df235bc6b
--- /dev/null
+++ b/db/upgrade/2.7.0-upgrade-2.7.1-og.sql
@@ -0,0 +1,18 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- this file works for og.
+INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507032', '19',
'handleType', 'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02
17:20:50.233', '2025-01-02 17:20:50.233');
\ No newline at end of file
diff --git a/db/upgrade/2.7.0-upgrade-2.7.1-oracle.sql
b/db/upgrade/2.7.0-upgrade-2.7.1-oracle.sql
new file mode 100755
index 0000000000..04d7c8189e
--- /dev/null
+++ b/db/upgrade/2.7.0-upgrade-2.7.1-oracle.sql
@@ -0,0 +1,19 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- this file works for Oracle, can not use "`" syntax.
+insert /*+ IGNORE_ROW_ON_DUPKEY_INDEX(plugin_handle(plugin_id, field, type))
*/ into plugin_handle (ID, PLUGIN_ID, FIELD, LABEL, DATA_TYPE, TYPE, SORT,
EXT_OBJ)
+values ('1722804548510507032', '19', 'handleType', 'handleType', 2, 3, 1,
'{"required":"0","rule":""}');
diff --git a/db/upgrade/2.7.0-upgrade-2.7.1-pg.sql
b/db/upgrade/2.7.0-upgrade-2.7.1-pg.sql
new file mode 100755
index 0000000000..3a2053effc
--- /dev/null
+++ b/db/upgrade/2.7.0-upgrade-2.7.1-pg.sql
@@ -0,0 +1,18 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- this file works for PostgreSQL, can not use "`" syntax.
+INSERT INTO "public"."plugin_handle" VALUES ('1722804548510507032', '19',
'handleType', 'handleType', 2, 3, 1, '{"required":"0","rule":""}', '2025-01-02
17:20:50.233', '2025-01-02 17:20:50.233');
diff --git a/db/upgrade/upgrade-guide.md b/db/upgrade/upgrade-guide.md
index 04754be423..1ac558b906 100644
--- a/db/upgrade/upgrade-guide.md
+++ b/db/upgrade/upgrade-guide.md
@@ -4,8 +4,30 @@
## To Shenyu Users
+- 2.7.0-upgrade-2.7.1-mysql.sql
+
+- 2.7.0-upgrade-2.7.1-og.sql
+
+- 2.7.0-upgrade-2.7.1-oracle.sql
+
+- 2.7.0-upgrade-2.7.1-pg.sql
+
+ > this file is the Shenyu upgrade sql from v2.7.0 to v2.7.1
+
+- 2.6.1-upgrade-2.7.0-mysql.sql
+
+- 2.6.1-upgrade-2.7.0-og.sql
+
+- 2.6.1-upgrade-2.7.0-oracle.sql
+
+- 2.6.1-upgrade-2.7.0-pg.sql
+
+ > this file is the Shenyu upgrade sql from v2.6.1 to v2.7.0
+
- 2.6.0-upgrade-2.6.1-mysql.sql
+- 2.6.0-upgrade-2.6.1-og.sql
+
- 2.6.0-upgrade-2.6.1-oracle.sql
- 2.6.0-upgrade-2.6.1-pg.sql
@@ -14,6 +36,8 @@
- 2.5.1-upgrade-2.6.0-mysql.sql
+- 2.5.1-upgrade-2.6.0-og.sql
+
- 2.5.1-upgrade-2.6.0-oracle.sql
- 2.5.1-upgrade-2.6.0-pg.sql
@@ -45,41 +69,3 @@
- 2.4.1-upgrade-2.4.2-pg.sql
> this file is the Shenyu upgrade sql from v2.4.1 to v2.4.2
-
-- 2.4.2-upgrade-2.4.3-mysql.sql
-
-- 2.4.2-upgrade-2.4.3-pg.sql
-
- > this file is the Shenyu upgrade sql from v2.4.2 to v2.4.3
-
-- 2.4.3-upgrade-2.5.0-mysql.sql
-
-- 2.4.3-upgrade-2.5.0-pg.sql
-
- > this file is the Shenyu upgrade sql from v2.4.3 to v2.5.0
-
-- 2.5.0-upgrade-2.5.1-mysql.sql
-
-- 2.5.0-upgrade-2.5.1-oracle.sql
-
-- 2.5.0-upgrade-2.5.1-pg.sql
-
- > this file is the Shenyu upgrade sql from v2.5.0 to v2.5.1
-
-- 2.5.1-upgrade-2.6.0-mysql.sql
-
-- 2.5.1-upgrade-2.6.0-oracle.sql
-
-- 2.5.1-upgrade-2.6.0-pg.sql
-
- > this file is the Shenyu upgrade sql from v2.5.1 to v2.6.0
-
-- 2.6.0-upgrade-2.6.1-mysql.sql
-
-- 2.6.0-upgrade-2.6.1-og.sql
-
-- 2.6.0-upgrade-2.6.1-oracle.sql
-
-- 2.6.0-upgrade-2.6.1-pg.sql
-
- > this file is the Shenyu upgrade sql from v2.6.0 to v2.6.1
diff --git a/shenyu-admin/src/main/resources/sql-script/h2/schema.sql
b/shenyu-admin/src/main/resources/sql-script/h2/schema.sql
index b1dc97d5f4..4f7b671ae8 100755
--- a/shenyu-admin/src/main/resources/sql-script/h2/schema.sql
+++ b/shenyu-admin/src/main/resources/sql-script/h2/schema.sql
@@ -924,6 +924,8 @@ INSERT IGNORE INTO plugin_handle (`id`,
`plugin_id`,`field`,`label`,`data_type`,
INSERT IGNORE INTO plugin_handle (`id`,
`plugin_id`,`field`,`label`,`data_type`,`type`,`sort`,`ext_obj`) VALUES
('1722804548510507030', '20', 'respHeaderUniqueStrategy',
'respHeaderUniqueStrategy', 2, 2, 3, '{"required":"0","rule":""}');
INSERT IGNORE INTO plugin_handle (`id`,
`plugin_id`,`field`,`label`,`data_type`,`type`,`sort`,`ext_obj`) VALUES
('1722804548510507031', '20', 'respUniqueHeaders', 'respUniqueHeaders', 2, 2,
4, '{"required":"0","rule":""}');
+INSERT IGNORE INTO plugin_handle (`id`,
`plugin_id`,`field`,`label`,`data_type`,`type`,`sort`,`ext_obj`) VALUES
('1722804548510507032', '19', 'handleType', 'handleType', 2, 3, 1,
'{"required":"0","rule":""}');
+
/** insert resource for resource */
INSERT IGNORE INTO `resource` (`id`, `parent_id`, `title`, `name`, `url`,
`component`, `resource_type`, `sort`, `icon`, `is_leaf`, `is_route`, `perms`,
`status`)
VALUES('1346775491550474240','','SHENYU.MENU.PLUGIN.LIST','plug','/plug','PluginList','0','0','dashboard','0','0','','1');
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/JwtPlugin.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/JwtPlugin.java
index 1977be828f..66847f6d2d 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/JwtPlugin.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/JwtPlugin.java
@@ -17,11 +17,6 @@
package org.apache.shenyu.plugin.jwt;
-import io.jsonwebtoken.Jwt;
-import io.jsonwebtoken.JwtParser;
-import io.jsonwebtoken.JwtParserBuilder;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.security.Keys;
import org.apache.commons.lang3.StringUtils;
import org.apache.shenyu.common.dto.RuleData;
import org.apache.shenyu.common.dto.SelectorData;
@@ -34,11 +29,12 @@ import
org.apache.shenyu.plugin.api.utils.WebFluxResultUtils;
import org.apache.shenyu.plugin.base.AbstractShenyuPlugin;
import org.apache.shenyu.plugin.base.utils.CacheKeyUtils;
import org.apache.shenyu.plugin.jwt.config.JwtConfig;
-import org.apache.shenyu.plugin.jwt.exception.ThrowingFunction;
import org.apache.shenyu.plugin.jwt.handle.JwtPluginDataHandler;
import org.apache.shenyu.plugin.jwt.rule.JwtRuleHandle;
import org.apache.shenyu.plugin.jwt.strategy.JwtConvertStrategy;
import org.apache.shenyu.plugin.jwt.strategy.JwtConvertStrategyFactory;
+import org.apache.shenyu.plugin.jwt.strategy.JwtPayloadParseStrategy;
+import org.apache.shenyu.plugin.jwt.strategy.JwtPayloadParseStrategyFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
@@ -67,7 +63,7 @@ public class JwtPlugin extends AbstractShenyuPlugin {
}
// compatible processing
String finalAuthorization = compatible(token, authorization);
- Map<String, Object> jwtBody = checkAuthorization(finalAuthorization,
jwtConfig.getSecretKey());
+ Map<String, Object> jwtBody = parseJwtPayload(finalAuthorization,
jwtConfig);
if (Objects.isNull(jwtBody)) {
Object error = ShenyuResultWrap.error(exchange,
ShenyuResultEnum.ERROR_TOKEN);
return WebFluxResultUtils.result(exchange, error);
@@ -118,29 +114,18 @@ public class JwtPlugin extends AbstractShenyuPlugin {
}
/**
- * check Authorization.
+ * parse jwt payload.
*
* @param authorization the authorization after processing
- * @param secretKey secretKey of authorization
+ * @param jwtConfig the jwt config
* @return Map
*/
- private Map<String, Object> checkAuthorization(final String authorization,
- final String secretKey) {
-
+ private Map<String, Object> parseJwtPayload(final String authorization,
+ final JwtConfig jwtConfig) {
if (StringUtils.isEmpty(authorization)) {
return null;
}
- JwtParserBuilder jwtParserBuilder = Jwts.parser();
- JwtParser jwtParser = jwtParserBuilder.build();
- if (jwtParser.isSigned(authorization)) {
-
jwtParserBuilder.verifyWith(Keys.hmacShaKeyFor(secretKey.getBytes()));
- JwtParser jwtParserExec = jwtParserBuilder.build();
- Jwt jwt = ThrowingFunction.wrap(() ->
jwtParserExec.parse(authorization));
- if (jwt == null) {
- return null;
- }
- return (Map<String, Object>) jwt.getBody();
- }
- return null;
+ JwtPayloadParseStrategy payloadParseStrategy =
JwtPayloadParseStrategyFactory.newInstance(jwtConfig.getHandleType());
+ return payloadParseStrategy.parse(jwtConfig.getSecretKey(),
authorization);
}
}
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
index d2bd2e3076..9327dd2c30 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
@@ -29,6 +29,11 @@ public class JwtConfig implements Serializable {
*/
private String secretKey;
+ /**
+ * private handleType.
+ */
+ private String handleType;
+
/**
* Gets secret key.
*
@@ -47,4 +52,21 @@ public class JwtConfig implements Serializable {
this.secretKey = secretKey;
}
+ /**
+ * Gets handleType.
+ *
+ * @return jwt payload handle type
+ */
+ public String getHandleType() {
+ return handleType;
+ }
+
+ /**
+ * Sets handleType.
+ *
+ * @param handleType jwt payload handle type
+ */
+ public void setHandleType(final String handleType) {
+ this.handleType = handleType;
+ }
}
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/handle/JwtPluginDataHandler.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/handle/JwtPluginDataHandler.java
index 58044d22c2..b03d9be454 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/handle/JwtPluginDataHandler.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/handle/JwtPluginDataHandler.java
@@ -45,16 +45,18 @@ public class JwtPluginDataHandler implements
PluginDataHandler {
public void handlerPlugin(final PluginData pluginData) {
Map<String, String> configMap =
GsonUtils.getInstance().toObjectMap(pluginData.getConfig(), String.class);
String secretKey =
Optional.ofNullable(configMap.get(Constants.SECRET_KEY)).orElse("");
+ String handleType =
Optional.ofNullable(configMap.get("handleType")).orElse("default");
JwtConfig jwtConfig = new JwtConfig();
jwtConfig.setSecretKey(secretKey);
+ jwtConfig.setHandleType(handleType);
Singleton.INST.single(JwtConfig.class, jwtConfig);
}
-
+
@Override
public void removeRule(final RuleData ruleData) {
CACHED_HANDLE.get().removeHandle(CacheKeyUtils.INST.getKey(ruleData));
}
-
+
@Override
public void handlerRule(final RuleData ruleData) {
Optional.ofNullable(ruleData.getHandle()).ifPresent(ruleHandle -> {
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/DefaultJwtPayloadParseStrategy.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/DefaultJwtPayloadParseStrategy.java
new file mode 100644
index 0000000000..0720695e01
--- /dev/null
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/DefaultJwtPayloadParseStrategy.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.plugin.jwt.strategy;
+
+import io.jsonwebtoken.Jwt;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.JwtParserBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import org.apache.shenyu.plugin.jwt.exception.ThrowingFunction;
+import org.apache.shenyu.spi.Join;
+
+import java.util.Map;
+
+@Join
+public class DefaultJwtPayloadParseStrategy implements JwtPayloadParseStrategy
{
+
+ @Override
+ public Map<String, Object> parse(final String secretKey, final String
authorization) {
+ JwtParserBuilder jwtParserBuilder = Jwts.parser();
+ jwtParserBuilder.verifyWith(Keys.hmacShaKeyFor(secretKey.getBytes()));
+ JwtParser jwtParser = jwtParserBuilder.build();
+ if (jwtParser.isSigned(authorization)) {
+ Jwt jwt = ThrowingFunction.wrap(() ->
jwtParser.parse(authorization));
+ return jwt == null ? null : (Map<String, Object>) jwt.getPayload();
+ }
+ return null;
+ }
+}
\ No newline at end of file
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategy.java
similarity index 61%
copy from
shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
copy to
shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategy.java
index d2bd2e3076..49737bc551 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategy.java
@@ -15,36 +15,25 @@
* limitations under the License.
*/
-package org.apache.shenyu.plugin.jwt.config;
+package org.apache.shenyu.plugin.jwt.strategy;
-import java.io.Serializable;
+import org.apache.shenyu.spi.SPI;
+
+import java.util.Map;
/**
- * The type Jwt config.
+ * Strategy Class for Parsing JWT Payloads.
*/
-public class JwtConfig implements Serializable {
-
- /**
- * private key.
- */
- private String secretKey;
-
- /**
- * Gets secret key.
- *
- * @return the secret key
- */
- public String getSecretKey() {
- return secretKey;
- }
+@SPI
+public interface JwtPayloadParseStrategy {
/**
- * Sets secret key.
+ * Parse jwt payload.
*
- * @param secretKey the secret key
+ * @param secretKey secretKey of authorization
+ * @param authorization the authorization after processing
+ * @return Map
*/
- public void setSecretKey(final String secretKey) {
- this.secretKey = secretKey;
- }
+ Map<String, Object> parse(String secretKey, String authorization);
}
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategyFactory.java
similarity index 58%
copy from
shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
copy to
shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategyFactory.java
index d2bd2e3076..98548f9cbd 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/config/JwtConfig.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/java/org/apache/shenyu/plugin/jwt/strategy/JwtPayloadParseStrategyFactory.java
@@ -15,36 +15,25 @@
* limitations under the License.
*/
-package org.apache.shenyu.plugin.jwt.config;
+package org.apache.shenyu.plugin.jwt.strategy;
-import java.io.Serializable;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shenyu.spi.ExtensionLoader;
-/**
- * The type Jwt config.
- */
-public class JwtConfig implements Serializable {
-
- /**
- * private key.
- */
- private String secretKey;
-
- /**
- * Gets secret key.
- *
- * @return the secret key
- */
- public String getSecretKey() {
- return secretKey;
- }
+public class JwtPayloadParseStrategyFactory {
/**
- * Sets secret key.
+ * new instance JwtPayloadParserStrategy.
*
- * @param secretKey the secret key
+ * @param handleType handleType
+ * @return JwtPayloadParserStrategy
*/
- public void setSecretKey(final String secretKey) {
- this.secretKey = secretKey;
+ public static JwtPayloadParseStrategy newInstance(final String handleType)
{
+ String type = handleType;
+ if (StringUtils.isBlank(type)) {
+ type = "default";
+ }
+ return
ExtensionLoader.getExtensionLoader(JwtPayloadParseStrategy.class).getJoin(type);
}
}
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/resources/META-INF/shenyu/org.apache.shenyu.plugin.jwt.strategy.JwtPayloadParseStrategy
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/resources/META-INF/shenyu/org.apache.shenyu.plugin.jwt.strategy.JwtPayloadParseStrategy
new file mode 100644
index 0000000000..a9877bd363
--- /dev/null
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-jwt/src/main/resources/META-INF/shenyu/org.apache.shenyu.plugin.jwt.strategy.JwtPayloadParseStrategy
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+default=org.apache.shenyu.plugin.jwt.strategy.DefaultJwtPayloadParseStrategy
\ No newline at end of file
