场景:
公司的微服务集群,有些API 会对外提供接口,供其他厂商进行调用。这些公开的API接口,由一个OpenAPI微服务统一提供给大家。
那么所有的调用者在调用公开API接口的时候,需要验证是否有权限调用API 接口。
这套验证的工作,同样也在OpenAPI中为调用者提供验证。
==============================================================================================
简图说明:
===============================================================================================================
正文仅通过贴出来的代码展示
OpenAPI这个微服务在整个服务体系中做了什么事情
1.用户通过提供loginName和loginPwd来获取sessionKey
2.在获取sessionKey过程中,将
[loginName:sessionKey]
[sessionKey:JSON.toJSONString(userInfo)]
存入redis,并设置了有效期
3.用户每次访问接口,都要提供loginName+sign+调用API所需的参数列表
4.服务器端自定义拦截器,拦截到用户request,根据loginName取出sessionKey,按照规则生成sign
5.对比用户传入的sign和服务器端生成的sign,如果一致,则允许调用API
===============================================================================================================
代码说明:
1.pom.xml文件
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>com.pisen</groupId> <artifactId>pisen-cloud-luna</artifactId> <version>1.0-SNAPSHOT</version> </parent> <artifactId>pisen-cloud-luna-ms-openapi</artifactId> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> <!-- Spring boot 1.5.x 的 data-jpa 依赖暂时还没有 所有采用 1.4.x的 data-jpa --> <version>1.4.7.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-config</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-eureka</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-feign</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-hystrix</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!-- 驱动 --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>com.googlecode.log4jdbc</groupId> <artifactId>log4jdbc</artifactId> <version>1.2</version> </dependency> <!-- ======================== 工具 ======================== END --> <dependency> <groupId>com.alibaba</groupId> <artifactId>fastjson</artifactId> <version>1.2.6</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>3.0</version> </dependency> <dependency> <groupId>com.xiaoleilu</groupId> <artifactId>hutool-all</artifactId> <version>3.1.0</version> </dependency> <dependency> <groupId>com.belerweb</groupId> <artifactId>pinyin4j</artifactId> <version>2.5.0</version> </dependency> <!-- ======================== 工具 ======================== END --> <!-- 连接池 --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.0.11</version> </dependency> <!-- Redis --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-redis</artifactId> <!-- Spring boot 1.5.x 的Redis依赖暂时还没有 所有采用 1.4.x的Redis --> <version>1.4.7.RELEASE</version> </dependency> <dependency> <groupId>com.pisen</groupId> <artifactId>pisen-cloud-luna-core</artifactId> <version>${parent.version}</version> </dependency> <!--feign--> <dependency> <groupId>com.pisen</groupId> <artifactId>pisen-cloud-luna-feign-ten</artifactId> <version>${parent.version}</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-codec/commons-codec --> <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.4</version> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>