AuthRealm 继承AuthorizingRealm
doGetAuthorizationInfo //获取用户权限或角色信息
doGetAuthenticationInfo //进行身份验证eg:用户名与password密码的校验
涉及到参考类AuthService.java类代码
涉及到参考类JWTPrincipal.java类代码
import lombok.RequiredArgsConstructor;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import java.util.Optional;
@RequiredArgsConstructor
public class AuthRealm extends AuthorizingRealm {
private final AuthService authService;
//获得权限
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
JWTPrincipal principal = (JWTPrincipal) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo result = new SimpleAuthorizationInfo();
if (!principal.getRoles().isEmpty()) {
result.addRoles(principal.getRoles());
}
return result;
}
//判断用户名与密码
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
JWTToken token = (JWTToken) authenticationToken;
Optional<JWTPrincipal> optional = authService.getAuthPrincipal(token);
if (!optional.isPresent()) {
throw new AuthenticationException("can't find the valid user principal");
}
JWTPrincipal principal = optional.get();
if (principal instanceof LockablePrincipal && ((LockablePrincipal) principal).isLocked()) {
throw new AuthenticationException("user is locked");
}
authService.verifyJWTToken(token, principal);
return new SimpleAuthenticationInfo(optional.get(), token.getCredentials(), getName());
}
@Override
public String getName() {
return "auth_realm";
}
}