本文主要研究一下dubbo的TokenFilter
dubbo-2.7.2/dubbo-rpc/dubbo-rpc-api/src/main/java/org/apache/dubbo/rpc/filter/TokenFilter.java
@Activate(group = CommonConstants.PROVIDER, value = TOKEN_KEY) public class TokenFilter implements Filter { @Override public Result invoke(Invoker<?> invoker, Invocation inv) throws RpcException { String token = invoker.getUrl().getParameter(TOKEN_KEY); if (ConfigUtils.isNotEmpty(token)) { Class<?> serviceType = invoker.getInterface(); Map<String, String> attachments = inv.getAttachments(); String remoteToken = attachments == null ? null : attachments.get(TOKEN_KEY); if (!token.equals(remoteToken)) { throw new RpcException("Invalid token! Forbid invoke remote service " + serviceType + " method " + inv.getMethodName() + "() from consumer " + RpcContext.getContext().getRemoteHost() + " to provider " + RpcContext.getContext().getLocalHost()); } } return invoker.invoke(inv); } }
dubbo-2.7.2/dubbo-rpc/dubbo-rpc-api/src/test/java/org/apache/dubbo/rpc/filter/TokenFilterTest.java
public class TokenFilterTest { private TokenFilter tokenFilter = new TokenFilter(); @Test public void testInvokeWithToken() throws Exception { String token = "token"; Invoker invoker = Mockito.mock(Invoker.class); URL url = URL.valueOf("test://test:11/test?accesslog=true&group=dubbo&version=1.1&token=" + token); when(invoker.getUrl()).thenReturn(url); when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result")); Map<String, String> attachments = new HashMap<String, String>(); attachments.put(TOKEN_KEY, token); Invocation invocation = Mockito.mock(Invocation.class); when(invocation.getAttachments()).thenReturn(attachments); Result result = tokenFilter.invoke(invoker, invocation); Assertions.assertEquals("result", result.getValue()); } @Test public void testInvokeWithWrongToken() throws Exception { Assertions.assertThrows(RpcException.class, () -> { String token = "token"; Invoker invoker = Mockito.mock(Invoker.class); URL url = URL.valueOf("test://test:11/test?accesslog=true&group=dubbo&version=1.1&token=" + token); when(invoker.getUrl()).thenReturn(url); when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result")); Map<String, String> attachments = new HashMap<String, String>(); attachments.put(TOKEN_KEY, "wrongToken"); Invocation invocation = Mockito.mock(Invocation.class); when(invocation.getAttachments()).thenReturn(attachments); tokenFilter.invoke(invoker, invocation); }); } @Test public void testInvokeWithoutToken() throws Exception { Assertions.assertThrows(RpcException.class, () -> { String token = "token"; Invoker invoker = Mockito.mock(Invoker.class); URL url = URL.valueOf("test://test:11/test?accesslog=true&group=dubbo&version=1.1&token=" + token); when(invoker.getUrl()).thenReturn(url); when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result")); Invocation invocation = Mockito.mock(Invocation.class); tokenFilter.invoke(invoker, invocation); }); } }
TokenFilter实现了Filter接口,其invoke方法会判断invoker的URL中是否有token属性,如果该值不为空,则从attachments中获取remoteToken,然后对比两个token是否相同,不同则抛出RpcException,相同则执行invoker.invoke(inv)