Skip to content

Commit

Permalink
[#1092] optimize security authentication verification logic (#1094)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chengyouling
chengyouling authored Nov 8, 2023
1 parent 69f0f07 commit 05aa237
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions ...ance/src/main/java/com/huaweicloud/governance/authentication/RSAProviderTokenManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;
Expand All @@ -43,12 +44,10 @@ public RSAProviderTokenManager(List<AccessController> accessControllers, Environ

public void valid(HttpServletRequest request) throws Exception {
try {
RsaAuthenticationToken rsaToken = null;
if (environment.getProperty(Const.AUTH_TOKEN_CHECK_ENABLED, boolean.class, true)) {
rsaToken = RSATokenCheckUtils.checkTokenInfo(request, authenticationAdapter);
}
AuthRequestExtractor extractor;
if (rsaToken != null) {
if (environment.getProperty(Const.AUTH_TOKEN_CHECK_ENABLED, boolean.class, true)
|| StringUtils.isEmpty(request.getHeader(Const.AUTH_SERVICE_NAME))) {
RsaAuthenticationToken rsaToken = RSATokenCheckUtils.checkTokenInfo(request, authenticationAdapter);
extractor = AuthRequestExtractorUtils.createAuthRequestExtractor(request, rsaToken.getServiceId(),
rsaToken.getInstanceId());
} else {
Expand Down

0 comments on commit 05aa237

Please sign in to comment.