update oss

oss-console/src/main/java/cn/reghao/oss/console/app/rpc/ConsoleServiceImpl.java

@@ -1,5 +1,6 @@
 package cn.reghao.oss.console.app.rpc;
 
+import cn.reghao.jutil.jdk.security.RandomString;
 import cn.reghao.oss.api.constant.ChannelAction;
 import cn.reghao.oss.api.dto.*;
 import cn.reghao.oss.api.util.JwtUtil;
@@ -10,10 +11,10 @@ import cn.reghao.oss.console.app.service.StoreNodeService;
 import cn.reghao.oss.console.app.service.UploadChannelService;
 import cn.reghao.oss.api.iface.ConsoleService;
 import cn.reghao.oss.console.app.service.UserNodeService;
+import com.github.benmanes.caffeine.cache.Cache;
 import org.apache.dubbo.config.annotation.DubboService;
 import org.springframework.stereotype.Service;
 
-import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -26,12 +27,14 @@ public class ConsoleServiceImpl implements ConsoleService {
     private final UploadChannelService uploadChannelService;
     private final StoreNodeService storeNodeService;
     private final UserNodeService userNodeService;
+    private final Cache<String, String> cache;
 
     public ConsoleServiceImpl(UploadChannelService uploadChannelService, StoreNodeService storeNodeService,
-                              UserNodeService userNodeService) {
+                              UserNodeService userNodeService, Cache<String, String> cache) {
         this.uploadChannelService = uploadChannelService;
         this.storeNodeService = storeNodeService;
         this.userNodeService = userNodeService;
+        this.cache = cache;
     }
 
     @Override
@@ -68,14 +71,15 @@ public class ConsoleServiceImpl implements ConsoleService {
         }
 
         String domain = userNode.getDomain();
-        String ossUrl = String.format("//%s", domain);
+        String ossUrl = String.format("//%s/oss", domain);
         long maxSize = uploadChannel.getMaxSize();
 
-        String secretKey = userNode.getSecretKey();
+        String secretKey = RandomString.getString(128);
         String action = ChannelAction.upload.getName();
         long expireAt = System.currentTimeMillis() + 3600*1000;
         OssPayload ossPayload = new OssPayload(action, channelId, loginUser);
         String uploadToken = JwtUtil.createToken(ossPayload, expireAt, secretKey);
+        cache.put(uploadToken, secretKey);
         return new ServerInfo(ossUrl, channelId, maxSize, uploadToken);
     }
 

oss-console/src/main/java/cn/reghao/oss/console/app/rpc/StoreServiceWrapperImpl.java

@@ -1,5 +1,6 @@
 package cn.reghao.oss.console.app.rpc;
 
+import cn.reghao.oss.api.dto.ObjectChannel;
 import cn.reghao.oss.api.dto.ObjectInfo;
 import cn.reghao.oss.api.dto.StoreInfo;
 import cn.reghao.oss.api.dto.media.AudioInfo;
@@ -30,11 +31,16 @@ public class StoreServiceWrapperImpl implements StoreServiceWrapper {
 
     @Override
     public int getChannelScope(int channelId) {
+        int loginUser = AuthContext.getUserId();
+        ObjectChannel objectChannel = uploadChannelService.getObjectChannelByChannelId(channelId, loginUser);
+        if (objectChannel != null) {
+            return objectChannel.getChannelId();
+        }
         return -1;
     }
 
     private StoreService getStoreService(int channelId) throws Exception {
-        int loginUser = 1;
+        int loginUser = AuthContext.getUserId();
         StoreNode storeNode = uploadChannelService.getStoreNodeByChannelId(loginUser, channelId);
         if (storeNode == null) {
             String errMsg = String.format("channel_id %s not associate with any store_node", channelId);
@@ -130,9 +136,10 @@ public class StoreServiceWrapperImpl implements StoreServiceWrapper {
 
     @Override
     public String getSignedUrl(int channelId, String objectId) {
+        int loginUser = AuthContext.getUserId();
         try {
             StoreService storeService = getStoreService(channelId);
-            return storeService.getSignedUrl(objectId);
+            return storeService.getSignedUrl(loginUser, objectId);
         } catch (Exception e) {
             e.printStackTrace();
         }

oss-store/src/main/java/cn/reghao/oss/store/config/inerceptor/TokenFilter.java

@@ -1,10 +1,10 @@
 package cn.reghao.oss.store.config.inerceptor;
 
 import cn.reghao.oss.api.util.AuthContext;
-import cn.reghao.oss.store.service.StoreLocalService;
 import cn.reghao.oss.api.util.JwtUtil;
 import cn.reghao.jutil.web.ServletUtil;
 import cn.reghao.oss.api.dto.OssPayload;
+import com.github.benmanes.caffeine.cache.Cache;
 import org.springframework.stereotype.Component;
 
 import javax.servlet.*;
@@ -16,10 +16,10 @@ import java.io.IOException;
  */
 @Component
 public class TokenFilter implements Filter {
-    private final StoreLocalService storeLocalService;
+    private final Cache<String, String> cache;
 
-    public TokenFilter(StoreLocalService storeLocalService) {
-        this.storeLocalService = storeLocalService;
+    public TokenFilter(Cache<String, String> cache) {
+        this.cache = cache;
     }
 
     @Override
@@ -32,8 +32,11 @@ public class TokenFilter implements Filter {
         int userId = -1;
         String token = ServletUtil.getBearerToken(request);
         if (token != null) {
-            OssPayload ossPayload = JwtUtil.getOssPayload(token, storeLocalService.getSecretKey());
-            userId = ossPayload.getUserId();
+            String secretKey = cache.getIfPresent(token);
+            if (secretKey != null) {
+                OssPayload ossPayload = JwtUtil.getOssPayload(token, secretKey);
+                userId = ossPayload.getUserId();
+            }
         }
 
         try (AuthContext context = new AuthContext(userId)) {

oss-store/src/main/java/cn/reghao/oss/store/controller/ObjectGetController.java

@@ -11,6 +11,7 @@ import cn.reghao.oss.api.util.JwtUtil;
 import cn.reghao.oss.store.util.ObjectUtil;
 import cn.reghao.oss.store.util.SignatureUtil;
 import cn.reghao.oss.api.dto.OssPayload;
+import com.github.benmanes.caffeine.cache.Cache;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletResponse;
@@ -25,12 +26,14 @@ public class ObjectGetController {
     private final GetObjectService getObjectService;
     private final ObjectRepository objectRepository;
     private final StoreLocalService storeLocalService;
+    private final Cache<String, String> cache;
 
     public ObjectGetController(GetObjectService getObjectService, ObjectRepository objectRepository, 
-                               StoreLocalService storeLocalService) {
+                               StoreLocalService storeLocalService, Cache<String, String> cache) {
         this.getObjectService = getObjectService;
         this.objectRepository = objectRepository;
         this.storeLocalService = storeLocalService;
+        this.cache = cache;
     }
 
     @RequestMapping(value = "/**", method = RequestMethod.HEAD)
@@ -62,10 +65,11 @@ public class ObjectGetController {
             return;
         }
 
+        String secretKey = cache.getIfPresent(token);
         String queryString = String.format("token=%s&t=%s&nonce=%s", token, timestamp, nonce);
         String url = String.format("//%s/%s", storeLocalService.getDomain(), objectName);
         String requestString = String.format("%s%s?%s", "GET", url, queryString);
-        boolean valid = SignatureUtil.valid(requestString, storeLocalService.getSecretKey(), sign);
+        boolean valid = SignatureUtil.valid(requestString, secretKey, sign);
         if (!valid) {
             String payload = "sign invalid";
             getObjectService.writeResponse(HttpServletResponse.SC_FORBIDDEN, payload);
@@ -79,7 +83,7 @@ public class ObjectGetController {
             return;
         }
 
-        OssPayload ossPayload = JwtUtil.getOssPayload(token, storeLocalService.getSecretKey());
+        OssPayload ossPayload = JwtUtil.getOssPayload(token, secretKey);
         int loginUser = ossPayload.getUserId();
         int channelId = ossPayload.getChannelId();
         ObjectChannel objectChannel = storeLocalService.getChannelById(loginUser, channelId);
@@ -89,7 +93,6 @@ public class ObjectGetController {
             return;
         }
 
-        int userId = ossPayload.getUserId();
         String prefix = objectChannel.getPrefix();
         if (!objectName.startsWith(prefix)) {
             String payload = String.format("channel prefix %s not matched", prefix);

oss-store/src/main/java/cn/reghao/oss/store/controller/ObjectUploadController.java

@@ -12,6 +12,7 @@ import cn.reghao.jutil.jdk.security.DigestUtil;
 import cn.reghao.jutil.web.ServletUtil;
 import cn.reghao.oss.api.dto.OssPayload;
 import cn.reghao.oss.api.rest.UploadFileRet;
+import com.github.benmanes.caffeine.cache.Cache;
 import org.apache.commons.io.FileUtils;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
@@ -33,15 +34,17 @@ public class ObjectUploadController {
     private final ObjectNameService objectNameService;
     private final PutObjectService putObjectService;
     private final StoreLocalService storeLocalService;
+    private final Cache<String, String> cache;
 
     public ObjectUploadController(ChannelValidateService channelValidateService, FileStoreService fileStoreService,
                                   ObjectNameService objectNameService, PutObjectService putObjectService,
-                                  StoreLocalService storeLocalService) {
+                                  StoreLocalService storeLocalService, Cache<String, String> cache) {
         this.channelValidateService = channelValidateService;
         this.fileStoreService = fileStoreService;
         this.objectNameService = objectNameService;
         this.putObjectService = putObjectService;
         this.storeLocalService = storeLocalService;
+        this.cache = cache;
     }
 
     @PutMapping(value = "/**")
@@ -59,7 +62,7 @@ public class ObjectUploadController {
                     .body(WebResult.failWithMsg("no token in request"));
         }
 
-        String secretKey = storeLocalService.getSecretKey();
+        String secretKey = cache.getIfPresent(token);
         OssPayload ossPayload = JwtUtil.getOssPayload(token, secretKey);
         String action = ossPayload.getAction();
         if (!"upload".equals(action)) {

oss-store/src/main/java/cn/reghao/oss/store/rpc/StoreServiceImpl.java

@@ -6,6 +6,7 @@ import cn.reghao.oss.api.dto.media.AudioInfo;
 import cn.reghao.oss.api.dto.media.ConvertedImageInfo;
 import cn.reghao.oss.api.dto.media.ImageInfo;
 import cn.reghao.oss.api.dto.media.VideoInfo;
+import cn.reghao.oss.api.util.AuthContext;
 import cn.reghao.oss.store.db.repository.ObjectRepository;
 import cn.reghao.oss.store.model.po.FileMeta;
 import cn.reghao.oss.store.service.FileStoreService;
@@ -37,17 +38,15 @@ public class StoreServiceImpl implements StoreService {
     private final FileStoreService fileStoreService;
     private final ObjectRepository objectRepository;
     private final SignService signService;
-    private final StoreLocalService storeLocalService;
     private final MediaFileProcessor mediaFileProcessor;
 
     public StoreServiceImpl(ObjectNameService objectNameService, FileStoreService fileStoreService,
                             ObjectRepository objectRepository, SignService signService,
-                            StoreLocalService storeLocalService, MediaFileProcessor mediaFileProcessor) {
+                            MediaFileProcessor mediaFileProcessor) {
         this.objectNameService = objectNameService;
         this.fileStoreService = fileStoreService;
         this.objectRepository = objectRepository;
         this.signService = signService;
-        this.storeLocalService = storeLocalService;
         this.mediaFileProcessor = mediaFileProcessor;
     }
 
@@ -85,9 +84,6 @@ public class StoreServiceImpl implements StoreService {
 
     @Override
     public ObjectInfo getObjectInfo(String objectId) {
-        int loginUser = 1;
-        int expireSecond = 3600;
-
         FileMeta fileMeta = objectRepository.getByObjectId(objectId);
         if (fileMeta == null) {
             return null;
@@ -97,24 +93,14 @@ public class StoreServiceImpl implements StoreService {
         int fileType = fileMeta.getFileType();
         String filename = fileMeta.getFilename();
         long size = fileMeta.getSize();
-        ObjectInfo objectInfo = new ObjectInfo(objectId, objectName, fileType, filename, size);
-        String url = String.format("//%s/%s", storeLocalService.getDomain(), objectName);
-        int scope = fileMeta.getScope();
-        if (scope != ObjectScope.PUBLIC.getCode()) {
-            String signedUrl = signService.getSignedUrl(loginUser, url, expireSecond);
-            objectInfo.setUrl(signedUrl);
-        } else {
-            objectInfo.setUrl(url);
-        }
-
-        return objectInfo;
+        return new ObjectInfo(objectId, objectName, fileType, filename, size);
     }
 
-    public String getSignedUrl(String objectId) {
+    @Override
+    public String getSignedUrl(int loginUser, String objectId) {
         int expire = 3600;
         ObjectMeta objectMeta = objectRepository.getObjectMetaById(objectId);
         String url = objectNameService.getObjectUrl(objectMeta.getObjectName());
-        int loginUser = 10000;
         return signService.getSignedUrl(loginUser, url, expire);
     }
 

oss-store/src/main/java/cn/reghao/oss/store/service/SignService.java

@@ -1,9 +1,11 @@
 package cn.reghao.oss.store.service;
 
+import cn.reghao.jutil.jdk.security.RandomString;
 import cn.reghao.oss.api.util.JwtUtil;
 import cn.reghao.oss.store.util.SignatureUtil;
 import cn.reghao.oss.api.constant.ChannelAction;
 import cn.reghao.oss.api.dto.OssPayload;
+import com.github.benmanes.caffeine.cache.Cache;
 import org.springframework.stereotype.Service;
 
 import java.util.UUID;
@@ -17,21 +19,26 @@ import java.util.UUID;
 @Service
 public class SignService {
     private final StoreLocalService storeLocalService;
+    private final Cache<String, String> cache;
 
-    public SignService(StoreLocalService storeLocalService) {
+    public SignService(StoreLocalService storeLocalService, Cache<String, String> cache) {
         this.storeLocalService = storeLocalService;
+        this.cache = cache;
     }
 
     public String getSignedUrl(int loginUser, String url, int expire) {
         long timestamp = System.currentTimeMillis() + expire*1000L;
         int channelId = storeLocalService.getChannelIdByUrl(loginUser, url);
 
-        String secretKey = storeLocalService.getSecretKey();
         String action1 = ChannelAction.download.getName();
         String action = ChannelAction.access.getName();
         OssPayload ossPayload = new OssPayload(action, channelId, loginUser);
 
+        //String secretKey = storeLocalService.getSecretKey();
+        String secretKey = RandomString.getString(128);
         String token = JwtUtil.createToken(ossPayload, timestamp, secretKey);
+        cache.put(token, secretKey);
+
         String nonce = UUID.randomUUID().toString();
         String queryString = String.format("token=%s&t=%s&nonce=%s", token, timestamp, nonce);
         String requestString = String.format("%s%s?%s", "GET", url, queryString);