sequence
This paper mainly studies Dubbo’s TokenFilter
TokenFilter
Dubbo – 2.7.2 / dubbo – RPC/dubbo xml-rpc API/SRC/main/Java/org/apache/dubbo/RPC/filter/TokenFilter Java
@Activate(group = CommonConstants.PROVIDER, value = TOKEN_KEY) public class TokenFilter implements Filter { @Override public Result invoke(Invoker<? > invoker, Invocation inv) throws RpcException { String token = invoker.getUrl().getParameter(TOKEN_KEY);if(ConfigUtils.isNotEmpty(token)) { Class<? > serviceType = invoker.getInterface(); Map<String, String> attachments = inv.getAttachments(); String remoteToken = attachments == null ? null : attachments.get(TOKEN_KEY);if(! token.equals(remoteToken)) { throw new RpcException("Invalid token! Forbid invoke remote service " + serviceType + " method " + inv.getMethodName() + "() from consumer " + RpcContext.getContext().getRemoteHost() + " to provider "+ RpcContext.getContext().getLocalHost()); }}returninvoker.invoke(inv); }}Copy the code- TokenFilter implements the Filter interface, and its invoke method determines whether the URL of invoker has a token attribute. If the value is not empty, it obtains remoteToken from attachments and compares the two tokens to see if they are the same. Invoke (inv); Invoke (inV)
The instance
Dubbo – 2.7.2 / dubbo – RPC/dubbo xml-rpc API/SRC/test/Java/org/apache/dubbo/RPC/filter/TokenFilterTest. Java
public class TokenFilterTest {
private TokenFilter tokenFilter = new TokenFilter();
@Test
public void testInvokeWithToken() throws Exception {
String token = "token";
Invoker invoker = Mockito.mock(Invoker.class);
URL url = URL.valueOf("test://test:11/test? Accesslog = true&group = dubbo&version = 1.1 & token =" + token);
when(invoker.getUrl()).thenReturn(url);
when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result"));
Map<String, String> attachments = new HashMap<String, String>();
attachments.put(TOKEN_KEY, token);
Invocation invocation = Mockito.mock(Invocation.class);
when(invocation.getAttachments()).thenReturn(attachments);
Result result = tokenFilter.invoke(invoker, invocation);
Assertions.assertEquals("result", result.getValue());
}
@Test
public void testInvokeWithWrongToken() throws Exception {
Assertions.assertThrows(RpcException.class, () -> {
String token = "token";
Invoker invoker = Mockito.mock(Invoker.class);
URL url = URL.valueOf("test://test:11/test? Accesslog = true&group = dubbo&version = 1.1 & token =" + token);
when(invoker.getUrl()).thenReturn(url);
when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result"));
Map<String, String> attachments = new HashMap<String, String>();
attachments.put(TOKEN_KEY, "wrongToken");
Invocation invocation = Mockito.mock(Invocation.class);
when(invocation.getAttachments()).thenReturn(attachments);
tokenFilter.invoke(invoker, invocation);
});
}
@Test
public void testInvokeWithoutToken() throws Exception {
Assertions.assertThrows(RpcException.class, () -> {
String token = "token";
Invoker invoker = Mockito.mock(Invoker.class);
URL url = URL.valueOf("test://test:11/test? Accesslog = true&group = dubbo&version = 1.1 & token =" + token);
when(invoker.getUrl()).thenReturn(url);
when(invoker.invoke(any(Invocation.class))).thenReturn(new AppResponse("result")); Invocation invocation = Mockito.mock(Invocation.class); tokenFilter.invoke(invoker, invocation); }); }}Copy the code- The correct token, the wrong token, and the scenario without the token are verified
summary
TokenFilter implements the Filter interface, and its invoke method determines whether the URL of invoker has a token attribute. If the value is not empty, it obtains remoteToken from attachments and compares the two tokens to see if they are the same. Invoke (inv); Invoke (inV)
doc
- TokenFilter