From 5d8564caf6cf3eec7b30f31d0e61556d43f17567 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Wed, 29 Sep 2021 21:45:21 +0800 Subject: [PATCH 01/12] feature: support Server authentication blacklist configuration --- .../core/constants/ConfigurationKeys.java | 5 ++ .../rpc/DefaultServerMessageListenerImpl.java | 4 +- .../core/rpc/RegisterCheckAuthHandler.java | 11 ++- .../rpc/processor/server/RegRmProcessor.java | 2 +- .../rpc/processor/server/RegTmProcessor.java | 2 +- .../properties/server/ServerProperties.java | 10 +++ .../server/auth/AbstractCheckAuthHandler.java | 15 ++-- .../java/io/seata/server/auth/Blacklist.java | 70 +++++++++++++++++++ .../server/auth/DefaultCheckAuthHandler.java | 18 +++-- 9 files changed, 115 insertions(+), 22 deletions(-) create mode 100644 server/src/main/java/io/seata/server/auth/Blacklist.java diff --git a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java index ce11b3d58ed..0c34594c097 100644 --- a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java +++ b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java @@ -449,6 +449,11 @@ public interface ConfigurationKeys { */ String DISTRIBUTED_LOCK_EXPIRE_TIME = SERVER_PREFIX + "distributedLockExpireTime"; + /** + * The constant SERVER_BLACKLIST + */ + String SERVER_BLACKLIST = SERVER_PREFIX + "blacklist"; + /** * The constant MIN_SERVER_POOL_SIZE. */ diff --git a/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java b/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java index c81f78fb5d4..ba55c442bd8 100644 --- a/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java +++ b/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java @@ -112,7 +112,7 @@ public void onRegRmMessage(RpcMessage request, ChannelHandlerContext ctx, Regist boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (checkAuthHandler == null || checkAuthHandler.regResourceManagerCheckAuth(message)) { + if (checkAuthHandler == null || checkAuthHandler.regResourceManagerCheckAuth(ctx)) { ChannelManager.registerRMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; @@ -144,7 +144,7 @@ public void onRegTmMessage(RpcMessage request, ChannelHandlerContext ctx, Regist boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (checkAuthHandler == null || checkAuthHandler.regTransactionManagerCheckAuth(message)) { + if (checkAuthHandler == null || checkAuthHandler.regTransactionManagerCheckAuth(ctx)) { ChannelManager.registerTMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java b/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java index a398f457a58..17d5bf3fba6 100644 --- a/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java +++ b/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java @@ -15,8 +15,7 @@ */ package io.seata.core.rpc; -import io.seata.core.protocol.RegisterRMRequest; -import io.seata.core.protocol.RegisterTMRequest; +import io.netty.channel.ChannelHandlerContext; /** * The interface Register check auth handler. @@ -28,16 +27,16 @@ public interface RegisterCheckAuthHandler { /** * Reg transaction manager check auth boolean. * - * @param request the request + * @param ctx the ctx * @return the boolean */ - boolean regTransactionManagerCheckAuth(RegisterTMRequest request); + boolean regTransactionManagerCheckAuth(ChannelHandlerContext ctx); /** * Reg resource manager check auth boolean. * - * @param request the request + * @param ctx the ctx * @return the boolean */ - boolean regResourceManagerCheckAuth(RegisterRMRequest request); + boolean regResourceManagerCheckAuth(ChannelHandlerContext ctx); } diff --git a/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java b/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java index 17f0d423d57..163ea20d03a 100644 --- a/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java +++ b/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java @@ -63,7 +63,7 @@ private void onRegRmMessage(ChannelHandlerContext ctx, RpcMessage rpcMessage) { boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (null == checkAuthHandler || checkAuthHandler.regResourceManagerCheckAuth(message)) { + if (null == checkAuthHandler || checkAuthHandler.regResourceManagerCheckAuth(ctx)) { ChannelManager.registerRMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java b/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java index 04a34a76c67..918f10e6fc2 100644 --- a/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java +++ b/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java @@ -64,7 +64,7 @@ private void onRegTmMessage(ChannelHandlerContext ctx, RpcMessage rpcMessage) { boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (null == checkAuthHandler || checkAuthHandler.regTransactionManagerCheckAuth(message)) { + if (null == checkAuthHandler || checkAuthHandler.regTransactionManagerCheckAuth(ctx)) { ChannelManager.registerTMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java index c2c672a7d5a..ebb36addfb1 100644 --- a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java +++ b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java @@ -34,6 +34,7 @@ public class ServerProperties { private Boolean enableCheckAuth = true; private Integer retryDeadThreshold = 130000; private Integer servicePort; + private String blacklist = null; public Duration getMaxCommitRetryTimeout() { return maxCommitRetryTimeout; @@ -88,4 +89,13 @@ public ServerProperties setServicePort(Integer servicePort) { this.servicePort = servicePort; return this; } + + public String getBlacklist() { + return blacklist; + } + + public ServerProperties setBlacklist(String blacklist) { + this.blacklist = blacklist; + return this; + } } diff --git a/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java index ecfbfc12dab..6185a52fbdb 100644 --- a/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java @@ -15,10 +15,9 @@ */ package io.seata.server.auth; +import io.netty.channel.ChannelHandlerContext; import io.seata.config.ConfigurationFactory; import io.seata.core.constants.ConfigurationKeys; -import io.seata.core.protocol.RegisterRMRequest; -import io.seata.core.protocol.RegisterTMRequest; import io.seata.core.rpc.RegisterCheckAuthHandler; import static io.seata.common.DefaultValues.DEFAULT_SERVER_ENABLE_CHECK_AUTH; @@ -32,22 +31,22 @@ public abstract class AbstractCheckAuthHandler implements RegisterCheckAuthHandl ConfigurationKeys.SERVER_ENABLE_CHECK_AUTH, DEFAULT_SERVER_ENABLE_CHECK_AUTH); @Override - public boolean regTransactionManagerCheckAuth(RegisterTMRequest request) { + public boolean regTransactionManagerCheckAuth(ChannelHandlerContext ctx) { if (!ENABLE_CHECK_AUTH) { return true; } - return doRegTransactionManagerCheck(request); + return doRegTransactionManagerCheck(ctx); } - public abstract boolean doRegTransactionManagerCheck(RegisterTMRequest request); + public abstract boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx); @Override - public boolean regResourceManagerCheckAuth(RegisterRMRequest request) { + public boolean regResourceManagerCheckAuth(ChannelHandlerContext ctx) { if (!ENABLE_CHECK_AUTH) { return true; } - return doRegResourceManagerCheck(request); + return doRegResourceManagerCheck(ctx); } - public abstract boolean doRegResourceManagerCheck(RegisterRMRequest request); + public abstract boolean doRegResourceManagerCheck(ChannelHandlerContext ctx); } diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/Blacklist.java new file mode 100644 index 00000000000..5d7d5924a4c --- /dev/null +++ b/server/src/main/java/io/seata/server/auth/Blacklist.java @@ -0,0 +1,70 @@ +/* + * Copyright 1999-2019 Seata.io Group. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.seata.server.auth; + +import java.util.Collections; +import java.util.List; +import java.util.concurrent.CopyOnWriteArrayList; + +import io.seata.config.ConfigurationChangeEvent; +import io.seata.config.ConfigurationChangeListener; +import io.seata.config.ConfigurationFactory; +import io.seata.core.constants.ConfigurationKeys; + +public class Blacklist { + + private static final long DEFAULT_CONFIG_TIMEOUT = 5000; + + private List ipList = new CopyOnWriteArrayList<>(); + + Blacklist() { + String ips = ConfigurationFactory.getInstance().getConfig(ConfigurationKeys.SERVER_BLACKLIST); + if(ips != null) { + String[] ipArray = ips.split(";"); + Collections.addAll(ipList, ipArray); + } + + ConfigurationFactory.getInstance().addConfigListener(ConfigurationKeys.SERVER_BLACKLIST, new ConfigurationChangeListener() { + @Override + public void onChangeEvent(ConfigurationChangeEvent event) { + String currentIps = ConfigurationFactory.getInstance().getLatestConfig(ConfigurationKeys.SERVER_BLACKLIST,null, DEFAULT_CONFIG_TIMEOUT); + clear(); + if(currentIps == null) { + return; + } + String[] currentIpArray = currentIps.split(";"); + Collections.addAll(ipList, currentIpArray); + } + }); + } + + public void setIpList(List ipList) { + this.ipList = ipList; + } + + public List getIpList() { + return ipList; + } + + public void clear() { + ipList.clear(); + } + + public boolean contains(String address) { + return ipList.contains(address); + } +} + diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index ed3e9343c2c..b0c76c4ac3a 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -15,9 +15,9 @@ */ package io.seata.server.auth; +import io.netty.channel.ChannelHandlerContext; import io.seata.common.loader.LoadLevel; -import io.seata.core.protocol.RegisterRMRequest; -import io.seata.core.protocol.RegisterTMRequest; +import io.seata.common.util.NetUtil; /** * @author slievrly @@ -25,13 +25,23 @@ @LoadLevel(name = "defaultCheckAuthHandler", order = 100) public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { + Blacklist blacklist = new Blacklist(); + @Override - public boolean doRegTransactionManagerCheck(RegisterTMRequest request) { + public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { + String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; + if(blacklist.contains(ip)) { + return false; + } return true; } @Override - public boolean doRegResourceManagerCheck(RegisterRMRequest request) { + public boolean doRegResourceManagerCheck(ChannelHandlerContext ctx) { + String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; + if(blacklist.contains(ip)) { + return false; + } return true; } } From a81e996732dd83c7c47c7d65c994856467dcdb4f Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Wed, 29 Sep 2021 22:05:12 +0800 Subject: [PATCH 02/12] optimize: optimize blacklist to handle TM and RM separately --- .../core/constants/ConfigurationKeys.java | 9 +++++++-- .../properties/server/ServerProperties.java | 20 ++++++++++++++----- .../java/io/seata/server/auth/Blacklist.java | 18 +++++++++-------- .../server/auth/DefaultCheckAuthHandler.java | 9 ++++++--- 4 files changed, 38 insertions(+), 18 deletions(-) diff --git a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java index 0c34594c097..c31740371ed 100644 --- a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java +++ b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java @@ -450,9 +450,14 @@ public interface ConfigurationKeys { String DISTRIBUTED_LOCK_EXPIRE_TIME = SERVER_PREFIX + "distributedLockExpireTime"; /** - * The constant SERVER_BLACKLIST + * The constant TM_BLACKLIST */ - String SERVER_BLACKLIST = SERVER_PREFIX + "blacklist"; + String TM_BLACKLIST = SERVER_PREFIX + "tmBlacklist"; + + /** + * The constant RM_BLACKLIST + */ + String RM_BLACKLIST = SERVER_PREFIX + "rmBlacklist"; /** * The constant MIN_SERVER_POOL_SIZE. diff --git a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java index ebb36addfb1..1e33b342c32 100644 --- a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java +++ b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java @@ -34,7 +34,8 @@ public class ServerProperties { private Boolean enableCheckAuth = true; private Integer retryDeadThreshold = 130000; private Integer servicePort; - private String blacklist = null; + private String tmBlacklist = null; + private String rmBlacklist = null; public Duration getMaxCommitRetryTimeout() { return maxCommitRetryTimeout; @@ -90,12 +91,21 @@ public ServerProperties setServicePort(Integer servicePort) { return this; } - public String getBlacklist() { - return blacklist; + public String getTmBlacklist() { + return tmBlacklist; } - public ServerProperties setBlacklist(String blacklist) { - this.blacklist = blacklist; + public ServerProperties setTmBlacklist(String tmBlacklist) { + this.tmBlacklist = tmBlacklist; + return this; + } + + public String getRmBlacklist() { + return rmBlacklist; + } + + public ServerProperties setRmBlacklist(String rmBlacklist) { + this.rmBlacklist = rmBlacklist; return this; } } diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/Blacklist.java index 5d7d5924a4c..50b90e4a262 100644 --- a/server/src/main/java/io/seata/server/auth/Blacklist.java +++ b/server/src/main/java/io/seata/server/auth/Blacklist.java @@ -28,24 +28,26 @@ public class Blacklist { private static final long DEFAULT_CONFIG_TIMEOUT = 5000; + private static final String IP_CONFIG_SPLIT_CHAR = ";"; + private List ipList = new CopyOnWriteArrayList<>(); - Blacklist() { - String ips = ConfigurationFactory.getInstance().getConfig(ConfigurationKeys.SERVER_BLACKLIST); - if(ips != null) { - String[] ipArray = ips.split(";"); + public Blacklist(String blacklistConfig) { + String ips = ConfigurationFactory.getInstance().getConfig(blacklistConfig); + if (ips != null) { + String[] ipArray = ips.split(IP_CONFIG_SPLIT_CHAR); Collections.addAll(ipList, ipArray); } - ConfigurationFactory.getInstance().addConfigListener(ConfigurationKeys.SERVER_BLACKLIST, new ConfigurationChangeListener() { + ConfigurationFactory.getInstance().addConfigListener(blacklistConfig, new ConfigurationChangeListener() { @Override public void onChangeEvent(ConfigurationChangeEvent event) { - String currentIps = ConfigurationFactory.getInstance().getLatestConfig(ConfigurationKeys.SERVER_BLACKLIST,null, DEFAULT_CONFIG_TIMEOUT); + String currentIps = ConfigurationFactory.getInstance().getLatestConfig(blacklistConfig, null, DEFAULT_CONFIG_TIMEOUT); clear(); - if(currentIps == null) { + if (currentIps == null) { return; } - String[] currentIpArray = currentIps.split(";"); + String[] currentIpArray = currentIps.split(IP_CONFIG_SPLIT_CHAR); Collections.addAll(ipList, currentIpArray); } }); diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index b0c76c4ac3a..ee854f31cf9 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -18,6 +18,7 @@ import io.netty.channel.ChannelHandlerContext; import io.seata.common.loader.LoadLevel; import io.seata.common.util.NetUtil; +import io.seata.core.constants.ConfigurationKeys; /** * @author slievrly @@ -25,12 +26,14 @@ @LoadLevel(name = "defaultCheckAuthHandler", order = 100) public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { - Blacklist blacklist = new Blacklist(); + Blacklist tmBlacklist = new Blacklist(ConfigurationKeys.TM_BLACKLIST); + + Blacklist rmBlacklist = new Blacklist(ConfigurationKeys.RM_BLACKLIST); @Override public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if(blacklist.contains(ip)) { + if (tmBlacklist.contains(ip)) { return false; } return true; @@ -39,7 +42,7 @@ public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { @Override public boolean doRegResourceManagerCheck(ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if(blacklist.contains(ip)) { + if (rmBlacklist.contains(ip)) { return false; } return true; From 3f484aa0122f583ef4f2ac019f0f72bed67ae8c8 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Fri, 8 Oct 2021 13:09:34 +0800 Subject: [PATCH 03/12] optimize: handle TM and RM together --- .../core/constants/ConfigurationKeys.java | 9 ++------- .../properties/server/ServerProperties.java | 20 +++++-------------- .../server/auth/DefaultCheckAuthHandler.java | 8 +++----- 3 files changed, 10 insertions(+), 27 deletions(-) diff --git a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java index c31740371ed..67ea5512916 100644 --- a/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java +++ b/core/src/main/java/io/seata/core/constants/ConfigurationKeys.java @@ -450,14 +450,9 @@ public interface ConfigurationKeys { String DISTRIBUTED_LOCK_EXPIRE_TIME = SERVER_PREFIX + "distributedLockExpireTime"; /** - * The constant TM_BLACKLIST + * The constant BLACKLIST */ - String TM_BLACKLIST = SERVER_PREFIX + "tmBlacklist"; - - /** - * The constant RM_BLACKLIST - */ - String RM_BLACKLIST = SERVER_PREFIX + "rmBlacklist"; + String BLACKLIST = SERVER_PREFIX + "blacklist"; /** * The constant MIN_SERVER_POOL_SIZE. diff --git a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java index 1e33b342c32..ebb36addfb1 100644 --- a/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java +++ b/seata-spring-autoconfigure/seata-spring-autoconfigure-server/src/main/java/io/seata/spring/boot/autoconfigure/properties/server/ServerProperties.java @@ -34,8 +34,7 @@ public class ServerProperties { private Boolean enableCheckAuth = true; private Integer retryDeadThreshold = 130000; private Integer servicePort; - private String tmBlacklist = null; - private String rmBlacklist = null; + private String blacklist = null; public Duration getMaxCommitRetryTimeout() { return maxCommitRetryTimeout; @@ -91,21 +90,12 @@ public ServerProperties setServicePort(Integer servicePort) { return this; } - public String getTmBlacklist() { - return tmBlacklist; + public String getBlacklist() { + return blacklist; } - public ServerProperties setTmBlacklist(String tmBlacklist) { - this.tmBlacklist = tmBlacklist; - return this; - } - - public String getRmBlacklist() { - return rmBlacklist; - } - - public ServerProperties setRmBlacklist(String rmBlacklist) { - this.rmBlacklist = rmBlacklist; + public ServerProperties setBlacklist(String blacklist) { + this.blacklist = blacklist; return this; } } diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index ee854f31cf9..f497f20a344 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -26,14 +26,12 @@ @LoadLevel(name = "defaultCheckAuthHandler", order = 100) public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { - Blacklist tmBlacklist = new Blacklist(ConfigurationKeys.TM_BLACKLIST); - - Blacklist rmBlacklist = new Blacklist(ConfigurationKeys.RM_BLACKLIST); + Blacklist blacklist = new Blacklist(ConfigurationKeys.BLACKLIST); @Override public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if (tmBlacklist.contains(ip)) { + if (blacklist.contains(ip)) { return false; } return true; @@ -42,7 +40,7 @@ public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { @Override public boolean doRegResourceManagerCheck(ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if (rmBlacklist.contains(ip)) { + if (blacklist.contains(ip)) { return false; } return true; From 90a647dcf25f51ab893dff4d1e858c6572134fe1 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Fri, 8 Oct 2021 13:21:40 +0800 Subject: [PATCH 04/12] optimize: reserve the RegisterTMRequest and RegisterRMRequest parameters --- .../core/rpc/DefaultServerMessageListenerImpl.java | 4 ++-- .../seata/core/rpc/RegisterCheckAuthHandler.java | 8 ++++++-- .../core/rpc/processor/server/RegRmProcessor.java | 2 +- .../core/rpc/processor/server/RegTmProcessor.java | 2 +- .../server/auth/AbstractCheckAuthHandler.java | 14 ++++++++------ .../seata/server/auth/DefaultCheckAuthHandler.java | 6 ++++-- 6 files changed, 22 insertions(+), 14 deletions(-) diff --git a/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java b/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java index ba55c442bd8..962753b7ea6 100644 --- a/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java +++ b/core/src/main/java/io/seata/core/rpc/DefaultServerMessageListenerImpl.java @@ -112,7 +112,7 @@ public void onRegRmMessage(RpcMessage request, ChannelHandlerContext ctx, Regist boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (checkAuthHandler == null || checkAuthHandler.regResourceManagerCheckAuth(ctx)) { + if (checkAuthHandler == null || checkAuthHandler.regResourceManagerCheckAuth(message, ctx)) { ChannelManager.registerRMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; @@ -144,7 +144,7 @@ public void onRegTmMessage(RpcMessage request, ChannelHandlerContext ctx, Regist boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (checkAuthHandler == null || checkAuthHandler.regTransactionManagerCheckAuth(ctx)) { + if (checkAuthHandler == null || checkAuthHandler.regTransactionManagerCheckAuth(message, ctx)) { ChannelManager.registerTMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java b/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java index 17d5bf3fba6..5b8e9a42352 100644 --- a/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java +++ b/core/src/main/java/io/seata/core/rpc/RegisterCheckAuthHandler.java @@ -16,6 +16,8 @@ package io.seata.core.rpc; import io.netty.channel.ChannelHandlerContext; +import io.seata.core.protocol.RegisterRMRequest; +import io.seata.core.protocol.RegisterTMRequest; /** * The interface Register check auth handler. @@ -27,16 +29,18 @@ public interface RegisterCheckAuthHandler { /** * Reg transaction manager check auth boolean. * + * @param request the request * @param ctx the ctx * @return the boolean */ - boolean regTransactionManagerCheckAuth(ChannelHandlerContext ctx); + boolean regTransactionManagerCheckAuth(RegisterTMRequest request, ChannelHandlerContext ctx); /** * Reg resource manager check auth boolean. * + * @param request the request * @param ctx the ctx * @return the boolean */ - boolean regResourceManagerCheckAuth(ChannelHandlerContext ctx); + boolean regResourceManagerCheckAuth(RegisterRMRequest request, ChannelHandlerContext ctx); } diff --git a/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java b/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java index 163ea20d03a..0b0011fd977 100644 --- a/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java +++ b/core/src/main/java/io/seata/core/rpc/processor/server/RegRmProcessor.java @@ -63,7 +63,7 @@ private void onRegRmMessage(ChannelHandlerContext ctx, RpcMessage rpcMessage) { boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (null == checkAuthHandler || checkAuthHandler.regResourceManagerCheckAuth(ctx)) { + if (null == checkAuthHandler || checkAuthHandler.regResourceManagerCheckAuth(message, ctx)) { ChannelManager.registerRMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java b/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java index 918f10e6fc2..6e3096e9787 100644 --- a/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java +++ b/core/src/main/java/io/seata/core/rpc/processor/server/RegTmProcessor.java @@ -64,7 +64,7 @@ private void onRegTmMessage(ChannelHandlerContext ctx, RpcMessage rpcMessage) { boolean isSuccess = false; String errorInfo = StringUtils.EMPTY; try { - if (null == checkAuthHandler || checkAuthHandler.regTransactionManagerCheckAuth(ctx)) { + if (null == checkAuthHandler || checkAuthHandler.regTransactionManagerCheckAuth(message, ctx)) { ChannelManager.registerTMChannel(message, ctx.channel()); Version.putChannelVersion(ctx.channel(), message.getVersion()); isSuccess = true; diff --git a/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java index 6185a52fbdb..890816a5fb6 100644 --- a/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/AbstractCheckAuthHandler.java @@ -18,6 +18,8 @@ import io.netty.channel.ChannelHandlerContext; import io.seata.config.ConfigurationFactory; import io.seata.core.constants.ConfigurationKeys; +import io.seata.core.protocol.RegisterRMRequest; +import io.seata.core.protocol.RegisterTMRequest; import io.seata.core.rpc.RegisterCheckAuthHandler; import static io.seata.common.DefaultValues.DEFAULT_SERVER_ENABLE_CHECK_AUTH; @@ -31,22 +33,22 @@ public abstract class AbstractCheckAuthHandler implements RegisterCheckAuthHandl ConfigurationKeys.SERVER_ENABLE_CHECK_AUTH, DEFAULT_SERVER_ENABLE_CHECK_AUTH); @Override - public boolean regTransactionManagerCheckAuth(ChannelHandlerContext ctx) { + public boolean regTransactionManagerCheckAuth(RegisterTMRequest request, ChannelHandlerContext ctx) { if (!ENABLE_CHECK_AUTH) { return true; } - return doRegTransactionManagerCheck(ctx); + return doRegTransactionManagerCheck(request, ctx); } - public abstract boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx); + public abstract boolean doRegTransactionManagerCheck(RegisterTMRequest request, ChannelHandlerContext ctx); @Override - public boolean regResourceManagerCheckAuth(ChannelHandlerContext ctx) { + public boolean regResourceManagerCheckAuth(RegisterRMRequest request, ChannelHandlerContext ctx) { if (!ENABLE_CHECK_AUTH) { return true; } - return doRegResourceManagerCheck(ctx); + return doRegResourceManagerCheck(request, ctx); } - public abstract boolean doRegResourceManagerCheck(ChannelHandlerContext ctx); + public abstract boolean doRegResourceManagerCheck(RegisterRMRequest request, ChannelHandlerContext ctx); } diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index f497f20a344..dbcc20307e9 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -19,6 +19,8 @@ import io.seata.common.loader.LoadLevel; import io.seata.common.util.NetUtil; import io.seata.core.constants.ConfigurationKeys; +import io.seata.core.protocol.RegisterRMRequest; +import io.seata.core.protocol.RegisterTMRequest; /** * @author slievrly @@ -29,7 +31,7 @@ public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { Blacklist blacklist = new Blacklist(ConfigurationKeys.BLACKLIST); @Override - public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { + public boolean doRegTransactionManagerCheck(RegisterTMRequest request, ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; if (blacklist.contains(ip)) { return false; @@ -38,7 +40,7 @@ public boolean doRegTransactionManagerCheck(ChannelHandlerContext ctx) { } @Override - public boolean doRegResourceManagerCheck(ChannelHandlerContext ctx) { + public boolean doRegResourceManagerCheck(RegisterRMRequest request, ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; if (blacklist.contains(ip)) { return false; From 18fcab738b56f39f10f2bed2752687d3a5386670 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Fri, 8 Oct 2021 19:59:04 +0800 Subject: [PATCH 05/12] optimize: optimize the configListener of blacklist --- server/src/main/java/io/seata/server/auth/Blacklist.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/Blacklist.java index 50b90e4a262..269ffa8aaab 100644 --- a/server/src/main/java/io/seata/server/auth/Blacklist.java +++ b/server/src/main/java/io/seata/server/auth/Blacklist.java @@ -42,7 +42,7 @@ public Blacklist(String blacklistConfig) { ConfigurationFactory.getInstance().addConfigListener(blacklistConfig, new ConfigurationChangeListener() { @Override public void onChangeEvent(ConfigurationChangeEvent event) { - String currentIps = ConfigurationFactory.getInstance().getLatestConfig(blacklistConfig, null, DEFAULT_CONFIG_TIMEOUT); + String currentIps = event.getNewValue(); clear(); if (currentIps == null) { return; From 84affbe0a759bd57cd485b89378c5823a4aaea44 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Fri, 8 Oct 2021 20:10:05 +0800 Subject: [PATCH 06/12] optimize: add blacklist configuration in application.example.yml --- server/src/main/resources/application.example.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/server/src/main/resources/application.example.yml b/server/src/main/resources/application.example.yml index 5458fcb1287..1a1cf91e203 100644 --- a/server/src/main/resources/application.example.yml +++ b/server/src/main/resources/application.example.yml @@ -108,6 +108,7 @@ seata: undo: log-save-days: 7 log-delete-period: 86400000 + blacklist: 1.1.1.1;2.2.2.2 store: # support: file 、 db 、 redis mode: file From 07e8142a6888f3e5e0b1b9085bae6e683bbf8952 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Mon, 11 Oct 2021 14:17:38 +0800 Subject: [PATCH 07/12] optimize: delete unUsedImports --- server/src/main/java/io/seata/server/auth/Blacklist.java | 1 - 1 file changed, 1 deletion(-) diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/Blacklist.java index 269ffa8aaab..ebc1e962feb 100644 --- a/server/src/main/java/io/seata/server/auth/Blacklist.java +++ b/server/src/main/java/io/seata/server/auth/Blacklist.java @@ -22,7 +22,6 @@ import io.seata.config.ConfigurationChangeEvent; import io.seata.config.ConfigurationChangeListener; import io.seata.config.ConfigurationFactory; -import io.seata.core.constants.ConfigurationKeys; public class Blacklist { From 5071e615d324d4675f8b3d15b9140581c28b76bb Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Mon, 15 Nov 2021 23:02:45 +0800 Subject: [PATCH 08/12] optimize: change the split character of blacklist --- server/src/main/java/io/seata/server/auth/Blacklist.java | 2 +- server/src/main/resources/application.example.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/Blacklist.java index ebc1e962feb..8979f202b4f 100644 --- a/server/src/main/java/io/seata/server/auth/Blacklist.java +++ b/server/src/main/java/io/seata/server/auth/Blacklist.java @@ -27,7 +27,7 @@ public class Blacklist { private static final long DEFAULT_CONFIG_TIMEOUT = 5000; - private static final String IP_CONFIG_SPLIT_CHAR = ";"; + private static final String IP_CONFIG_SPLIT_CHAR = ","; private List ipList = new CopyOnWriteArrayList<>(); diff --git a/server/src/main/resources/application.example.yml b/server/src/main/resources/application.example.yml index 1a1cf91e203..d54f9fc6773 100644 --- a/server/src/main/resources/application.example.yml +++ b/server/src/main/resources/application.example.yml @@ -108,7 +108,7 @@ seata: undo: log-save-days: 7 log-delete-period: 86400000 - blacklist: 1.1.1.1;2.2.2.2 + blacklist: 1.1.1.1,2.2.2.2 store: # support: file 、 db 、 redis mode: file From 5a6bfd064caec9511b39a5d377de3ee86301677b Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Wed, 17 Nov 2021 10:15:20 +0800 Subject: [PATCH 09/12] optimize: add unit testing of DefaultCheckAuthHandler --- .../auth/DefaultCheckAuthHandlerTest.java | 83 +++++++++++++++++++ server/src/test/resources/file.conf | 1 + 2 files changed, 84 insertions(+) create mode 100644 server/src/test/java/io/seata/server/auth/DefaultCheckAuthHandlerTest.java diff --git a/server/src/test/java/io/seata/server/auth/DefaultCheckAuthHandlerTest.java b/server/src/test/java/io/seata/server/auth/DefaultCheckAuthHandlerTest.java new file mode 100644 index 00000000000..3cb553a5c0f --- /dev/null +++ b/server/src/test/java/io/seata/server/auth/DefaultCheckAuthHandlerTest.java @@ -0,0 +1,83 @@ +/* + * Copyright 1999-2019 Seata.io Group. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.seata.server.auth; + +import java.net.InetSocketAddress; +import io.netty.channel.Channel; +import io.netty.channel.ChannelHandlerContext; +import io.seata.core.rpc.RegisterCheckAuthHandler; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.springframework.boot.test.context.SpringBootTest; + + +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +/** + * The type DefaultCheckAuthHandler test. + */ +@SpringBootTest +public class DefaultCheckAuthHandlerTest { + + private ChannelHandlerContext[] contexts; + + private RegisterCheckAuthHandler checkAuthHandler; + + @BeforeEach + public void init() { + checkAuthHandler = new DefaultCheckAuthHandler(); + contexts = new ChannelHandlerContext[3]; + Channel[] channels = new Channel[3]; + + channels[0] = mock(Channel.class); + when(channels[0].remoteAddress()).thenReturn(new InetSocketAddress("1.1.1.1", 0)); + channels[1] = mock(Channel.class); + when(channels[1].remoteAddress()).thenReturn(new InetSocketAddress("2.2.2.2", 0)); + channels[2] = mock(Channel.class); + when(channels[2].remoteAddress()).thenReturn(new InetSocketAddress("3.3.3.3", 0)); + + for (int i = 0; i < 3; i++) { + contexts[i] = mock(ChannelHandlerContext.class); + when(contexts[i].channel()).thenReturn(channels[i]); + } + } + + @Test + public void doRegTransactionManagerCheckTest() { + boolean[] results = new boolean[3]; + for (int i = 0; i < 3; i++) { + results[i] = checkAuthHandler.regTransactionManagerCheckAuth(null, contexts[i]); + } + + Assertions.assertFalse(results[0]); + Assertions.assertFalse(results[1]); + Assertions.assertTrue(results[2]); + } + + @Test + public void doRegResourceManagerCheckTest() { + boolean[] results = new boolean[3]; + for (int i = 0; i < 3; i++) { + results[i] = checkAuthHandler.regResourceManagerCheckAuth(null, contexts[i]); + } + + Assertions.assertFalse(results[0]); + Assertions.assertFalse(results[1]); + Assertions.assertTrue(results[2]); + } +} diff --git a/server/src/test/resources/file.conf b/server/src/test/resources/file.conf index 7e6f7009a3b..8c15897fb75 100644 --- a/server/src/test/resources/file.conf +++ b/server/src/test/resources/file.conf @@ -34,6 +34,7 @@ server { #schedule timeout retry period in milliseconds timeoutRetryPeriod = 100 } + blacklist = "1.1.1.1,2.2.2.2" } ## metrics settings metrics { From 3d2363ff5835c9861109f2a2a6ca08901ecd9680 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Wed, 17 Nov 2021 16:44:07 +0800 Subject: [PATCH 10/12] optimize: change Blacklist to BlackList --- .../seata/server/auth/{Blacklist.java => BlackList.java} | 8 ++++---- .../io/seata/server/auth/DefaultCheckAuthHandler.java | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) rename server/src/main/java/io/seata/server/auth/{Blacklist.java => BlackList.java} (93%) diff --git a/server/src/main/java/io/seata/server/auth/Blacklist.java b/server/src/main/java/io/seata/server/auth/BlackList.java similarity index 93% rename from server/src/main/java/io/seata/server/auth/Blacklist.java rename to server/src/main/java/io/seata/server/auth/BlackList.java index 8979f202b4f..7f88ee0a7b0 100644 --- a/server/src/main/java/io/seata/server/auth/Blacklist.java +++ b/server/src/main/java/io/seata/server/auth/BlackList.java @@ -23,7 +23,7 @@ import io.seata.config.ConfigurationChangeListener; import io.seata.config.ConfigurationFactory; -public class Blacklist { +public class BlackList { private static final long DEFAULT_CONFIG_TIMEOUT = 5000; @@ -31,14 +31,14 @@ public class Blacklist { private List ipList = new CopyOnWriteArrayList<>(); - public Blacklist(String blacklistConfig) { - String ips = ConfigurationFactory.getInstance().getConfig(blacklistConfig); + public BlackList(String blackListConfig) { + String ips = ConfigurationFactory.getInstance().getConfig(blackListConfig); if (ips != null) { String[] ipArray = ips.split(IP_CONFIG_SPLIT_CHAR); Collections.addAll(ipList, ipArray); } - ConfigurationFactory.getInstance().addConfigListener(blacklistConfig, new ConfigurationChangeListener() { + ConfigurationFactory.getInstance().addConfigListener(blackListConfig, new ConfigurationChangeListener() { @Override public void onChangeEvent(ConfigurationChangeEvent event) { String currentIps = event.getNewValue(); diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index dbcc20307e9..1eb75514911 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -28,12 +28,12 @@ @LoadLevel(name = "defaultCheckAuthHandler", order = 100) public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { - Blacklist blacklist = new Blacklist(ConfigurationKeys.BLACKLIST); + BlackList blackList = new BlackList(ConfigurationKeys.BLACKLIST); @Override public boolean doRegTransactionManagerCheck(RegisterTMRequest request, ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if (blacklist.contains(ip)) { + if (blackList.contains(ip)) { return false; } return true; @@ -42,7 +42,7 @@ public boolean doRegTransactionManagerCheck(RegisterTMRequest request, ChannelHa @Override public boolean doRegResourceManagerCheck(RegisterRMRequest request, ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if (blacklist.contains(ip)) { + if (blackList.contains(ip)) { return false; } return true; From d2932e2e79d5be25aa33ebc490e934bd91f0f167 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Wed, 17 Nov 2021 16:50:31 +0800 Subject: [PATCH 11/12] optimize: delete unused code --- server/src/main/java/io/seata/server/auth/BlackList.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/server/src/main/java/io/seata/server/auth/BlackList.java b/server/src/main/java/io/seata/server/auth/BlackList.java index 7f88ee0a7b0..60393d5ffa1 100644 --- a/server/src/main/java/io/seata/server/auth/BlackList.java +++ b/server/src/main/java/io/seata/server/auth/BlackList.java @@ -25,8 +25,6 @@ public class BlackList { - private static final long DEFAULT_CONFIG_TIMEOUT = 5000; - private static final String IP_CONFIG_SPLIT_CHAR = ","; private List ipList = new CopyOnWriteArrayList<>(); From d2f315cd646d941f52c069cf6156c396f1f18a25 Mon Sep 17 00:00:00 2001 From: YSF-A <1315903489@qq.com> Date: Tue, 28 Dec 2021 14:18:51 +0800 Subject: [PATCH 12/12] optimize: optimize duplicate code --- .../io/seata/server/auth/DefaultCheckAuthHandler.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java index 1eb75514911..589e68b878f 100644 --- a/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java +++ b/server/src/main/java/io/seata/server/auth/DefaultCheckAuthHandler.java @@ -32,15 +32,15 @@ public class DefaultCheckAuthHandler extends AbstractCheckAuthHandler { @Override public boolean doRegTransactionManagerCheck(RegisterTMRequest request, ChannelHandlerContext ctx) { - String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; - if (blackList.contains(ip)) { - return false; - } - return true; + return doIpCheck(ctx); } @Override public boolean doRegResourceManagerCheck(RegisterRMRequest request, ChannelHandlerContext ctx) { + return doIpCheck(ctx); + } + + private boolean doIpCheck(ChannelHandlerContext ctx) { String ip = NetUtil.toStringAddress(ctx.channel().remoteAddress()).split(":")[0]; if (blackList.contains(ip)) { return false;