REPORT-89007 websocket url 明文传输token -报表

designer-realize/src/main/java/com/fr/design/mainframe/socketio/AbstractSocketConfig.java

@@ -13,6 +13,7 @@ import com.fr.workspace.Workspace;
 import com.fr.workspace.base.WorkspaceConstants;
 import com.fr.workspace.connect.WorkspaceConnection;
 import com.fr.workspace.connect.WorkspaceConnectionInfo;
+import com.fr.workspace.server.socket.SocketIOVerifier;
 import com.fr.workspace.server.socket.SocketVerifierOperator;
 import io.socket.client.IO;
 import io.socket.engineio.client.transports.Polling;
@@ -84,16 +85,16 @@ public abstract class AbstractSocketConfig {
         currentProtocol = getCurrentProtocolFromUrl(url);
         String[] result = new String[ports.length];
         // REPORT-89007: websocket 避免url明文传输token。兼容旧版本服务器：旧版传递token，新版传递加密后的wsid
-        String verifierPrefix = WorkContext.getCurrent().get(SocketVerifierOperator.class).getVerifierPrefix();
+        String token = connection.getToken();
-        String verifierCode = WorkContext.getCurrent().get(SocketVerifierOperator.class).getVerifierCode(connection.getToken());
+        SocketIOVerifier verifier = WorkContext.getCurrent().get(SocketVerifierOperator.class).getVerifier(token);
         for (int i = 0; i < ports.length; i++) {
             result[i] = String.format("%s://%s:%s%s?%s=%s&%s=%s",
                                       currentProtocol,
                                       url.getHost(),
                                       ports[i],
                                       WorkspaceConstants.WS_NAMESPACE,
-                                      verifierPrefix,
+                                      verifier.getVerifierPrefix(),
-                                      verifierCode,
+                                      verifier.getVerifierCode(),
                                       RemoteDesignConstants.USER_LOCK_ID,
                                       connection.getId());
         }