Initial commit

Author: CC11001100

.gitignore

@@ -0,0 +1,4 @@
+/.idea
+/out
+/target
+

README.md

@@ -0,0 +1,47 @@
+## 基于ip的访问控制（ip黑名单、ip白名单）
+
+### Usage:  
+1. maven：  
+    - add repo:
+    ```text
+    <repositories>
+        <repository>
+            <id>maven-repo-cc11001100</id>
+            <url>https://raw.github.com/cc11001100/maven-repo/access-control-list-based-on-ip/</url>
+            <snapshots>
+                <enabled>true</enabled>
+                <updatePolicy>always</updatePolicy>
+            </snapshots>
+        </repository>
+    </repositories>
+    ```
+    - add dependency:
+    ```text
+    <dependency>
+        <groupId>cc11001100</groupId>
+        <artifactId>access-control-list-based-on-ip</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </dependency>
+    ```
+2. code:
+    ```text
+    // 黑名单
+    //IpAcl acl = new IpAcl(IpAcl.AclType.BLACK_LIST);
+    // 白名单
+    IpAcl acl = new IpAcl(IpAcl.AclType.WHITE_LIST);
+    
+    // 从配置文件初始化访问控制列表
+    acl.readFromConfigFile("ip-list");
+    // 手动添加，以追加的形式添加
+    acl.add("192.168.2.15");
+    acl.add(Arrays.asList("192.168.2.15", "192.168.1.20"));
+    
+    // 检查ip是否允许访问
+    System.out.println(acl.check("192.168.2.15")); // true
+    
+    // 从访问控制列表中移除ip
+    acl.remove("192.168.2.15");
+    
+    // 检查ip是否允许访问
+    System.out.println(acl.check("192.168.2.15")); // false
+    ```

access-control-list-based-on-ip.iml

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4" />

pom.xml

@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>CC11001100</groupId>
+    <artifactId>access-control-list-based-on-ip</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <log4j2.version>2.6.2</log4j2.version>
+        <github.global.server>github</github.global.server>
+    </properties>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>8</source>
+                    <target>8</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <version>2.8.1</version>
+                <configuration>
+                    <altDeploymentRepository>internal.repo::default::file://${project.build.directory}/maven-repo
+                    </altDeploymentRepository>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>com.github.github</groupId>
+                <artifactId>site-maven-plugin</artifactId>
+                <version>0.12</version>
+                <configuration>
+                    <message>Maven artifacts for ${project.version}</message>
+                    <noJekyll>true</noJekyll>
+                    <outputDirectory>${project.build.directory}/maven-repo</outputDirectory>
+                    <branch>refs/heads/access-control-list-based-on-ip</branch>
+                    <includes>
+                        <include>**/*</include>
+                    </includes>
+                    <repositoryName>maven-repo</repositoryName>
+                    <repositoryOwner>CC11001100</repositoryOwner>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>site</goal>
+                        </goals>
+                        <phase>deploy</phase>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>

src/main/java/cc11001100/acl/ip/IpAcl.java

@@ -0,0 +1,101 @@
+package cc11001100.acl.ip;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author CC11001100
+ */
+public class IpAcl {
+
+	private List<IpRange> ipRangeList = new ArrayList<>();
+	private AclType aclType;
+
+	public IpAcl(AclType aclType) {
+		this.aclType = aclType;
+	}
+
+	public void add(String line) {
+		if (!isComment(line)) {
+			ipRangeList.add(new IpRange(line));
+		}
+	}
+
+	public void add(List<String> lineList) {
+		lineList.forEach(this::add);
+	}
+
+	/**
+	 * 将某个ip从访问控制列表移除，必须完全匹配ipRange才可移除成功
+	 *
+	 * @param ipRangeNeedToRemove
+	 */
+	public void remove(String ipRangeNeedToRemove) {
+		ipRangeList.removeIf(ipRange -> ipRange.getIpRange().equals(ipRangeNeedToRemove));
+	}
+
+	public void readFromConfigFile(String configFilePath) {
+		try {
+			BufferedReader reader = new BufferedReader(new InputStreamReader(Thread.currentThread().getContextClassLoader().getResourceAsStream(configFilePath), "UTF-8"));
+			String s = null;
+			while ((s = reader.readLine()) != null) {
+				// 使用#开头的行作为注释
+				if (isComment(s)) {
+					continue;
+				}
+				ipRangeList.add(new IpRange(s));
+			}
+		} catch (IOException e) {
+			e.printStackTrace();
+		}
+	}
+
+	private boolean isComment(String s) {
+		return s.startsWith("#");
+	}
+
+	/**
+	 * @param ip 要检查的ip，比如192.168.1.1
+	 * @return 是否允许访问，true允许访问，false不允许访问
+	 */
+	public boolean check(String ip) {
+		long ipLong = IpRange.ip2Long(ip);
+		switch (aclType) {
+			case WHITE_LIST:
+				return whiteListCheck(ipLong);
+			case BLACK_LIST:
+				return blackListCheck(ipLong);
+			default:
+				throw new IllegalArgumentException("nonsupport type!");
+		}
+	}
+
+	private boolean blackListCheck(long ipLong) {
+		for (IpRange ipRange : ipRangeList) {
+			if (ipRange.inRange(ipLong)) {
+				return false;
+			}
+		}
+		return true;
+	}
+
+	private boolean whiteListCheck(long ipLong) {
+		for (IpRange ipRange : ipRangeList) {
+			if (ipRange.inRange(ipLong)) {
+				return true;
+			}
+		}
+		return false;
+	}
+
+	public enum AclType {
+		// 白名单
+		WHITE_LIST,
+		// 黑名单
+		BLACK_LIST;
+	}
+
+}

src/main/java/cc11001100/acl/ip/IpRange.java

@@ -0,0 +1,106 @@
+package cc11001100.acl.ip;
+
+import java.util.Objects;
+
+import static java.lang.Long.parseLong;
+
+/**
+ * 用于ip检查，匹配子网或单个ip
+ * <p>
+ * 192.168.1.0/24
+ * 192.168.1.10
+ *
+ * @author CC11001100
+ */
+public class IpRange {
+
+	private String ipRange;
+	private long low;
+	private long high;
+
+	public IpRange(String ipRange) {
+		this.ipRange = ipRange;
+
+		String[] ss = ipRange.split("/");
+		String ip = ss[0];
+		long ipLong = ip2Long(ip);
+		// 单个ip地址，比如192.168.1.15
+		if (ss.length <= 1) {
+			low = high = ipLong;
+		} else {
+			// ip网段，比如192.168.1.0/24
+			long networkBitLength = parseLong(ss[1]);
+			long hostBitLength = 32 - networkBitLength;
+			long hostBitSetToOne = (1L << hostBitLength) - 1;
+			high = ipLong | hostBitSetToOne;
+			low = ipLong & (Long.MAX_VALUE ^ hostBitSetToOne);
+		}
+	}
+
+	public boolean inRange(String ip) {
+		return inRange(ip2Long(ip));
+	}
+
+	public boolean inRange(long ipLong) {
+		return ipLong >= low && ipLong <= high;
+	}
+
+	public static long ip2Long(String ip) {
+		String[] ss = ip.split("\\.");
+		return (parseLong(ss[0]) << 24) | (parseLong(ss[1]) << 16) | (parseLong(ss[2]) << 8) | parseLong(ss[3]);
+	}
+
+	public static String long2Ip(long ipLong) {
+		return Long.toString(ipLong >> 24) + "." + Long.toString(ipLong >> 16 & 0XFFL) +
+				"." + Long.toString(ipLong >> 8 & 0XFFL) + "." + Long.toString(ipLong & 0XFFL);
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		if (this == o) return true;
+		if (o == null || getClass() != o.getClass()) return false;
+		IpRange ipRange1 = (IpRange) o;
+		return low == ipRange1.low &&
+				high == ipRange1.high &&
+				Objects.equals(ipRange, ipRange1.ipRange);
+	}
+
+	@Override
+	public int hashCode() {
+		return Objects.hash(ipRange, low, high);
+	}
+
+	public String getIpRange() {
+		return ipRange;
+	}
+
+	public void setIpRange(String ipRange) {
+		this.ipRange = ipRange;
+	}
+
+	public long getLow() {
+		return low;
+	}
+
+	public void setLow(long low) {
+		this.low = low;
+	}
+
+	public long getHigh() {
+		return high;
+	}
+
+	public void setHigh(long high) {
+		this.high = high;
+	}
+
+	@Override
+	public String toString() {
+		return "IpRange{" +
+				"ipRange='" + ipRange + '\'' +
+				", low=" + low +
+				", high=" + high +
+				'}';
+	}
+
+}

src/main/resources/ip-list

@@ -0,0 +1,2 @@
+192.168.1.0/24
+8.8.8.8