From 014ed7fbf72634acee74aee6613fc835461d9389 Mon Sep 17 00:00:00 2001 From: hongawen <83944980@qq.com> Date: Thu, 26 Sep 2024 16:00:52 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=87=E6=8D=A2mysql=E4=B8=BA=E8=BE=BE?= =?UTF-8?q?=E6=A2=A6=E6=95=B0=E6=8D=AE=E5=BA=93-=E4=BB=A3=E7=A0=81?= =?UTF-8?q?=E5=AE=A1=E6=9F=A5=201.auth-boot=E6=A8=A1=E5=9D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/config/AuthorizationServerConfig.java | 11 ++++++----- .../njcn/auth/controller/JudgeThirdToken.java | 8 +++++--- .../security/granter/CaptchaTokenGranter.java | 3 ++- .../PreAuthenticatedUserDetailsService.java | 2 +- .../AbstractSmsAuthenticationProvider.java | 10 +++++++--- .../auth/service/CustomUserDetailsService.java | 3 +-- .../auth/service/UserDetailsServiceImpl.java | 1 - .../com/njcn/auth/service/UserTokenService.java | 16 +++------------- .../java/com/njcn/auth/utils/AuthPubUtil.java | 3 +-- 9 files changed, 26 insertions(+), 31 deletions(-) diff --git a/pqs-auth/src/main/java/com/njcn/auth/config/AuthorizationServerConfig.java b/pqs-auth/src/main/java/com/njcn/auth/config/AuthorizationServerConfig.java index 2f2134143..7e35287e4 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/config/AuthorizationServerConfig.java +++ b/pqs-auth/src/main/java/com/njcn/auth/config/AuthorizationServerConfig.java @@ -84,7 +84,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap tokenEnhancers.add(jwtAccessTokenConverter()); tokenEnhancerChain.setTokenEnhancers(tokenEnhancers); // 获取原有默认授权模式(授权码模式、密码模式、客户端模式、简化模式)的授权者 - List granterList = new ArrayList<>(Arrays.asList(endpoints.getTokenGranter())); + List granterList = new ArrayList<>(Collections.singletonList(endpoints.getTokenGranter())); // 添加验证码授权模式授权者 granterList.add(new CaptchaTokenGranter(endpoints.getTokenServices(), endpoints.getClientDetailsService(), @@ -101,9 +101,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap //设置grant_type类型集合 .tokenEnhancer(tokenEnhancerChain) .tokenGranter(compositeTokenGranter) - /**refresh_token有两种使用方式:重复使用(true)、非重复使用(false),默认为true - *1.重复使用:access_token过期刷新时, refresh token过期时间未改变,仍以初次生成的时间为准 - *2.非重复使用:access_token过期刷新时, refresh_token过期时间延续,在refresh_token有效期内刷新而无需失效再次登录 + /* + * refresh_token有两种使用方式:重复使用(true)、非重复使用(false),默认为true + * 1.重复使用:access_token过期刷新时, refresh token过期时间未改变,仍以初次生成的时间为准 + * 2.非重复使用:access_token过期刷新时, refresh_token过期时间延续,在refresh_token有效期内刷新而无需失效再次登录 */ .reuseRefreshTokens(true) .tokenServices(tokenServices(endpoints)); @@ -125,7 +126,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap tokenServices.setTokenEnhancer(tokenEnhancerChain); // 多用户体系下,刷新token再次认证客户端ID和 UserDetailService 的映射Map - Map clientUserDetailsServiceMap = new HashMap<>(); + Map clientUserDetailsServiceMap = new HashMap<>(16); // 系统管理客户端 clientUserDetailsServiceMap.put(ClientEnum.WEB_CLIENT.getClientId(), userDetailsService); diff --git a/pqs-auth/src/main/java/com/njcn/auth/controller/JudgeThirdToken.java b/pqs-auth/src/main/java/com/njcn/auth/controller/JudgeThirdToken.java index 86776c2c4..a36ef79ef 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/controller/JudgeThirdToken.java +++ b/pqs-auth/src/main/java/com/njcn/auth/controller/JudgeThirdToken.java @@ -2,6 +2,7 @@ package com.njcn.auth.controller; import cn.hutool.json.JSONObject; import com.njcn.common.pojo.annotation.OperateInfo; +import com.njcn.common.pojo.enums.common.DataStateEnum; import com.njcn.common.pojo.enums.common.LogEnum; import com.njcn.common.pojo.enums.response.CommonResponseEnum; import com.njcn.common.pojo.response.HttpResult; @@ -21,6 +22,8 @@ import org.springframework.util.MultiValueMap; import org.springframework.web.bind.annotation.*; import org.springframework.web.client.RestTemplate; +import java.util.Objects; + /** * @author hongawen * @version 1.0.0 @@ -41,7 +44,7 @@ public class JudgeThirdToken extends BaseController { @OperateInfo(info = LogEnum.SYSTEM_COMMON) @PostMapping("/guangZhou") @ApiOperation("校验广州超高压token有效性") - @ApiImplicitParam(name = "token", value = "", required = true) + @ApiImplicitParam(name = "token", required = true) public HttpResult guangZhou(String token) { RestTemplate restTemplate = new RestTemplate(); String methodDescribe = getMethodDescribe("guangZhou"); @@ -65,8 +68,7 @@ public class JudgeThirdToken extends BaseController { // 发送post请求,并打印结果,以String类型接收响应结果JSON字符串 String result = restTemplate.postForObject(url, request, String.class); JSONObject resultJson = new JSONObject(result); - System.out.println(result); - if (resultJson.getInt("status") == 1) { + if (Objects.equals(resultJson.getInt("status"), DataStateEnum.ENABLE.getCode())) { //成功 return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe); } else { diff --git a/pqs-auth/src/main/java/com/njcn/auth/security/granter/CaptchaTokenGranter.java b/pqs-auth/src/main/java/com/njcn/auth/security/granter/CaptchaTokenGranter.java index b5aa9f613..ccb8f3049 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/security/granter/CaptchaTokenGranter.java +++ b/pqs-auth/src/main/java/com/njcn/auth/security/granter/CaptchaTokenGranter.java @@ -20,6 +20,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok import javax.servlet.http.HttpServletRequest; import java.util.LinkedHashMap; import java.util.Map; +import java.util.Objects; /** * @author hongawen @@ -56,7 +57,7 @@ public class CaptchaTokenGranter extends AbstractTokenGranter { } } String password = parameters.get(SecurityConstants.PASSWORD); - String ip = RequestUtil.getRequest().getHeader(SecurityConstants.REQUEST_HEADER_KEY_CLIENT_REAL_IP); + String ip = Objects.requireNonNull(RequestUtil.getRequest()).getHeader(SecurityConstants.REQUEST_HEADER_KEY_CLIENT_REAL_IP); //密码处理 String privateKey = redisUtil.getStringByKey(username + ip); //秘钥用完即删 diff --git a/pqs-auth/src/main/java/com/njcn/auth/security/granter/PreAuthenticatedUserDetailsService.java b/pqs-auth/src/main/java/com/njcn/auth/security/granter/PreAuthenticatedUserDetailsService.java index a3d020f03..68d4adb6a 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/security/granter/PreAuthenticatedUserDetailsService.java +++ b/pqs-auth/src/main/java/com/njcn/auth/security/granter/PreAuthenticatedUserDetailsService.java @@ -35,7 +35,7 @@ public class PreAuthenticatedUserDetailsService implem } @Override - public void afterPropertiesSet() throws Exception { + public void afterPropertiesSet() { Assert.notNull(this.userDetailsServiceMap, "UserDetailsService must be set"); } diff --git a/pqs-auth/src/main/java/com/njcn/auth/security/provider/AbstractSmsAuthenticationProvider.java b/pqs-auth/src/main/java/com/njcn/auth/security/provider/AbstractSmsAuthenticationProvider.java index dadcebdbe..10e56bba3 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/security/provider/AbstractSmsAuthenticationProvider.java +++ b/pqs-auth/src/main/java/com/njcn/auth/security/provider/AbstractSmsAuthenticationProvider.java @@ -29,8 +29,6 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio protected final Log logger = LogFactory.getLog(getClass()); - - protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); private UserCache userCache = new NullUserCache(); private boolean forcePrincipalAsString = false; @@ -64,12 +62,14 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio SmsCodeAuthenticationToken authentication) throws AuthenticationException; + @Override public final void afterPropertiesSet() throws Exception { Assert.notNull(this.userCache, "A user cache must be set"); Assert.notNull(this.messages, "A message source must be set"); doAfterPropertiesSet(); } + @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { Assert.isInstanceOf(SmsCodeAuthenticationToken.class, authentication, @@ -175,7 +175,7 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio return result; } - protected void doAfterPropertiesSet() throws Exception { + protected void doAfterPropertiesSet() { } public UserCache getUserCache() { @@ -255,6 +255,7 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio this.hideUserNotFoundExceptions = hideUserNotFoundExceptions; } + @Override public void setMessageSource(MessageSource messageSource) { this.messages = new MessageSourceAccessor(messageSource); } @@ -263,6 +264,7 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio this.userCache = userCache; } + @Override public boolean supports(Class authentication) { return (SmsCodeAuthenticationToken.class .isAssignableFrom(authentication)); @@ -295,6 +297,7 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio } private class DefaultPreAuthenticationChecks implements UserDetailsChecker { + @Override public void check(UserDetails user) { if (!user.isAccountNonLocked()) { logger.debug("User account is locked"); @@ -323,6 +326,7 @@ public abstract class AbstractSmsAuthenticationProvider implements Authenticatio } private class DefaultPostAuthenticationChecks implements UserDetailsChecker { + @Override public void check(UserDetails user) { if (!user.isCredentialsNonExpired()) { logger.debug("User account credentials have expired"); diff --git a/pqs-auth/src/main/java/com/njcn/auth/service/CustomUserDetailsService.java b/pqs-auth/src/main/java/com/njcn/auth/service/CustomUserDetailsService.java index 2addd2849..0e4c5d10a 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/service/CustomUserDetailsService.java +++ b/pqs-auth/src/main/java/com/njcn/auth/service/CustomUserDetailsService.java @@ -14,14 +14,13 @@ public interface CustomUserDetailsService extends UserDetailsService { /** * @param username 用户名 * @return 用户信息 - * @throws UsernameNotFoundException */ + @Override UserDetails loadUserByUsername(String username) throws UsernameNotFoundException; /** * @param phone 手机号 * @return 用户信息 - * @throws UsernameNotFoundException */ UserDetails loadUserByPhone(String phone) throws UsernameNotFoundException; diff --git a/pqs-auth/src/main/java/com/njcn/auth/service/UserDetailsServiceImpl.java b/pqs-auth/src/main/java/com/njcn/auth/service/UserDetailsServiceImpl.java index 639590036..92c1bf479 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/service/UserDetailsServiceImpl.java +++ b/pqs-auth/src/main/java/com/njcn/auth/service/UserDetailsServiceImpl.java @@ -14,7 +14,6 @@ import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; diff --git a/pqs-auth/src/main/java/com/njcn/auth/service/UserTokenService.java b/pqs-auth/src/main/java/com/njcn/auth/service/UserTokenService.java index 2d2d73983..69ccda8fa 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/service/UserTokenService.java +++ b/pqs-auth/src/main/java/com/njcn/auth/service/UserTokenService.java @@ -2,16 +2,11 @@ package com.njcn.auth.service; import cn.hutool.json.JSONObject; import cn.hutool.json.JSONUtil; -import com.github.tocrhz.mqtt.publisher.MqttPublisher; import com.nimbusds.jose.JWSObject; -import com.njcn.common.config.GeneralInfo; -import com.njcn.common.pojo.constant.OperateType; import com.njcn.common.pojo.constant.SecurityConstants; -import com.njcn.common.pojo.dto.LogInfoDTO; import com.njcn.common.pojo.dto.UserTokenInfo; import com.njcn.common.pojo.enums.response.CommonResponseEnum; import com.njcn.common.pojo.exception.BusinessException; -import com.njcn.common.utils.PubUtils; import com.njcn.redis.utils.RedisUtil; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -38,11 +33,6 @@ public class UserTokenService { private final RedisUtil redisUtil; - private final MqttPublisher publisher; - - private final GeneralInfo generalInfo; - - /** * 记录用户token信息,并经过处理后达到最新登录的使用者,将之前的token信息置为黑名单,过期状态 * 1、从在线名单中获取该用户的token信息,key为:TOKEN_ONLINE_PREFIX+userid,value为userTokenInfo的json对象 @@ -65,8 +55,8 @@ public class UserTokenService { } JSONObject accessJson = JSONUtil.parseObj(accessJwsObject.getPayload().toString()); String userIndex = accessJson.getStr(SecurityConstants.USER_INDEX_KEY); - String nickName = accessJson.getStr(SecurityConstants.USER_NICKNAME_KEY); - String loginName = accessJson.getStr(SecurityConstants.USER_NAME_KEY); + // String nickName = accessJson.getStr(SecurityConstants.USER_NICKNAME_KEY); + // String loginName = accessJson.getStr(SecurityConstants.USER_NAME_KEY); //查询是否有在线的当前用户 String onlineUserKey = SecurityConstants.TOKEN_ONLINE_PREFIX + userIndex; Object onlineTokenInfoOld = redisUtil.getObjectByKey(onlineUserKey); @@ -94,7 +84,7 @@ public class UserTokenService { throw new BusinessException(CommonResponseEnum.PARSE_TOKEN_ERROR); } JSONObject refreshJson = JSONUtil.parseObj(refreshJwsObject.getPayload().toString()); - String refreshJti = refreshJson.getStr(SecurityConstants.JWT_JTI); + // String refreshJti = refreshJson.getStr(SecurityConstants.JWT_JTI); Long refreshExpireTime = refreshJson.getLong(SecurityConstants.JWT_EXP); userTokenInfo.setAccessTokenJti(accessJti); userTokenInfo.setRefreshToken(refreshToken.getValue()); diff --git a/pqs-auth/src/main/java/com/njcn/auth/utils/AuthPubUtil.java b/pqs-auth/src/main/java/com/njcn/auth/utils/AuthPubUtil.java index a51056975..915986f2d 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/utils/AuthPubUtil.java +++ b/pqs-auth/src/main/java/com/njcn/auth/utils/AuthPubUtil.java @@ -36,8 +36,7 @@ public class AuthPubUtil { public static JSONObject getLoginByToken(String token){ JWSObject jwsObject = JWSObject.parse(token); String payload = jwsObject.getPayload().toString(); - JSONObject jsonObject = JSONUtil.parseObj(payload); - return jsonObject; + return JSONUtil.parseObj(payload); } }