From 2910bf50000749a77cf871d2545dec97e57b148a Mon Sep 17 00:00:00 2001
From: hongawen <83944980@qq.com>
Date: Wed, 30 Aug 2023 10:14:30 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=AE=A4=E8=AF=81=E6=97=A5?=
 =?UTF-8?q?=E5=BF=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/security/provider/Sm4AuthenticationProvider.java | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/pqs-auth/src/main/java/com/njcn/auth/security/provider/Sm4AuthenticationProvider.java b/pqs-auth/src/main/java/com/njcn/auth/security/provider/Sm4AuthenticationProvider.java
index ceba5afd5..8492ca17d 100644
--- a/pqs-auth/src/main/java/com/njcn/auth/security/provider/Sm4AuthenticationProvider.java
+++ b/pqs-auth/src/main/java/com/njcn/auth/security/provider/Sm4AuthenticationProvider.java
@@ -12,7 +12,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.stereotype.Component;
 
 /**
@@ -48,7 +47,6 @@ public class Sm4AuthenticationProvider extends AbstractUserDetailsAuthentication
         }
 
         String presentedPassword = authentication.getCredentials().toString();
-        log.error("用户当前密码："+presentedPassword);
         BusinessUser  businessUser = (BusinessUser)userDetails;
         String secretKey = businessUser.getSecretKey();
         Sm4Utils sm4 = new Sm4Utils(secretKey);
@@ -56,10 +54,10 @@ public class Sm4AuthenticationProvider extends AbstractUserDetailsAuthentication
         String sm4PwdOnce = sm4.encryptData_ECB(presentedPassword);
         //SM4加密(密码+工作秘钥）
         String sm4PwdTwice = sm4.encryptData_ECB(sm4PwdOnce + secretKey);
-        log.error("加密后的："+sm4PwdTwice);
-        log.error("数据库的："+businessUser.getPassword());
         if(!businessUser.getPassword().equalsIgnoreCase(sm4PwdTwice)){
-            throw new InvalidGrantException(businessUser.getUsername());
+            throw new BadCredentialsException(messages.getMessage(
+                    "AbstractUserDetailsAuthenticationProvider.badCredentials",
+                    businessUser.getUsername()));
         }
     }