feat:添加自定义认证异常

095427ca · haoxr · 57e8f807 · 095427ca · 095427ca · 57e8f807
5 changed file
--- a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
 package com.youlai.auth.config;

 import com.youlai.auth.domain.User;
-import com.youlai.auth.exception.CustomOAuth2ExceptionTranslator;
 import com.youlai.auth.service.JdbcClientDetailsServiceImpl;
 import com.youlai.auth.service.UserDetailsServiceImpl;
 import com.youlai.common.core.constant.AuthConstants;
@@ -11,15 +10,13 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
@@ -74,9 +71,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
                // refresh token有两种使用方式：重复使用(true)、非重复使用(false)，默认为true
                //      1 重复使用：access token过期刷新时， refresh token过期时间未改变，仍以初次生成的时间为准
                //      2 非重复使用：access token过期刷新时， refresh token过期时间延续，在refresh token有效期内刷新便永不失效达到无需再次登录的目的
-                .reuseRefreshTokens(false)
-                .exceptionTranslator(new CustomOAuth2ExceptionTranslator());
-
+                .reuseRefreshTokens(false);
    }

    /**
@@ -125,11 +120,11 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
        };
    }

-    @Bean
+/*    @Bean
    public AuthenticationProvider daoAuthenticationProvider(){
        DaoAuthenticationProvider impl = new DaoAuthenticationProvider();
        impl.setUserDetailsService(userDetailsService);
        impl.setHideUserNotFoundExceptions(false) ;
        return impl ;
-    }
+    }*/
 }
--- a/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java
@@ -3,6 +3,8 @@ package com.youlai.auth.exception;
 import com.youlai.common.core.result.Result;
 import com.youlai.common.core.result.ResultCode;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.InternalAuthenticationServiceException;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
@@ -11,8 +13,30 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
 @Slf4j
 public class AuthExceptionHandler {

+    /**
+     * 用户名和密码异常
+     * @param e
+     * @return
+     */
+    @ExceptionHandler(InvalidGrantException.class)
+    public Result handleInvalidGrantException(InvalidGrantException e){
+        return Result.error(e.getMessage());
+    }
+
+
+    /**
+     * 账户异常(禁用、锁定、过期)
+     * @param e
+     * @return
+     */
+    @ExceptionHandler({InternalAuthenticationServiceException.class})
+    public Result handleInternalAuthenticationServiceException(InternalAuthenticationServiceException e){
+        return Result.error(e.getMessage());
+    }
+
+
    @ExceptionHandler(InvalidTokenException.class)
-    public Result handleBizException(InvalidTokenException e) {
+    public Result handleInvalidTokenException(InvalidTokenException e) {
        return Result.custom(ResultCode.TOKEN_INVALID_OR_EXPIRED);
    }
 }
--- a/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2Exception.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2Exception.java
-package com.youlai.auth.exception;
-
-import com.fasterxml.jackson.databind.annotation.JsonSerialize;
-import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
-
-
-@JsonSerialize(using = CustomOAuth2ExceptionSerializer.class)
-public class CustomOAuth2Exception extends OAuth2Exception {
-
-    public CustomOAuth2Exception(String msg, Throwable t) {
-        super(msg, t);
-    }
-
-    public CustomOAuth2Exception(String msg) {
-        super(msg);
-    }
-}
--- a/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionSerializer.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionSerializer.java
-package com.youlai.auth.exception;
-
-import com.fasterxml.jackson.core.JsonGenerator;
-import com.fasterxml.jackson.databind.SerializerProvider;
-import com.fasterxml.jackson.databind.ser.std.StdSerializer;
-
-import java.io.IOException;
-
-public class CustomOAuth2ExceptionSerializer extends StdSerializer<CustomOAuth2Exception> {
-
-    protected CustomOAuth2ExceptionSerializer() {
-        super(CustomOAuth2Exception.class);
-    }
-
-    @Override
-    public void serialize(CustomOAuth2Exception e, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
-        jsonGenerator.writeStartObject();
-        jsonGenerator.writeObjectField("code", e.getHttpErrorCode());
-        jsonGenerator.writeStringField("msg", e.getOAuth2ErrorCode());
-        jsonGenerator.writeEndObject();
-    }
-}
--- a/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionTranslator.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionTranslator.java
-package com.youlai.auth.exception;
-
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
-import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
-
-import javax.naming.AuthenticationException;
-
-public class CustomOAuth2ExceptionTranslator implements WebResponseExceptionTranslator {
-    @Override
-    public ResponseEntity translate(Exception exception) throws Exception {
-        if (exception instanceof OAuth2Exception) {
-            OAuth2Exception oAuth2Exception = (OAuth2Exception) exception;
-            return ResponseEntity
-                    .status(oAuth2Exception.getHttpErrorCode())
-                    .body(new CustomOAuth2Exception(oAuth2Exception.getMessage()));
-        }else if(exception instanceof AuthenticationException){
-            AuthenticationException authenticationException = (AuthenticationException) exception;
-            return ResponseEntity
-                    .status(HttpStatus.UNAUTHORIZED)
-                    .body(new CustomOAuth2Exception(authenticationException.getMessage()));
-        }
-        return ResponseEntity
-                .status(HttpStatus.OK)
-                .body(new CustomOAuth2Exception(exception.getMessage()));
-    }
-}