Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
有来技术
youlai-mall
提交
095427ca
Y
youlai-mall
项目概览
有来技术
/
youlai-mall
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
Y
youlai-mall
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
095427ca
编写于
11月 19, 2020
作者:
H
haoxr
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
feat:添加自定义认证异常
上级
57e8f807
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
29 addition
and
77 deletion
+29
-77
youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
...ava/com/youlai/auth/config/AuthorizationServerConfig.java
+4
-9
youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java
.../java/com/youlai/auth/exception/AuthExceptionHandler.java
+25
-1
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2Exception.java
...java/com/youlai/auth/exception/CustomOAuth2Exception.java
+0
-17
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionSerializer.java
...oulai/auth/exception/CustomOAuth2ExceptionSerializer.java
+0
-22
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionTranslator.java
...oulai/auth/exception/CustomOAuth2ExceptionTranslator.java
+0
-28
未找到文件。
youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
浏览文件 @
095427ca
package
com.youlai.auth.config
;
import
com.youlai.auth.domain.User
;
import
com.youlai.auth.exception.CustomOAuth2ExceptionTranslator
;
import
com.youlai.auth.service.JdbcClientDetailsServiceImpl
;
import
com.youlai.auth.service.UserDetailsServiceImpl
;
import
com.youlai.common.core.constant.AuthConstants
;
...
...
@@ -11,15 +10,13 @@ import org.springframework.context.annotation.Bean;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.io.ClassPathResource
;
import
org.springframework.security.authentication.AuthenticationManager
;
import
org.springframework.security.authentication.AuthenticationProvider
;
import
org.springframework.security.authentication.dao.DaoAuthenticationProvider
;
import
org.springframework.security.core.userdetails.UserDetailsService
;
import
org.springframework.security.oauth2.common.DefaultOAuth2AccessToken
;
import
org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer
;
import
org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter
;
import
org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer
;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer
;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer
;
import
org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator
;
import
org.springframework.security.oauth2.provider.token.TokenEnhancer
;
import
org.springframework.security.oauth2.provider.token.TokenEnhancerChain
;
import
org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter
;
...
...
@@ -74,9 +71,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
// refresh token有两种使用方式:重复使用(true)、非重复使用(false),默认为true
// 1 重复使用:access token过期刷新时, refresh token过期时间未改变,仍以初次生成的时间为准
// 2 非重复使用:access token过期刷新时, refresh token过期时间延续,在refresh token有效期内刷新便永不失效达到无需再次登录的目的
.
reuseRefreshTokens
(
false
)
.
exceptionTranslator
(
new
CustomOAuth2ExceptionTranslator
());
.
reuseRefreshTokens
(
false
);
}
/**
...
...
@@ -125,11 +120,11 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
};
}
@Bean
/*
@Bean
public AuthenticationProvider daoAuthenticationProvider(){
DaoAuthenticationProvider impl = new DaoAuthenticationProvider();
impl.setUserDetailsService(userDetailsService);
impl.setHideUserNotFoundExceptions(false) ;
return impl ;
}
}
*/
}
youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java
浏览文件 @
095427ca
...
...
@@ -3,6 +3,8 @@ package com.youlai.auth.exception;
import
com.youlai.common.core.result.Result
;
import
com.youlai.common.core.result.ResultCode
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.security.authentication.InternalAuthenticationServiceException
;
import
org.springframework.security.oauth2.common.exceptions.InvalidGrantException
;
import
org.springframework.security.oauth2.common.exceptions.InvalidTokenException
;
import
org.springframework.web.bind.annotation.ExceptionHandler
;
import
org.springframework.web.bind.annotation.RestControllerAdvice
;
...
...
@@ -11,8 +13,30 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
@Slf4j
public
class
AuthExceptionHandler
{
/**
* 用户名和密码异常
* @param e
* @return
*/
@ExceptionHandler
(
InvalidGrantException
.
class
)
public
Result
handleInvalidGrantException
(
InvalidGrantException
e
){
return
Result
.
error
(
e
.
getMessage
());
}
/**
* 账户异常(禁用、锁定、过期)
* @param e
* @return
*/
@ExceptionHandler
({
InternalAuthenticationServiceException
.
class
})
public
Result
handleInternalAuthenticationServiceException
(
InternalAuthenticationServiceException
e
){
return
Result
.
error
(
e
.
getMessage
());
}
@ExceptionHandler
(
InvalidTokenException
.
class
)
public
Result
handle
Biz
Exception
(
InvalidTokenException
e
)
{
public
Result
handle
InvalidToken
Exception
(
InvalidTokenException
e
)
{
return
Result
.
custom
(
ResultCode
.
TOKEN_INVALID_OR_EXPIRED
);
}
}
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2Exception.java
已删除
100644 → 0
浏览文件 @
57e8f807
package
com.youlai.auth.exception
;
import
com.fasterxml.jackson.databind.annotation.JsonSerialize
;
import
org.springframework.security.oauth2.common.exceptions.OAuth2Exception
;
@JsonSerialize
(
using
=
CustomOAuth2ExceptionSerializer
.
class
)
public
class
CustomOAuth2Exception
extends
OAuth2Exception
{
public
CustomOAuth2Exception
(
String
msg
,
Throwable
t
)
{
super
(
msg
,
t
);
}
public
CustomOAuth2Exception
(
String
msg
)
{
super
(
msg
);
}
}
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionSerializer.java
已删除
100644 → 0
浏览文件 @
57e8f807
package
com.youlai.auth.exception
;
import
com.fasterxml.jackson.core.JsonGenerator
;
import
com.fasterxml.jackson.databind.SerializerProvider
;
import
com.fasterxml.jackson.databind.ser.std.StdSerializer
;
import
java.io.IOException
;
public
class
CustomOAuth2ExceptionSerializer
extends
StdSerializer
<
CustomOAuth2Exception
>
{
protected
CustomOAuth2ExceptionSerializer
()
{
super
(
CustomOAuth2Exception
.
class
);
}
@Override
public
void
serialize
(
CustomOAuth2Exception
e
,
JsonGenerator
jsonGenerator
,
SerializerProvider
serializerProvider
)
throws
IOException
{
jsonGenerator
.
writeStartObject
();
jsonGenerator
.
writeObjectField
(
"code"
,
e
.
getHttpErrorCode
());
jsonGenerator
.
writeStringField
(
"msg"
,
e
.
getOAuth2ErrorCode
());
jsonGenerator
.
writeEndObject
();
}
}
youlai-auth/src/main/java/com/youlai/auth/exception/CustomOAuth2ExceptionTranslator.java
已删除
100644 → 0
浏览文件 @
57e8f807
package
com.youlai.auth.exception
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.security.oauth2.common.exceptions.OAuth2Exception
;
import
org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator
;
import
javax.naming.AuthenticationException
;
public
class
CustomOAuth2ExceptionTranslator
implements
WebResponseExceptionTranslator
{
@Override
public
ResponseEntity
translate
(
Exception
exception
)
throws
Exception
{
if
(
exception
instanceof
OAuth2Exception
)
{
OAuth2Exception
oAuth2Exception
=
(
OAuth2Exception
)
exception
;
return
ResponseEntity
.
status
(
oAuth2Exception
.
getHttpErrorCode
())
.
body
(
new
CustomOAuth2Exception
(
oAuth2Exception
.
getMessage
()));
}
else
if
(
exception
instanceof
AuthenticationException
){
AuthenticationException
authenticationException
=
(
AuthenticationException
)
exception
;
return
ResponseEntity
.
status
(
HttpStatus
.
UNAUTHORIZED
)
.
body
(
new
CustomOAuth2Exception
(
authenticationException
.
getMessage
()));
}
return
ResponseEntity
.
status
(
HttpStatus
.
OK
)
.
body
(
new
CustomOAuth2Exception
(
exception
.
getMessage
()));
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录