提交 36e886b8 编写于 作者: Tyl666's avatar Tyl666

【JWT鉴权续期接口】security放行接口

上级 824f9fdf
...@@ -121,6 +121,7 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -121,6 +121,7 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/uaa/bindQQtoRegister").permitAll() .antMatchers("/uaa/bindQQtoRegister").permitAll()
.antMatchers("/uaa/publickey").permitAll() .antMatchers("/uaa/publickey").permitAll()
.antMatchers("/uaa/dingtalk/jsapi/sign").permitAll() .antMatchers("/uaa/dingtalk/jsapi/sign").permitAll()
.antMatchers("/uaa/refreshToken").permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
// 防止iframe 造成跨域 // 防止iframe 造成跨域
.and().headers().frameOptions().disable(); .and().headers().frameOptions().disable();
......
...@@ -142,7 +142,8 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -142,7 +142,8 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/uaa/getQQAppId").permitAll() .antMatchers("/uaa/getQQAppId").permitAll()
.antMatchers("/uaa/queryQQUserByCode").permitAll() .antMatchers("/uaa/queryQQUserByCode").permitAll()
.antMatchers("/uaa/bindQQtoRegister").permitAll() .antMatchers("/uaa/bindQQtoRegister").permitAll()
.antMatchers("/uaa/dingtalk/jsapi/sign").permitAll(); .antMatchers("/uaa/dingtalk/jsapi/sign").permitAll()
.antMatchers("/uaa/refreshToken").permitAll();
if (StringUtils.isNotBlank(excludesPattern)) { if (StringUtils.isNotBlank(excludesPattern)) {
for (String excludePattern : excludesPattern.split("\\s*,\\s*")) { for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {
......
...@@ -80,7 +80,7 @@ public class ClientAuthenticationResource ...@@ -80,7 +80,7 @@ public class ClientAuthenticationResource
* @param oldToken 业务系统即将到期的token * @param oldToken 业务系统即将到期的token
* @return 新token * @return 新token
*/ */
@PostMapping(value = "v7/refreshToken") @PostMapping(value = "uaa/refreshToken")
public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) { public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) {
String username = null; String username = null;
String newToken = null; String newToken = null;
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册