【JWT鉴权续期接口】security放行接口

ibzuaa-boot/src/main/java/cn/ibizlab/config/DevBootSecurityConfig.java

@@ -121,6 +121,7 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
                        .antMatchers("/uaa/bindQQtoRegister").permitAll()
                        .antMatchers("/uaa/publickey").permitAll()
                        .antMatchers("/uaa/dingtalk/jsapi/sign").permitAll()
+                       .antMatchers("/uaa/refreshToken").permitAll()
                 .anyRequest().authenticated()
                 // 防止iframe 造成跨域
                 .and().headers().frameOptions().disable();

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java

@@ -142,7 +142,8 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
                .antMatchers("/uaa/getQQAppId").permitAll()
                .antMatchers("/uaa/queryQQUserByCode").permitAll()
                .antMatchers("/uaa/bindQQtoRegister").permitAll()
-               .antMatchers("/uaa/dingtalk/jsapi/sign").permitAll();
+               .antMatchers("/uaa/dingtalk/jsapi/sign").permitAll()
+               .antMatchers("/uaa/refreshToken").permitAll();
 
         if (StringUtils.isNotBlank(excludesPattern)) {
             for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java

@@ -80,7 +80,7 @@ public class ClientAuthenticationResource
      * @param oldToken 业务系统即将到期的token
      * @return 新token
      */
-    @PostMapping(value = "v7/refreshToken")
+    @PostMapping(value = "uaa/refreshToken")
     public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) {
         String username = null;
         String newToken = null;