【JWT鉴权续期接口】补齐reflashToken逻辑，注释

824f9fdf · Tyl666 · eeee13d9 · 824f9fdf
--- a/ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
+++ b/ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
@@ -75,10 +75,15 @@ public class ClientAuthenticationResource
        return ResponseEntity.ok().body(new AuthenticationInfo(token,user2));
    }

+    /**
+     * token续期
+     * @param oldToken 业务系统即将到期的token
+     * @return 新token
+     */
    @PostMapping(value = "v7/refreshToken")
    public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) {
        String username = null;
-        String newToken = uaaCoreService.getToken(oldToken) == null ? "" : uaaCoreService.getToken(oldToken).getNewToken();
+        String newToken = null;
        try {
            username = jwtTokenUtil.getUsernameFromToken(oldToken);
        } catch (ExpiredJwtException e) {
@@ -87,14 +92,18 @@ public class ClientAuthenticationResource
        if (!StringUtils.isEmpty(username)) {
            AuthenticationUser user = userDetailsService.loadUserByUsername(username);
            if (jwtTokenUtil.validateToken(oldToken, user)) {
+                // 将新token存入缓存，在固定周期内调用接口将返回同一token
                Token tok = uaaCoreService.getToken(oldToken);
                if (ObjectUtils.isEmpty(tok)) {
                    newToken = jwtTokenUtil.generateToken(user);
                    uaaCoreService.setToken(oldToken, newToken);
                } else {
+                    // 判断缓存中的token是否到期，到期将返回新token
                    if (uaaCoreService.isExpired(tok, expiration)) {
                        newToken = jwtTokenUtil.generateToken(user);
                        uaaCoreService.setToken(oldToken, newToken);
+                    }else{
+                        newToken = tok.getNewToken();
                    }
                }
            }