提交 82804f7a 编写于 作者: tangyaologin's avatar tangyaologin

refreshToken 代码更新

上级 1b76f8ba
...@@ -12,11 +12,16 @@ import cn.ibizlab.core.uaa.service.ISysRoleService; ...@@ -12,11 +12,16 @@ import cn.ibizlab.core.uaa.service.ISysRoleService;
import cn.ibizlab.core.uaa.service.ISysUserRoleService; import cn.ibizlab.core.uaa.service.ISysUserRoleService;
import cn.ibizlab.util.domain.Token; import cn.ibizlab.util.domain.Token;
import cn.ibizlab.util.errors.BadRequestAlertException; import cn.ibizlab.util.errors.BadRequestAlertException;
import cn.ibizlab.util.security.AuthTokenUtil;
import cn.ibizlab.util.security.AuthenticationUser;
import cn.ibizlab.util.service.AuthenticationUserService;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import io.jsonwebtoken.ExpiredJwtException;
import lombok.SneakyThrows; import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils; import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.annotation.CacheEvict; import org.springframework.cache.annotation.CacheEvict;
import org.springframework.cache.annotation.CachePut; import org.springframework.cache.annotation.CachePut;
import org.springframework.cache.annotation.Cacheable; import org.springframework.cache.annotation.Cacheable;
...@@ -59,10 +64,19 @@ public class UAACoreService { ...@@ -59,10 +64,19 @@ public class UAACoreService {
@Lazy @Lazy
private ISysRoleService sysRoleService; private ISysRoleService sysRoleService;
@Autowired
private AuthTokenUtil jwtTokenUtil;
@Autowired
private AuthenticationUserService userDetailsService;
@Autowired @Autowired
@Lazy @Lazy
private UserDingtalkRegisterService userDingtalkRegisterService; private UserDingtalkRegisterService userDingtalkRegisterService;
@Value("${ibiz.jwt.expiration:7200000}")
private Long expiration;
@Autowired @Autowired
@Lazy @Lazy
private DingTalkTokenService dingTalkTokenService; private DingTalkTokenService dingTalkTokenService;
...@@ -328,6 +342,40 @@ public class UAACoreService { ...@@ -328,6 +342,40 @@ public class UAACoreService {
return sign; return sign;
} }
public String refreshToken(String oldToken){
String username = null;
String newToken = null;
try {
username = jwtTokenUtil.getUsernameFromToken(oldToken);
} catch (ExpiredJwtException e) {
log.error(e.getMessage());
}
if (!StringUtils.isEmpty(username)) {
AuthenticationUser user = userDetailsService.loadUserByUsername(username);
if (jwtTokenUtil.validateToken(oldToken, user)) {
// 将新token存入缓存,在固定周期内调用接口将返回同一token
Token tok = getToken(oldToken);
if (ObjectUtils.isEmpty(tok)) {
newToken = jwtTokenUtil.generateToken(user);
setToken(oldToken, newToken);
} else {
// 判断缓存中的token是否到期,到期将返回新token
if (isExpired(tok, expiration)) {
newToken = jwtTokenUtil.generateToken(user);
setToken(oldToken, newToken);
}else{
newToken = tok.getNewToken();
}
}
}
}
if (StringUtils.isEmpty(newToken)) {
throw new BadRequestAlertException("获取token失败", "", "refreshToken");
} else {
return newToken;
}
}
@CachePut(value = "ibzuaa_refreshtoken", key = "'token:'+#p0") @CachePut(value = "ibzuaa_refreshtoken", key = "'token:'+#p0")
public Token setToken(String oldToken, String newToken) { public Token setToken(String oldToken, String newToken) {
Token tok = new Token(newToken, oldToken, new Date()); Token tok = new Token(newToken, oldToken, new Date());
......
...@@ -40,9 +40,6 @@ public class ClientAuthenticationResource ...@@ -40,9 +40,6 @@ public class ClientAuthenticationResource
@Value("${ibiz.auth.cookie.domain:}") @Value("${ibiz.auth.cookie.domain:}")
private String cookiedomain; private String cookiedomain;
@Value("${ibiz.jwt.expiration:7200000}")
private Long expiration;
@Autowired @Autowired
private AuthTokenUtil jwtTokenUtil; private AuthTokenUtil jwtTokenUtil;
...@@ -81,38 +78,9 @@ public class ClientAuthenticationResource ...@@ -81,38 +78,9 @@ public class ClientAuthenticationResource
* @return 新token * @return 新token
*/ */
@PostMapping(value = "uaa/refreshToken") @PostMapping(value = "uaa/refreshToken")
public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) { public ResponseEntity<String> refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) {
String username = null; return ResponseEntity.ok().body(uaaCoreService.refreshToken(oldToken));
String newToken = null;
try {
username = jwtTokenUtil.getUsernameFromToken(oldToken);
} catch (ExpiredJwtException e) {
log.error(e.getMessage());
}
if (!StringUtils.isEmpty(username)) {
AuthenticationUser user = userDetailsService.loadUserByUsername(username);
if (jwtTokenUtil.validateToken(oldToken, user)) {
// 将新token存入缓存,在固定周期内调用接口将返回同一token
Token tok = uaaCoreService.getToken(oldToken);
if (ObjectUtils.isEmpty(tok)) {
newToken = jwtTokenUtil.generateToken(user);
uaaCoreService.setToken(oldToken, newToken);
} else {
// 判断缓存中的token是否到期,到期将返回新token
if (uaaCoreService.isExpired(tok, expiration)) {
newToken = jwtTokenUtil.generateToken(user);
uaaCoreService.setToken(oldToken, newToken);
}else{
newToken = tok.getNewToken();
}
}
}
}
if (StringUtils.isEmpty(newToken)) {
throw new BadRequestAlertException("获取token失败", "", "refreshToken");
} else {
return newToken;
}
} }
@PostMapping(value = "v7/changepwd") @PostMapping(value = "v7/changepwd")
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册