token续期优化

8b08b2f9 · zhouweidong · ebd25c62 · 8b08b2f9 · 8b08b2f9 · 8b08b2f9
--- a/ibzuaa-app/ibzuaa-app-web/src/main/resources/application.yml
+++ b/ibzuaa-app/ibzuaa-app-web/src/main/resources/application.yml
@@ -9,10 +9,6 @@ zuul:
      path: /v7/login
      serviceId: ${ibiz.ref.service.ibzuaa-api:ibzuaa-api}
      stripPrefix: false
-    refreshtoken:
-      path: /v7/refreshtoken
-      serviceId: ${ibiz.ref.service.ibzuaa-api:ibzuaa-api}
-      stripPrefix: false
    uaa:
      path: /uaa/**
      serviceId: ${ibiz.ref.service.ibzuaa-api:ibzuaa-api}

--- a/ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UAACoreService.java
+++ b/ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UAACoreService.java
@@ -328,19 +328,19 @@ public class UAACoreService {
        return sign;
    }

-    @CachePut(value = "ibzuaa_users", key = "'token:'+#p0")
+    @CachePut(value = "ibzuaa_refreshtoken", key = "'token:'+#p0")
    public Token setToken(String oldToken, String newToken) {
        Token tok = new Token(newToken, oldToken, new Date());
        return tok;
    }

-    @Cacheable(value = "ibzuaa_users", key = "'token:'+#p0")
+    @Cacheable(value = "ibzuaa_refreshtoken", key = "'token:'+#p0")
    public Token getToken(String oldToken) {
        return null;
    }

-    @CacheEvict(value = "ibzuaa_users", key = "'token:'+#p0")
-    public Token removeToken(String token) {
+    @CacheEvict(value = "ibzuaa_refreshtoken", key = "'token:'+#p0")
+    public Token resetToken(String token) {
        return null;
    }


--- a/ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
+++ b/ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
@@ -82,12 +82,14 @@ public class ClientAuthenticationResource
        try {
            // 查询token里面的用户名
            username = jwtTokenUtil.getUsernameFromToken(oldToken);
-            // 根据用户名取缓存的用户对象
-            user = userDetailsService.loadUserByUsername(username);
        }catch (ExpiredJwtException e){
            log.error(e.getMessage());
        }
-        if (!jwtTokenUtil.validateToken(oldToken, user)) {
+        if(!StringUtils.isEmpty(username)){
+            // 根据用户名取缓存的用户对象
+            user = userDetailsService.loadUserByUsername(username);
+        }
+        if (!ObjectUtils.isEmpty(user) && !jwtTokenUtil.validateToken(oldToken, user)) {
            throw new BadRequestAlertException("token已失效", "", "");
        }
        Token tok = uaaCoreService.getToken(oldToken);