Jelajahi Sumber

:bug: Fixing a bug. 令牌管理权限拦截& 优化令牌过期错误返回

lbw 1 tahun lalu
induk
melakukan
643f4b9d1a

+ 4 - 3
pigx-auth/src/main/java/com/pig4cloud/pigx/auth/config/AuthorizationServerConfiguration.java

@@ -22,7 +22,6 @@ package com.pig4cloud.pigx.auth.config;
 import cn.hutool.core.util.ArrayUtil;
 import com.pig4cloud.pigx.auth.support.CustomeOAuth2AccessTokenGenerator;
 import com.pig4cloud.pigx.auth.support.core.CustomeOAuth2TokenCustomizer;
-import com.pig4cloud.pigx.auth.support.core.FormIdentityLoginConfigurer;
 import com.pig4cloud.pigx.auth.support.core.PigDaoAuthenticationProvider;
 import com.pig4cloud.pigx.auth.support.handler.PigAuthenticationFailureEventHandler;
 import com.pig4cloud.pigx.auth.support.handler.PigAuthenticationSuccessEventHandler;
@@ -111,8 +110,10 @@ public class AuthorizationServerConfiguration {
 				.apply(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
 						.authorizationServerSettings(
 								AuthorizationServerSettings.builder().issuer(SecurityConstants.PIGX_LICENSE).build()))
-				// 授权码登录的登录页个性化
-				.and().apply(new FormIdentityLoginConfigurer()).and().build();
+				// 处理认证服务器异常
+				.and()
+				.exceptionHandling(configurer -> configurer.authenticationEntryPoint(resourceAuthExceptionEntryPoint))
+				.build();
 
 		// 注入自定义授权模式实现
 		addCustomOAuth2GrantAuthenticationProvider(http);

+ 11 - 4
pigx-auth/src/main/java/com/pig4cloud/pigx/auth/endpoint/PigxTokenEndpoint.java

@@ -168,7 +168,6 @@ public class PigxTokenEndpoint {
 	 * 令牌管理调用
 	 * @param token token
 	 */
-	@Inner
 	@DeleteMapping("/{token}")
 	public R<Boolean> removeToken(@PathVariable("token") String token) {
 		OAuth2Authorization authorization = authorizationService.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
@@ -195,15 +194,14 @@ public class PigxTokenEndpoint {
 	 * @param params 分页参数
 	 * @return
 	 */
-	@Inner
 	@PostMapping("/page")
 	public R<Page<TokenVo>> tokenList(@RequestBody Map<String, Object> params) {
 		// 根据分页参数获取对应数据
-		String key = String.format("%s::*", CacheConstants.PROJECT_OAUTH_ACCESS);
+		String key = String.format("%s::%s::*", tenantKeyStrResolver.key(), CacheConstants.PROJECT_OAUTH_ACCESS);
 		int current = MapUtil.getInt(params, CommonConstants.CURRENT);
 		int size = MapUtil.getInt(params, CommonConstants.SIZE);
 		Set<String> keys = redisTemplate.keys(key);
-		List<String> pages = keys.stream().skip((long) (current - 1) * size).limit(size).collect(Collectors.toList());
+		List<String> pages = keys.stream().skip((current - 1) * size).limit(size).collect(Collectors.toList());
 		Page<TokenVo> result = new Page(current, size);
 
 		List<TokenVo> tokenVoList = redisTemplate.opsForValue().multiGet(pages).stream().map(obj -> {
@@ -222,6 +220,7 @@ public class PigxTokenEndpoint {
 			String issuedAt = TemporalAccessorUtil.format(accessToken.getToken().getIssuedAt(),
 					DatePattern.NORM_DATETIME_PATTERN);
 			tokenVo.setIssuedAt(issuedAt);
+
 			Map<String, Object> attributes = authorization.getAttributes();
 			Authentication authentication = (Authentication) attributes.get(Principal.class.getName());
 			PigxUser pigxUser = (PigxUser) authentication.getPrincipal();
@@ -240,4 +239,12 @@ public class PigxTokenEndpoint {
 		return R.ok(result);
 	}
 
+	@Inner
+	@GetMapping("/query-token")
+	public R queryToken(String token) {
+		OAuth2Authorization authorization = authorizationService.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
+		return R.ok(authorization);
+
+	}
+
 }

+ 1 - 1
pigx-upms/pigx-upms-biz/src/main/resources/application.yml

@@ -52,7 +52,7 @@ aj:
   captcha:
     water-mark: pig4cloud
 
-
+# 配置swagger 信息覆盖 common-swagger 中内置的
 swagger:
   enabled: true
   title: PigX Swagger API