♻️ Refactoring code. 重构网关filter 判断逻辑，非密码模式直接跳过 PasswordDecoderFilter

pig-auth/src/main/java/com/pig4cloud/pig/auth/support/core/PigDaoAuthenticationProvider.java

@@ -20,6 +20,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.web.authentication.www.BasicAuthenticationConverter;
 import org.springframework.util.Assert;
@@ -66,9 +67,9 @@ public class PigDaoAuthenticationProvider extends AbstractUserDetailsAuthenticat
 	protected void additionalAuthenticationChecks(UserDetails userDetails,
 			UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
 
-		// app 模式不用校验密码
+		// 只有密码模式需要校验密码
 		String grantType = WebUtils.getRequest().get().getParameter(OAuth2ParameterNames.GRANT_TYPE);
-		if (StrUtil.equals(SecurityConstants.MOBILE, grantType)) {
+		if (!StrUtil.equals(AuthorizationGrantType.PASSWORD.getValue(), grantType)) {
 			return;
 		}
 

pig-common/pig-common-core/src/main/java/com/pig4cloud/pig/common/core/constant/SecurityConstants.java

@@ -62,6 +62,11 @@ public interface SecurityConstants {
 	 */
 	String REFRESH_TOKEN = "refresh_token";
 
+	/**
+	 * password 模式
+	 */
+	String PASSWORD = "password";
+
 	/**
 	 * 手机号登录
 	 */

pig-common/pig-common-feign/src/main/java/com/pig4cloud/pig/common/feign/sentinel/handle/GlobalBizExceptionHandler.java

@@ -51,7 +51,6 @@ public class GlobalBizExceptionHandler {
 
 	/**
 	 * 全局异常.
-     *
 	 * @param e the e
 	 * @return R
 	 */
@@ -67,7 +66,6 @@ public class GlobalBizExceptionHandler {
 
 	/**
 	 * 处理业务校验过程中碰到的非法参数异常 该异常基本由{@link org.springframework.util.Assert}抛出
-     *
 	 * @param exception 参数校验异常
 	 * @return API返回结果对象包装后的错误输出结果
 	 * @see Assert#hasLength(String, String)
@@ -85,7 +83,6 @@ public class GlobalBizExceptionHandler {
 
 	/**
 	 * AccessDeniedException
-     *
 	 * @param e the e
 	 * @return R
 	 */
@@ -100,11 +97,10 @@ public class GlobalBizExceptionHandler {
 
 	/**
 	 * validation Exception
-     *
 	 * @param exception
 	 * @return R
 	 */
-    @ExceptionHandler({MethodArgumentNotValidException.class})
+	@ExceptionHandler({ MethodArgumentNotValidException.class })
 	@ResponseStatus(HttpStatus.BAD_REQUEST)
 	public R handleBodyValidException(MethodArgumentNotValidException exception) {
 		List<FieldError> fieldErrors = exception.getBindingResult().getFieldErrors();
@@ -114,11 +110,10 @@ public class GlobalBizExceptionHandler {
 
 	/**
 	 * validation Exception (以form-data形式传参)
-     *
 	 * @param exception
 	 * @return R
 	 */
-    @ExceptionHandler({BindException.class})
+	@ExceptionHandler({ BindException.class })
 	@ResponseStatus(HttpStatus.BAD_REQUEST)
 	public R bindExceptionHandler(BindException exception) {
 		List<FieldError> fieldErrors = exception.getBindingResult().getFieldErrors();
@@ -129,17 +124,16 @@ public class GlobalBizExceptionHandler {
 	/**
 	 * 保持和低版本请求路径不存在的行为一致
 	 * <p>
-     * <a href="https://github.com/spring-projects/spring-boot/issues/38733">[Spring Boot 3.2.0] 404 Not Found behavior #38733</a>
-     *
+	 * <a href="https://github.com/spring-projects/spring-boot/issues/38733">[Spring Boot
+	 * 3.2.0] 404 Not Found behavior #38733</a>
 	 * @param exception
 	 * @return R
 	 */
-    @ExceptionHandler({NoResourceFoundException.class})
+	@ExceptionHandler({ NoResourceFoundException.class })
 	@ResponseStatus(HttpStatus.NOT_FOUND)
 	public R bindExceptionHandler(NoResourceFoundException exception) {
 		log.debug("请求路径 404 {}", exception.getMessage());
 		return R.failed(exception.getMessage());
 	}
 
-
 }

pig-gateway/src/main/java/com/pig4cloud/pig/gateway/filter/PasswordDecoderFilter.java

@@ -82,9 +82,9 @@ public class PasswordDecoderFilter extends AbstractGatewayFilterFactory {
                 return chain.filter(exchange);
             }
 
-			// 2. 刷新token类型，直接向下执行
+            // 2. 不是密码登录模式直接跳过
             String grantType = request.getQueryParams().getFirst("grant_type");
-			if (StrUtil.equals(SecurityConstants.REFRESH_TOKEN, grantType)) {
+            if (!StrUtil.equals(SecurityConstants.PASSWORD, grantType)) {
                 return chain.filter(exchange);
             }
 
@@ -112,6 +112,7 @@ public class PasswordDecoderFilter extends AbstractGatewayFilterFactory {
 
     /**
      * 原文解密
+     *
      * @return
      */
     private Function decryptAES() {
@@ -127,8 +128,7 @@ public class PasswordDecoderFilter extends AbstractGatewayFilterFactory {
                 String password = aes.decryptStr(inParamsMap.get(PASSWORD));
                 // 返回修改后报文字符
                 inParamsMap.put(PASSWORD, password);
-			}
-			else {
+            } else {
                 log.error("非法请求数据:{}", s);
             }
             return Mono.just(HttpUtil.toParams(inParamsMap, Charset.defaultCharset(), true));
@@ -137,6 +137,7 @@ public class PasswordDecoderFilter extends AbstractGatewayFilterFactory {
 
     /**
      * 报文转换
+     *
      * @return
      */
     private ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers,
@@ -149,8 +150,7 @@ public class PasswordDecoderFilter extends AbstractGatewayFilterFactory {
                 httpHeaders.putAll(super.getHeaders());
                 if (contentLength > 0) {
                     httpHeaders.setContentLength(contentLength);
-				}
-				else {
+                } else {
                     httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
                 }
                 return httpHeaders;