diff --git a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java index 0fb1fb05e..b5107272b 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java +++ b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java @@ -6,10 +6,14 @@ import com.youlai.auth.service.UserDetailsServiceImpl; import com.youlai.common.core.constant.AuthConstants; import lombok.AllArgsConstructor; import lombok.SneakyThrows; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.io.ClassPathResource; import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; @@ -119,12 +123,4 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap return accessToken; }; } - -/* @Bean - public AuthenticationProvider daoAuthenticationProvider(){ - DaoAuthenticationProvider impl = new DaoAuthenticationProvider(); - impl.setUserDetailsService(userDetailsService); - impl.setHideUserNotFoundExceptions(false) ; - return impl ; - }*/ } diff --git a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java index 86d160bba..cc6b61ee1 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java +++ b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java @@ -5,11 +5,15 @@ import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointR import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.AuthenticationEntryPoint; + +import javax.servlet.http.HttpServletResponse; @Configuration @EnableWebSecurity @@ -40,4 +44,5 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { public PasswordEncoder passwordEncoder() { return PasswordEncoderFactories.createDelegatingPasswordEncoder(); } + } diff --git a/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java b/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java index c2f715257..43271b008 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java +++ b/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java @@ -4,6 +4,7 @@ import com.youlai.common.core.result.Result; import com.youlai.common.core.result.ResultCode; import lombok.extern.slf4j.Slf4j; import org.springframework.security.authentication.InternalAuthenticationServiceException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; import org.springframework.web.bind.annotation.ExceptionHandler; @@ -13,24 +14,38 @@ import org.springframework.web.bind.annotation.RestControllerAdvice; @Slf4j public class AuthExceptionHandler { + + /** + * 客户端信息错误 + * + * @param e + * @return + */ + @ExceptionHandler(UsernameNotFoundException.class) + public Result handleUsernameNotFoundException(UsernameNotFoundException e) { + return Result.error(e.getMessage()); + } + /** * 用户名和密码异常 + * * @param e * @return */ @ExceptionHandler(InvalidGrantException.class) - public Result handleInvalidGrantException(InvalidGrantException e){ + public Result handleInvalidGrantException(InvalidGrantException e) { return Result.error(e.getMessage()); } /** * 账户异常(禁用、锁定、过期) + * * @param e * @return */ @ExceptionHandler({InternalAuthenticationServiceException.class}) - public Result handleInternalAuthenticationServiceException(InternalAuthenticationServiceException e){ + public Result handleInternalAuthenticationServiceException(InternalAuthenticationServiceException e) { return Result.error(e.getMessage()); } @@ -39,4 +54,9 @@ public class AuthExceptionHandler { public Result handleInvalidTokenException(InvalidTokenException e) { return Result.custom(ResultCode.TOKEN_INVALID_OR_EXPIRED); } + + @ExceptionHandler(Exception.class) + public Result handleException(Exception e) { + return Result.error(e.getMessage()); + } }