diff --git a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java index b894b3b9a..3a49d8eb6 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java +++ b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java @@ -19,7 +19,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http .authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll() .and() - .authorizeRequests().antMatchers("/rsa/publicKey").permitAll().anyRequest().authenticated() + .authorizeRequests().antMatchers("/rsa/publicKey","/oauth/logout").permitAll().anyRequest().authenticated() .and() .csrf().disable(); } diff --git a/youlai-auth/src/main/java/com/youlai/auth/controller/AuthController.java b/youlai-auth/src/main/java/com/youlai/auth/controller/AuthController.java index 264421003..157afda82 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/controller/AuthController.java +++ b/youlai-auth/src/main/java/com/youlai/auth/controller/AuthController.java @@ -1,13 +1,19 @@ package com.youlai.auth.controller; +import cn.hutool.json.JSONUtil; +import com.nimbusds.jose.JWSObject; +import com.youlai.admin.api.dto.UserDTO; import com.youlai.auth.domain.Oauth2Token; +import com.youlai.common.core.constant.AuthConstants; import com.youlai.common.core.result.Result; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; +import org.apache.logging.log4j.util.Strings; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint; import org.springframework.web.HttpRequestMethodNotSupportedException; @@ -15,8 +21,9 @@ import org.springframework.web.bind.annotation.*; import springfox.documentation.annotations.ApiIgnore; import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; import java.security.Principal; -import java.util.ArrayList; +import java.text.ParseException; import java.util.Map; @Api(tags = "认证中心认证登录") @@ -32,12 +39,12 @@ public class AuthController { @ApiOperation("Oauth2获取token") @ApiImplicitParams({ - @ApiImplicitParam(name = "grant_type",paramType = "query", defaultValue = "password", value = "授权模式", required = true), - @ApiImplicitParam(name = "client_id", paramType = "query",defaultValue = "client",value = "Oauth2客户端ID", required = true), - @ApiImplicitParam(name = "client_secret",paramType = "query", defaultValue = "123456",value = "Oauth2客户端秘钥", required = true), - @ApiImplicitParam(name = "refresh_token",paramType = "query", value = "刷新token"), - @ApiImplicitParam(name = "username",paramType = "query",defaultValue = "admin", value = "登录用户名"), - @ApiImplicitParam(name = "password",paramType = "query", defaultValue = "123456",value = "登录密码") + @ApiImplicitParam(name = "grant_type", paramType = "query", defaultValue = "password", value = "授权模式", required = true), + @ApiImplicitParam(name = "client_id", paramType = "query", defaultValue = "client", value = "Oauth2客户端ID", required = true), + @ApiImplicitParam(name = "client_secret", paramType = "query", defaultValue = "123456", value = "Oauth2客户端秘钥", required = true), + @ApiImplicitParam(name = "refresh_token", paramType = "query", value = "刷新token"), + @ApiImplicitParam(name = "username", paramType = "query", defaultValue = "admin", value = "登录用户名"), + @ApiImplicitParam(name = "password", paramType = "query", defaultValue = "123456", value = "登录密码") }) @PostMapping("/token") public Result postAccessToken( @@ -54,10 +61,12 @@ public class AuthController { } @DeleteMapping("/logout") - public Result logout(){ - - //redisTemplate.opsForHash().putAll("",new ArrayList<>()); - + public Result logout(HttpServletRequest request) throws ParseException { + String token = request.getHeader(AuthConstants.JWT_TOKEN_HEADER); + JWSObject jwsObject = JWSObject.parse(token); + String payload = jwsObject.getPayload().toString(); // jwt 载体部分 + UserDTO userDTO = JSONUtil.toBean(payload, UserDTO.class); + redisTemplate.opsForValue().set("", ""); return null; } diff --git a/youlai-gateway/src/main/java/com/youlai/gateway/config/ResourceServerConfig.java b/youlai-gateway/src/main/java/com/youlai/gateway/config/ResourceServerConfig.java index b533938a3..242f19e21 100644 --- a/youlai-gateway/src/main/java/com/youlai/gateway/config/ResourceServerConfig.java +++ b/youlai-gateway/src/main/java/com/youlai/gateway/config/ResourceServerConfig.java @@ -34,7 +34,6 @@ public class ResourceServerConfig { private CustomServerAccessDeniedHandler customServerAccessDeniedHandler; private CustomServerAuthenticationEntryPoint customServerAuthenticationEntryPoint; private WhiteListConfig whiteListConfig; - private WhiteListRemoveJwtFilter whiteListRemoveJwtFilter; @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { @@ -42,8 +41,6 @@ public class ResourceServerConfig { .jwtAuthenticationConverter(jwtAuthenticationConverter()); // 自定义处理JWT请求头过期或签名错误的结果 http.oauth2ResourceServer().authenticationEntryPoint(customServerAuthenticationEntryPoint); - // 对白名单路径,直接移除JWT请求头 - http.addFilterBefore(whiteListRemoveJwtFilter, SecurityWebFiltersOrder.AUTHENTICATION); http.authorizeExchange() .pathMatchers(ArrayUtil.toArray(whiteListConfig.getUrls(),String.class)).permitAll() .anyExchange().access(authorizationManager) diff --git a/youlai-gateway/src/main/java/com/youlai/gateway/filter/AuthGlobalFilter.java b/youlai-gateway/src/main/java/com/youlai/gateway/filter/AuthGlobalFilter.java index 52fb33ffe..0d1cc1891 100644 --- a/youlai-gateway/src/main/java/com/youlai/gateway/filter/AuthGlobalFilter.java +++ b/youlai-gateway/src/main/java/com/youlai/gateway/filter/AuthGlobalFilter.java @@ -33,6 +33,7 @@ public class AuthGlobalFilter implements GlobalFilter, Ordered { String payload = jwsObject.getPayload().toString(); ServerHttpRequest request = exchange.getRequest().mutate() .header(AuthConstants.USER_TOKEN_HEADER, payload) + .header(AuthConstants.JWT_TOKEN_HEADER,token) .build(); exchange = exchange.mutate().request(request).build(); return chain.filter(exchange);