feat:添加登出接口

This commit is contained in:
haoxr 2020-09-24 01:04:56 +08:00
parent adee1ae2dc
commit 7b87a4e834
4 changed files with 22 additions and 15 deletions

View File

@ -19,7 +19,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
http http
.authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll() .authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
.and() .and()
.authorizeRequests().antMatchers("/rsa/publicKey").permitAll().anyRequest().authenticated() .authorizeRequests().antMatchers("/rsa/publicKey","/oauth/logout").permitAll().anyRequest().authenticated()
.and() .and()
.csrf().disable(); .csrf().disable();
} }

View File

@ -1,13 +1,19 @@
package com.youlai.auth.controller; package com.youlai.auth.controller;
import cn.hutool.json.JSONUtil;
import com.nimbusds.jose.JWSObject;
import com.youlai.admin.api.dto.UserDTO;
import com.youlai.auth.domain.Oauth2Token; import com.youlai.auth.domain.Oauth2Token;
import com.youlai.common.core.constant.AuthConstants;
import com.youlai.common.core.result.Result; import com.youlai.common.core.result.Result;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import org.apache.logging.log4j.util.Strings;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint; import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.HttpRequestMethodNotSupportedException;
@ -15,8 +21,9 @@ import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore; import springfox.documentation.annotations.ApiIgnore;
import javax.annotation.Resource; import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.security.Principal; import java.security.Principal;
import java.util.ArrayList; import java.text.ParseException;
import java.util.Map; import java.util.Map;
@Api(tags = "认证中心认证登录") @Api(tags = "认证中心认证登录")
@ -32,12 +39,12 @@ public class AuthController {
@ApiOperation("Oauth2获取token") @ApiOperation("Oauth2获取token")
@ApiImplicitParams({ @ApiImplicitParams({
@ApiImplicitParam(name = "grant_type",paramType = "query", defaultValue = "password", value = "授权模式", required = true), @ApiImplicitParam(name = "grant_type", paramType = "query", defaultValue = "password", value = "授权模式", required = true),
@ApiImplicitParam(name = "client_id", paramType = "query",defaultValue = "client",value = "Oauth2客户端ID", required = true), @ApiImplicitParam(name = "client_id", paramType = "query", defaultValue = "client", value = "Oauth2客户端ID", required = true),
@ApiImplicitParam(name = "client_secret",paramType = "query", defaultValue = "123456",value = "Oauth2客户端秘钥", required = true), @ApiImplicitParam(name = "client_secret", paramType = "query", defaultValue = "123456", value = "Oauth2客户端秘钥", required = true),
@ApiImplicitParam(name = "refresh_token",paramType = "query", value = "刷新token"), @ApiImplicitParam(name = "refresh_token", paramType = "query", value = "刷新token"),
@ApiImplicitParam(name = "username",paramType = "query",defaultValue = "admin", value = "登录用户名"), @ApiImplicitParam(name = "username", paramType = "query", defaultValue = "admin", value = "登录用户名"),
@ApiImplicitParam(name = "password",paramType = "query", defaultValue = "123456",value = "登录密码") @ApiImplicitParam(name = "password", paramType = "query", defaultValue = "123456", value = "登录密码")
}) })
@PostMapping("/token") @PostMapping("/token")
public Result postAccessToken( public Result postAccessToken(
@ -54,10 +61,12 @@ public class AuthController {
} }
@DeleteMapping("/logout") @DeleteMapping("/logout")
public Result logout(){ public Result logout(HttpServletRequest request) throws ParseException {
String token = request.getHeader(AuthConstants.JWT_TOKEN_HEADER);
//redisTemplate.opsForHash().putAll("",new ArrayList<>()); JWSObject jwsObject = JWSObject.parse(token);
String payload = jwsObject.getPayload().toString(); // jwt 载体部分
UserDTO userDTO = JSONUtil.toBean(payload, UserDTO.class);
redisTemplate.opsForValue().set("", "");
return null; return null;
} }

View File

@ -34,7 +34,6 @@ public class ResourceServerConfig {
private CustomServerAccessDeniedHandler customServerAccessDeniedHandler; private CustomServerAccessDeniedHandler customServerAccessDeniedHandler;
private CustomServerAuthenticationEntryPoint customServerAuthenticationEntryPoint; private CustomServerAuthenticationEntryPoint customServerAuthenticationEntryPoint;
private WhiteListConfig whiteListConfig; private WhiteListConfig whiteListConfig;
private WhiteListRemoveJwtFilter whiteListRemoveJwtFilter;
@Bean @Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
@ -42,8 +41,6 @@ public class ResourceServerConfig {
.jwtAuthenticationConverter(jwtAuthenticationConverter()); .jwtAuthenticationConverter(jwtAuthenticationConverter());
// 自定义处理JWT请求头过期或签名错误的结果 // 自定义处理JWT请求头过期或签名错误的结果
http.oauth2ResourceServer().authenticationEntryPoint(customServerAuthenticationEntryPoint); http.oauth2ResourceServer().authenticationEntryPoint(customServerAuthenticationEntryPoint);
// 对白名单路径直接移除JWT请求头
http.addFilterBefore(whiteListRemoveJwtFilter, SecurityWebFiltersOrder.AUTHENTICATION);
http.authorizeExchange() http.authorizeExchange()
.pathMatchers(ArrayUtil.toArray(whiteListConfig.getUrls(),String.class)).permitAll() .pathMatchers(ArrayUtil.toArray(whiteListConfig.getUrls(),String.class)).permitAll()
.anyExchange().access(authorizationManager) .anyExchange().access(authorizationManager)

View File

@ -33,6 +33,7 @@ public class AuthGlobalFilter implements GlobalFilter, Ordered {
String payload = jwsObject.getPayload().toString(); String payload = jwsObject.getPayload().toString();
ServerHttpRequest request = exchange.getRequest().mutate() ServerHttpRequest request = exchange.getRequest().mutate()
.header(AuthConstants.USER_TOKEN_HEADER, payload) .header(AuthConstants.USER_TOKEN_HEADER, payload)
.header(AuthConstants.JWT_TOKEN_HEADER,token)
.build(); .build();
exchange = exchange.mutate().request(request).build(); exchange = exchange.mutate().request(request).build();
return chain.filter(exchange); return chain.filter(exchange);