mirror of
https://gitee.com/youlaitech/youlai-mall.git
synced 2024-12-23 13:03:43 +08:00
feat:认证服务器统一异常处理
This commit is contained in:
parent
2740edfcf8
commit
8f80c65f84
@ -14,7 +14,6 @@ import lombok.SneakyThrows;
|
|||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.core.io.ClassPathResource;
|
import org.springframework.core.io.ClassPathResource;
|
||||||
import org.springframework.core.io.buffer.DataBuffer;
|
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.http.MediaType;
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
@ -31,7 +30,6 @@ import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFacto
|
|||||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||||
|
|
||||||
import javax.sql.DataSource;
|
import javax.sql.DataSource;
|
||||||
import java.nio.charset.Charset;
|
|
||||||
import java.security.KeyPair;
|
import java.security.KeyPair;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
@ -88,6 +86,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(AuthorizationServerSecurityConfigurer security) {
|
public void configure(AuthorizationServerSecurityConfigurer security) {
|
||||||
|
/*security.allowFormAuthenticationForClients();*/
|
||||||
CustomClientCredentialsTokenEndpointFilter endpointFilter = new CustomClientCredentialsTokenEndpointFilter(security);
|
CustomClientCredentialsTokenEndpointFilter endpointFilter = new CustomClientCredentialsTokenEndpointFilter(security);
|
||||||
endpointFilter.afterPropertiesSet();
|
endpointFilter.afterPropertiesSet();
|
||||||
endpointFilter.setAuthenticationEntryPoint(authenticationEntryPoint());
|
endpointFilter.setAuthenticationEntryPoint(authenticationEntryPoint());
|
||||||
@ -99,6 +98,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 自定义认证异常响应数据
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public AuthenticationEntryPoint authenticationEntryPoint() {
|
public AuthenticationEntryPoint authenticationEntryPoint() {
|
||||||
return (request, response, e) -> {
|
return (request, response, e) -> {
|
||||||
|
@ -73,7 +73,6 @@ public class AuthController {
|
|||||||
@ApiIgnore Principal principal,
|
@ApiIgnore Principal principal,
|
||||||
@ApiIgnore @RequestParam Map<String, String> parameters
|
@ApiIgnore @RequestParam Map<String, String> parameters
|
||||||
) throws HttpRequestMethodNotSupportedException, WxErrorException {
|
) throws HttpRequestMethodNotSupportedException, WxErrorException {
|
||||||
log.info("生成token开始");
|
|
||||||
String clientId = parameters.get("client_id");
|
String clientId = parameters.get("client_id");
|
||||||
|
|
||||||
if (StrUtil.isBlank(clientId)) {
|
if (StrUtil.isBlank(clientId)) {
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package com.youlai.auth.exception;
|
package com.youlai.auth.exception;
|
||||||
|
|
||||||
import com.youlai.common.core.result.Result;
|
import com.youlai.common.core.result.Result;
|
||||||
|
import com.youlai.common.core.result.ResultCode;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.security.authentication.InternalAuthenticationServiceException;
|
import org.springframework.security.authentication.InternalAuthenticationServiceException;
|
||||||
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
|
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
|
||||||
@ -19,7 +20,7 @@ public class AuthExceptionHandler {
|
|||||||
*/
|
*/
|
||||||
@ExceptionHandler(InvalidGrantException.class)
|
@ExceptionHandler(InvalidGrantException.class)
|
||||||
public Result handleInvalidGrantException(InvalidGrantException e) {
|
public Result handleInvalidGrantException(InvalidGrantException e) {
|
||||||
return Result.error(e.getMessage());
|
return Result.custom(ResultCode.USERNAME_OR_PASSWORD_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -13,7 +13,6 @@ public class CustomClientCredentialsTokenEndpointFilter extends ClientCredential
|
|||||||
private AuthorizationServerSecurityConfigurer configurer;
|
private AuthorizationServerSecurityConfigurer configurer;
|
||||||
private AuthenticationEntryPoint authenticationEntryPoint;
|
private AuthenticationEntryPoint authenticationEntryPoint;
|
||||||
|
|
||||||
|
|
||||||
public CustomClientCredentialsTokenEndpointFilter(AuthorizationServerSecurityConfigurer configurer) {
|
public CustomClientCredentialsTokenEndpointFilter(AuthorizationServerSecurityConfigurer configurer) {
|
||||||
this.configurer = configurer;
|
this.configurer = configurer;
|
||||||
}
|
}
|
||||||
@ -35,5 +34,4 @@ public class CustomClientCredentialsTokenEndpointFilter extends ClientCredential
|
|||||||
setAuthenticationSuccessHandler((request, response, authentication) -> {
|
setAuthenticationSuccessHandler((request, response, authentication) -> {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -65,8 +65,6 @@ public class UserDetailsServiceImpl implements UserDetailsService {
|
|||||||
throw new LockedException("该账号已被锁定!");
|
throw new LockedException("该账号已被锁定!");
|
||||||
} else if (!user.isAccountNonExpired()) {
|
} else if (!user.isAccountNonExpired()) {
|
||||||
throw new AccountExpiredException("该账号已过期!");
|
throw new AccountExpiredException("该账号已过期!");
|
||||||
} else if (!user.isCredentialsNonExpired()) {
|
|
||||||
throw new CredentialsExpiredException("该账户的登录凭证已过期,请重新登录!");
|
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user