瀏覽代碼

更新odic相关报错信息提示

tags/v2.5.0
xiaoying 1 年之前
父節點
當前提交
d4d9e0c8b6
共有 8 個文件被更改,包括 86 次插入26 次删除
  1. +14
    -5
      tuoheng_oidc_server/src/main/java/com/tuoheng/config/SecurityConfig.java
  2. +52
    -0
      tuoheng_oidc_server/src/main/java/com/tuoheng/exception/DiyException.java
  3. +0
    -17
      tuoheng_oidc_server/src/main/java/com/tuoheng/model/dto/AuthoritiesDto.java
  4. +4
    -0
      tuoheng_oidc_server/src/main/java/com/tuoheng/model/dto/UserBaseInfoDto.java
  5. +8
    -2
      tuoheng_oidc_server/src/main/resources/mapper/UserMapper.xml
  6. 二進制
      tuoheng_oidc_server/target/classes/com/tuoheng/config/SecurityConfig.class
  7. 二進制
      tuoheng_oidc_server/target/classes/com/tuoheng/model/dto/UserBaseInfoDto.class
  8. +8
    -2
      tuoheng_oidc_server/target/classes/mapper/UserMapper.xml

+ 14
- 5
tuoheng_oidc_server/src/main/java/com/tuoheng/config/SecurityConfig.java 查看文件

@@ -1,5 +1,6 @@
package com.tuoheng.config;

import com.tuoheng.exception.DiyException;
import com.tuoheng.oauth2.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter;
import com.tuoheng.handler.AccessDeniedHandler;
import com.tuoheng.mapper.UserMapper;
@@ -21,6 +22,7 @@ import org.springframework.security.config.annotation.web.configurers.Expression
import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Token;
import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
@@ -82,6 +84,13 @@ public class SecurityConfig {
OidcUserInfoAuthenticationToken authentication = context.getAuthentication();
JwtAuthenticationToken principal = (JwtAuthenticationToken) authentication.getPrincipal();
UserBaseInfoDto userBaseInfoDto = userMapper.getUserBaseInfo(principal.getName());
// 在这里做校验
if (0 == userBaseInfoDto.getIsAble()) {
throw new DiyException(1001, "该账号已被禁用,请联系系统管理员");
}
if (0 == userBaseInfoDto.getIsExpire()) {
throw new DiyException(1002, "系统有效期已过,请联系系统管理员");
}
return oidcUserInfoService.loadUser(principal.getName(), context.getAccessToken().getScopes(), userBaseInfoDto);
};
authorizationServerConfigurer.oidc((oidc) -> {
@@ -94,14 +103,14 @@ public class SecurityConfig {
.authorizeRequests((authorizeRequests) -> {
((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.anyRequest()).authenticated();
}).csrf((csrf) -> {
csrf.ignoringRequestMatchers(new RequestMatcher[]{endpointsMatcher});
}).apply(authorizationServerConfigurer)
csrf.ignoringRequestMatchers(new RequestMatcher[]{endpointsMatcher});
}).apply(authorizationServerConfigurer)
.and()
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
.exceptionHandling(exceptions -> exceptions
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/toLogin"))
.accessDeniedHandler(new AccessDeniedHandler()))
//.authenticationEntryPoint(new AuthenticationEntryPoint()))
//.authenticationEntryPoint(new AuthenticationEntryPoint()))
.apply(authorizationServerConfigurer);
SecurityFilterChain securityFilterChain = http.build();
addCustomOAuth2ResourceOwnerPasswordAuthenticationProvider(http);
@@ -112,11 +121,11 @@ public class SecurityConfig {
@Order(2)
SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
//http.addFilterBefore(verifyCodeFilter, UsernamePasswordAuthenticationFilter.class);
http.addFilterAt(new VerifyCodeFilter(),UsernamePasswordAuthenticationFilter.class);
http.addFilterAt(new VerifyCodeFilter(), UsernamePasswordAuthenticationFilter.class);
http.csrf().disable()
.authorizeHttpRequests((authorize) -> authorize
.antMatchers("/toLogin", "/getHealth", "/static/**", "/vercode").permitAll()
.antMatchers("/user/create","/user/getInfo").permitAll()
.antMatchers("/user/create", "/user/getInfo").permitAll()
.anyRequest().authenticated()
)
// Form login handles the redirect to the login page from the

+ 52
- 0
tuoheng_oidc_server/src/main/java/com/tuoheng/exception/DiyException.java 查看文件

@@ -0,0 +1,52 @@
package com.tuoheng.exception;

public class DiyException extends RuntimeException {

private static final long serialVersionUID = -783442404816393286L;
//默认错误异常码为-1
public static final int ERROR_CODE_DEFAULT = -1;

private String msg;
private int code;

public String getMsg() {
return msg;
}

public void setMsg(String msg) {
this.msg = msg;
}

public int getCode() {
return code;
}

public void setCode(int code) {
this.code = code;
}

/**
* 带参构造器
*
* @param msg 异常信息
*/
public DiyException(String msg) {
super(msg);
this.code = ERROR_CODE_DEFAULT;
this.msg = msg;
}

/**
* 带参构造器
*
* @param code 异常码
* @param msg 异常信息
*/
public DiyException(int code, String msg) {
super(msg);
this.code = code;
this.msg = msg;
}

}


+ 0
- 17
tuoheng_oidc_server/src/main/java/com/tuoheng/model/dto/AuthoritiesDto.java 查看文件

@@ -1,17 +0,0 @@
package com.tuoheng.model.dto;

import lombok.Data;

/**
* @Author xiaoying
* @Date 2023/7/3 9:49
*/
@Data
public class AuthoritiesDto {

private String authority;

private Integer status;


}

+ 4
- 0
tuoheng_oidc_server/src/main/java/com/tuoheng/model/dto/UserBaseInfoDto.java 查看文件

@@ -28,4 +28,8 @@ public class UserBaseInfoDto {
*/
private List<ClientRoleDto> clientRoleDtoList;

private Integer isAble;

private Integer isExpire;

}

+ 8
- 2
tuoheng_oidc_server/src/main/resources/mapper/UserMapper.xml 查看文件

@@ -6,6 +6,8 @@
<id column="userId" jdbcType="INTEGER" property="userId"/>
<result column="userName" jdbcType="VARCHAR" property="userName"/>
<result column="password" jdbcType="VARCHAR" property="password"/>
<result column="isAble" jdbcType="INTEGER" property="isAble"/>
<result column="isExpire" jdbcType="INTEGER" property="isExpire"/>
<collection property="authorityList" ofType="java.lang.String" javaType="java.util.List">
<result column="authority" jdbcType="VARCHAR"/>
</collection>
@@ -26,7 +28,9 @@
a.password,
b.authority,
c.client_id as clientId,
c.role_id as roleId
c.role_id as roleId,
a.is_able as isAble,
a.is_expire as isExpire
from users a
left join authorities b on a.id = b.user_id
left join t_client_user_role c on a.id = c.user_id
@@ -39,7 +43,9 @@
a.password,
b.authority,
c.client_id as clientId,
c.role_id as roleId
c.role_id as roleId,
a.is_able as isAble,
a.is_expire as isExpire
from users a
left join authorities b on a.id = b.user_id
left join t_client_user_role c on a.id = c.user_id

二進制
tuoheng_oidc_server/target/classes/com/tuoheng/config/SecurityConfig.class 查看文件


二進制
tuoheng_oidc_server/target/classes/com/tuoheng/model/dto/UserBaseInfoDto.class 查看文件


+ 8
- 2
tuoheng_oidc_server/target/classes/mapper/UserMapper.xml 查看文件

@@ -6,6 +6,8 @@
<id column="userId" jdbcType="INTEGER" property="userId"/>
<result column="userName" jdbcType="VARCHAR" property="userName"/>
<result column="password" jdbcType="VARCHAR" property="password"/>
<result column="isAble" jdbcType="INTEGER" property="isAble"/>
<result column="isExpire" jdbcType="INTEGER" property="isExpire"/>
<collection property="authorityList" ofType="java.lang.String" javaType="java.util.List">
<result column="authority" jdbcType="VARCHAR"/>
</collection>
@@ -26,7 +28,9 @@
a.password,
b.authority,
c.client_id as clientId,
c.role_id as roleId
c.role_id as roleId,
a.is_able as isAble,
a.is_expire as isExpire
from users a
left join authorities b on a.id = b.user_id
left join t_client_user_role c on a.id = c.user_id
@@ -39,7 +43,9 @@
a.password,
b.authority,
c.client_id as clientId,
c.role_id as roleId
c.role_id as roleId,
a.is_able as isAble,
a.is_expire as isExpire
from users a
left join authorities b on a.id = b.user_id
left join t_client_user_role c on a.id = c.user_id

Loading…
取消
儲存