From f621bf17e49bd8ecf2a8e52f3ba309809161e7cc Mon Sep 17 00:00:00 2001
From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Mon, 15 Jul 2019 10:42:24 +0800
Subject: [PATCH] =?utf8?q?=E4=BF=AE=E6=94=B9api=20authentication=20?=
 =?utf8?q?=E7=9A=84bug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 .../controller/security_controller.kt         | 20 ++++++++-----------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
index 84bba9f0..e4a7088d 100644
--- a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
+++ b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
@@ -74,16 +74,12 @@ class ApiAuthController {
         } ?: throw TransactionCheckException(TradeErrorCode.BUSINESS_DEAL_ERROR,
                 "ç³»ç»æªéç½®ç§æ·ä¿¡æ¯")
 
-        apiClientDao.findById(appid).run {
-            if (!isPresent) {
-                return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
-            }
-            if (get().status != TradeDict.STATUS_NORMAL) {
+        apiClientDao.findByAppid(appid)?.apply {
+            if (this.status != TradeDict.STATUS_NORMAL) {
                 return ResponseEntity.ok(ResponseBodyBuilder.create()
                         .fail(TradeErrorCode.BUSINESS_DEAL_ERROR, "APIç¶æéè¯¯"))
             }
-            get()
-        }.let { api ->
+        }?.let { api ->
             val token = generateRandomToken()
             val now = systemUtil.sysdatetime.hostdatetime
             ApiClientRedis().also {
@@ -97,7 +93,7 @@ class ApiAuthController {
             }
             return ResponseEntity.ok(ResponseBodyBuilder.create()
                     .success(ApiLoginInitResponse(now, token)))
-        }
+        } ?: return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
     }
 
     private fun generateRandomToken(): String {
@@ -148,14 +144,14 @@ class ApiAuthController {
         }
         val jwt = JwtTokenUtil(jwtConfig).verifyToken(auth.substring(jwtConfig.tokenHeader.length))
         val appid = jwt["uid"] as String
-        return apiClientDao.findById(appid).let {
-            if (it.isPresent && it.get().status == TradeDict.STATUS_NORMAL) {
+        return apiClientDao.findByAppid(appid)?.let {
+            if (it.status == TradeDict.STATUS_NORMAL) {
                 // æ°è¯ä¹¦
                 val token = JwtTokenUtil(jwtConfig).generateToken(
                         mapOf(Constants.JWT_CLAIM_UID to appid,
                                 "issuer" to "payapi",
                                 "audience" to jwt["audience"],
-                                Constants.JWT_CLAIM_AUTHORITIES to it.get().roles.split(";")))
+                                Constants.JWT_CLAIM_AUTHORITIES to it.roles.split(";")))
                 JwtRedis().apply {
                     jti = token.jti
                     uid = appid
@@ -171,7 +167,7 @@ class ApiAuthController {
             } else {
                 ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
             }
-        }
+        } ?: ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
     }
 }
 
-- 
2.17.1