commit 9171ea909e3ab276b38d241411b56ae8b5030c88
author Tang Cheng <cheng.tang@supwisdom.com> 周三 4月 24 11:55:35 2019 +0800
committer Xia Kaixiang <kaixiang.xia@supwisdom.com> 周一 3月 16 09:56:21 2020 +0800
tree 7aa6a09e7f2bc57174960f619cfe1f016d43a8a4
parent 8c2e3c1ec32154caec700f2a6a4ad199b73b3f62

修改 jwt 的bug, 更新了单元测试功能，增加 RestAssured 测试代码

build.gradle

diff --git a/build.gradle b/build.gradle
index ea76826..b5f6ed8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -57,6 +57,9 @@
 
     providedRuntime 'org.springframework.boot:spring-boot-starter-tomcat'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    testImplementation 'io.rest-assured:rest-assured:3.3.0'
+    testImplementation 'io.rest-assured:spring-mock-mvc:3.3.0'
+    testImplementation 'org.hamcrest:hamcrest:2.1'
 }
 
 compileKotlin {

sql/init_test.sql

diff --git a/sql/init_test.sql b/sql/init_test.sql
index ceaf464..ebdfa8e 100644
--- a/sql/init_test.sql
+++ b/sql/init_test.sql
@@ -5,7 +5,7 @@
 	VALUES ('LOR2IwRkbOjp+sVG9KR2BpHZbwGKepS4', '20500101', '20190101', 'system', '系统管理员', '$2a$10$Ex9xp11.vCaD8D0a7ahiUOKqDij1TcCUBwRAmrqXeDvAkmzLibn4.', '', 'normal');
 
 INSERT INTO tb_role(
-	role_id, createtime, editflag, lastsaved, role_code, role_desc, role_name)
+	role_id, createtime, editflag, lastsaved, rolecode, roledesc, rolename)
 	VALUES ('d1yctWs5+ks0iQN3m9bUvRHus6HbKbrs', '20190101000000', 0, '', 'ROLE_ADMIN', '超级管理员', '超级管理员');
 
 INSERT INTO tb_oper_role(

src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java

diff --git a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
index a51f705..c8992a8 100644
--- a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
+++ b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
@@ -11,7 +11,7 @@
   private Long expiration = 3600L;
   @Value("${jwt.header:Authorization}")
   private String header = "Authorization";
-  @Value("${jwt.token_header:Bearer")
+  @Value("${jwt.token_header:Bearer }")
   private String tokenHeader = "Bearer";
 
   public String getSecret() {

src/main/java/com/supwisdom/dlpay/framework/core/JwtTokenUtil.java

diff --git a/src/main/java/com/supwisdom/dlpay/framework/core/JwtTokenUtil.java b/src/main/java/com/supwisdom/dlpay/framework/core/JwtTokenUtil.java
index 9c0a35b..481df61 100644
--- a/src/main/java/com/supwisdom/dlpay/framework/core/JwtTokenUtil.java
+++ b/src/main/java/com/supwisdom/dlpay/framework/core/JwtTokenUtil.java
@@ -43,6 +43,9 @@
     if (params.get("authorities") != null) {
       claims.setClaim("authorities", params.get("authorities"));
     }
+    if(params.get("uid") != null) {
+      claims.setClaim("uid", params.get("uid"));
+    }
     /*
     claims.setClaim("email", "mail@example.com"); // additional claims/attributes about the subject can be added
     List<String> groups = Arrays.asList("group-one", "other-group", "group-three");

src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt

diff --git a/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt b/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
index ec1d2e4..2ee98f6 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
@@ -18,6 +18,7 @@
 import com.supwisdom.dlpay.system.service.FunctionService
 import mu.KotlinLogging
 import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.http.HttpRequest
 import org.springframework.http.HttpStatus
 import org.springframework.http.ResponseEntity
 import org.springframework.security.core.annotation.AuthenticationPrincipal
@@ -112,7 +113,7 @@
                     apiJwtRepository.save(this)
                 }
                 val exp = Calendar.getInstance()
-                val fmt = SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z")
+                val fmt = SimpleDateFormat("yyyy-MM-dd HH:mm:ss z")
                 fmt.timeZone = TimeZone.getTimeZone("UTC")
                 exp.timeInMillis = token.expiration.valueInMillis
                 ResponseEntity.ok(ResponseBodyBuilder.create()
@@ -127,13 +128,14 @@
     }
 
     @GetMapping("/refresh")
-    fun refresh(@RequestHeader("\${jwt.header}") auth: String): ResponseEntity<Any> {
+    fun refresh(request: HttpServletRequest): ResponseEntity<Any> {
+        val auth = request.getHeader(jwtConfig.header) ?: ""
         if (!auth.startsWith(jwtConfig.tokenHeader)) {
             return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
         }
         val jwt = JwtTokenUtil(jwtConfig).verifyToken(auth.substring(jwtConfig.tokenHeader.length))
         val appid = jwt["uid"] as String
-        apiClientDao.findById(appid).let {
+        return apiClientDao.findById(appid).let {
             if (it.isPresent && it.get().status == TradeDict.STATUS_NORMAL) {
                 // 新证书
                 val token = JwtTokenUtil(jwtConfig).generateToken(
@@ -149,7 +151,7 @@
                     apiJwtRepository.save(this)
                 }
                 val exp = Calendar.getInstance()
-                val fmt = SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z")
+                val fmt = SimpleDateFormat("yyyy-MM-dd HH:mm:ss z")
                 fmt.timeZone = TimeZone.getTimeZone("UTC")
                 exp.timeInMillis = token.expiration.valueInMillis
                 ResponseEntity.ok(ResponseBodyBuilder.create()
@@ -157,9 +159,10 @@
                         .data("appid", appid)
                         .data("expiredAt", fmt.format(exp.time))
                         .success())
+            } else {
+                ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
             }
         }
-        return ResponseEntity.ok().build()
     }
 }
 

src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt

diff --git a/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt b/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt
new file mode 100644
index 0000000..372a67a
--- /dev/null
+++ b/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt
@@ -0,0 +1,108 @@
+package com.supwisdom.dlpay.controller
+
+import com.supwisdom.dlpay.MvcBaseTest
+import com.supwisdom.dlpay.framework.core.JwtConfig
+import com.supwisdom.dlpay.framework.util.HmacUtil
+import io.restassured.RestAssured
+import io.restassured.RestAssured.*
+import io.restassured.path.json.JsonPath.from
+import org.hamcrest.Matchers.notNullValue
+import org.junit.Before
+import org.junit.Test
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.boot.web.server.LocalServerPort
+import org.springframework.test.context.ActiveProfiles
+
+@ActiveProfiles("devel-pg-local")
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+class SecurityControllerTest : MvcBaseTest() {
+    val appid = "100001"
+    val appsecret = "oUw2NmA09ficiVWD4TUQLDOkPyzQa3VzbjjsW0B2qTk="
+
+    @LocalServerPort
+    private var port: Int = 0
+
+    @Autowired
+    lateinit var jwtConfig: JwtConfig
+
+    @Before
+    fun setUp() {
+        RestAssured.port = port
+    }
+
+    @Test
+    fun testGetJwt() {
+        val response = given().param("appid", appid)
+                .`when`()
+                .get("/api/auth/gettoken")
+                .then()
+                .body("token", notNullValue())
+                .extract()
+
+        val token = from(response.body().asString()).getString("token")
+        val secret = HmacUtil.HMACSHA256(token, appsecret)
+
+        given().param("appid", appid)
+                .param("secret", secret)
+                .`when`()
+                .get("/api/auth/authentication")
+                .then()
+                .body("jwt", notNullValue())
+    }
+
+    @Test
+    fun testGetJwtClient() {
+        val clientid = "000030450"
+        val response = given().param("appid", appid)
+                .`when`()
+                .get("/api/auth/gettoken/$clientid")
+                .then()
+                .statusCode(200)
+                .body("token", notNullValue())
+                .extract()
+
+        val token = from(response.body().asString()).getString("token")
+        val secret = HmacUtil.HMACSHA256(token, appsecret)
+
+        given().param("appid", appid)
+                .param("secret", secret)
+                .`when`()
+                .get("/api/auth/authentication/$clientid")
+                .then()
+                .statusCode(200)
+                .body("jwt", notNullValue())
+    }
+
+    @Test
+    fun testJwtRefresh() {
+        val response = given().param("appid", appid)
+                .`when`()
+                .get("/api/auth/gettoken")
+                .then()
+                .statusCode(200)
+                .body("token", notNullValue())
+                .extract()
+
+        val token = from(response.body().asString()).getString("token")
+        val secret = HmacUtil.HMACSHA256(token, appsecret)
+
+        given().param("appid", appid)
+                .param("secret", secret)
+                .`when`()
+                .get("/api/auth/authentication")
+                .then()
+                .statusCode(200)
+                .body("jwt", notNullValue())
+                .extract().also {
+                    val jwt = from(it.body().asString()).getString("jwt")
+                    given().header(jwtConfig.header, "Bearer $jwt")
+                            .`when`()
+                            .get("/api/auth/refresh")
+                            .then()
+                            .statusCode(200)
+                            .body("jwt", notNullValue())
+                }
+    }
+
+}
\ No newline at end of file