update multi-tenant library to 1.2.4
diff --git a/build.gradle b/build.gradle
index 6f3c4df..0447958 100644
--- a/build.gradle
+++ b/build.gradle
@@ -8,8 +8,8 @@
id 'org.jetbrains.kotlin.plugin.spring' version '1.3.31' apply false
id 'org.jetbrains.kotlin.plugin.jpa' version '1.3.31' apply false
id 'com.gradle.build-scan' version '2.0.2'
- id "com.palantir.git-version" version "0.12.0-rc2"
- id 'com.palantir.docker' version '0.22.1' apply false
+ id "com.palantir.git-version" version "0.12.2"
+ id 'com.palantir.docker' version '0.22.2' apply false
}
bootJar {
@@ -102,7 +102,7 @@
springSocialVersion = '1.1.6.RELEASE'
springKafkaVersion = '2.2.8.RELEASE'
postgresVersion = '42.2.5'
- multiTenantLibVersion = '1.1.17'
+ multiTenantLibVersion = '1.2.4'
}
implementation "org.jetbrains.kotlin:kotlin-reflect"
implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk8"
@@ -131,12 +131,6 @@
annotationProcessor "org.projectlombok:lombok:${lombokVersion}"
compileOnly "org.projectlombok:lombok:${lombokVersion}"
- // implementation "javax.el:javax.el-api:${javaELVersion}"
- // implementation "javax.servlet:javax.servlet-api:4.0.1"
-// testImplementation 'org.springframework:spring-test'
-// testImplementation 'org.springframework.boot:spring-boot-test'
-// implementation "javax.servlet:jstl:1.2"
-// implementation "taglibs:standard:1.1.2"
testImplementation("org.springframework.boot:spring-boot-starter-test") {
exclude group: "junit", module: "junit"
diff --git a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
index 22c1490..97e1782 100644
--- a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
+++ b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
@@ -14,11 +14,14 @@
import com.supwisdom.dlpay.framework.security.validate.VerifyCode
import com.supwisdom.dlpay.framework.service.CommonService
import com.supwisdom.dlpay.framework.service.SystemUtilService
-import com.supwisdom.dlpay.framework.util.*
+import com.supwisdom.dlpay.framework.util.Constants
+import com.supwisdom.dlpay.framework.util.HmacUtil
+import com.supwisdom.dlpay.framework.util.TradeDict
+import com.supwisdom.dlpay.framework.util.TradeErrorCode
import com.supwisdom.dlpay.system.service.FunctionService
-import com.supwisdom.multitenant.jwt.JwtRequestData
import com.supwisdom.multitenant.jwt.JwtTenantService
import com.supwisdom.multitenant.jwt.JwtTokenBuilder
+import com.supwisdom.multitenant.jwt.JwtTokenContext
import mu.KotlinLogging
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.data.redis.connection.RedisConnectionFactory
@@ -38,7 +41,6 @@
import java.io.IOException
import java.time.Instant
import java.util.*
-import javax.annotation.Resource
import javax.imageio.ImageIO
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
@@ -62,8 +64,8 @@
@Autowired
private lateinit var jwtTenantService: JwtTenantService
- @Resource(name = "jwtRequestData")
- private lateinit var jwtRequestData: JwtRequestData
+ @Autowired
+ private lateinit var jwtTokenContext: JwtTokenContext
@GetMapping(value = ["/gettoken", "/gettoken/{clientid}"])
fun loginInit(appid: String, @PathVariable clientid: String?,
@@ -133,10 +135,12 @@
@GetMapping("/refresh")
fun refresh(request: HttpServletRequest): ResponseEntity<Any> {
- val jwt = jwtRequestData.jwtToken
- ?: return ResponseEntity.ok(ResponseBodyBuilder.create().fail(TradeErrorCode.INPUT_DATA_ERROR,
- "jwt unauthorized"))
-
+ val jwt = if (jwtTokenContext.jwt.isPresent) {
+ jwtTokenContext.jwt.get()
+ } else {
+ return ResponseEntity.ok(ResponseBodyBuilder.create().fail(TradeErrorCode.INPUT_DATA_ERROR,
+ "jwt unauthorized"))
+ }
val appid = jwt.uid
// 新证书
val builder = JwtTokenBuilder.create()
@@ -194,8 +198,7 @@
@Autowired
private lateinit var redisConnectionFactory: RedisConnectionFactory
- @Resource(name = "jwtRequestData")
- private lateinit var jwtRequestData: JwtRequestData
+ private lateinit var jwtTokenContext: JwtTokenContext
@RequestMapping("/userinfor")
fun user(@RequestParam("access_token") access_token: String?,
@@ -203,10 +206,10 @@
if (access_token.isNullOrEmpty() && auth.isNullOrEmpty()) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
}
- val jwt = if (!auth.isNullOrEmpty()) {
- jwtRequestData.jwtToken.jwt
- } else {
+ val jwt = if (auth.isNullOrEmpty()) {
access_token!!
+ } else {
+ jwtTokenContext.jwt.orElseGet(null)?.jwt
}
val obj: OAuth2Authentication? = RedisTokenStore(redisConnectionFactory).readAuthentication(jwt)
?: return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
diff --git a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/service/impl/framework_service_impl.kt b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/service/impl/framework_service_impl.kt
index e5d2858..93ad8e6 100644
--- a/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/service/impl/framework_service_impl.kt
+++ b/payapi/src/main/kotlin/com/supwisdom/dlpay/framework/service/impl/framework_service_impl.kt
@@ -6,10 +6,9 @@
import com.supwisdom.dlpay.framework.service.CommonService
import com.supwisdom.dlpay.framework.util.StringUtil
import com.supwisdom.dlpay.framework.util.TradeErrorCode
-import com.supwisdom.multitenant.jwt.JwtRequestData
+import com.supwisdom.multitenant.jwt.JwtTokenContext
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.stereotype.Service
-import javax.annotation.Resource
import javax.servlet.http.HttpServletRequest
@Service
@@ -17,8 +16,8 @@
@Autowired
lateinit var apiClientDao: ApiClientDao
- @Resource(name = "jwtRequestData")
- private lateinit var jwtRequestData: JwtRequestData
+ @Autowired
+ lateinit var jwtTokenContext: JwtTokenContext
override fun getSystemVersion(): String {
return try {
@@ -31,7 +30,7 @@
}
override fun getRequestAppid(request: HttpServletRequest): String {
- jwtRequestData.jwtToken?.also {
+ jwtTokenContext.jwt.get()?.also {
val uid = it.uid
if (!StringUtil.isEmpty(uid)) {
return uid as String
diff --git a/payapi/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt b/payapi/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
index 26289f6..8b3c2dc 100644
--- a/payapi/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
+++ b/payapi/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
@@ -14,9 +14,9 @@
import com.supwisdom.dlpay.system.service.DictionaryProxy
import com.supwisdom.dlpay.util.ConstantUtil
import com.supwisdom.dlpay.util.RSAKeysGenerate
-import com.supwisdom.multitenant.jwt.JwtRequestData
import com.supwisdom.multitenant.jwt.JwtTenantService
import com.supwisdom.multitenant.jwt.JwtTokenBuilder
+import com.supwisdom.multitenant.jwt.JwtTokenContext
import mu.KotlinLogging
import org.apache.commons.lang.StringUtils
import org.jose4j.jwt.ReservedClaimNames
@@ -249,8 +249,8 @@
@Autowired
lateinit var jwtTenantService: JwtTenantService
- @Resource(name = "jwtRequestData")
- lateinit var jwtRequestData: JwtRequestData
+ @Autowired
+ lateinit var jwtTokenContext: JwtTokenContext
val logger = KotlinLogging.logger { }
@@ -263,8 +263,8 @@
@RequestMapping("/logout")
fun logout(): ResponseEntity<Any> {
SecurityContextHolder.clearContext()
- jwtRequestData.jwtToken?.also {
- jwtTenantService.revoke(it)
+ jwtTokenContext.jwt.ifPresent { token ->
+ jwtTenantService.revoke(token)
}
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build()
}
@@ -278,9 +278,9 @@
val user = mobileApiService.findUserById(p.name)
?: return JsonResult.error("用户不存在,请注册")
var tk = ""
- jwtRequestData.jwtToken?.also {
+ jwtTokenContext.jwt.ifPresent { oldToken ->
val currentMillis = System.currentTimeMillis()
- if (it.expiration - currentMillis < 60 * 60 * 12) {
+ if (oldToken.expiration - currentMillis < 60 * 60 * 12) {
val exp = systemUtilService.getSysparaValueAsInt(
SysparaUtil.MOBILE_LOGIN_EXPIRE_IN_SECONDS, 60 * 60 * 24 * 3)
val builder = JwtTokenBuilder.create()
@@ -294,9 +294,9 @@
user.jti = token.get().jti
mobileApiService.saveUser(user)
tk = token.get().jwt
- jwtTenantService.revoke(jwtRequestData.jwtToken)
+ jwtTenantService.revoke(oldToken)
} else {
- tk = jwtRequestData.jwtToken.jwt
+ tk = oldToken.jwt
}
}
}
@@ -651,7 +651,9 @@
val pwdtimes = user.checkLoginpwdtime()
if (pwdtimes == -1) {
if (!user.jti.isNullOrEmpty()) {
- jwtTenantService.revoke(jwtRequestData.jwtToken)
+ jwtTokenContext.jwt.ifPresent { token ->
+ jwtTenantService.revoke(token)
+ }
}
return JsonResult.error(-1, "原密码错误次数过多,将退出系统,请重新登录系统或点击忘记密码功能找回密码")
} else if (pwdtimes == 1) {
diff --git a/payapi/src/main/kotlin/com/supwisdom/dlpay/security.kt b/payapi/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 8e1892a..7f12778 100644
--- a/payapi/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/payapi/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -7,7 +7,7 @@
import com.supwisdom.dlpay.mobile.AuthLoginFailHandler
import com.supwisdom.dlpay.mobile.AuthLoginSuccessHandler
import com.supwisdom.dlpay.mobile.service.MobileUserService
-import com.supwisdom.multitenant.jwt.JwtRequestData
+import com.supwisdom.multitenant.jwt.JwtTokenContext
import org.jose4j.jwt.consumer.InvalidJwtException
import org.jose4j.lang.JoseException
import org.springframework.beans.factory.annotation.Autowired
@@ -37,7 +37,6 @@
import org.springframework.web.filter.OncePerRequestFilter
import java.security.SecureRandom
import java.util.*
-import javax.annotation.Resource
import javax.servlet.FilterChain
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
@@ -47,43 +46,40 @@
@Component
class ApiJwtAuthenticationFilter : OncePerRequestFilter() {
- @Resource(name = "jwtRequestData")
- private lateinit var jwtRequestData: JwtRequestData
+ @Autowired
+ private lateinit var jwtTokenContext: JwtTokenContext
override fun doFilterInternal(request: HttpServletRequest, response: HttpServletResponse, filterChain: FilterChain) {
- jwtRequestData.jwtToken?.let { jwt ->
+ jwtTokenContext.jwt.ifPresent { jwt ->
try {
val auth = UsernamePasswordAuthenticationToken(jwt.uid, null,
(jwt.authorities as ArrayList<*>)
.map { SimpleGrantedAuthority(it as String) })
SecurityContextHolder.getContext().authentication = auth
+ filterChain.doFilter(request, response)
} catch (e: InvalidJwtException) {
SecurityContextHolder.clearContext()
response.status = HttpStatus.UNAUTHORIZED.value()
- return
} catch (e: JoseException) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
response.status = HttpStatus.UNAUTHORIZED.value()
response.contentType = "application/json;charset=UTF-8"
- return
} catch (e: Exception) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
response.status = HttpStatus.UNAUTHORIZED.value()
response.contentType = "application/json;charset=UTF-8"
- return
}
}
- filterChain.doFilter(request, response)
}
}
@Component
class MobileSecurityFilter : OncePerRequestFilter() {
- @Resource(name = "jwtRequestData")
- private lateinit var jwtRequestData: JwtRequestData
+ @Autowired
+ private lateinit var jwtTokenContext: JwtTokenContext
override fun doFilterInternal(request: HttpServletRequest, response: HttpServletResponse, filterChain: FilterChain) {
var context: String? = request.contextPath
@@ -103,35 +99,32 @@
filterChain.doFilter(request, response)
return
}
- jwtRequestData.jwtToken?.let { jwt ->
+ jwtTokenContext.jwt.ifPresent { jwt ->
try {
val auth = UsernamePasswordAuthenticationToken(jwt.uid, null,
(jwt.authorities as ArrayList<*>)
.map { SimpleGrantedAuthority(it as String) })
SecurityContextHolder.getContext().authentication = auth
+ response.setHeader("Access-Control-Allow-Origin", "*");
+ response.setHeader("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
+ response.setHeader("Access-Control-Allow-Headers", "*");
+ response.setHeader("Access-Control-Allow-Credentials", "true")
+ filterChain.doFilter(request, response)
} catch (e: InvalidJwtException) {
SecurityContextHolder.clearContext()
response.status = HttpStatus.UNAUTHORIZED.value()
- return
} catch (e: JoseException) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
response.status = HttpStatus.UNAUTHORIZED.value()
response.contentType = "application/json;charset=UTF-8"
- return
} catch (e: Exception) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
response.status = HttpStatus.UNAUTHORIZED.value()
response.contentType = "application/json;charset=UTF-8"
- return
}
}
- response.setHeader("Access-Control-Allow-Origin", "*");
- response.setHeader("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
- response.setHeader("Access-Control-Allow-Headers", "*");
- response.setHeader("Access-Control-Allow-Credentials", "true")
- filterChain.doFilter(request, response)
}
}