6 years ago · 1aa46a6a0e
--- a/uaa-service/src/main/java/com/diagbot/config/CustomTokenEnhancer.java
+++ b/uaa-service/src/main/java/com/diagbot/config/CustomTokenEnhancer.java
@@ -0,0 +1,31 @@
 
																+package com.diagbot.config;
															
 
																+
															
 
																+import com.diagbot.entity.User;
															
 
																+import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
															
 
																+import org.springframework.security.oauth2.common.OAuth2AccessToken;
															
 
																+import org.springframework.security.oauth2.provider.OAuth2Authentication;
															
 
																+import org.springframework.security.oauth2.provider.token.TokenEnhancer;
															
 
																+
															
 
																+import java.util.HashMap;
															
 
																+import java.util.Map;
															
 
																+
															
 
																+
															
 
																+/**
															
 
																+ *
															
 
																+ * token生成携带的信息
															
 
																+ *
															
 
																+ */
															
 
																+public class CustomTokenEnhancer implements TokenEnhancer {
															
 
																+
															
 
																+	@Override
															
 
																+	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
															
 
																+		final Map<String, Object> additionalInfo = new HashMap<>();
															
 
																+		User user = (User) authentication.getUserAuthentication().getPrincipal();
															
 
																+		additionalInfo.put("user_id", user.getId());
															
 
																+//		additionalInfo.put("username", user.getUsername());
															
 
																+//		additionalInfo.put("authorities", user.getAuthorities());
															
 
																+		((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
															
 
																+		return accessToken;
															
 
																+	}
															
 
																+
															
 
																+}
															
--- a/uaa-service/src/main/java/com/diagbot/config/OAuth2Config.java
+++ b/uaa-service/src/main/java/com/diagbot/config/OAuth2Config.java
@@ -10,11 +10,15 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD
 
																 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
															
 
																 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
															
 
																 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
															
 
																+import org.springframework.security.oauth2.provider.token.TokenEnhancer;
															
 
																+import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
															
 
																 import org.springframework.security.oauth2.provider.token.TokenStore;
															
 
																 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
															
 
																 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
															
 
																 import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
															
 
																+import java.util.Arrays;
															
 
																+
															
 
																 /**
															
 
																  * @Description: OAuth2授权认证配置类
															
 
																  * @author: gaodm
															
@@ -34,9 +38,26 @@ public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
 
																                 .accessTokenValiditySeconds(24*3600);//24小时过期
															
 
																     }
															
 
																+    /**
															
 
																+     * 注入自定义token生成方式
															
 
																+     *
															
 
																+     * @return
															
 
																+     */
															
 
																+    @Bean
															
 
																+    public TokenEnhancer customerEnhancer() {
															
 
																+        return new CustomTokenEnhancer();
															
 
																+    }
															
 
																+
															
 
																     @Override
															
 
																     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
															
 
																-        endpoints.tokenStore(tokenStore()).tokenEnhancer(jwtTokenEnhancer()).authenticationManager(authenticationManager);
															
 
																+        //指定认证管理器
															
 
																+        endpoints.authenticationManager(authenticationManager);
															
 
																+        //指定token存储位置
															
 
																+        endpoints.tokenStore(tokenStore());
															
 
																+        // 自定义token生成方式
															
 
																+        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
															
 
																+        tokenEnhancerChain.setTokenEnhancers(Arrays.asList(customerEnhancer(), jwtTokenEnhancer()));
															
 
																+        endpoints.tokenEnhancer(tokenEnhancerChain);
															
 
																     }
															
 
																     @Autowired
															
--- a/user-service/src/main/java/com/diagbot/config/CustomAccessTokenConverter.java
+++ b/user-service/src/main/java/com/diagbot/config/CustomAccessTokenConverter.java
@@ -0,0 +1,19 @@
 
																+package com.diagbot.config;
															
 
																+
															
 
																+import org.springframework.security.oauth2.provider.OAuth2Authentication;
															
 
																+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
															
 
																+import org.springframework.stereotype.Component;
															
 
																+
															
 
																+import java.util.Map;
															
 
																+
															
 
																+@Component
															
 
																+public class CustomAccessTokenConverter extends DefaultAccessTokenConverter {
															
 
																+
															
 
																+    @Override
															
 
																+    public OAuth2Authentication extractAuthentication(Map<String, ?> claims) {
															
 
																+        OAuth2Authentication authentication = super.extractAuthentication(claims);
															
 
																+        authentication.setDetails(claims);
															
 
																+        return authentication;
															
 
																+    }
															
 
																+
															
 
																+}
															
--- a/user-service/src/main/java/com/diagbot/config/JwtConfiguration.java
+++ b/user-service/src/main/java/com/diagbot/config/JwtConfiguration.java
@@ -21,14 +21,14 @@ import java.io.IOException;
 
																 @Configuration
															
 
																 public class JwtConfiguration {
															
 
																     @Autowired
															
 
																-    JwtAccessTokenConverter jwtAccessTokenConverter;
															
 
																+    private CustomAccessTokenConverter customAccessTokenConverter;
															
 
																     @Bean
															
 
																     @Qualifier("tokenStore")
															
 
																     public TokenStore tokenStore() {
															
 
																         System.out.println("Created JwtTokenStore");
															
 
																-        return new JwtTokenStore(jwtAccessTokenConverter);
															
 
																+        return new JwtTokenStore(jwtTokenEnhancer());
															
 
																     }
															
 
																     @Bean
															
@@ -42,6 +42,7 @@ public class JwtConfiguration {
 
																             throw new RuntimeException(e);
															
 
																         }
															
 
																         converter.setVerifierKey(publicKey);
															
 
																+        converter.setAccessTokenConverter(customAccessTokenConverter);
															
 
																         return converter;
															
 
																     }
															
 
																 }
															
--- a/user-service/src/main/java/com/diagbot/facade/UserFacade.java
+++ b/user-service/src/main/java/com/diagbot/facade/UserFacade.java
@@ -74,7 +74,7 @@ public class UserFacade extends UserServiceImpl {
 
																         String entryPassword= passwordEncoder.encode(user.getPassword());
															
 
																         user.setPassword(entryPassword);
															
 
																         user.setGmtCreate(new Date());
															
 
																-        user.setCreator(this.getUserInfo(UserUtils.getCurrentPrinciple()).getId().toString());
															
 
																+        user.setCreator(UserUtils.getCurrentPrincipleID());
															
 
																         super.save(user);
															
 
																         return user;
															
 
																     }
															
@@ -85,7 +85,7 @@ public class UserFacade extends UserServiceImpl {
 
																         String entryPassword= passwordEncoder.encode(user.getPassword());
															
 
																         user.setPassword(entryPassword);
															
 
																         user.setGmtModified(new Date());
															
 
																-        user.setModifier(this.getUserInfo(UserUtils.getCurrentPrinciple()).getId().toString());
															
 
																+        user.setModifier(UserUtils.getCurrentPrincipleID());
															
 
																         super.updateById(user);
															
 
																         return user;
															
 
																     }
															
--- a/user-service/src/main/java/com/diagbot/service/impl/UserServiceImpl.java
+++ b/user-service/src/main/java/com/diagbot/service/impl/UserServiceImpl.java
@@ -5,10 +5,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 
																 import com.diagbot.entity.User;
															
 
																 import com.diagbot.mapper.UserMapper;
															
 
																 import com.diagbot.service.UserService;
															
 
																-import org.apache.ibatis.annotations.Param;
															
 
																-import org.springframework.cache.annotation.Cacheable;
															
 
																 import org.springframework.stereotype.Service;
															
 
																-import org.springframework.transaction.annotation.Transactional;
															
 
																 import java.util.List;
															
 
																 import java.util.Map;
															
--- a/user-service/src/main/java/com/diagbot/util/UserUtils.java
+++ b/user-service/src/main/java/com/diagbot/util/UserUtils.java
@@ -4,8 +4,10 @@ package com.diagbot.util;
 
																 import org.springframework.security.core.Authentication;
															
 
																 import org.springframework.security.core.authority.SimpleGrantedAuthority;
															
 
																 import org.springframework.security.core.context.SecurityContextHolder;
															
 
																+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
															
 
																 import java.util.List;
															
 
																+import java.util.Map;
															
 
																 /**
															
 
																  * @Description: 用户工具类
															
@@ -32,6 +34,16 @@ public class UserUtils {
 
																         return (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
															
 
																     }
															
 
																+    /**
															
 
																+     * 获取当前请求的用户ID
															
 
																+     * @return
															
 
																+     */
															
 
																+    public static String getCurrentPrincipleID() {
															
 
																+        OAuth2AuthenticationDetails oauthDetails = (OAuth2AuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
															
 
																+        Map<String, Object> details = (Map<String, Object>) oauthDetails.getDecodedDetails();
															
 
																+        return details.get("user_id").toString();
															
 
																+    }
															
 
																+
															
 
																     /**
															
 
																      * 判读当前token用户是否为接口所需的参数username
															
 
																      *