From 132051680be3f197aa654bec7571884afd95a123 Mon Sep 17 00:00:00 2001
From: smallchill <smallchill@163.com>
Date: Tue, 17 Sep 2019 11:09:39 +0800
Subject: [PATCH] =?UTF-8?q?:zap:=20=20token=E8=8E=B7=E5=8F=96=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E5=88=A4=E6=96=AD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/service/BladeUserDetailsServiceImpl.java          | 7 ++++++-
 .../main/java/org/springblade/auth/utils/TokenUtil.java    | 1 +
 blade-ops/blade-resource/pom.xml                           | 5 +++++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java b/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
index 549b22d5..bf0df3d7 100644
--- a/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
+++ b/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
@@ -31,6 +31,7 @@ import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
 import org.springframework.stereotype.Service;
 
 import javax.servlet.http.HttpServletRequest;
@@ -68,7 +69,11 @@ public class BladeUserDetailsServiceImpl implements UserDetailsService {
 
 		// 判断返回信息
 		if (result.isSuccess()) {
-			User user = result.getData().getUser();
+			UserInfo userInfo = result.getData();
+			if (Func.isEmpty(userInfo.getRoles())) {
+				throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_ROLE);
+			}
+			User user = userInfo.getUser();
 			if (user == null) {
 				throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
 			}
diff --git a/blade-auth/src/main/java/org/springblade/auth/utils/TokenUtil.java b/blade-auth/src/main/java/org/springblade/auth/utils/TokenUtil.java
index 66743158..e7ebf142 100644
--- a/blade-auth/src/main/java/org/springblade/auth/utils/TokenUtil.java
+++ b/blade-auth/src/main/java/org/springblade/auth/utils/TokenUtil.java
@@ -53,6 +53,7 @@ public class TokenUtil {
 	public final static String USER_TYPE_HEADER_KEY = "User-Type";
 	public final static String DEFAULT_USER_TYPE = "web";
 	public final static String USER_NOT_FOUND = "用户名或密码错误";
+	public final static String USER_HAS_NO_ROLE = "未获得用户的角色信息";
 	public final static String HEADER_KEY = "Authorization";
 	public final static String HEADER_PREFIX = "Basic ";
 	public final static String DEFAULT_AVATAR = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png";
diff --git a/blade-ops/blade-resource/pom.xml b/blade-ops/blade-resource/pom.xml
index e2bf2e44..ceebe619 100644
--- a/blade-ops/blade-resource/pom.xml
+++ b/blade-ops/blade-resource/pom.xml
@@ -40,6 +40,11 @@
             <artifactId>blade-starter-qiniu</artifactId>
             <version>${bladex.tool.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.springblade</groupId>
+            <artifactId>blade-starter-alioss</artifactId>
+            <version>${bladex.tool.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.springblade</groupId>
             <artifactId>blade-starter-mybatis</artifactId>