From 5d8e6608809f242ba02c46ea0d99ae95d682c11f Mon Sep 17 00:00:00 2001 From: smallchill Date: Sun, 14 May 2023 02:26:22 +0800 Subject: [PATCH] =?UTF-8?q?:tada:=20=E5=8D=95=E4=BA=BA=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E6=A8=A1=E5=BC=8F=E6=96=B0=E5=A2=9E=E5=85=A8=E5=B9=B3=E5=8F=B0?= =?UTF-8?q?=E5=94=AF=E4=B8=80=E4=B8=8E=E5=8D=95=E5=AE=A2=E6=88=B7=E7=AB=AF?= =?UTF-8?q?=E5=94=AF=E4=B8=80=E4=B8=A4=E7=A7=8D=E9=80=89=E6=8B=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/springblade/auth/endpoint/BladeTokenEndPoint.java | 2 +- .../auth/service/BladeUserDetailsServiceImpl.java | 3 ++- .../springblade/auth/support/BladeJwtTokenEnhancer.java | 7 ++++--- .../java/org/springblade/gateway/filter/AuthFilter.java | 3 ++- doc/nacos/blade.yaml | 4 ++++ 5 files changed, 13 insertions(+), 6 deletions(-) diff --git a/blade-auth/src/main/java/org/springblade/auth/endpoint/BladeTokenEndPoint.java b/blade-auth/src/main/java/org/springblade/auth/endpoint/BladeTokenEndPoint.java index bbdeccb3..67cb1cc4 100644 --- a/blade-auth/src/main/java/org/springblade/auth/endpoint/BladeTokenEndPoint.java +++ b/blade-auth/src/main/java/org/springblade/auth/endpoint/BladeTokenEndPoint.java @@ -119,7 +119,7 @@ public class BladeTokenEndPoint { String token = JwtUtil.getToken(WebUtil.getRequest().getHeader(TokenConstant.HEADER)); // 清空redis保存的token if (user != null && jwtProperties.getState()) { - JwtUtil.removeAccessToken(user.getTenantId(), String.valueOf(user.getUserId()), token); + JwtUtil.removeAccessToken(user.getTenantId(), user.getClientId(), String.valueOf(user.getUserId()), token); } // 清空资源服务器保存的token OAuth2AccessToken accessToken = tokenStore.readAccessToken(token); diff --git a/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java b/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java index ad9bb89d..e097f2e5 100644 --- a/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java +++ b/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java @@ -201,8 +201,9 @@ public class BladeUserDetailsServiceImpl implements UserDetailsService { String refreshToken = request.getParameter(TokenUtil.REFRESH_TOKEN_KEY); Claims claims = JwtUtil.parseJWT(refreshToken); String tenantId = String.valueOf(claims.get("tenant_id")); + String clientId = String.valueOf(claims.get("client_id")); String userId = String.valueOf(claims.get("user_id")); - String token = JwtUtil.getRefreshToken(tenantId, userId, refreshToken); + String token = JwtUtil.getRefreshToken(tenantId, clientId, userId, refreshToken); return StringUtil.equalsIgnoreCase(token, refreshToken); } return true; diff --git a/blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java b/blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java index 046ee702..314ff2a2 100644 --- a/blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java +++ b/blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java @@ -52,9 +52,10 @@ public class BladeJwtTokenEnhancer implements TokenEnhancer { BladeUserDetails principal = (BladeUserDetails) authentication.getUserAuthentication().getPrincipal(); + String clientId = TokenUtil.getClientIdFromHeader(); //token参数增强 Map info = new HashMap<>(16); - info.put(TokenUtil.CLIENT_ID, TokenUtil.getClientIdFromHeader()); + info.put(TokenUtil.CLIENT_ID, clientId); info.put(TokenUtil.USER_ID, Func.toStr(principal.getUserId())); info.put(TokenUtil.DEPT_ID, Func.toStr(principal.getDeptId())); info.put(TokenUtil.POST_ID, Func.toStr(principal.getPostId())); @@ -77,12 +78,12 @@ public class BladeJwtTokenEnhancer implements TokenEnhancer { String accessTokenValue = oAuth2AccessToken.getValue(); String tenantId = principal.getTenantId(); String userId = Func.toStr(principal.getUserId()); - JwtUtil.addAccessToken(tenantId, userId, accessTokenValue, accessToken.getExpiresIn()); + JwtUtil.addAccessToken(tenantId, clientId, userId, accessTokenValue, accessToken.getExpiresIn()); if (jwtProperties.getSingle()) { OAuth2RefreshToken oAuth2RefreshToken = oAuth2AccessToken.getRefreshToken(); String refreshTokenValue = oAuth2RefreshToken.getValue(); - JwtUtil.addRefreshToken(tenantId, userId, refreshTokenValue, accessToken.getExpiresIn() * 168); + JwtUtil.addRefreshToken(tenantId, clientId, userId, refreshTokenValue, accessToken.getExpiresIn() * 168); } } diff --git a/blade-gateway/src/main/java/org/springblade/gateway/filter/AuthFilter.java b/blade-gateway/src/main/java/org/springblade/gateway/filter/AuthFilter.java index 4175149f..eb453748 100644 --- a/blade-gateway/src/main/java/org/springblade/gateway/filter/AuthFilter.java +++ b/blade-gateway/src/main/java/org/springblade/gateway/filter/AuthFilter.java @@ -81,8 +81,9 @@ public class AuthFilter implements GlobalFilter, Ordered { //判断 Token 状态 if (jwtProperties.getState()) { String tenantId = String.valueOf(claims.get(TokenConstant.TENANT_ID)); + String clientId = String.valueOf(claims.get(TokenConstant.CLIENT_ID)); String userId = String.valueOf(claims.get(TokenConstant.USER_ID)); - String accessToken = JwtUtil.getAccessToken(tenantId, userId, token); + String accessToken = JwtUtil.getAccessToken(tenantId, clientId, userId, token); if (!token.equalsIgnoreCase(accessToken)) { return unAuth(resp, "令牌已失效"); } diff --git a/doc/nacos/blade.yaml b/doc/nacos/blade.yaml index 931cbff6..67b41408 100644 --- a/doc/nacos/blade.yaml +++ b/doc/nacos/blade.yaml @@ -83,6 +83,10 @@ blade: token: #是否有状态 state: false + #是否单用户登录 + single: false + #单用户登录范围 + single-level: all #token签名 #使用 blade-auth服务 @org.springblade.test.SignKeyGenerator 获取 sign-key: 请配置32位签名