Merge branch 'dev' into pre-production

5 months ago · 5db02f934c
1 changed files with 13 additions and 6 deletions
--- a/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
+++ b/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
@ -241,12 +241,19 @@ public class BladeUserDetailsServiceImpl implements UserDetailsService {
 	private boolean judgeRefreshToken(String grantType, HttpServletRequest request) {
 		if (jwtProperties.getState() && jwtProperties.getSingle() && StringUtil.equals(grantType, TokenUtil.REFRESH_TOKEN_KEY)) {
 			String refreshToken = request.getParameter(TokenUtil.REFRESH_TOKEN_KEY);
-			Claims claims = JwtUtil.parseJWT(refreshToken);
-			String tenantId = String.valueOf(claims.get("tenant_id"));
-			String clientId = String.valueOf(claims.get("client_id"));
-			String userId = String.valueOf(claims.get("user_id"));
-			String token = JwtUtil.getRefreshToken(tenantId, clientId, userId, refreshToken);
-			return StringUtil.equalsIgnoreCase(token, refreshToken);
+			if(refreshToken != null){
+				Claims claims = JwtUtil.parseJWT(refreshToken);
+				if(claims!=null){
+					String tenantId = String.valueOf(claims.get("tenant_id"));
+					String clientId = String.valueOf(claims.get("client_id"));
+					String userId = String.valueOf(claims.get("user_id"));
+					String token = JwtUtil.getRefreshToken(tenantId, clientId, userId, refreshToken);
+					return StringUtil.equalsIgnoreCase(token, refreshToken);
+				}
+
+			}
+
+
 		}
 		return true;
 	}