From 6fbfd5de6ecf9a1a78b5e4486545f00b4ef1fefa Mon Sep 17 00:00:00 2001 From: ajaxfan <909938737@qq.com> Date: Fri, 12 Mar 2021 15:02:20 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=BA=86security=E6=9D=83?= =?UTF-8?q?=E9=99=90=E6=8E=A7=E5=88=B6=EF=BC=8C=E4=BC=98=E5=8C=96=E4=BA=86?= =?UTF-8?q?=E9=99=84=E4=BB=B6sdk=E5=BC=82=E5=B8=B8=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../sdk/convertor/ModelConvertor.java | 9 +- .../sdk/fallback/QueryServiceFallback.java | 46 ------- .../attachment/sdk/service/QueryService.java | 43 ------ .../cloud/attachment/sdk/vo/SysStorageVO.java | 9 +- .../starter/config/BrowserSecurityConfig.java | 15 +-- .../starter/entity/AuthorityEntity.java | 7 +- .../starter/entity/RoleCodeAuthority.java | 23 ++++ .../security/starter/entity/SecurityUser.java | 39 +----- .../filter/CustomUserDetailService.java | 19 --- .../filter/TokenAuthenticationFilter.java | 127 +++++++++--------- 10 files changed, 105 insertions(+), 232 deletions(-) delete mode 100644 mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/fallback/QueryServiceFallback.java delete mode 100644 mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/service/QueryService.java create mode 100644 mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java delete mode 100644 mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/CustomUserDetailService.java diff --git a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/convertor/ModelConvertor.java b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/convertor/ModelConvertor.java index 0d56861..fb08ed4 100644 --- a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/convertor/ModelConvertor.java +++ b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/convertor/ModelConvertor.java @@ -41,7 +41,7 @@ public class ModelConvertor { * @return */ public Optional toAttachmentEntity(String json) { - return Optional.of(json).map(content -> { + return Optional.ofNullable(json).map(content -> { AttachmentEntity entity = null; try { @@ -49,7 +49,8 @@ public class ModelConvertor { log.debug("convert to model: {}", vo); entity = new AttachmentEntity(); - entity.setId(vo.getFileId()).setFilename(vo.getOriginalName()).setBid(vo.getObjectId()); + entity.setId(vo.getFileId()).setFilename(vo.getOriginalName()).setBid(vo.getObjectId()) + .setKey(vo.getFileName()); } catch (JsonProcessingException e) { log.error(json); log.error(e.getMessage()); @@ -139,8 +140,8 @@ public class ModelConvertor { */ private SysStorageVO tpDownPO(String json) throws JsonMappingException, JsonProcessingException { log.debug("current convertor json is: {}", json); - return Optional.ofNullable(objectMapper.readValue(json, DownStream.class)) - .map(ds -> ds.getData().getSysStorageVO()).orElseGet(SysStorageVO::new); + return Optional.ofNullable(objectMapper.readValue(json, DownStream.class)).map(ds -> ds.getData()) + .map(data -> data.getSysStorageVO()).orElseGet(SysStorageVO::new); } /** diff --git a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/fallback/QueryServiceFallback.java b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/fallback/QueryServiceFallback.java deleted file mode 100644 index bffb671..0000000 --- a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/fallback/QueryServiceFallback.java +++ /dev/null @@ -1,46 +0,0 @@ -package com.chinaunicom.ebtp.mall.cloud.attachment.sdk.fallback; - -import org.springframework.stereotype.Component; -import org.springframework.web.multipart.MultipartFile; - -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.AttachmentDetail; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.AttachmentEntity; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.FeedbackMessage; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.Snowflake; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.param.QueryParameter; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.service.QueryService; - -@Component -public class QueryServiceFallback implements QueryService { - - @Override - public Snowflake getSnokflakId() { - return null; - } - - @Override - public AttachmentEntity getObjectDetail(String oid) { - return null; - } - - @Override - public AttachmentDetail getAttachmentDetails(QueryParameter param) { - return null; - } - - @Override - public FeedbackMessage handleFileUpload(String businessId, MultipartFile file) { - return null; - } - - @Override - public byte[] downloadByBid(String bid) { - return null; - } - - @Override - public byte[] downloadByOid(String oid) { - return null; - } - -} diff --git a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/service/QueryService.java b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/service/QueryService.java deleted file mode 100644 index caf06a4..0000000 --- a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/service/QueryService.java +++ /dev/null @@ -1,43 +0,0 @@ -package com.chinaunicom.ebtp.mall.cloud.attachment.sdk.service; - -import org.springframework.cloud.openfeign.FeignClient; -import org.springframework.http.MediaType; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestPart; -import org.springframework.web.multipart.MultipartFile; - -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.config.FeignSupportConfig; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.fallback.QueryServiceFallback; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.AttachmentDetail; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.AttachmentEntity; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.FeedbackMessage; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.model.Snowflake; -import com.chinaunicom.ebtp.mall.cloud.attachment.sdk.param.QueryParameter; - -@FeignClient(value = "core-service-ebtp-updownload", configuration = FeignSupportConfig.class, fallback = QueryServiceFallback.class) -public interface QueryService { - - @RequestMapping(method = RequestMethod.GET, value = "v1/business/id") - Snowflake getSnokflakId(); - - @RequestMapping(method = RequestMethod.GET, value = "v1/attachment/find/oid/{oid}") - AttachmentEntity getObjectDetail(@PathVariable("oid") String oid); - - @RequestMapping(method = RequestMethod.POST, value = "v1/attachment/find") - AttachmentDetail getAttachmentDetails(@RequestBody QueryParameter param); - - @RequestMapping(value = "/v1/attachment/upload", consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - FeedbackMessage handleFileUpload(@RequestPart(value = "businessId") String businessId, - @RequestPart(value = "file") MultipartFile file); - - @GetMapping("/v1/attachment/download/bid/{bid}") - byte[] downloadByBid(@PathVariable("bid") String bid); - - @GetMapping("/v1/attachment/download/oid/{oid}") - byte[] downloadByOid(@PathVariable("oid") String oid); - -} diff --git a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/vo/SysStorageVO.java b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/vo/SysStorageVO.java index 94ab1ec..cafc118 100644 --- a/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/vo/SysStorageVO.java +++ b/mall-ebtp-cloud-attachment-sdk/src/main/java/com/chinaunicom/ebtp/mall/cloud/attachment/sdk/vo/SysStorageVO.java @@ -7,14 +7,17 @@ public class SysStorageVO { /* 文件原始名称 */ private String originalName; - + /* 附件id */ private String fileId; - + /* 业务id */ private String objectId; - + /* 文件流 */ private byte[] fileStream; + /* 文件唯一标识 */ + private String fileName; + } diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java index 400c072..9ebe07f 100644 --- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java +++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java @@ -1,16 +1,14 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.config; -import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.CustomUserDetailService; -import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.TokenAuthenticationFilter; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.TokenAuthenticationFilter; + /** * 安全设置 * @@ -20,9 +18,6 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true, securedEnabled = true) public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter { - @Autowired - private CustomUserDetailService userDetailsService; - @Bean public TokenAuthenticationFilter authenticationTokenFilterBean() { return new TokenAuthenticationFilter(); @@ -39,9 +34,5 @@ public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter { http.csrf().disable(); http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class); } - - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userDetailsService); - } + } diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/AuthorityEntity.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/AuthorityEntity.java index 0ec0bcd..c664703 100644 --- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/AuthorityEntity.java +++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/AuthorityEntity.java @@ -3,18 +3,13 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.entity; import java.util.List; import lombok.Data; -import org.springframework.security.core.GrantedAuthority; @Data -public class AuthorityEntity implements GrantedAuthority { +public class AuthorityEntity { private String roleName; private String roleCode; private String roleId; private List authorities; - @Override - public String getAuthority() { - return roleCode; - } } diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java new file mode 100644 index 0000000..cd8af06 --- /dev/null +++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java @@ -0,0 +1,23 @@ +package com.chinaunicom.mall.ebtp.cloud.security.starter.entity; + +import org.springframework.security.core.GrantedAuthority; + +import lombok.AllArgsConstructor; + +/** + * 基于角色的权限信息 + * + * @author Ajaxfan + */ +@AllArgsConstructor +public class RoleCodeAuthority implements GrantedAuthority { + private static final long serialVersionUID = -7881153326775335008L; + + private String roleCode; + + @Override + public String getAuthority() { + return roleCode; + } + +} diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java index 80a0855..41732ef 100644 --- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java +++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java @@ -1,13 +1,10 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.entity; -import java.util.Collection; import java.util.Date; import java.util.List; import lombok.Data; import lombok.experimental.Accessors; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; /** * 缓存用户实体映射类 @@ -18,7 +15,7 @@ import org.springframework.security.core.userdetails.UserDetails; */ @Data @Accessors(chain = true) -public class SecurityUser implements UserDetails { +public class SecurityUser { /** * PKID @@ -162,38 +159,4 @@ public class SecurityUser implements UserDetails { */ private List authorityList; - @Override - public Collection getAuthorities() { - return authorityList; - } - - @Override - public String getPassword() { - return null; - } - - @Override - public String getUsername() { - return fullName; - } - - @Override - public boolean isAccountNonExpired() { - return true; - } - - @Override - public boolean isAccountNonLocked() { - return true; - } - - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - public boolean isEnabled() { - return true; - } } diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/CustomUserDetailService.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/CustomUserDetailService.java deleted file mode 100644 index 917a1fc..0000000 --- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/CustomUserDetailService.java +++ /dev/null @@ -1,19 +0,0 @@ -package com.chinaunicom.mall.ebtp.cloud.security.starter.filter; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.stereotype.Service; - -@Service -@Slf4j -public class CustomUserDetailService implements UserDetailsService { - - - @Override - public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException { - log.info("UserDetails -------------------------------- {} ---------------------------------------", s); - return null; - } -} diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java index 53c7202..e225714 100644 --- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java +++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java @@ -1,9 +1,16 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.filter; -import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; -import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthorityEntity; -import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser; -import lombok.extern.slf4j.Slf4j; +import java.io.IOException; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Optional; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + import org.apache.commons.lang3.RegExUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -18,15 +25,11 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.client.RestTemplate; import org.springframework.web.filter.OncePerRequestFilter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.List; -import java.util.Objects; -import java.util.Optional; -import java.util.stream.Collectors; +import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; +import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority; +import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser; + +import lombok.extern.slf4j.Slf4j; /** * 请求Token拦截 @@ -36,60 +39,62 @@ import java.util.stream.Collectors; @Slf4j public class TokenAuthenticationFilter extends OncePerRequestFilter { - private @Autowired RestTemplate restTemplate; - private @Value("${user.auth.resource.userinfo}") String token_uri; + private @Autowired RestTemplate restTemplate; + private @Value("${user.auth.resource.userinfo}") String token_uri; - /** - * @param request - * @param response - * @param filterChain - * @throws ServletException - * @throws IOException - */ - @Override - protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response, - final FilterChain filterChain) throws ServletException, IOException { - // 清空上下文中的缓存信息, 防止二次请求时数据异常 (如此, 每次有新的请求进入,都会进行token的验证) - SecurityContextHolder.getContext().setAuthentication(null); + /** + * @param request + * @param response + * @param filterChain + * @throws ServletException + * @throws IOException + */ + @Override + protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response, + final FilterChain filterChain) throws ServletException, IOException { + // 清空上下文中的缓存信息, 防止二次请求时数据异常 (如此, 每次有新的请求进入,都会进行token的验证) + SecurityContextHolder.getContext().setAuthentication(null); - // 提取request头信息 - final String header = request.getHeader(Constants.AUTHORIZATION_HEADER); - final String currentRoleCode = request.getHeader(Constants.CURRENT_ROLE_CODE); + // 提取request头信息 + final String header = request.getHeader(Constants.AUTHORIZATION_HEADER); + final String currentRoleCode = request.getHeader(Constants.CURRENT_ROLE_CODE); - // 检查请求头是否包含 Bearer 前缀 - if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) { - // 移除header的前缀,提取出token字串 - String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, ""); + // 检查请求头是否包含 Bearer 前缀 + if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) { + // 移除header的前缀,提取出token字串 + String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, ""); - try {// 通过token读取用户信息 (新增用户当前角色字段: 2021-03-05) - SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken, currentRoleCode)); - } catch (Exception e) { - log.error(e.getMessage()); - } - } - filterChain.doFilter(request, response); - } + try {// 通过token读取用户信息 (新增用户当前角色字段: 2021-03-05) + SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken, currentRoleCode)); + } catch (Exception e) { + log.error(e.getMessage()); + } + } + filterChain.doFilter(request, response); + } - /** - * 调用山分的认证中心接口,获取该token的绑定信息 - * - * @param token - * @return - */ - private Authentication getAuthentication(final String token, final String currentRoleCode) { - HttpHeaders headers = new HttpHeaders(); - // 设置安全头 - headers.add(HttpHeaders.AUTHORIZATION, String.format("Bearer %s", token)); + /** + * 调用山分的认证中心接口,获取该token的绑定信息 + * + * @param token + * @return + */ + private Authentication getAuthentication(final String token, final String currentRoleCode) { + HttpHeaders headers = new HttpHeaders(); + // 设置安全头 + headers.add(HttpHeaders.AUTHORIZATION, String.format("Bearer %s", token)); - ResponseEntity entity = restTemplate.exchange(token_uri, HttpMethod.GET, - new HttpEntity(headers), SecurityUser.class); + ResponseEntity entity = restTemplate.exchange(token_uri, HttpMethod.GET, + new HttpEntity(headers), SecurityUser.class); - SecurityUser securityUser = entity.getBody(); - //设置当前角色的权限 - List authority = Optional.ofNullable(currentRoleCode) - .map(o -> securityUser.getAuthorityList().stream().filter(f -> Objects.equals(f.getRoleCode(), currentRoleCode)).collect(Collectors.toList())) - .orElse(securityUser.getAuthorityList()); - return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token, authority); - } + SecurityUser securityUser = entity.getBody(); + + // 根据当前角色设定权限列表 + List authorities = Optional.ofNullable(currentRoleCode) + .map(o -> Arrays.asList(new RoleCodeAuthority(o))).orElse(Collections.emptyList()); + + return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token, + authorities); + } }