优化security异常处理, token失效返回401, 其它返回500
This commit is contained in:
ajaxfan
@ -9,6 +9,7 @@ import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
@ -25,12 +26,12 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
@Override
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response,
|
||||
AuthenticationException authException) throws IOException, ServletException {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
response.setContentType("application/json;charset=utf-8");
|
||||
|
||||
String code = (String) request.getSession().getAttribute("code");
|
||||
|
||||
Map<String, Object> map = adapterException(code);
|
||||
Map<String, Object> map = adapterException(StringUtils.defaultIfBlank(code, "System Generic Error"), response);
|
||||
map.put("success", "false");
|
||||
map.put("path", request.getServletPath());
|
||||
map.put("timestamp", String.valueOf(new Date().getTime()));
|
||||
|
||||
@ -44,28 +45,28 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
/**
|
||||
* @param code
|
||||
*/
|
||||
private Map<String, Object> adapterException(String code) {
|
||||
if ("90403".equals(code)) {
|
||||
return accessDenidedException(code);
|
||||
private Map<String, Object> adapterException(String code, HttpServletResponse response) {
|
||||
switch (code) {
|
||||
case "90403":
|
||||
return accessDenidedException(code, response);
|
||||
case "90500":
|
||||
return remoteTimeoutException(code, response);
|
||||
default:
|
||||
return globalException(code, response);
|
||||
}
|
||||
|
||||
if ("90500".equals(code)) {
|
||||
return remoteTimeoutException(code);
|
||||
}
|
||||
|
||||
return globalException(code);
|
||||
}
|
||||
|
||||
/**
|
||||
* token 失效异常
|
||||
* token 已失效
|
||||
*
|
||||
* @param code
|
||||
* @return
|
||||
*/
|
||||
private Map<String, Object> accessDenidedException(String code) {
|
||||
private Map<String, Object> accessDenidedException(String code, HttpServletResponse response) {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
|
||||
Map<String, Object> map = new HashMap<>();
|
||||
map.put("code", code);
|
||||
map.put("success", "false");
|
||||
map.put("message", "登录已超期");
|
||||
|
||||
return map;
|
||||
@ -77,11 +78,12 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
* @param code
|
||||
* @return
|
||||
*/
|
||||
private Map<String, Object> remoteTimeoutException(String code) {
|
||||
private Map<String, Object> remoteTimeoutException(String code, HttpServletResponse response) {
|
||||
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
|
||||
|
||||
Map<String, Object> map = new HashMap<>();
|
||||
map.put("code", code);
|
||||
map.put("success", "false");
|
||||
map.put("message", "token验证失败");
|
||||
map.put("message", "网络繁忙,请稍后再试");
|
||||
|
||||
return map;
|
||||
}
|
||||
@ -89,10 +91,11 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
/**
|
||||
* @return
|
||||
*/
|
||||
private Map<String, Object> globalException(String code) {
|
||||
private Map<String, Object> globalException(String code, HttpServletResponse response) {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
|
||||
Map<String, Object> map = new HashMap<>();
|
||||
map.put("code", 500);
|
||||
map.put("success", "false");
|
||||
map.put("code", -1);
|
||||
map.put("message", code);
|
||||
|
||||
return map;
|
||||
|
||||
@ -4,6 +4,7 @@ import org.springframework.cloud.openfeign.FeignClient;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.config.FeignClientConfiguration;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.fallback.UserCenterClientFallback;
|
||||
|
||||
@ -12,7 +13,7 @@ import com.chinaunicom.mall.ebtp.cloud.security.starter.fallback.UserCenterClien
|
||||
*
|
||||
* @author Ajaxfan
|
||||
*/
|
||||
@FeignClient(name = "${mall-ebtp.userinfo.id}", fallback = UserCenterClientFallback.class)
|
||||
@FeignClient(name = "${mall-ebtp.userinfo.id}", fallback = UserCenterClientFallback.class, configuration = FeignClientConfiguration.class)
|
||||
public interface UserCenterClient {
|
||||
|
||||
/**
|
||||
|
||||
@ -0,0 +1,55 @@
|
||||
package com.chinaunicom.mall.ebtp.cloud.security.starter.config;
|
||||
|
||||
import static feign.FeignException.errorStatus;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
import java.util.GregorianCalendar;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
import feign.FeignException;
|
||||
import feign.Logger;
|
||||
import feign.RetryableException;
|
||||
import feign.codec.ErrorDecoder;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
@Slf4j
|
||||
@Configuration
|
||||
public class FeignClientConfiguration {
|
||||
|
||||
@Bean
|
||||
public Logger.Level feignLoggerLevel() {
|
||||
return Logger.Level.BASIC;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public ErrorDecoder errorDecoder() {
|
||||
return (methodKey, response) -> {
|
||||
FeignException exception = errorStatus(methodKey, response);
|
||||
|
||||
log.error("error message: {}", exception.getMessage());
|
||||
|
||||
int status = response.status();
|
||||
|
||||
if (status >= 400 && status <= 500) {// 客户端异常,启用feign的重试机制
|
||||
return new RetryableException(response.status(), exception.getMessage(),
|
||||
response.request().httpMethod(), exception, retryAfter(), response.request());
|
||||
}
|
||||
return exception;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* 延迟 n 秒后重试
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
private Date retryAfter() {
|
||||
Calendar cal = GregorianCalendar.getInstance();
|
||||
|
||||
return cal.getTime();
|
||||
}
|
||||
|
||||
}
|
||||
@ -5,11 +5,15 @@ import org.springframework.stereotype.Component;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.client.UserCenterClient;
|
||||
import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
@Slf4j
|
||||
@Component
|
||||
public class UserCenterClientFallback implements UserCenterClient {
|
||||
|
||||
@Override
|
||||
public SecurityUser getUserInfo() {
|
||||
log.info("remote access timeout.");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user