diff --git a/uboot-common/pom.xml b/uboot-common/pom.xml
index 876007d..ad87de6 100644
--- a/uboot-common/pom.xml
+++ b/uboot-common/pom.xml
@@ -16,6 +16,12 @@
uboot-common
+
+ org.springframework.security
+ spring-security-core
+ 5.7.3
+
+
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java
new file mode 100644
index 0000000..8866251
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/RoleCodeAuthority.java
@@ -0,0 +1,23 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.entity;
+
+import lombok.AllArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+
+/**
+ * 基于角色的权限信息
+ *
+ * @author Ajaxfan
+ */
+@AllArgsConstructor
+public class RoleCodeAuthority implements GrantedAuthority {
+
+ private static final long serialVersionUID = -7881153326775335008L;
+
+ private String roleCode;
+
+ @Override
+ public String getAuthority() {
+ return roleCode;
+ }
+
+}
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
new file mode 100644
index 0000000..33cb657
--- /dev/null
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@@ -0,0 +1,325 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
+
+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.exceptions.ExceptionUtil;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.common.RSAcheck;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.ExternalAllows;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
+import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.client.EbtpUserInfoClient;
+import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.entity.CheckTokenVo;
+import com.chinaunicom.mall.ebtp.cloud.userinfo.starter.service.UserInfoService;
+import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
+import com.chinaunicom.mall.ebtp.common.exception.common.CommonExceptionEnum;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RegExUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.remoting.RemoteTimeoutException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.regex.Pattern;
+import java.util.stream.Collectors;
+
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.*;
+
+/**
+ * 请求Token拦截
+ *
+ * @author Ajaxfan
+ */
+@Slf4j
+@Component
+public class TokenAuthenticationFilter extends OncePerRequestFilter {
+ @Autowired
+ private UserInfoService client;
+
+ @Autowired
+ private AuthAllows allows;
+ @Autowired
+ private ExternalAllows eAllows;
+
+ @Autowired
+ private EbtpUserInfoClient ebtpClient;
+
+ @Autowired(required = false)
+ @Qualifier("userinfoRedisTemplate")
+ private RedisTemplate redisTemplate;
+ /**
+ * @param request
+ * @param response
+ * @param filterChain
+ * @throws ServletException
+ * @throws IOException
+ */
+ @Override
+ protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response,
+ final FilterChain filterChain) throws ServletException, IOException {
+ //解密 恢复请求参数
+ //ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper((HttpServletRequest) request,privateKey);
+
+ String api = request.getRequestURI();
+ String method = request.getMethod();
+ if (!StringUtils.contains(api, ACTUATOR_PROMETHEUS)) {
+ log.info("--------" + method + " - " + api + "?" + Optional.ofNullable(request.getQueryString()).orElse(""));
+ }
+ //String check_header = request.getHeader(HEADER_CHECK_TOKEN);
+ if(api.contains(CHECK_TOKEN_CONFIG)){
+ isNullThenAssignDefault();
+ // 过滤链调用
+ filterChain.doFilter(request, response);
+ return;
+ }
+
+ CheckTokenVo checkTokenVo = client.getCheckTokenByRedis();
+
+ //校验是否是fegin请求
+ String isFeginKey = request.getHeader("isFegin");
+ String isFegin = null;
+ if(isFeginKey!=null&&!"".equals(isFeginKey)) {
+ try {
+ isFegin = RSAcheck.decrypt(isFeginKey, checkTokenVo.getCheckprivateKey());//checkprivateKey
+ } catch (Exception e) {
+ log.error("isFegin 解密异常", e);
+ }
+ }
+ // 清空上下文中的缓存信息, 防止二次请求时数据异常 (如此, 每次有新的请求进入,都会进行token的验证)
+ SecurityContextHolder.getContext().setAuthentication(null);
+
+ boolean isWhite = checkWhiteList(api, method);
+ if (isWhite) {
+ isNullThenAssignDefault();
+ }
+
+ if (GET_USERINFO_API.equals(api)) {
+ filterChain.doFilter(request, response);
+ return;
+ }
+
+ // 提取request头信息
+ final String header = request.getHeader(AUTHORIZATION_HEADER);
+ final String currentRoleCode = request.getHeader(CURRENT_ROLE_CODE);
+ log.debug("header:{},currentRoleCode:{}", header, currentRoleCode);
+ Boolean tokenCheckB = false;
+ try {
+
+ // 检查请求头是否包含 Bearer 前缀
+ if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) {
+ setAuthentication(currentRoleCode, RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, ""), isWhite);// 移除header的前缀,提取出token字串
+ tokenCheckB = true;
+ }
+ // 检查cookie
+// else {
+// Optional optionalCookie = Optional.ofNullable(request.getCookies())
+// .flatMap(cookies ->
+// Stream.of(cookies)
+// .filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE))
+// .findFirst());
+// if (optionalCookie.isPresent()) {
+// setAuthentication(currentRoleCode, optionalCookie.get().getValue(), isWhite);
+// } else if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)) {
+// log.warn("cookie中没有token信息:{}", api);
+// }
+// }
+
+ } catch (Exception e) {
+ request.getSession().setAttribute("code", e.getMessage());
+ ExceptionUtil.stacktraceToString(e);
+ log.error(e.getMessage());
+ }
+
+ boolean isExternal = externalCheckWhiteList(api, method);
+ log.info(api+"|"+isExternal);
+ //校验token 时间戳
+ if(tokenCheckB&&!isExternal&&!isWhite) {
+ if (!api.contains(ACTUATOR_HEALTH) && !api.contains(ACTUATOR_PROMETHEUS)
+ && (isFegin == null || !"isFegin".equals(isFegin))) {
+ BaseCacheUser buser = new BaseCacheUser();
+ BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
+ log.info("获取用户信息:" + buser);
+ if (buser != null && buser.getUserId() != null && !"".equals(buser.getUserId())) {
+ if (!checkTokenTime(request, response, filterChain,checkTokenVo)) {
+ request.getSession().setAttribute("code", "90501");
+ CommonExceptionEnum.FRAME_EXCEPTION_COMMON_DATA_OTHER_ERROR.customValidName("无效请求", true);
+ }
+ }
+ }
+ }
+
+ // 过滤链调用
+ filterChain.doFilter(request, response);
+ }
+
+ /**
+ * 校验请求唯一性
+ * @param request
+ */
+ public Boolean checkTokenTime(HttpServletRequest request,HttpServletResponse response,FilterChain filterChain,CheckTokenVo checkTokenVo){
+
+ Boolean b = true;
+ String check_header = request.getHeader(HEADER_CHECK_TOKEN);
+ log.info("request check_header:"+check_header);
+ if("1".equals(checkTokenVo.getOnof())){//onof
+ return true;
+ }
+
+ if (check_header!=null&&!"".equals(check_header)) {
+ String cookieKey = check_header;//optionalCookie.get().getValue();
+ log.info("cookieKey:"+cookieKey);
+ Object o = redisTemplate.opsForValue().get(HEADER_CHECK_TOKEN+":"+cookieKey);
+ if (o != null) {
+ String num = String.valueOf(o);
+ log.info(HEADER_CHECK_TOKEN+":"+cookieKey+"= "+num);
+ if("2".equals(num)){
+ log.error("请求连接已使用过");
+ b = false;
+ }else{
+ redisTemplate.opsForValue().set(HEADER_CHECK_TOKEN+":"+cookieKey, 2, 20, TimeUnit.SECONDS);
+ }
+ }else{
+ redisTemplate.opsForValue().set(HEADER_CHECK_TOKEN+":"+cookieKey, 1, 20, TimeUnit.SECONDS);
+ }
+
+ String header = request.getHeader(AUTHORIZATION_HEADER);//请求头token
+ header = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");
+ Object cacheUser = redisTemplate.opsForValue().get(REDIS_USER_KEY + header);
+ if (cacheUser == null) {
+ log.error("请求已超时");
+ b = false;
+ }
+
+// String cookieValue = "";
+// try {
+// cookieValue = RSAcheck.decrypt(cookieKey, checkTokenVo.getCheckprivateKey());//checkprivateKey
+// }catch (Exception e){
+//
+// }
+// log.info("header :"+header);
+// log.info("cookieValue :"+cookieValue);
+// String[] checkValues = String.valueOf(cookieValue).split("_");//0 token 1 token 时间
+// if (!header.equals(checkValues[0])) {
+// log.error("请求连接token不一致");
+// b = false;
+// }
+// //SimpleDateFormat format = new SimpleDateFormat("yyyyMMddHHmmss");
+// long newDateLong = System.currentTimeMillis();
+// long inDateLong = Long.valueOf(checkValues[1]).longValue();
+//
+//// log.info("newDateLong:"+newDateLong);
+//// log.info("inDateLong:"+inDateLong);
+//// log.info("kswTimeLimit:"+checkTokenVo.getTimeLimit());//kswTimeLimit
+//// log.info("newDateLong - inDateLong :"+(newDateLong - inDateLong));
+//// log.info("newDateLong - inDateLong 结果 :"+((newDateLong - inDateLong) > Long.valueOf(checkTokenVo.getTimeLimit()).longValue()));
+// if ((newDateLong - inDateLong) > Long.valueOf(checkTokenVo.getTimeLimit()).longValue()) {//
+// log.error("请求已超时");
+// b = false;
+// }
+
+ } else {
+ log.error("请求未授权");
+ b = false;
+ }
+ return b;
+ }
+
+ /**
+ * 白名单验证
+ *
+ * @param method url地址
+ * @param methodType 请求方式 GET
+ * @return
+ */
+ private boolean checkWhiteList(String method, String methodType) {
+ return Optional.ofNullable(allows.getApis()).orElseGet(ArrayList::new)
+ .parallelStream().anyMatch(reg -> Pattern.compile(reg).matcher(methodType + "." + method).matches())
+ || method.contains(ACTUATOR_HEALTH) //服务的就绪检测
+ || method.contains(ACTUATOR_PROMETHEUS) //prometheus检测
+ || method.contains(GET_USERINFO_API); //获取用户信息接口
+ }
+ /**
+ * 外部接口白名单验证
+ *
+ * @param method url地址
+ * @param methodType 请求方式 GET
+ * @return
+ */
+ private boolean externalCheckWhiteList(String method, String methodType) {
+ return Optional.ofNullable(eAllows.getApis()).orElseGet(ArrayList::new)
+ .parallelStream().anyMatch(reg -> Pattern.compile(reg).matcher(methodType + "." + method).matches())
+ || method.contains(ACTUATOR_HEALTH) //服务的就绪检测
+ || method.contains(ACTUATOR_PROMETHEUS) //prometheus检测
+ || method.contains(GET_USERINFO_API); //获取用户信息接口
+ }
+
+
+ /**
+ * 设置认证用户信息
+ *
+ * @param currentRoleCode
+ * @param authToken
+ */
+ private void setAuthentication(final String currentRoleCode, final String authToken, final boolean isWhite) {
+ SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken, currentRoleCode, isWhite));
+ }
+
+ /**
+ * 调用山分的认证中心接口,获取该token的绑定信息
+ *
+ * @param token
+ * @return
+ */
+ private Authentication getAuthentication(final String token, final String currentRoleCode,
+ final boolean isWhite) {
+ BaseCacheUser userInfo = client.getUserInfo(token);
+// BaseCacheUser userInfo = ebtpClient.get();
+ log.debug("getUserInfo:{}", userInfo.toString());
+ // 对象为空, 则说明网络异常feign已熔断
+ if (Objects.isNull(userInfo)) {
+ if (!isWhite) {
+ throw new RemoteTimeoutException(REMOTE_ACCESS_FAILURE);
+ } else {
+ return new UsernamePasswordAuthenticationToken(new SecurityUser(), null, null);
+ }
+
+ } else if ("temporaryUser".equals(userInfo.getUserId())) {
+ return new UsernamePasswordAuthenticationToken(new SecurityUser(), null, null);
+ }
+ SecurityUser securityUser = BeanUtil.toBean(userInfo, SecurityUser.class);
+ // 根据当前角色设定权限列表
+ List authorities = Optional.ofNullable(securityUser.getAuthorityList()).map(list -> {
+ return list.stream().filter(auth -> StringUtils.equals(auth.getRoleCode(), currentRoleCode))
+ .map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
+ }).orElse(Collections.emptyList());
+
+ return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token,
+ authorities);
+ }
+
+ /**
+ * 未发现token和session信息,则使用空的用户认证对象放行服务
+ */
+ private void isNullThenAssignDefault() {
+ if (Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) {
+ SecurityContextHolder.getContext()
+ .setAuthentication(new UsernamePasswordAuthenticationToken(new SecurityUser(), null, null));
+ }
+ }
+
+
+}
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java
index db99498..49b4af6 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/EbtpUserInfoClient.java
@@ -15,7 +15,7 @@ import org.springframework.web.bind.annotation.RequestParam;
*
* @author Ajaxfan
*/
-@FeignClient(value = "core-service-ebtp-userinfo")
+@FeignClient(value = "sys-manager-ebtp-project")
public interface EbtpUserInfoClient {
/**
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java
index db5ca5a..42d5007 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/client/UnifastOAuthClient.java
@@ -12,14 +12,14 @@ import org.springframework.web.bind.annotation.RequestParam;
*
* @author Ajaxfan
*/
-@FeignClient(value = "${user.auth.resource.serviceId:mall-auth}",
+@FeignClient(value = "${user.auth.resource.serviceId:sys-manager-ebtp-project}",
fallbackFactory = UnifastOAuthClientFallbackFactory.class)
public interface UnifastOAuthClient {
- @GetMapping("oauth/check_token")
+ @GetMapping("/v1/userinfo/oauth/check_token")
SecurityEntity get(@RequestParam("token") String token);
- @PostMapping("oauth/check_token")
+ @PostMapping("/v1/userinfo/oauth/check_token")
SecurityEntity getPost(@RequestParam("token") String token);
}
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
index e204617..7b85b62 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java
@@ -15,6 +15,7 @@ import com.chinaunicom.mall.ebtp.common.util.JsonUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.ResponseEntity;
import org.springframework.remoting.RemoteTimeoutException;
@@ -33,8 +34,9 @@ public class UserInfoServiceImpl implements UserInfoService {
private @Autowired
UnifastOAuthClient client;
// private @Autowired ObjectMapper userInfoObjectMapper;
-
- @Autowired(required = false)
+@Value("${login.token.time_limit}")
+private Integer valid_time_limit;
+ @Autowired()
@Qualifier("userinfoRedisTemplate")
private RedisTemplate redisTemplate;
@@ -59,7 +61,7 @@ public class UserInfoServiceImpl implements UserInfoService {
BaseCacheUser user = structureUser(token);
- redisTemplate.opsForValue().set(REDIS_USER_KEY + token, user, 5, TimeUnit.MINUTES);
+ redisTemplate.opsForValue().set(REDIS_USER_KEY + token, user, valid_time_limit, TimeUnit.MINUTES);
return user;
}
@@ -72,44 +74,44 @@ public class UserInfoServiceImpl implements UserInfoService {
BaseCacheUser user = convertToBusinessModel(getAuthentication(token));
//获取redis中extend的缓存
- Object extendRedis = redisTemplate.opsForValue().get(REDIS_USER_KEY_EXTEND);
- if (extendRedis == null) {
- //查extend库 刷新缓存
- ResponseEntity response = ebtpClient.refreshToken();
- if (response.getStatusCode().value() != 200 || Boolean.FALSE.equals(response.getBody())) {
- log.info("获取extend服务的user缓存失败");
- }
- extendRedis = redisTemplate.opsForValue().get(REDIS_USER_KEY_EXTEND);
- }
+// Object extendRedis = redisTemplate.opsForValue().get(REDIS_USER_KEY_EXTEND);
+// if (extendRedis == null) {
+// //查extend库 刷新缓存
+// ResponseEntity response = ebtpClient.refreshToken();
+// if (response.getStatusCode().value() != 200 || Boolean.FALSE.equals(response.getBody())) {
+// log.info("获取extend服务的user缓存失败");
+// }
+// extendRedis = redisTemplate.opsForValue().get(REDIS_USER_KEY_EXTEND);
+// }
+//
+// if (extendRedis == null) {
+// return user;
+// }
- if (extendRedis == null) {
- return user;
- }
-
- Map userTable = JsonUtils.jsonToPojo(String.valueOf(extendRedis), Map.class);
- //获取用户信息
- List users = JsonUtils.jsonToList(userTable.get(USERS), CacheUser.class);
- CacheUser baseUser = users.stream().filter(u -> u.getAccount().equals(user.getLoginName())).findFirst().orElse(null);
- if (Objects.isNull(baseUser)) {
- return user;
- }
-
- List roles = JsonUtils.jsonToList(userTable.get(ROLES), CacheRole.class);
- user.setProvince(baseUser.getProvince())
- //覆盖角色
- .setAuthorityList(
- Optional.of(roles
- .stream()
- .filter(r -> baseUser.getRole().contains(r.getRole()))
- .map(br ->
- new AuthorityEntity()
- .setRoleId(br.getRoleId())
- .setRoleCode(br.getRole())
- .setRoleName(br.getRemarks())
- .setRoleScope("EBTP")
- .setAuthorities(Collections.emptyList()))
- .collect(Collectors.toList()))
- .orElseGet(Collections::emptyList));
+// Map userTable = JsonUtils.jsonToPojo(String.valueOf(extendRedis), Map.class);
+// //获取用户信息
+// List users = JsonUtils.jsonToList(userTable.get(USERS), CacheUser.class);
+// CacheUser baseUser = users.stream().filter(u -> u.getAccount().equals(user.getLoginName())).findFirst().orElse(null);
+// if (Objects.isNull(baseUser)) {
+// return user;
+// }
+//
+// List roles = JsonUtils.jsonToList(userTable.get(ROLES), CacheRole.class);
+// // user.setProvince(baseUser.getProvince())
+// //覆盖角色
+// user.setAuthorityList(
+// Optional.of(roles
+// .stream()
+// .filter(r -> baseUser.getRole().contains(r.getRole()))
+// .map(br ->
+// new AuthorityEntity()
+// .setRoleId(br.getRoleId())
+// .setRoleCode(br.getRole())
+// .setRoleName(br.getRemarks())
+// .setRoleScope("EBTP")
+// .setAuthorities(Collections.emptyList()))
+// .collect(Collectors.toList()))
+// .orElseGet(Collections::emptyList));
return user;
}
@@ -137,12 +139,12 @@ public class UserInfoServiceImpl implements UserInfoService {
adapterUserSource(user, raw);
- replenishAuthority(user);
+ // replenishAuthority(user);
return user;
}
/**
- * 为联通用户添加默认角色
+ * 为中远用户添加默认角色
*
* @param user
*/
@@ -151,8 +153,8 @@ public class UserInfoServiceImpl implements UserInfoService {
if (authorityList.isEmpty() && "0".equals(user.getUserType())) {
authorityList.add(new AuthorityEntity()
- .setRoleId("20004").setRoleCode("ebtp-unicom-default")
- .setRoleName("联通普通用户").setRoleScope("EBTP"));
+ .setRoleId("20004").setRoleCode("ebtp-cosco-default")
+ .setRoleName("中远普通用户").setRoleScope("EBTP"));
user.setAuthorityList(authorityList);
}
}
@@ -163,7 +165,7 @@ public class UserInfoServiceImpl implements UserInfoService {
* @param raw
*/
private void adapterUserSource(BaseCacheUser user, SecurityEntity raw) {
- if ("0".equals(raw.getUserSource())) {// 联通用户
+ if ("0".equals(raw.getUserSource())) {// 中远用户
user.setOrganizationId(raw.getOrgId()).setOrganizationName(raw.getOrgName()).setDeptId(raw.getOu())
.setDeptName(raw.getOuName());
} else {
diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
index 55c365d..7d0ef14 100644
--- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
+++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java
@@ -3,6 +3,8 @@ package com.chinaunicom.mall.ebtp.common.base.service.impl;
import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser;
import com.chinaunicom.mall.ebtp.common.base.service.IBaseCacheUserService;
import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.BeanUtils;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
/**
@@ -21,7 +23,7 @@ public class BaseCacheUserServiceImpl implements IBaseCacheUserService {
public BaseCacheUser getCacheUser() {
BaseCacheUser buser = new BaseCacheUser();
try {
-// BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
+ BeanUtils.copyProperties(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), buser);
} catch (Exception e) {
log.error(e.getMessage());
}