diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java index 96d7b37..6513063 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java @@ -1,6 +1,7 @@ package com.chinaunicom.mall.ebtp.cloud.security.starter.filter; import cn.hutool.core.bean.BeanUtil; +import cn.hutool.core.util.StrUtil; import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.AuthAllows; import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority; @@ -19,6 +20,7 @@ import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; +import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @@ -69,7 +71,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { // 提取request头信息 final String header = request.getHeader(AUTHORIZATION_HEADER); final String currentRoleCode = request.getHeader(CURRENT_ROLE_CODE); - + log.debug("header:{},currentRoleCode:{}", header, currentRoleCode); try { // 检查请求头是否包含 Bearer 前缀 @@ -78,12 +80,16 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { } // 检查cookie else { - Optional.ofNullable(request.getCookies()) + Optional optionalCookie = Optional.ofNullable(request.getCookies()) .flatMap(cookies -> Stream.of(cookies) .filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)) - .findFirst()) - .ifPresent(cookie -> setAuthentication(currentRoleCode, cookie.getValue(), isWhite)); + .findFirst()); + if (optionalCookie.isPresent()) { + setAuthentication(currentRoleCode, optionalCookie.get().getValue(), isWhite); + } else { + log.warn("cookie中没有token信息"); + } } } catch (Exception e) { @@ -127,14 +133,16 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { private Authentication getAuthentication(final String token, final String currentRoleCode, final boolean isWhite) { BaseCacheUser userInfo = client.getUserInfo(token); - - if (Objects.isNull(userInfo)) {// 对象为空, 则说明网络异常feign已熔断 + // 对象为空, 则说明网络异常feign已熔断 + if (Objects.isNull(userInfo)) { if (!isWhite) { throw new RemoteTimeoutException(REMOTE_ACCESS_FAILURE); } else { return new UsernamePasswordAuthenticationToken(new SecurityUser(), null, null); } + } else if (StrUtil.isBlank(userInfo.getUserId())) { + return new UsernamePasswordAuthenticationToken(new SecurityUser(), null, null); } SecurityUser securityUser = BeanUtil.toBean(userInfo, SecurityUser.class); // 根据当前角色设定权限列表 diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java index 48cd23a..cba8a39 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/cloud/userinfo/starter/service/impl/UserInfoServiceImpl.java @@ -42,12 +42,15 @@ public class UserInfoServiceImpl implements UserInfoService { */ private BaseCacheUser convertToBusinessModel(SecurityEntity raw) { log.debug("userinfo: {}", raw); - if (Objects.isNull(raw)) {// 对象为空, 则说明网络异常feign已熔断 + // 对象为空, 则说明网络异常feign已熔断 + if (Objects.isNull(raw)) { throw new RemoteTimeoutException(REMOTE_ACCESS_FAILURE); } - - if (Objects.isNull(raw.getStaffId())) {// userid 为空则访问山分认证服务返回信息为null - throw new AccessDeniedException(TOKEN_EXPIRED); + // userid 为空则访问山分认证服务返回信息为null + if (Objects.isNull(raw.getStaffId())) { +// throw new AccessDeniedException(TOKEN_EXPIRED); + //设置一个空userId,跳出后续不为空校验 + return new BaseCacheUser().setUserId(""); } BaseCacheUser user = new BaseCacheUser().setUserId(raw.getStaffId()).setFullName(raw.getStaffName()) .setLoginName(raw.getUsername()).setAuthorityList(filterByEBTP(raw.getAuthorityList())) diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java index af40aa0..4cc8e58 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java @@ -65,7 +65,6 @@ public class FeignConfig implements RequestInterceptor { template.removeHeader(CURRENT_ROLE_CODE); template.header(CURRENT_ROLE_CODE, currentRoleCode); } - } { String accessToken = getAccessToken(); log.info("token=======accessToken===" + accessToken); @@ -115,9 +114,9 @@ public class FeignConfig implements RequestInterceptor { String authToken = cookie.get().getValue(); template.header(AUTHORIZATION_HEADER, String.format("%s%s", TOKEN_PREFIX, authToken)); } else { - String access_token = getAccessToken(); - log.info("token=======access_token==="+access_token); - template.header(HttpHeaders.AUTHORIZATION,String.format("%s%s", TOKEN_PREFIX, access_token)); + String accessToken = getAccessToken(); + log.info("token=======accessToken==="+accessToken); + template.header(HttpHeaders.AUTHORIZATION,String.format("%s%s", TOKEN_PREFIX, accessToken)); } } }