security filter 增加异常分类: feign超时 和 token失效

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/UserAuthenticationEntryPoint.java

@@ -28,10 +28,9 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
 		response.setStatus(HttpStatus.UNAUTHORIZED.value());
 		response.setContentType("application/json;charset=utf-8");
 
-		Map<String, Object> map = new HashMap<>();
-		map.put("code", "90401");
-		map.put("success", "false");
-		map.put("message", "登录已超期");
+		String code = (String) request.getSession().getAttribute("code");
+
+		Map<String, Object> map = adapterException(code);
 		map.put("path", request.getServletPath());
 		map.put("timestamp", String.valueOf(new Date().getTime()));
 
@@ -42,4 +41,61 @@ public class UserAuthenticationEntryPoint implements AuthenticationEntryPoint {
 		}
 	}
 
+	/**
+	 * @param code
+	 */
+	private Map<String, Object> adapterException(String code) {
+		if ("90403".equals(code)) {
+			return accessDenidedException(code);
+		}
+
+		if ("90500".equals(code)) {
+			return remoteTimeoutException(code);
+		}
+
+		return globalException(code);
+	}
+
+	/**
+	 * token 失效异常
+	 * 
+	 * @param code
+	 * @return
+	 */
+	private Map<String, Object> accessDenidedException(String code) {
+		Map<String, Object> map = new HashMap<>();
+		map.put("code", code);
+		map.put("success", "false");
+		map.put("message", "登录已超期");
+
+		return map;
+	}
+
+	/**
+	 * Token 远程认证服务超时
+	 * 
+	 * @param code
+	 * @return
+	 */
+	private Map<String, Object> remoteTimeoutException(String code) {
+		Map<String, Object> map = new HashMap<>();
+		map.put("code", code);
+		map.put("success", "false");
+		map.put("message", "token验证失败");
+
+		return map;
+	}
+
+	/**
+	 * @return
+	 */
+	private Map<String, Object> globalException(String code) {
+		Map<String, Object> map = new HashMap<>();
+		map.put("code", 500);
+		map.put("success", "false");
+		map.put("message", code);
+
+		return map;
+	}
+
 }

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java

@@ -10,7 +10,7 @@ public class UserCenterClientFallback implements UserCenterClient {
 
 	@Override
 	public SecurityUser getUserInfo() {
-		return new SecurityUser();
+		return null;
 	}
 
 }

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java

@@ -18,6 +18,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.RegExUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.remoting.RemoteTimeoutException;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -77,6 +78,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 			// TODO 临时放行未传递token且session中未包含access token信息的服务调用
 			isNullThenAssignDefault();
 		} catch (Exception e) {
+			request.getSession().setAttribute("code", e.getMessage());
 			log.error(e.getMessage());
 		}
 		filterChain.doFilter(request, response);
@@ -104,9 +106,14 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 		log.info("TokenAuthenticationFilter: token [{}]", token);
 		log.info("TokenAuthenticationFilter: userid [{}]", securityUser.getUserId());
 
-		if (Objects.isNull(securityUser.getUserId())) {
-			throw new AccessDeniedException("token 已失效");
+		if (Objects.isNull(securityUser)) {// 对象为空， 则说明网络异常feign已熔断
+			throw new RemoteTimeoutException("90500");
 		}
+
+		if (Objects.isNull(securityUser.getUserId())) {// userid 为空则访问山分认证服务返回信息为null
+			throw new AccessDeniedException("90403");
+		}
+
 		// 根据当前角色设定权限列表
 		List<RoleCodeAuthority> authorities = Optional.ofNullable(securityUser.getAuthorityList()).map(list -> {
 			return list.stream().filter(auth -> StringUtils.equals(auth.getRoleCode(), currentRoleCode))