diff --git a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/SmsController.java b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/SmsController.java index 521839ce7..4699d900a 100644 --- a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/SmsController.java +++ b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/SmsController.java @@ -79,8 +79,8 @@ public class SmsController extends BaseController { throw new ServiceException(BusiStatus.PHONE_BE_INTERCEPTED); } if (!CommonUtil.checkPhoneFormat(phoneAreaCode,mobile)) { - return SmsTypeEnum.REGISTER.getValue() == type ? new BusiResult(BusiStatus.SMS_SEND_SUCCESS) : - new BusiResult(BusiStatus.PHONE_INVALID); + return SmsTypeEnum.REGISTER.getValue() == type ? new BusiResult<>(BusiStatus.SMS_SEND_SUCCESS) : + new BusiResult<>(BusiStatus.PHONE_INVALID); } // 对86手机进行授权码校验处理 if (Constant.CHINA_MAINLAND_PHONE_AREA_CODE.equals(phoneAreaCode) && SmsTypeEnum.PHONE_AUTH_APPLY_CODE.value != type) { diff --git a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/LoginInterceptor.java b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/LoginInterceptor.java index 5fca335eb..62ad61164 100644 --- a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/LoginInterceptor.java +++ b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/LoginInterceptor.java @@ -1,6 +1,7 @@ package com.accompany.business.interceptor; +import cn.hutool.core.util.StrUtil; import com.accompany.common.annotation.H5Authorization; import com.accompany.common.utils.StringUtils; import com.accompany.core.service.common.JedisService; @@ -24,132 +25,95 @@ import java.util.Map; */ public class LoginInterceptor extends BasicInterceptor { - private static final Logger logger = LoggerFactory.getLogger(LoginInterceptor.class); + private static final Logger logger = LoggerFactory.getLogger(LoginInterceptor.class); - @Autowired - JedisService jedisService; + @Autowired + JedisService jedisService; - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - if (!(handler instanceof HandlerMethod)) { - return true; - } - - HandlerMethod handlerMethod = (HandlerMethod) handler; - Method method = handlerMethod.getMethod(); - String requestUri = request.getRequestURI(); - String requsetStr = ""; - // 不打印获取数据的请求日志 - if (!requestUri.contains("get") && !requestUri.contains("list")) { - Map paramsMap = request.getParameterMap(); - Iterator it = paramsMap.keySet().iterator(); - String params = ""; - while (it.hasNext()) { - String paramName = (String) it.next(); - String paramValue = request.getParameter(paramName); - //处理你得到的参数名与值 - params = params + paramName + "=" + paramValue + "&"; - } - requsetStr = "request uri=" + requestUri.toString() + "?" + params; - } - - // 不需要登录校验 - if (method.getAnnotation(Authorization.class) == null) { -// String version = request.getParameter("appVersion"); -// BusiResult busiResult = appVersionService.checkVersion(version); -// if (!BlankUtil.isBlank(version) && busiResult.getCode() != 200 && jedisService.get("erban_check_version") != null -// && request.getParameter("uid") != null) { -// logger.warn("uri={}, checkVersion code:{}, message:{}", requsetStr, busiResult.getCode(), busiResult.getMessage()); -// accountBlockService.doAccountBlock(Long.valueOf(request.getParameter("uid"))); -// writeResponse(response, busiResult.getCode(), busiResult.getMessage()); -// return false; -// } - return true; - } - - // 如果同时有H5Authorization注解并且h5_token不为空使用H5Authorization校验 + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + if (!(handler instanceof HandlerMethod)) { + return true; + } + HandlerMethod handlerMethod = (HandlerMethod) handler; + Method method = handlerMethod.getMethod(); + String requestUri = request.getRequestURI(); + String requestStr = StrUtil.EMPTY; + // 不打印获取数据的请求日志 + if (!requestUri.contains("get") && !requestUri.contains("list")) { + Map paramsMap = request.getParameterMap(); + Iterator it = paramsMap.keySet().iterator(); + StringBuilder params = new StringBuilder(); + while (it.hasNext()) { + String paramName = (String) it.next(); + String paramValue = request.getParameter(paramName); + //处理你得到的参数名与值 + params.append(paramName).append("=").append(paramValue).append("&"); + } + requestStr = "request uri=" + requestUri + "?" + params; + } + logger.info("requestStr : {}", requestStr); + // 不需要登录校验 + if (method.getAnnotation(Authorization.class) == null) { + return true; + } + // 如果同时有H5Authorization注解并且h5_token不为空使用H5Authorization校验 if (method.getAnnotation(H5Authorization.class) != null && StringUtils.isNotBlank(getH5Token(request))) { - // 如果请求头部信息同时有ticket和token,则会使用Authorization注解校验用户登录信息 - if (StringUtils.isBlank(getTicket(request))) { - return true; - } - } + // 如果请求头部信息同时有ticket和token,则会使用Authorization注解校验用户登录信息 + if (StringUtils.isBlank(getTicket(request))) { + return true; + } + } + String uid = this.getUid(request); + if (StringUtils.isEmpty(uid) || StringUtils.equalsIgnoreCase(uid, "null") || !StringUtils.isNumeric(uid)) { + logger.warn("uid illegal, uri={}, uid={}", request.getRequestURI(), uid); + writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); + return false; + } + String ticket = getTicket(request); + if (StringUtils.isEmpty(ticket)) { + logger.warn("ticket illegal, uri={}, ticket={}", request.getRequestURI(), ticket); + writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); + return false; + } + String ticketCache = getTicketCacheByUid(uid); + if (StringUtils.isEmpty(ticketCache)) { + logger.warn("catch ticket not exists, uri={}, uid={}, ticket={}", request.getRequestURI(), uid, ticket); + writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); + return false; + } + if (!ticketCache.equals(ticket)) { + logger.warn("ticket illegal, uri={}, ticket={}, cache ticket={}", request.getRequestURI(), ticket, ticketCache); + writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); + return false; + } + return true; + } + /** + * 获取 uid, 以业务参数为首选 + * + * @param request + * @return + */ + private String getUid(HttpServletRequest request) { + String uidStr = request.getHeader(ApplicationConstant.PublicParameters.PUB_UID); + if (StringUtils.isEmpty(uidStr)) { + uidStr = request.getParameter(ApplicationConstant.PublicParameters.UID); + } + return uidStr; + } - String uid = this.getUid(request); - if (StringUtils.isEmpty(uid) || StringUtils.equalsIgnoreCase(uid, "null") || !StringUtils.isNumeric(uid)) { - logger.warn("uid illegal, uri={}, uid={}", request.getRequestURI(), uid); - writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); - return false; - } + private String getTicketCacheByUid(String uid) { + String ticketStr = jedisService.hget(RedisKey.uid_ticket.getKey(), uid); + if (StringUtils.isEmpty(ticketStr)) { + return null; + } + return ticketStr; + } - -// String version = request.getParameter(ApplicationConstant.PublicParameters.APP_VERSION); -// BusiResult busiResult = appVersionService.checkVersion(version); -// if (!BlankUtil.isBlank(version) && busiResult.getCode() != 200) { -// logger.warn("requestUri={}, checkVersion code:{}, version:{},message:{}", requsetStr, busiResult.getCode(), version, busiResult.getMessage()); -// writeResponse(response, busiResult.getCode(), busiResult.getMessage()); -// return false; -// } - - String ticket = getTicket(request); - if (StringUtils.isEmpty(ticket)) { - logger.warn("ticket illegal, uri={}, ticket={}", request.getRequestURI(), ticket); - writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); - return false; - - } - - String ticketCache = getTicketCacheByUid(uid); - if (StringUtils.isEmpty(ticketCache)) { - logger.warn("catch ticket not exists, uri={}, uid={}, ticket={}", request.getRequestURI(), uid, ticket); - writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); - return false; - } - - if (!ticketCache.equals(ticket)) { - logger.warn("ticket illegal, uri={}, ticket={}, cache ticket={}", request.getRequestURI(), ticket, ticketCache); - writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); - return false; - } - - return true; - } - - /** - * 获取 uid, 以业务参数为首选 - * @param request - * @return - */ - private String getUid(HttpServletRequest request) { - String uidStr = request.getHeader(ApplicationConstant.PublicParameters.PUB_UID); - if (StringUtils.isEmpty(uidStr)) { - uidStr = request.getParameter(ApplicationConstant.PublicParameters.UID); - } - return uidStr; - } - - private String getTicketCacheByUid(String uid) { - String ticketStr = jedisService.hget(RedisKey.uid_ticket.getKey(), uid); - if (StringUtils.isEmpty(ticketStr)) { - return null; - } - return ticketStr; - } - - private String getH5JwtToken(HttpServletRequest request){ - String token = request.getParameter(ApplicationConstant.PublicParameters.H5_TOKEN); - return token; - } - - @Override - public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) - throws Exception { - - } - - @Override - public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { - } + private String getH5JwtToken(HttpServletRequest request) { + return request.getParameter(ApplicationConstant.PublicParameters.H5_TOKEN); + } } diff --git a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/WebInterceptor.java b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/WebInterceptor.java index cba0058e0..5ca9bc991 100644 --- a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/WebInterceptor.java +++ b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/interceptor/WebInterceptor.java @@ -13,7 +13,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -38,71 +37,60 @@ public class WebInterceptor extends BasicInterceptor { if (!(handler instanceof HandlerMethod)) { return true; } - HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); - // 不需要登录校验 if (method.getAnnotation(H5Authorization.class) == null) { return true; } - // 如果同时有Authorization注解并且ticket不为空使用Authorization校验 if (method.getAnnotation(Authorization.class) != null && StringUtils.isNotBlank(getTicket(request))) { return true; } - - String uid = this.getUid(request); if (StringUtils.isEmpty(uid) || StringUtils.equalsIgnoreCase(uid, "null") || !StringUtils.isNumeric(uid)) { logger.warn("uid illegal, uri={}, uid={}", request.getRequestURI(), uid); writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); return false; } - // h5登录校验 - if (method.getAnnotation(H5Authorization.class) != null){ + if (method.getAnnotation(H5Authorization.class) != null) { String token = getH5Token(request); - if(StringUtils.isEmpty(token) || StringUtils.equalsIgnoreCase(token,"null")){ - logger.warn("jwttoken is null, uri={}, uid={}", request.getRequestURI(), uid); + if (StringUtils.isEmpty(token) || StringUtils.equalsIgnoreCase(token, "null")) { + logger.warn("jwtToken is null, uri={}, uid={}", request.getRequestURI(), uid); writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); return false; } - String realToken = this.jedisService.hget(RedisKey.h5loginjwtoken.getKey(),uid); - if(StringUtils.isEmpty(realToken)){ - logger.warn("jwtoken is not exists, uri={}, uid={}, token={}", request.getRequestURI(), token); + String realToken = this.jedisService.hget(RedisKey.h5loginjwtoken.getKey(), uid); + if (StringUtils.isEmpty(realToken)) { + logger.warn("jwtToken is not exists, uri={}, uid={}, token={}", request.getRequestURI(), uid, token); writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); return false; } - - try{ + try { jwtUtils.parseJWT(token); - }catch (ExpiredJwtException e){ - logger.error("jwttoken is expired,uid={},token={}",uid, token); + } catch (ExpiredJwtException e) { + logger.error("jwtToken is expired,uid={},token={}", uid, token); writeLoginExpireResponse(response, 406, "need login!"); return false; - }catch (SignatureException e){ - logger.error("signature is illegal,uid={},token={}",uid, token); + } catch (SignatureException e) { + logger.error("signature is illegal,uid={},token={}", uid, token); writeLoginExpireResponse(response, 407, "登录状态已过期,请重新登录~"); return false; } - - if(!realToken.equals(token)){ - logger.warn("jwtoken illegal, uri={}, uid={}, token={}", request.getRequestURI(), token); + if (!realToken.equals(token)) { + logger.warn("jwtToken illegal, uri={}, uid={}, token={}", request.getRequestURI(), uid, token); writeLoginExpireResponse(response, 401, "登录状态已过期,请重新登录~"); return false; } - - return true; } - - return true; } /** * 获取 uid, 以业务参数为首选 + * * @param request * @return */ @@ -114,14 +102,4 @@ public class WebInterceptor extends BasicInterceptor { return uidStr; } - @Override - public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) - throws Exception { - - } - - @Override - public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { - } - } diff --git a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/jwt/JwtTokenConverter.java b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/jwt/JwtTokenConverter.java index 56b7a0260..b91c43394 100644 --- a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/jwt/JwtTokenConverter.java +++ b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/jwt/JwtTokenConverter.java @@ -1,36 +1,47 @@ package com.accompany.oauth2.jwt; +import cn.hutool.core.util.StrUtil; import com.accompany.core.service.common.JedisService; import com.accompany.common.redis.RedisKey; import com.accompany.oauth2.model.AccountDetails; +import com.accompany.oauth2.service.account.AccountH5LoginService; import com.accompany.oauth2.token.CustomOAuth2AccessToken; +import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import javax.servlet.http.HttpServletRequest; + +@Slf4j public class JwtTokenConverter extends JwtAccessTokenConverter { @Autowired private JedisService jedisService; + @Autowired + private AccountH5LoginService accountH5LoginService; + @Override public CustomOAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { - accessToken = super.enhance(accessToken,authentication); + accessToken = super.enhance(accessToken, authentication); CustomOAuth2AccessToken token = new CustomOAuth2AccessToken(accessToken); - if(accessToken instanceof DefaultOAuth2AccessToken) { + if (accessToken instanceof DefaultOAuth2AccessToken) { AccountDetails details = (AccountDetails) authentication.getPrincipal(); Long uid = details.getAccount().getUid(); - token.setUid(uid); token.setNetEaseToken(details.getAccount().getNeteaseToken()); - saveOauthTokenCache(uid,token.getValue()); + saveOauthTokenCache(uid, token.getValue()); } return token; } - private void saveOauthTokenCache(Long uid, String accessToken){ + private void saveOauthTokenCache(Long uid, String accessToken) { jedisService.hwrite(RedisKey.uid_access_token.getKey(), uid.toString(), accessToken); } + } diff --git a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/service/account/AccountH5LoginService.java b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/service/account/AccountH5LoginService.java index 7ac26b19b..7596f5767 100644 --- a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/service/account/AccountH5LoginService.java +++ b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/service/account/AccountH5LoginService.java @@ -50,10 +50,12 @@ public class AccountH5LoginService { @Autowired private AccountManageService accountManageService; - /** code有效时间为10分钟 **/ + /** + * code有效时间为10分钟 + **/ private static final int CODE_EXPIRE_TIME = 60 * 10; - public AccountH5LoginRecord buildRecord(Long uid, Byte loginType, String ip, String os, String appVersion, String deviceId){ + public AccountH5LoginRecord buildRecord(Long uid, Byte loginType, String ip, String os, String appVersion, String deviceId) { AccountH5LoginRecord accountH5LoginRecord = new AccountH5LoginRecord(); accountH5LoginRecord.setUid(uid); accountH5LoginRecord.setIp(ip); @@ -66,7 +68,7 @@ public class AccountH5LoginService { } @Async - public Integer insertRecord(AccountH5LoginRecord accountH5LoginRecord){ + public Integer insertRecord(AccountH5LoginRecord accountH5LoginRecord) { return accountH5LoginRecordMapper.insert(accountH5LoginRecord); } @@ -74,69 +76,59 @@ public class AccountH5LoginService { public String getAuthCode() { String code = UUIDUitl.get(); // 设置code至缓存且设置有效期 - jedisService.write(RedisKey.h5_login_code.getKey(code),"null",CODE_EXPIRE_TIME); + jedisService.write(RedisKey.h5_login_code.getKey(code), "null", CODE_EXPIRE_TIME); return code; } public String checkCodeIsUsed(String code) throws Exception { String key = RedisKey.h5_login_code.getKey(code); Boolean codeIsExist = jedisService.exits(key); - if(!codeIsExist){ - throw new BusinessException("code is illegal"); + if (!codeIsExist) { + throw new BusinessException("code is illegal"); } - String token = jedisService.get(key); - if(StringUtils.isEmpty(token) || ApplicationConstant.NULL_JSON_OBJECT.equals(token)){ + if (StringUtils.isEmpty(token) || ApplicationConstant.NULL_JSON_OBJECT.equals(token)) { return null; - }else{ + } else { return token; } } /** * 授权登录 + * * @param code * @param uid */ - public void h5AuthLogin(String code,Long uid,String ip,String os,String appVersion, String deviceId) throws Exception{ -// String token = this.checkCodeIsUsed(code); -// if(StringUtils.isEmpty(token)){ -// throw new BusinessException("code is illegal"); -// } - + public void h5AuthLogin(String code, Long uid, String ip, String os, String appVersion, String deviceId) throws Exception { String loginToken = UUIDUitl.get(); - jedisService.set(RedisKey.h5_login_code.getKey(code),loginToken); + jedisService.set(RedisKey.h5_login_code.getKey(code), loginToken); jedisService.write(RedisKey.h5_login_token.getKey(loginToken), uid.toString(), CODE_EXPIRE_TIME); - - AccountH5LoginRecord accountH5LoginRecord = this.buildRecord(uid,Constant.LoginAppType.ExchangeSys,ip,os,appVersion,deviceId); + AccountH5LoginRecord accountH5LoginRecord = this.buildRecord(uid, Constant.LoginAppType.ExchangeSys, ip, os, appVersion, deviceId); this.insertRecord(accountH5LoginRecord); } /** * h5登录 + * * @param token */ - public Map h5Login(String token) throws Exception { + public Map h5Login(String token) throws Exception { String uidStr = jedisService.get(RedisKey.h5_login_token.getKey(token)); - if(StringUtils.isEmpty(uidStr)){ + if (StringUtils.isEmpty(uidStr)) { throw new ApiException(BusiStatus.USERNOTEXISTS); } - - Long uid = Long.valueOf(uidStr); Account account = accountService.getById(uid); - - if(account == null){ + if (account == null) { throw new ApiException(BusiStatus.ACCOUNT_NOT_EXISTS); } - accountBlockCheckService.checkBlockedAccount(account); - String jwtToken = createJwtToken(uid); - jedisService.hset(RedisKey.h5loginjwtoken.getKey(),account.getUid().toString(),jwtToken); - Map map = new HashMap<>(); - map.put("uid",uid.toString()); - map.put("token",jwtToken); + jedisService.hset(RedisKey.h5loginjwtoken.getKey(), account.getUid().toString(), jwtToken); + Map map = new HashMap<>(); + map.put("uid", uid.toString()); + map.put("token", jwtToken); return map; } @@ -145,25 +137,7 @@ public class AccountH5LoginService { return jwtUtils.createJWT(mills, uid); } - public String testCreateToken(Long uid){ - String loginToken = UUIDUitl.get(); - jedisService.write(RedisKey.h5_login_token.getKey(loginToken), uid.toString(), CODE_EXPIRE_TIME); - String jwtToken = createJwtToken(uid); - jedisService.hset(RedisKey.h5loginjwtoken.getKey(),uid.toString(),jwtToken); - return loginToken; - } - - public static void main(String[] args) { - String code = UUIDUitl.get(); - System.out.println("code为"+ code); - - Long mills = 60*60*1000 * 2L; - JwtUtils jwtUtils = new JwtUtils(); - String jwtToken = jwtUtils.createJWT(mills,922680L); - System.out.println(jwtToken); - } - - public Map smsLogin(String mobile, String code) { + public Map smsLogin(String mobile, String code) { // 校验验证码 if (!smsService.verifySmsCode(mobile, code)) { throw new ServiceException(BusiStatus.SMSCODEERROR); @@ -174,15 +148,20 @@ public class AccountH5LoginService { } accountBlockCheckService.checkBlockedAccount(account); // 生成jwtToken + Long uid = account.getUid(); String jwtToken = createJwtToken(account.getUid()); - jedisService.hset(RedisKey.h5loginjwtoken.getKey(),account.getUid().toString(),jwtToken); - Map map = new HashMap<>(); - map.put("uid",account.getUid().toString()); - map.put("token",jwtToken); + saveH5LoginJwtToken(uid, jwtToken); + Map map = new HashMap<>(); + map.put("uid", account.getUid().toString()); + map.put("token", jwtToken); return map; } - public void register(String mobile, String code, String inviteCode, Long inviteUid, DeviceInfo deviceInfo, String ipAddress,String phoneAreaCode) { + private void saveH5LoginJwtToken(Long uid, String jwtToken) { + jedisService.hset(RedisKey.h5loginjwtoken.getKey(), uid.toString(), jwtToken); + } + + public void register(String mobile, String code, String inviteCode, Long inviteUid, DeviceInfo deviceInfo, String ipAddress, String phoneAreaCode) { // 校验验证码 if (!smsService.verifySmsCode(mobile, code)) { throw new ServiceException(BusiStatus.SMSCODEERROR); @@ -191,16 +170,15 @@ public class AccountH5LoginService { if (null != account) { throw new ServiceException(BusiStatus.PHONE_REGISTERED); } - if (!CommonUtil.checkPhoneFormat(phoneAreaCode,mobile)){ + if (!CommonUtil.checkPhoneFormat(phoneAreaCode, mobile)) { throw new ServiceException(BusiStatus.PHONEINVALID); } - try { - accountManageService.saveSignUpByPhone(mobile, null, deviceInfo, inviteCode, inviteUid, ipAddress,phoneAreaCode); + accountManageService.saveSignUpByPhone(mobile, null, deviceInfo, inviteCode, inviteUid, ipAddress, phoneAreaCode); } catch (Exception e) { log.error("h5 注册失败。mobile:{}", mobile); throw new ServiceException("注册失败", e); } - } + } diff --git a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/password/PasswordAuthenticationProvider.java b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/password/PasswordAuthenticationProvider.java index 0452b4f5e..8c7c7231d 100644 --- a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/password/PasswordAuthenticationProvider.java +++ b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/password/PasswordAuthenticationProvider.java @@ -16,6 +16,7 @@ import com.accompany.oauth2.constant.LoginTypeEnum; import com.accompany.oauth2.constant.OAuthStatus; import com.accompany.oauth2.exception.CustomOAuth2Exception; import com.accompany.oauth2.service.MyUserDetailsService; +import com.accompany.oauth2.service.account.AccountH5LoginService; import com.accompany.oauth2.util.RequestContextHolderUtils; import org.apache.commons.beanutils.BeanUtils; import org.slf4j.Logger; @@ -40,11 +41,16 @@ public class PasswordAuthenticationProvider implements AuthenticationProvider { private static final Logger logger = LoggerFactory.getLogger(PasswordAuthenticationProvider.class); - private MyUserDetailsService myUserDetailsService; - @Autowired - private SysConfService sysConfService; + private final MyUserDetailsService myUserDetailsService; + + private final SysConfService sysConfService; + @Autowired private PhoneBlackService phoneBlackService; + + @Autowired + private AccountH5LoginService accountH5LoginService; + @Autowired private JedisService jedisService; @@ -146,7 +152,6 @@ public class PasswordAuthenticationProvider implements AuthenticationProvider { if (!exits) { jedisService.expire(cacheKey, 10 * 60);//10分钟后解锁 } - if (currCount >= maxCount) { throw new CustomOAuth2Exception(CustomOAuth2Exception.PWD_WRONG_OVER_LIMIT, OAuthStatus.PWD_WRONG_OVER_LIMIT.getReasonPhrase()); } else { diff --git a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/verify/VerifyCodeAuthenticationToken.java b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/verify/VerifyCodeAuthenticationToken.java index fff48107f..66103a01b 100644 --- a/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/verify/VerifyCodeAuthenticationToken.java +++ b/accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/support/verify/VerifyCodeAuthenticationToken.java @@ -1,19 +1,36 @@ package com.accompany.oauth2.support.verify; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.authentication.AbstractAuthenticationToken; /** * @author: liaozetao * @date: 2023/7/11 10:45 * @description: */ -public class VerifyCodeAuthenticationToken extends UsernamePasswordAuthenticationToken { +public class VerifyCodeAuthenticationToken extends AbstractAuthenticationToken { protected static final String PHONE = "phone"; protected static final String CODE = "code"; + private final Object principal; + private final Object credentials; + public VerifyCodeAuthenticationToken(Object principal, Object credentials) { - super(principal, credentials); + super(null); + this.principal = principal; + this.credentials = credentials; + this.setAuthenticated(true); + } + + @Override + public Object getCredentials() { + return credentials; + } + + @Override + public Object getPrincipal() { + return principal; } } + diff --git a/accompany-oauth2/accompany-oauth2-web/src/main/java/com/accompany/oauth2/controller/TicketController.java b/accompany-oauth2/accompany-oauth2-web/src/main/java/com/accompany/oauth2/controller/TicketController.java index eb1458cf3..cab363005 100644 --- a/accompany-oauth2/accompany-oauth2-web/src/main/java/com/accompany/oauth2/controller/TicketController.java +++ b/accompany-oauth2/accompany-oauth2-web/src/main/java/com/accompany/oauth2/controller/TicketController.java @@ -1,5 +1,6 @@ package com.accompany.oauth2.controller; +import com.accompany.common.constant.ApplicationConstant; import com.accompany.common.constant.Constant; import com.accompany.common.result.BusiResult; import com.accompany.common.status.BusiStatus; @@ -10,6 +11,8 @@ import com.accompany.core.model.AccountLoginRecord; import com.accompany.core.service.SysConfService; import com.accompany.core.service.account.AccountService; import com.accompany.core.service.account.LoginRecordService; +import com.accompany.oauth2.constant.OAuthStatus; +import com.accompany.oauth2.exception.CustomOAuth2Exception; import com.accompany.oauth2.vo.TicketRes; import com.accompany.common.device.DeviceInfo; import com.accompany.common.utils.IPUitls; @@ -33,7 +36,7 @@ import java.util.*; /** * @author liuguofu - * on 3/17/15. + * on 3/17/15. */ @Controller @RequestMapping("/oauth") @@ -54,38 +57,35 @@ public class TicketController extends BaseController { @RequestMapping("ticket") @ResponseBody public Object issueTicket(String issue_type, String access_token, HttpServletRequest request, - HttpServletResponse response, DeviceInfo deviceInfo){ - log.info("oauth/ticket="+access_token+"........."); + HttpServletResponse response, DeviceInfo deviceInfo) { + log.info("oauth/ticket=" + access_token + "........."); checkAppVersion(deviceInfo); - try{ - if (Ticket.ONCE_TYPE.equals(issue_type) || Ticket.MULTI_TYPE.equals(issue_type)){ - Map ticketsMap = ticketServices.issueTicket(access_token); - + try { + if (Ticket.ONCE_TYPE.equals(issue_type) || Ticket.MULTI_TYPE.equals(issue_type)) { + Map ticketsMap = ticketServices.issueTicket(access_token); TicketRes ticketRes = new TicketRes(); ticketRes.setIssue_type(issue_type); - ticketRes.setTickets((List)ticketsMap.get("tickets")); - ticketRes.setAccid((String)ticketsMap.get("accid")); - ticketRes.setNetEaseToken((String)ticketsMap.get("netEaseToken")); - ticketRes.setUid((Long)ticketsMap.get("uid")); - + ticketRes.setTickets((List) ticketsMap.get("tickets")); + ticketRes.setAccid((String) ticketsMap.get("accid")); + ticketRes.setNetEaseToken((String) ticketsMap.get("netEaseToken")); + ticketRes.setUid((Long) ticketsMap.get("uid")); String ipAddress = IPUitls.getRealIpAddress(request); saveLoginRecord((Long) ticketsMap.get("uid"), ipAddress, deviceInfo); - return new BusiResult<>(ticketRes); } throw new UnsupportedIssueTypeException("unsupported ticket issue type"); - }catch (InvalidTokenException e){ - log.error("issueTicket InvalidTokenException, issue_type=" + issue_type + ", access_token=" + access_token, e); - response.setStatus(401); - return e; - }catch (UnsupportedIssueTypeException e1){ - log.error("issueTicket UnsupportedIssueTypeException, issue_type=" + issue_type + ", access_token=" + access_token, e1); - response.setStatus(400); - return e1; - }catch (Exception ex){ - log.error("issueTicket Exception, issue_type=" + issue_type + ", access_token=" + access_token, ex); - return ex; - } + } catch (InvalidTokenException e) { + log.error("issueTicket InvalidTokenException, issue_type=" + issue_type + ", access_token=" + access_token, e); + response.setStatus(401); + return e; + } catch (UnsupportedIssueTypeException e1) { + log.error("issueTicket UnsupportedIssueTypeException, issue_type=" + issue_type + ", access_token=" + access_token, e1); + response.setStatus(400); + return e1; + } catch (Exception ex) { + log.error("issueTicket Exception, issue_type=" + issue_type + ", access_token=" + access_token, ex); + return ex; + } } @Async @@ -104,9 +104,12 @@ public class TicketController extends BaseController { } private void checkAppVersion(DeviceInfo deviceInfo) { - String limitAppVersion = sysConfService.getDefaultSysConfValueById(Constant.SysConfId.APP_VERSION_LIMIT, Constant.LOWEST_VERSION_FOR_USE); - if (deviceInfo.getAppVersion() == null || AppVersionUtil.compareVersion(deviceInfo.getAppVersion(), limitAppVersion) < 0) { - throw new ServiceException(BusiStatus.VERSIONTOOOLD); + String client = deviceInfo.getClient(); + if (!ApplicationConstant.PublicParameters.H5.equals(client)) { + String limitAppVersion = sysConfService.getDefaultSysConfValueById(Constant.SysConfId.APP_VERSION_LIMIT, Constant.LOWEST_VERSION_FOR_USE); + if (deviceInfo.getAppVersion() == null || AppVersionUtil.compareVersion(deviceInfo.getAppVersion(), limitAppVersion) < 0) { + throw new ServiceException(BusiStatus.VERSIONTOOOLD); + } } } }