feat: 新增鉴权时的异常处理

1 year ago · 2b271547e7
parent 148c31b323
commit 2b271547e7
6 changed files with 96 additions and 3 deletions
--- a/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java
+++ b/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java
@ -1,8 +1,10 @@
 package cn.teammodel.model.entity;

+import com.fasterxml.jackson.annotation.JsonFormat;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import lombok.Data;

+import java.time.LocalDateTime;
 import java.util.List;

@Data
@ -12,6 +14,9 @@ public class EvaluationTreeNode {
    String name;
    String logo;
    String creator;
+    String creatorId;
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+    LocalDateTime createTime;
    /**
    * 排序
    */
--- a/src/main/java/cn/teammodel/security/SecurityConfiguration.java
+++ b/src/main/java/cn/teammodel/security/SecurityConfiguration.java
@ -1,6 +1,8 @@
 package cn.teammodel.security;

 import cn.teammodel.security.filter.AuthInnerTokenFilter;
+import cn.teammodel.security.handler.RestAccessDeniedHandler;
+import cn.teammodel.security.handler.RestAuthenticationEntryPoint;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@ -23,6 +25,10 @@ import java.util.Arrays;
@EnableWebSecurity
@EnableMethodSecurity
 public class SecurityConfiguration {
+    @Resource
+    private RestAccessDeniedHandler restAccessDeniedHandler;
+    @Resource
+    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;
    @Resource
    private AuthInnerTokenFilter authInnerTokenFilter;

@ -52,8 +58,10 @@ public class SecurityConfiguration {
                                .anyRequest().authenticated()
                )
                .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) // 启用 OIDC jwt filter
-                .addFilterAfter(authInnerTokenFilter, BearerTokenAuthenticationFilter.class); // 添加 x-auth-authToken filter
-            // todo： 失败处理器
+                .addFilterAfter(authInnerTokenFilter, BearerTokenAuthenticationFilter.class) // 添加 x-auth-authToken filter
+                .exceptionHandling()
+                .authenticationEntryPoint(restAuthenticationEntryPoint)
+                .accessDeniedHandler(restAccessDeniedHandler);

        return http.build();
    }
--- a/src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java
+++ b/src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java
@ -0,0 +1,32 @@
+package cn.teammodel.security.handler;
+
+import cn.hutool.json.JSONUtil;
+import cn.teammodel.common.ErrorCode;
+import cn.teammodel.common.R;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class RestAccessDeniedHandler implements AccessDeniedHandler {
+
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
+        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+        response.setHeader("Access-Control-Allow-Origin", "*");
+        response.setHeader("Cache-Control","no-cache");
+        response.setCharacterEncoding("UTF-8");
+        response.setContentType("application/json");
+        response.getWriter().println(errorMsg());
+        response.getWriter().flush();
+    }
+    public Object errorMsg() {
+        return JSONUtil.parse(R.error(ErrorCode.NO_AUTH_ERROR));
+    }
+}
--- a/src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java
+++ b/src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java
@ -0,0 +1,36 @@
+package cn.teammodel.security.handler;
+
+import cn.hutool.json.JSONUtil;
+import cn.teammodel.common.ErrorCode;
+import cn.teammodel.common.R;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @author winter
+ * @date 2022年11月26日 下午4:51
+ * @description 定义验证失败的处理器，子类实现
+ */
+@Component
+public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
+        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+        response.setHeader("Access-Control-Allow-Origin", "*");
+        response.setHeader("Cache-Control","no-cache");
+        response.setCharacterEncoding("UTF-8");
+        response.setContentType("application/json");
+        response.getWriter().println(errorMsg());
+        response.getWriter().flush();
+    }
+    public Object errorMsg() {
+        return JSONUtil.parse(R.error(ErrorCode.NO_AUTH_ERROR));
+    }
+}
--- a/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java
+++ b/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java
@ -21,6 +21,7 @@ import org.springframework.beans.BeanUtils;
 import org.springframework.stereotype.Service;

 import javax.annotation.Resource;
+import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.List;

@ -100,6 +101,7 @@ public class EvaluationServiceImpl implements EvaluationService {
    @Override
    public Evaluation insertNode(InsertNodeDto insertNodeDto) {
        Evaluation evaluation = findEvaluation(insertNodeDto.getPeriodId());
+        User loginUser = SecurityUtils.getLoginUser();

        List<EvaluationTreeNode> originNodes = evaluation.getNodes();
        // 拷贝数据到新节点
@ -116,8 +118,12 @@ public class EvaluationServiceImpl implements EvaluationService {
        }
        // todo: 为新节点赋值必须参数 (id, creator), 可不可以添加默认值 order ?
        newNode.setId(UUID.randomUUID().toString());
+        newNode.setCreatorId(loginUser.getId());
+        newNode.setCreator(loginUser.getName());
+        newNode.setCreateTime(LocalDateTime.now());
+
        originNodes.add(newNode);
-        evaluation.setNodes(originNodes);
+        evaluation.setNodes(originNodes); // 好像不需要?
        return buildTree(evaluationRepository.save(evaluation));
    }

--- a/src/test/java/cn/teammodel/TestWithoutSpring.java
+++ b/src/test/java/cn/teammodel/TestWithoutSpring.java
@ -11,6 +11,7 @@ import com.taobao.api.ApiException;
 import lombok.extern.slf4j.Slf4j;
 import org.junit.jupiter.api.Test;

+import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@ -133,4 +134,9 @@ public class TestWithoutSpring {
        //service.flattenTree(tree, nodeList);
        //System.out.println(JSONUtil.parse(nodeList).toStringPretty());
    }
+
+    @Test
+    public void testLocalDateTime() {
+        System.out.println(LocalDateTime.now());
+    }
 }