mirror of
https://gitee.com/hhyykk/ipms-sjy.git
synced 2025-11-04 04:08:43 +08:00
【功能优化】SYSTEM:支持通过 refreshToken 认证,解决部分场景不方便刷新访问令牌场景
This commit is contained in:
YunaiV
@@ -13,7 +13,7 @@ import java.util.Set;
|
||||
/**
|
||||
* 基于 MyBatis Plus 多租户的功能,实现 DB 层面的多租户的功能
|
||||
*
|
||||
* @author
|
||||
* @author 芋道源码
|
||||
*/
|
||||
public class TenantDatabaseInterceptor implements TenantLineHandler {
|
||||
|
||||
|
||||
@@ -109,19 +109,18 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService {
|
||||
|
||||
// 获取不到,从 MySQL 中获取访问令牌
|
||||
accessTokenDO = oauth2AccessTokenMapper.selectByAccessToken(accessToken);
|
||||
if (accessTokenDO != null && DateUtils.isExpired(accessTokenDO.getExpiresTime())) {
|
||||
accessTokenDO = null;
|
||||
}
|
||||
// 特殊:从 MySQL 中获取刷新令牌。原因:解决部分场景不方便刷新访问令牌场景
|
||||
// 例如说,积木报表只允许传递 token,不允许传递 refresh_token,导致无法刷新访问令牌
|
||||
// 再例如说,前端 WebSocket 的 token 直接跟在 url 上,无法传递 refresh_token
|
||||
OAuth2RefreshTokenDO refreshTokenDO = oauth2RefreshTokenMapper.selectByRefreshToken(accessToken);
|
||||
if (refreshTokenDO != null && !DateUtils.isExpired(refreshTokenDO.getExpiresTime())) {
|
||||
accessTokenDO = convertToAccessToken(refreshTokenDO);
|
||||
if (accessTokenDO == null) {
|
||||
// 特殊:从 MySQL 中获取刷新令牌。原因:解决部分场景不方便刷新访问令牌场景
|
||||
// 例如说,积木报表只允许传递 token,不允许传递 refresh_token,导致无法刷新访问令牌
|
||||
// 再例如说,前端 WebSocket 的 token 直接跟在 url 上,无法传递 refresh_token
|
||||
OAuth2RefreshTokenDO refreshTokenDO = oauth2RefreshTokenMapper.selectByRefreshToken(accessToken);
|
||||
if (refreshTokenDO != null && !DateUtils.isExpired(refreshTokenDO.getExpiresTime())) {
|
||||
accessTokenDO = convertToAccessToken(refreshTokenDO);
|
||||
}
|
||||
}
|
||||
|
||||
// 如果在 MySQL 存在,则往 Redis 中写入
|
||||
if (accessTokenDO != null) {
|
||||
if (accessTokenDO != null && !DateUtils.isExpired(accessTokenDO.getExpiresTime())) {
|
||||
oauth2AccessTokenRedisDAO.set(accessTokenDO);
|
||||
}
|
||||
return accessTokenDO;
|
||||
|
||||
@@ -158,10 +158,11 @@ public class OAuth2TokenServiceImplTest extends BaseDbAndRedisUnitTest {
|
||||
.setAccessTokenValiditySeconds(30);
|
||||
when(oauth2ClientService.validOAuthClientFromCache(eq(clientId))).thenReturn(clientDO);
|
||||
// mock 数据(访问令牌)
|
||||
OAuth2RefreshTokenDO refreshTokenDO = randomPojo(OAuth2RefreshTokenDO.class)
|
||||
.setRefreshToken(refreshToken).setClientId(clientId)
|
||||
.setExpiresTime(LocalDateTime.now().plusDays(1))
|
||||
.setUserType(UserTypeEnum.ADMIN.getValue());
|
||||
OAuth2RefreshTokenDO refreshTokenDO = randomPojo(OAuth2RefreshTokenDO.class, o ->
|
||||
o.setRefreshToken(refreshToken).setClientId(clientId)
|
||||
.setExpiresTime(LocalDateTime.now().plusDays(1))
|
||||
.setUserType(UserTypeEnum.ADMIN.getValue())
|
||||
.setTenantId(TenantContextHolder.getTenantId()));
|
||||
oauth2RefreshTokenMapper.insert(refreshTokenDO);
|
||||
// mock 数据(访问令牌)
|
||||
OAuth2AccessTokenDO accessTokenDO = randomPojo(OAuth2AccessTokenDO.class).setRefreshToken(refreshToken)
|
||||
|
||||
@@ -473,7 +473,7 @@ CREATE TABLE IF NOT EXISTS "system_oauth2_access_token" (
|
||||
"updater" varchar DEFAULT '',
|
||||
"update_time" datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
||||
"deleted" bit NOT NULL DEFAULT FALSE,
|
||||
"tenant_id" bigint NOT NULL,
|
||||
"tenant_id" bigint not null,
|
||||
PRIMARY KEY ("id")
|
||||
) COMMENT 'OAuth2 访问令牌';
|
||||
|
||||
@@ -491,6 +491,7 @@ CREATE TABLE IF NOT EXISTS "system_oauth2_refresh_token" (
|
||||
"updater" varchar DEFAULT '',
|
||||
"update_time" datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
||||
"deleted" bit NOT NULL DEFAULT FALSE,
|
||||
"tenant_id" bigint not null default '0',
|
||||
PRIMARY KEY ("id")
|
||||
) COMMENT 'OAuth2 刷新令牌';
|
||||
|
||||
|
||||
Reference in New Issue
Block a user