Merge branch 'master' of https://gitee.com/zouxuan/mec

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/config/AuthorizationServerConfig.java

@@ -1,5 +1,6 @@
 package com.ym.mec.auth.config;
 
+import com.ym.mec.auth.filter.WebResponseExceptionTranslator;
 import com.ym.mec.common.constant.CommonConstants;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -14,7 +15,6 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
 import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
-
 import javax.sql.DataSource;
 
 /**
@@ -28,20 +28,23 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
 	private RedisConnectionFactory connectionFactory;
 	@Autowired
 	private AuthenticationManager authenticationManager;
+	@Autowired
+	private WebResponseExceptionTranslator webResponseExceptionTranslator;
 
 	@Autowired
 	private DataSource dataSource;
 
 	@Override
-	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints){
 		endpoints
 				.authenticationManager(authenticationManager)
 				.tokenServices(defaultTokenServices())
-				.tokenStore(redisTokenStore());
+				.tokenStore(redisTokenStore())
+				.exceptionTranslator(webResponseExceptionTranslator);
 	}
 
 	@Override
-	public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+	public void configure(AuthorizationServerSecurityConfigurer security){
 		security.tokenKeyAccess("isAuthenticated()")
 				.checkTokenAccess("permitAll()")
 				.allowFormAuthenticationForClients();

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/config/provider/service/BaseUserDetailsService.java

@@ -1,7 +1,8 @@
 package com.ym.mec.auth.config.provider.service;
 
-import java.util.List;
-
+import com.ym.mec.auth.api.dto.SysUserInfo;
+import com.ym.mec.auth.api.entity.SysUser;
+import com.ym.mec.auth.service.SysUserService;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.GrantedAuthority;
@@ -13,9 +14,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
-import com.ym.mec.auth.api.dto.SysUserInfo;
-import com.ym.mec.auth.api.entity.SysUser;
-import com.ym.mec.auth.service.SysUserService;
+import java.util.List;
 
 @Service
 public class BaseUserDetailsService implements UserDetailsService {
@@ -36,7 +35,7 @@ public class BaseUserDetailsService implements UserDetailsService {
 
 		SysUserInfo userInfo = sysUserService.queryUserInfoByUsername(username);
 		if(userInfo == null){
-			return null;
+			throw new UsernameNotFoundException("用户不存在");
 		}
 
 		List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList(userInfo.getPermissions());

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/filter/BaseAuthenticationFilter.java

@@ -50,6 +50,7 @@ public class BaseAuthenticationFilter extends AbstractAuthenticationProcessingFi
 		}
 
 		username = username.trim();
+		password = password.trim();
 
 		UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
 				username, password);

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/filter/SmsCodeAuthenticationFilter.java

@@ -6,14 +6,10 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter;
-import org.springframework.security.web.access.ExceptionTranslationFilter;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/filter/WebResponseExceptionTranslator.java

@@ -0,0 +1,36 @@
+package com.ym.mec.auth.filter;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.InternalAuthenticationServiceException;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
+import org.springframework.security.oauth2.common.exceptions.UnsupportedResponseTypeException;
+import org.springframework.security.oauth2.provider.error.DefaultWebResponseExceptionTranslator;
+import org.springframework.stereotype.Component;
+
+/**
+ * 异常转换器
+ */
+@Component
+public class WebResponseExceptionTranslator extends DefaultWebResponseExceptionTranslator {
+
+    public static final String BAD_MSG = "Bad credentials";
+
+    /**
+     * @param e spring security内部异常
+     * @return 经过处理的异常信息
+     * @throws Exception 通用异常
+     */
+    @Override
+    public ResponseEntity<OAuth2Exception> translate(Exception e) throws Exception {
+        OAuth2Exception oAuth2Exception;
+        if (e.getLocalizedMessage() != null && e.getLocalizedMessage().equals(BAD_MSG)) {
+            oAuth2Exception = new InvalidGrantException("用户名或密码错误", e);
+        }else if (e instanceof InternalAuthenticationServiceException) {
+            oAuth2Exception = new InvalidGrantException(e.getLocalizedMessage(), e);
+        }   else{
+            oAuth2Exception = new UnsupportedResponseTypeException("服务内部错误", e);
+        }
+        return super.translate(oAuth2Exception);
+    }
+}

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/handler/BaseAuthenticationFailureEvenHandler.java

@@ -1,11 +1,5 @@
 package com.ym.mec.auth.handler;
 
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.ym.mec.common.entity.HttpResponseResult;
 import org.apache.http.HttpStatus;
@@ -13,8 +7,12 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
 import org.springframework.stereotype.Component;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 
 @Component
 public class BaseAuthenticationFailureEvenHandler extends ExceptionMappingAuthenticationFailureHandler {
@@ -25,13 +23,15 @@ public class BaseAuthenticationFailureEvenHandler extends ExceptionMappingAuthen
 	private final static Logger logger = LoggerFactory.getLogger(BaseAuthenticationFailureEvenHandler.class);
 
 	@Override
-	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException)
-			throws IOException, ServletException {
-
+	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
+			throws IOException{
+		String message = e.getMessage();
 		Object username = request.getAttribute("SPRING_SECURITY_LAST_USERNAME_KEY");
-
-		logger.info("用户：{} 登录失败，异常：{}", username, authenticationException.getLocalizedMessage());
-		HttpResponseResult result = new HttpResponseResult(false, HttpStatus.SC_CONFLICT, null, authenticationException.getLocalizedMessage());
+		if (e.getLocalizedMessage() != null && e.getLocalizedMessage().equals("Bad credentials")) {
+			message = "用户名或密码错误";
+		}
+		logger.info("用户：{} 登录失败，异常：{}", username, message);
+		HttpResponseResult result = new HttpResponseResult(false, HttpStatus.SC_CONFLICT, null, message);
 		response.setContentType("application/json; charset=utf-8");
 		response.getWriter().write(objectMapper.writeValueAsString(result));
 //		super.onAuthenticationFailure(request, response, authenticationException);

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/service/impl/SysUserServiceImpl.java

@@ -45,31 +45,21 @@ public class SysUserServiceImpl extends BaseServiceImpl<Integer, SysUser> implem
 
 	@Override
 	public SysUserInfo queryUserInfoByUsername(String username) {
-
-		SysUserInfo userInfo = new SysUserInfo();
-
 		SysUser sysUser = queryByUsername(username);
-
-		userInfo.setSysUser(sysUser);
-
-		List<Integer> roleIdList = sysUserRoleService.queryRoleIdListByUserId(sysUser.getUserId());
-		userInfo.setRoles(roleIdList.toArray(new Integer[roleIdList.size()]));
-
-		List<String> permissionList = sysRoleMenuService.queryPermissionsByRoleIdList(roleIdList);
-		userInfo.setPermissions(permissionList.toArray(new String[permissionList.size()]));
-
-		return userInfo;
+		return getSysUserInfo(sysUser);
 	}
 
 	@Override
 	public SysUserInfo queryUserInfoByPhone(String phone) {
-
-		SysUserInfo userInfo = new SysUserInfo();
-
 		SysUser sysUser = queryByPhone(phone);
+		return getSysUserInfo(sysUser);
+	}
+
+	private SysUserInfo getSysUserInfo(SysUser sysUser){
 		if(sysUser == null){
 			return null;
 		}
+		SysUserInfo userInfo = new SysUserInfo();
 		userInfo.setSysUser(sysUser);
 
 		List<Integer> roleIdList = sysUserRoleService.queryRoleIdListByUserId(sysUser.getUserId());