Accueil Explorer Aide
Connexion
demo
/
spring-security-oauth2
2
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

失效的token解析处理

fengxici il y a 1 an
Parent
18b3016565
commit
ae2dc3d165
1 fichiers modifiés avec 18 ajouts et 13 suppressions
Vue séparée Afficher les stats Diff
  1. 18 13
      security-auth/src/main/java/timing/ukulele/auth/security/filter/JWTSecurityFilter.java

+ 18 - 13
security-auth/src/main/java/timing/ukulele/auth/security/filter/JWTSecurityFilter.java
Voir le fichier 

@@ -43,21 +43,26 @@ public class JWTSecurityFilter extends OncePerRequestFilter {
 
             filterChain.doFilter(request, response);
 
             return;
 
         }
 
-        Jwt decode = jwtDecoder.decode(token);
 
-        if (decode == null || decode.getExpiresAt() == null || decode.getExpiresAt().compareTo(Instant.now()) <= 0) {
 
+        try {
 
+            Jwt decode = jwtDecoder.decode(token);
 
+            if (decode == null || decode.getExpiresAt() == null || decode.getExpiresAt().compareTo(Instant.now()) <= 0) {
 
+                filterChain.doFilter(request, response);
 
+                return;
 
+            }
 
+            // 将UserDetails存储到SecurityContextHolder中
 
+            List<CustomGrantedAuthority> authorityList = new ArrayList<>();
 
+            List<String> scopeList = decode.getClaimAsStringList("scope");
 
+            for (String scope : scopeList) {
 
+                CustomGrantedAuthority auth = new CustomGrantedAuthority(scope);
 
+                authorityList.add(auth);
 
+            }
 
+            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(decode.getClaimAsString("sub"), null, authorityList);
 
+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
 
+            filterChain.doFilter(request, response);
 
+        }catch (Exception ex){
 
             filterChain.doFilter(request, response);
 
-            return;
 
-        }
 
-        // 将UserDetails存储到SecurityContextHolder中
 
-        List<CustomGrantedAuthority> authorityList = new ArrayList<>();
 
-        List<String> scopeList = decode.getClaimAsStringList("scope");
 
-        for (String scope : scopeList) {
 
-            CustomGrantedAuthority auth = new CustomGrantedAuthority(scope);
 
-            authorityList.add(auth);
 
         }
 
-        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(decode.getClaimAsString("sub"), null, authorityList);
 
-        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
 
-        filterChain.doFilter(request, response);
 
+
 
     }
 
 }