9 months ago · faa178fc12
--- a/security-auth/src/main/java/timing/ukulele/auth/authorization/filter/JWTAuthorizationFilter.java
+++ b/security-auth/src/main/java/timing/ukulele/auth/authorization/filter/JWTAuthorizationFilter.java
@@ -5,6 +5,7 @@ import jakarta.servlet.FilterChain;
 
				 import jakarta.servlet.ServletException;
			
 
				 import jakarta.servlet.http.HttpServletRequest;
			
 
				 import jakarta.servlet.http.HttpServletResponse;
			
 
				+import lombok.extern.slf4j.Slf4j;
			
 
				 import org.springframework.security.core.context.SecurityContextHolder;
			
 
				 import org.springframework.security.core.userdetails.User;
			
 
				 import org.springframework.security.oauth2.jwt.Jwt;
			
@@ -20,6 +21,7 @@ import java.util.HashSet;
 
				 import java.util.List;
			
 
				 import java.util.Set;
			
 
				 
			
 
				+@Slf4j
			
 
				 public class JWTAuthorizationFilter extends OncePerRequestFilter {
			
 
				 
			
 
				     private final JwtDecoder jwtDecoder;
			
@@ -44,22 +46,26 @@ public class JWTAuthorizationFilter extends OncePerRequestFilter {
 
				             filterChain.doFilter(request, response);
			
 
				             return;
			
 
				         }
			
 
				-        Jwt decode = jwtDecoder.decode(token);
			
 
				-        if (decode == null || decode.getExpiresAt() == null || decode.getExpiresAt().compareTo(Instant.now()) <= 0) {
			
 
				-            filterChain.doFilter(request, response);
			
 
				-            return;
			
 
				-        }
			
 
				-        // 将UserDetails存储到SecurityContextHolder中
			
 
				-        Set<CustomGrantedAuthority> authorityList = new HashSet<>();
			
 
				-        List<String> scopeList = decode.getClaimAsStringList("scope");
			
 
				-        for (String scope : scopeList) {
			
 
				-            CustomGrantedAuthority auth = new CustomGrantedAuthority(scope);
			
 
				-            authorityList.add(auth);
			
 
				+        try {
			
 
				+            Jwt decode = jwtDecoder.decode(token);
			
 
				+            if (decode == null || decode.getExpiresAt() == null || decode.getExpiresAt().compareTo(Instant.now()) <= 0) {
			
 
				+                filterChain.doFilter(request, response);
			
 
				+                return;
			
 
				+            }
			
 
				+            // 将UserDetails存储到SecurityContextHolder中
			
 
				+            Set<CustomGrantedAuthority> authorityList = new HashSet<>();
			
 
				+            List<String> scopeList = decode.getClaimAsStringList("scope");
			
 
				+            for (String scope : scopeList) {
			
 
				+                CustomGrantedAuthority auth = new CustomGrantedAuthority(scope);
			
 
				+                authorityList.add(auth);
			
 
				+            }
			
 
				+            LinkedTreeMap<String, Object> userInfo = decode.getClaim("userInfo");
			
 
				+            User user = new User(decode.getClaimAsString("sub"), "", true, true, true, true, authorityList);
			
 
				+            JwtAuthorizationToken authenticationToken = new JwtAuthorizationToken(user, authorityList);
			
 
				+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				+        } catch (Exception ex) {
			
 
				+            log.error(ex.getMessage());
			
 
				         }
			
 
				-        LinkedTreeMap<String, Object> userInfo = decode.getClaim("userInfo");
			
 
				-        User user = new User(decode.getClaimAsString("sub"), "", true, true, true, true, authorityList);
			
 
				-        JwtAuthorizationToken authenticationToken = new JwtAuthorizationToken(user, authorityList);
			
 
				-        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				         filterChain.doFilter(request, response);
			
 
				     }
			
 
				 }
			
--- a/security-auth/src/main/java/timing/ukulele/auth/config/BeanConfig.java
+++ b/security-auth/src/main/java/timing/ukulele/auth/config/BeanConfig.java
@@ -7,8 +7,6 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
				 import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				 import org.springframework.security.oauth2.jwt.JwtDecoder;
			
 
				 import org.springframework.security.oauth2.jwt.JwtEncoder;
			
 
				-import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				-import org.springframework.security.web.context.SecurityContextRepository;
			
 
				 import org.springframework.web.cors.CorsConfiguration;
			
 
				 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
			
 
				 import org.springframework.web.filter.CorsFilter;
			
--- a/security-auth/src/main/java/timing/ukulele/auth/security/filter/JWTSecurityFilter.java
+++ b/security-auth/src/main/java/timing/ukulele/auth/security/filter/JWTSecurityFilter.java
@@ -58,10 +58,10 @@ public class JWTSecurityFilter extends OncePerRequestFilter {
 
				             }
			
 
				             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(decode.getClaimAsString("sub"), null, authorityList);
			
 
				             SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				-            filterChain.doFilter(request, response);
			
 
				-        }catch (Exception ex){
			
 
				-            filterChain.doFilter(request, response);
			
 
				+        } catch (Exception ex) {
			
 
				+            log.error(ex.getMessage());
			
 
				         }
			
 
				+        filterChain.doFilter(request, response);
			
 
				 
			
 
				     }
			
 
				 }