admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-06 17:08:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

change refresh token RequestHeader->RequestParam

Browse Source 
change LoginTokenRefreshPoint -> AuthTokenRefreshPoint
change refresh token RequestHeader->RequestParam
log details
This commit is contained in:
MaxKey 2022-08-08 08:37:39 +08:00
parent 4397b952c0
commit bf2401ac7d
10 changed files with 34 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthRefreshTokenService.java
View File

@ -42,7 +42,7 @@ public class AuthRefreshTokenService extends AuthJwtService{
* @return
*/
public String genRefreshToken(Authentication authentication) {
_logger.trace("gen Refresh Token");
_logger.trace("generate Refresh JWT Token");
return genJwt(
authentication,
authJwkConfig.getIssuer(),

1
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthTokenService.java
View File

@ -66,6 +66,7 @@ public class AuthTokenService extends AuthJwtService{
public AuthJwt genAuthJwt(Authentication authentication) {
if(authentication != null) {
String refreshToken = refreshTokenService.genRefreshToken(authentication);
_logger.trace("generate JWT Token");
String accessToken = genJwt(authentication);
AuthJwt authJwt = new AuthJwt(
accessToken,

14
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/LoginTokenRefreshPoint.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthTokenRefreshPoint.java
View File

@ -17,6 +17,8 @@
package org.maxkey.authn.web;
import javax.servlet.http.HttpServletRequest;
import org.maxkey.authn.jwt.AuthJwt;
import org.maxkey.authn.jwt.AuthRefreshTokenService;
import org.maxkey.authn.jwt.AuthTokenService;
@ -24,6 +26,7 @@ import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.Message;
import org.maxkey.util.StringUtils;
import org.maxkey.web.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@ -31,13 +34,13 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@Controller
@RequestMapping(value = "/auth")
public class LoginTokenRefreshPoint {
private static final Logger _logger = LoggerFactory.getLogger(LoginTokenRefreshPoint.class);
public class AuthTokenRefreshPoint {
private static final Logger _logger = LoggerFactory.getLogger(AuthTokenRefreshPoint.class);
@Autowired
AuthTokenService authTokenService;
@ -49,10 +52,11 @@ public class LoginTokenRefreshPoint {
SessionManager sessionManager;
@RequestMapping(value={"/token/refresh"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> refresh(
@RequestHeader(name = "refresh_token", required = false) String refreshToken) {
public ResponseEntity<?> refresh(HttpServletRequest request,
@RequestParam(name = "refresh_token", required = false) String refreshToken) {
_logger.debug("try to refresh token " );
_logger.trace("refresh token {} " , refreshToken);
if(_logger.isTraceEnabled()) {WebContext.printRequest(request);}
try {
if(StringUtils.isNotBlank(refreshToken)
&& refreshTokenService.validateJwtToken(refreshToken)) {

2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
View File

@ -63,7 +63,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
SignPrincipal principal = AuthorizationUtils.getPrincipal();
//判断用户是否登录,判断用户是否登录用户
if(principal == null){
_logger.trace("No Authentication ... forward to /auth/entrypoint");
_logger.trace("No Authentication ... forward to /auth/entrypoint , request URI " + request.getRequestURI());
RequestDispatcher dispatcher = request.getRequestDispatcher("/auth/entrypoint");
dispatcher.forward(request, response);
return false;

38
maxkey-core/src/main/java/org/maxkey/web/WebContext.java
View File

@ -237,26 +237,24 @@ public final class WebContext {
* @param request
*/
public static void printRequest(final HttpServletRequest request) {
if(_logger.isTraceEnabled()) {
_logger.trace("getContextPath : {}" , request.getContextPath());
_logger.trace("getRequestURL : {} " , request.getRequestURL());
_logger.trace("URL : {}" , request.getRequestURI().substring(request.getContextPath().length()));
_logger.trace("getMethod : {} " , request.getMethod());
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String key = (String) headerNames.nextElement();
String value = request.getHeader(key);
_logger.trace("Header key {} , value {}" , key, value);
}
Enumeration<String> parameterNames = request.getParameterNames();
while (parameterNames.hasMoreElements()) {
String key = (String) parameterNames.nextElement();
String value = request.getParameter(key);
_logger.trace("Parameter {} , value {}",key , value);
}
}
_logger.info("getContextPath : {}" , request.getContextPath());
_logger.info("getRequestURL : {} " , request.getRequestURL());
_logger.info("URL : {}" , request.getRequestURI().substring(request.getContextPath().length()));
_logger.info("getMethod : {} " , request.getMethod());
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String key = (String) headerNames.nextElement();
String value = request.getHeader(key);
_logger.info("Header key {} , value {}" , key, value);
}
Enumeration<String> parameterNames = request.getParameterNames();
while (parameterNames.hasMoreElements()) {
String key = (String) parameterNames.nextElement();
String value = request.getParameter(key);
_logger.info("Parameter {} , value {}",key , value);
}
}
/**

2
maxkey-core/src/main/java/org/maxkey/web/WebInstRequestFilter.java
View File

@ -53,7 +53,7 @@ public class WebInstRequestFilter extends GenericFilterBean {
HttpServletRequest request= ((HttpServletRequest)servletRequest);
if(request.getSession().getAttribute(WebConstants.CURRENT_INST) == null) {
WebContext.printRequest(request);
if(_logger.isTraceEnabled()) {WebContext.printRequest(request);}
String host = request.getHeader(HEADER_HOSTNAME);
_logger.trace("hostname {}",host);
if(StringUtils.isEmpty(host)) {

2
maxkey-core/src/main/java/org/maxkey/web/WebXssRequestFilter.java
View File

@ -72,7 +72,7 @@ public class WebXssRequestFilter extends GenericFilterBean {
_logger.trace("WebXssRequestFilter");
boolean isWebXss = false;
HttpServletRequest request= ((HttpServletRequest)servletRequest);
if(_logger.isTraceEnabled()) {WebContext.printRequest(request);}
if(skipUrlMap.containsKey(request.getRequestURI().substring(request.getContextPath().length()))) {
isWebXss = false;
}else {

BIN
maxkey-lib/mybatis-jpa-extra-2.7.jar
View File

Binary file not shown.

2
maxkey-web-frontend/maxkey-web-app/src/app/core/net/default.interceptor.ts
View File

@ -107,7 +107,7 @@ export class DefaultInterceptor implements HttpInterceptor {
*/
private refreshTokenRequest(): Observable<any> {
const model = this.tokenSrv.get();
return this.http.post(`/auth/token/refresh`, null, null, { headers: { refresh_token: model?.['refresh_token'] || '' } });
return this.http.post(`/auth/token/refresh`, null, { refresh_token: model?.['refresh_token'] || '' });
}
// #region 刷新Token方式一使用 401 重新刷新 Token

2
maxkey-web-frontend/maxkey-web-mgt-app/src/app/core/net/default.interceptor.ts
View File

@ -107,7 +107,7 @@ export class DefaultInterceptor implements HttpInterceptor {
*/
private refreshTokenRequest(): Observable<any> {
const model = this.tokenSrv.get();
return this.http.post(`/auth/token/refresh`, null, null, { headers: { refresh_token: model?.['refresh_token'] || '' } });
return this.http.post(`/auth/token/refresh`, null, { refresh_token: model?.['refresh_token'] || '' });
}
// #region 刷新Token方式一使用 401 重新刷新 Token