完善JWT

febs-auth/src/main/java/cc/mrbird/febs/auth/configure/FebsAuthorizationServerConfigurer.java

@@ -7,6 +7,7 @@ import cc.mrbird.febs.auth.translator.FebsWebResponseExceptionTranslator;
 import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -15,8 +16,11 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
 
 /**
  * 认证服务器配置
@@ -75,4 +79,20 @@ public class FebsAuthorizationServerConfigurer extends AuthorizationServerConfig
                 .exceptionTranslator(exceptionTranslator);
     }
 
+    @Bean
+    public TokenStore jwtTokenStore() {
+        return new JwtTokenStore(jwtAccessTokenConverter());
+    }
+
+    @Bean
+    public JwtAccessTokenConverter jwtAccessTokenConverter() {
+        JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
+        DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) accessTokenConverter.getAccessTokenConverter();
+        DefaultUserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter();
+        userAuthenticationConverter.setUserDetailsService(userDetailService);
+        defaultAccessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
+        accessTokenConverter.setSigningKey("febs");
+        return accessTokenConverter;
+    }
+
 }

febs-auth/src/main/java/cc/mrbird/febs/auth/configure/JWTConfigure.java

@@ -1,25 +0,0 @@
-package cc.mrbird.febs.auth.configure;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.oauth2.provider.token.TokenStore;
-import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
-import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
-
-/**
- * @author MrBird
- */
-@Configuration
-public class JWTConfigure {
-    @Bean
-    public TokenStore jwtTokenStore() {
-        return new JwtTokenStore(jwtAccessTokenConverter());
-    }
-
-    @Bean
-    public JwtAccessTokenConverter jwtAccessTokenConverter() {
-        JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
-        accessTokenConverter.setSigningKey("febs");
-        return accessTokenConverter;
-    }
-}

febs-auth/src/main/java/cc/mrbird/febs/auth/controller/SecurityController.java

@@ -2,8 +2,6 @@ package cc.mrbird.febs.auth.controller;
 
 import cc.mrbird.febs.auth.manager.UserManager;
 import cc.mrbird.febs.auth.service.ValidateCodeService;
-import cc.mrbird.febs.common.entity.FebsResponse;
-import cc.mrbird.febs.common.entity.system.SystemUser;
 import cc.mrbird.febs.common.exception.ValidateCodeException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -30,16 +28,8 @@ public class SecurityController {
         return principal;
     }
 
-    @GetMapping("user/detail")
-    public FebsResponse currentUserDetail(Principal principal) {
-        SystemUser user = userManager.findByName(principal.getName());
-        user.setPassword("secret");
-        return new FebsResponse().data(user);
-    }
-
     @GetMapping("captcha")
     public void captcha(HttpServletRequest request, HttpServletResponse response) throws IOException, ValidateCodeException {
         validateCodeService.create(request, response);
     }
-
 }

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/aspect/ControllerEndpointAspect.java

@@ -11,6 +11,8 @@ import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Pointcut;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 
 import javax.servlet.http.HttpServletRequest;
@@ -41,7 +43,9 @@ public class ControllerEndpointAspect extends AspectSupport {
             result = point.proceed();
             if (StringUtils.isNotBlank(operation)) {
                 HttpServletRequest request = HttpContextUtil.getHttpServletRequest();
-                logService.saveLog(point, targetMethod, request, operation, start);
+                Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+                String username = (String) authentication.getPrincipal();
+                logService.saveLog(point, targetMethod, request, operation, username, start);
             }
             return result;
         } catch (Throwable throwable) {

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/service/ILogService.java

@@ -20,8 +20,8 @@ public interface ILogService extends IService<Log> {
     /**
      * 查询操作日志分页
      *
-     * @param Log 日志
-     * @param request   QueryRequest
+     * @param log     日志
+     * @param request QueryRequest
      * @return IPage<SystemLog>
      */
     IPage<Log> findLogs(Log log, QueryRequest request);
@@ -40,8 +40,9 @@ public interface ILogService extends IService<Log> {
      * @param method    Method
      * @param request   HttpServletRequest
      * @param operation 操作内容
+     * @param username  操作用户
      * @param start     开始时间
      */
     @Async(FebsConstant.ASYNC_POOL)
-    void saveLog(ProceedingJoinPoint point, Method method, HttpServletRequest request, String operation, long start);
+    void saveLog(ProceedingJoinPoint point, Method method, HttpServletRequest request, String operation, String username, long start);
 }

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/service/impl/LogServiceImpl.java

@@ -18,8 +18,6 @@ import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
@@ -73,14 +71,12 @@ public class LogServiceImpl extends ServiceImpl<LogMapper, Log> implements ILogS
     }
 
     @Override
-    public void saveLog(ProceedingJoinPoint point, Method method, HttpServletRequest request, String operation, long start) {
+    public void saveLog(ProceedingJoinPoint point, Method method, HttpServletRequest request, String operation, String username, long start) {
         Log Log = new Log();
         // 设置 IP地址
         String ip = IPUtil.getIpAddr(request);
         Log.setIp(ip);
         // 设置操作用户
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        String username = (String) authentication.getPrincipal();
         Log.setUsername(username);
         // 设置耗时
         Log.setTime(System.currentTimeMillis() - start);