diff --git a/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/JwtSecurityContextRepository.java b/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/JwtSecurityContextRepository.java index 492608a..b8d34e1 100644 --- a/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/JwtSecurityContextRepository.java +++ b/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/JwtSecurityContextRepository.java @@ -3,6 +3,8 @@ package com.flyfish.framework.configuration.jwt; import com.flyfish.framework.service.MongoUserDetailsService; import lombok.extern.slf4j.Slf4j; import org.springframework.http.server.reactive.ServerHttpRequest; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextImpl; import org.springframework.security.web.server.context.ServerSecurityContextRepository; @@ -32,7 +34,9 @@ public class JwtSecurityContextRepository implements ServerSecurityContextReposi return userDetailsService.findByUsername(userId) .map(userDetails -> { SecurityContextImpl securityContext = new SecurityContextImpl(); - securityContext.setAuthentication(tokenProvider.getAuthentication(userDetails)); + Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, userDetails.getPassword(), + userDetails.getAuthorities()); + securityContext.setAuthentication(authentication); return securityContext; }); }); diff --git a/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/TokenProvider.java b/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/TokenProvider.java index b109bd9..fe295fd 100644 --- a/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/TokenProvider.java +++ b/flyfish-web/src/main/java/com/flyfish/framework/configuration/jwt/TokenProvider.java @@ -15,13 +15,16 @@ import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.User; import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; import javax.annotation.Resource; import java.security.Key; import java.time.Duration; +import java.util.Arrays; +import java.util.Collection; import java.util.Date; import java.util.Optional; import java.util.stream.Collectors; @@ -142,12 +145,19 @@ public class TokenProvider implements InitializingBean { /** * token解析第一步,获取认证。此处通过claims就能知道token是哪个端的 * - * @param userDetails 用户详情 + * @param token token * @return 结果 */ - public Authentication getAuthentication(UserDetails userDetails) { - return new UsernamePasswordAuthenticationToken(userDetails, userDetails.getPassword(), - userDetails.getAuthorities()); + public Authentication getAuthentication(String token) { + Claims claims = parseToken(token); + Collection authorities = + Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(",")) + .filter(StringUtils::isNotBlank) + .map(SimpleGrantedAuthority::new) + .collect(Collectors.toList()); + + User principal = new User(claims.getSubject(), "", authorities); + return new UsernamePasswordAuthenticationToken(principal, token, authorities); } /**