diff --git a/src/main/java/boss/portal/config/SwaggerConfig.java b/src/main/java/boss/portal/config/SwaggerConfig.java index 5087ca96f4465cf5d080a424d2321b6affc3d9af..cea9bacf973217b58a929f4db9a95acf3a97a7e6 100644 --- a/src/main/java/boss/portal/config/SwaggerConfig.java +++ b/src/main/java/boss/portal/config/SwaggerConfig.java @@ -3,6 +3,8 @@ package boss.portal.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.bind.annotation.RequestMethod; + +import boss.portal.constant.ConstantKey; import springfox.documentation.builders.ParameterBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; @@ -31,13 +33,13 @@ import static cn.hutool.core.collection.CollUtil.newArrayList; public class SwaggerConfig { // 设置默认TOKEN,方便测试 - private static final String TOKEN = "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ6aGFveGluZ3VvLVtST0xFX0FETUlOLCBBVVRIX1dSSVRFXSIsImV4cCI6MTUzOTMzOTM0NX0.P9dkLQ7lpNODJppHBM-InSS90nw0XJieK8QNlZM0TeuNNQ8sUPYH-uif099A1-P2Ap6b_9lCLbXL2iR0OLdFyw"; + private static final String TOKEN = ConstantKey.BEARER + "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ6aGFveGluZ3VvLVtST0xFX0FETUlOLCBBVVRIX1dSSVRFXSIsImV4cCI6MTUzOTMzOTM0NX0.P9dkLQ7lpNODJppHBM-InSS90nw0XJieK8QNlZM0TeuNNQ8sUPYH-uif099A1-P2Ap6b_9lCLbXL2iR0OLdFyw"; @Bean public Docket api() { ParameterBuilder tokenPar = new ParameterBuilder(); List pars = new ArrayList(); - tokenPar.name("Authorization").description("令牌").defaultValue(TOKEN).modelRef(new ModelRef("string")).parameterType("header").required(false).build(); + tokenPar.name(ConstantKey.HEADER_KEY).description("令牌").defaultValue(TOKEN).modelRef(new ModelRef("string")).parameterType("header").required(false).build(); pars.add(tokenPar.build()); Docket docket = new Docket(DocumentationType.SWAGGER_2) .select() @@ -60,4 +62,4 @@ public class SwaggerConfig { new Contact("Zhao XinGuo", "https://javaymw.com/", "sxdtzhaoxinguo@163.com"), "License of API", "API license URL", Collections.emptyList()); } -} +} \ No newline at end of file diff --git a/src/main/java/boss/portal/constant/ConstantKey.java b/src/main/java/boss/portal/constant/ConstantKey.java index d98d93377067aeeb1b1a22d84605fa793cbca65d..7227a96eca5d21f431182fdbd0c4014da2802511 100644 --- a/src/main/java/boss/portal/constant/ConstantKey.java +++ b/src/main/java/boss/portal/constant/ConstantKey.java @@ -13,4 +13,14 @@ public class ConstantKey { * 签名key */ public static final String SIGNING_KEY = "spring-security-@Jwt!&Secret^#"; -} + + /** + * 持票人 + */ + public static final String BEARER = "Bearer "; + + /** + * 在头部标签中存放Token的key + */ + public static final String HEADER_KEY = "Authorization"; +} \ No newline at end of file diff --git a/src/main/java/boss/portal/controller/JwtExceptionController.java b/src/main/java/boss/portal/controller/JwtExceptionController.java index 661b6f7aa2ec742910741c7dbc282dd712c73048..846c9921bea9cf4e7f62fcdab2680d8fb31a42ec 100644 --- a/src/main/java/boss/portal/controller/JwtExceptionController.java +++ b/src/main/java/boss/portal/controller/JwtExceptionController.java @@ -34,7 +34,7 @@ public class JwtExceptionController { @RequestMapping("/signatureException") public void signatureException(HttpServletRequest request) throws SignatureException { - if (request.getAttribute("signatureException") instanceof ExpiredJwtException) { + if (request.getAttribute("signatureException") instanceof SignatureException) { throw ((SignatureException) request.getAttribute("signatureException")); } } diff --git a/src/main/java/boss/portal/filter/JWTAuthenticationFilter.java b/src/main/java/boss/portal/filter/JWTAuthenticationFilter.java index 729844e6ece7dcfdc64313d943d5f9e11d7592e8..ca4cf9b56546ebc6418bdcd882b8e2a2fd07dbba 100644 --- a/src/main/java/boss/portal/filter/JWTAuthenticationFilter.java +++ b/src/main/java/boss/portal/filter/JWTAuthenticationFilter.java @@ -39,8 +39,8 @@ public class JWTAuthenticationFilter extends BasicAuthenticationFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { - String header = request.getHeader("Authorization"); - if (ObjectUtil.isEmpty(header) || !header.startsWith("Bearer ")) { + String header = request.getHeader(ConstantKey.HEADER_KEY); + if (ObjectUtil.isEmpty(header) || !header.startsWith(ConstantKey.BEARER)) { chain.doFilter(request, response); return; } @@ -52,14 +52,14 @@ public class JWTAuthenticationFilter extends BasicAuthenticationFilter { private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { long start = System.currentTimeMillis(); - String token = request.getHeader("Authorization"); + String token = request.getHeader(ConstantKey.HEADER_KEY); if (ObjectUtil.isEmpty(token)) { throw new ServiceException("Token不能为空!"); } // parse the token. String user = null; - Claims claims = Jwts.parser().setSigningKey(ConstantKey.SIGNING_KEY).parseClaimsJws(token.replace("Bearer ", "")).getBody(); + Claims claims = Jwts.parser().setSigningKey(ConstantKey.SIGNING_KEY).parseClaimsJws(token.replace(ConstantKey.BEARER, "")).getBody(); // token签发时间 long issuedAt = claims.getIssuedAt().getTime(); // 当前时间 @@ -131,4 +131,4 @@ public class JWTAuthenticationFilter extends BasicAuthenticationFilter { return null; } -} +} \ No newline at end of file diff --git a/src/main/java/boss/portal/filter/JWTLoginFilter.java b/src/main/java/boss/portal/filter/JWTLoginFilter.java index dc7850db0466429098d10194d9569ccb64dc1ede..fdc2f875a3feef3c7f8a980ec069592871562111 100644 --- a/src/main/java/boss/portal/filter/JWTLoginFilter.java +++ b/src/main/java/boss/portal/filter/JWTLoginFilter.java @@ -100,11 +100,11 @@ public class JWTLoginFilter extends UsernamePasswordAuthenticationFilter { // 生成token end // 登录成功后,返回token到header里面 - /*response.addHeader("Authorization", "Bearer " + token);*/ + /*response.addHeader(ConstantKey.HEADER_KEY, ConstantKey.BEARER + token);*/ // 登录成功后,返回token到body里面 Map resultMap = new HashMap<>(); - resultMap.put("Authorization", "Bearer " + token); + resultMap.put(ConstantKey.HEADER_KEY, ConstantKey.BEARER + token); Result result = Result.ok(resultMap); response.getWriter().write(JSON.toJSONString(result)); @@ -113,4 +113,4 @@ public class JWTLoginFilter extends UsernamePasswordAuthenticationFilter { } } -} +} \ No newline at end of file diff --git a/src/main/java/boss/portal/handler/Http401AuthenticationEntryPoint.java b/src/main/java/boss/portal/handler/Http401AuthenticationEntryPoint.java index e3587a23b4889fe8bec90377a94823b718317125..0716453c576106b586172633d3f48105f136715b 100644 --- a/src/main/java/boss/portal/handler/Http401AuthenticationEntryPoint.java +++ b/src/main/java/boss/portal/handler/Http401AuthenticationEntryPoint.java @@ -8,6 +8,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import boss.portal.constant.ConstantKey; + /** * @Auther: zhaoxinguo * @Date: 2018/9/20 14:55 @@ -23,8 +25,8 @@ public class Http401AuthenticationEntryPoint implements AuthenticationEntryPoint @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { - response.setHeader("Authorization", this.headerValue); + response.setHeader(ConstantKey.HEADER_KEY, this.headerValue); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); } -} +} \ No newline at end of file