💬 待完成异常处理

2025-07-17 00:20:48 +08:00 · 2025-07-17 00:20:48 +08:00 · 02901efa33
parent 0c7110e1fc
commit 02901efa33
5 changed files with 17 additions and 46 deletions
--- a/spring-security/ReadMe.md
+++ b/spring-security/ReadMe.md
@ -1362,6 +1362,16 @@ public class AuthenticationEvents {

 ## 实现JWT的认证

+### 过滤器的介绍
+
+过滤器添加分为：`addFilterBefore`、`addFilterAt`、`addFilter`、`addFilterAfter`。
+
+这里不推荐使用`addFilter`，指定顺序不明确，如需指定顺序使用其余三个。如果不指定顺序会报下面的错。
+
+```properties
+The Filter class com.spring.step3.security.filter.JwtAuthenticationFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.
+```
+
 ### 生成JWT令牌

 > [!TIP]
@ -1524,3 +1534,4 @@ Bunny
 # 解析的用户权限
 [permission::read, role::read]
 ```
+
--- a/spring-security/step-3/src/main/java/com/spring/step3/controller/test/CheckController.java
+++ b/spring-security/step-3/src/main/java/com/spring/step3/controller/test/CheckController.java
@ -4,6 +4,7 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@ -32,7 +33,7 @@ public class CheckController {
        if (principal instanceof UserDetails) {
            return (UserDetails) principal;
        } else {
-            return null;
+            return User.builder().username("未知").password("未知").build();
        }
    }

--- a/spring-security/step-3/src/main/java/com/spring/step3/security/config/SecurityWebConfiguration.java
+++ b/spring-security/step-3/src/main/java/com/spring/step3/security/config/SecurityWebConfiguration.java
@ -22,47 +22,6 @@ public class SecurityWebConfiguration {

    private final JwtAuthenticationFilter jwtAuthenticationFilter;

-    // @Bean
-    // SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-    //     http.authorizeHttpRequests(authorizeRequests ->
-    //                     // 访问路径为 /api 时需要进行认证
-    //                     authorizeRequests
-    //                             // 只认证 /api/** 下的所有接口
-    //                             .requestMatchers("/api/**").authenticated()
-    //                             // 其余请求都放行
-    //                             .anyRequest().permitAll()
-    //             )
-    //             .formLogin(loginPage -> loginPage
-    //                     // 自定义登录页路径
-    //                     .loginPage("/login-page")
-    //                     // 处理登录的URL（默认就是/login）
-    //                     .loginProcessingUrl("/login")
-    //                     // 登录成功跳转
-    //                     .defaultSuccessUrl("/")
-    //                     // 登录失败跳转
-    //                     .failureUrl("/login-page?error=true")
-    //                     .permitAll()
-    //             )
-    //             // 使用默认的登录
-    //             // .formLogin(Customizer.withDefaults())
-    //             // 禁用表单登录
-    //             // .formLogin(AbstractHttpConfigurer::disable)
-    //             .logout(logout -> logout
-    //                     .logoutSuccessUrl("/login-page?logout=true")
-    //                     .permitAll()
-    //             )
-    //             .csrf(AbstractHttpConfigurer::disable)
-    //             .exceptionHandling(exception -> {
-    //                 // 请求未授权接口
-    //                 exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint());
-    //                 // 没有权限访问
-    //                 exception.accessDeniedHandler(new SecurityAccessDeniedHandler());
-    //             })
-    //     ;
-    //
-    //     return http.build();
-    // }
-
    @Bean
    SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
@ -98,7 +57,6 @@ public class SecurityWebConfiguration {
                    exception.accessDeniedHandler(new SecurityAccessDeniedHandler());
                })
                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
-                .addFilter(jwtAuthenticationFilter)
        ;

        return http.build();
--- a/spring-security/step-3/src/main/java/com/spring/step3/security/filter/JwtAuthenticationFilter.java
+++ b/spring-security/step-3/src/main/java/com/spring/step3/security/filter/JwtAuthenticationFilter.java
@ -32,7 +32,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(@NotNull HttpServletRequest request,
                                    @NotNull HttpServletResponse response,
-                                    @NotNull FilterChain filterChain) throws ServletException, IOException {
+                                    @NotNull FilterChain filterChain) throws ServletException, IOException, AuthenticSecurityException {
        final String authHeader = request.getHeader("Authorization");

        // 如果当前请求不包含验证Token直接返回
@ -47,6 +47,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {

        // 检查当前Token是否过期
        if (jwtBearTokenService.isTokenValid(jwtToken)) {
+            // TODO 抛出异常 Security 未处理
            throw new AuthenticSecurityException(ResultCodeEnum.AUTHENTICATION_EXPIRED);
        }

--- a/spring-security/step-3/src/main/java/com/spring/step3/utils/JwtTokenUtil.java
+++ b/spring-security/step-3/src/main/java/com/spring/step3/utils/JwtTokenUtil.java
@ -205,8 +205,8 @@ public class JwtTokenUtil {

            return expiration != null && expiration.before(new Date());
        } catch (Exception exception) {
-            log.error(exception.getMessage(), exception);
-            return true;
+            // TODO 抛出异常 Security 未处理
+            throw new AuthenticSecurityException(ResultCodeEnum.TOKEN_PARSING_FAILED);
        }
    }
 }