✨ 实现注销处理器

2025-07-16 13:59:52 +08:00 · 2025-07-16 13:59:52 +08:00 · 8575c5931a
parent f803241c78
commit 8575c5931a
6 changed files with 115 additions and 1 deletions
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java
@ -5,6 +5,7 @@ import com.spring.step2.security.handler.SecurityAuthenticationEntryPoint;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -17,6 +18,8 @@ import org.springframework.security.web.SecurityFilterChain;
@RequiredArgsConstructor
 public class SecurityWebConfiguration {

+    private final AuthenticationProvider jwtAuthenticationProvider;
+
    @Bean
    SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

@ -54,6 +57,7 @@ public class SecurityWebConfiguration {
                    // 没有权限访问
                    exception.accessDeniedHandler(new SecurityAccessDeniedHandler());
                })
+                .authenticationProvider(jwtAuthenticationProvider)
        ;

        return http.build();
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java
@ -0,0 +1,7 @@
+package com.spring.step2.security.filter;
+
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
+
+}
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java
@ -0,0 +1,48 @@
+package com.spring.step2.security.handler;
+
+import com.alibaba.fastjson2.JSON;
+import com.spring.step2.domain.vo.result.Result;
+import com.spring.step2.domain.vo.result.ResultCodeEnum;
+import com.spring.step2.security.service.JwtBearTokenService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.logout.LogoutHandler;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+/**
+ * 实现注销处理器
+ */
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class JwtTokenLogoutHandler implements LogoutHandler {
+
+    private final JwtBearTokenService jwtBearTokenService;
+
+    @Override
+    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
+        try {
+            String authorizationToken = request.getHeader("Authorization");
+            if (StringUtils.hasText(authorizationToken)) {
+                // 如果当前用户信息存在redis中可以通过这个进行退出
+                String username = jwtBearTokenService.getUsernameFromToken(authorizationToken);
+                log.info("username : {}", username);
+            }
+
+            Result<String> result = Result.success(ResultCodeEnum.SUCCESS_LOGOUT);
+            // 转成JSON格式
+            Object json = JSON.toJSON(result);
+
+            // 返回响应
+            response.setContentType("application/json;charset=UTF-8");
+            response.getWriter().println(json);
+            response.flushBuffer();
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+}
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java
@ -14,7 +14,7 @@ import java.io.IOException;

@Slf4j
 public class SecurityAccessDeniedHandler implements AccessDeniedHandler {
-    
+
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        log.error("SecurityAccessDeniedHandler:{}", accessDeniedException.getLocalizedMessage());
@ -28,5 +28,6 @@ public class SecurityAccessDeniedHandler implements AccessDeniedHandler {
        // 返回响应
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().println(json);
+        response.flushBuffer();
    }
 }
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java
@ -27,5 +27,6 @@ public class SecurityAuthenticationEntryPoint implements AuthenticationEntryPoin
        // 返回响应
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().println(json);
+        response.flushBuffer();
    }
 }
--- a/spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java
@ -0,0 +1,53 @@
+package com.spring.step2.security.provider;
+
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class JwtAuthenticationProvider implements AuthenticationProvider {
+    /**
+     * Performs authentication with the same contract as
+     * {@link AuthenticationManager#authenticate(Authentication)}
+     * .
+     *
+     * @param authentication the authentication request object.
+     * @return a fully authenticated object including credentials. May return
+     * <code>null</code> if the <code>AuthenticationProvider</code> is unable to support
+     * authentication of the passed <code>Authentication</code> object. In such a case,
+     * the next <code>AuthenticationProvider</code> that supports the presented
+     * <code>Authentication</code> class will be tried.
+     * @throws AuthenticationException if authentication fails.
+     */
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        return null;
+    }
+
+    /**
+     * Returns <code>true</code> if this <Code>AuthenticationProvider</code> supports the
+     * indicated <Code>Authentication</code> object.
+     * <p>
+     * Returning <code>true</code> does not guarantee an
+     * <code>AuthenticationProvider</code> will be able to authenticate the presented
+     * <code>Authentication</code> object. It simply indicates it can support closer
+     * evaluation of it. An <code>AuthenticationProvider</code> can still return
+     * <code>null</code> from the {@link #authenticate(Authentication)} method to indicate
+     * another <code>AuthenticationProvider</code> should be tried.
+     * </p>
+     * <p>
+     * Selection of an <code>AuthenticationProvider</code> capable of performing
+     * authentication is conducted at runtime the <code>ProviderManager</code>.
+     * </p>
+     *
+     * @param authentication
+     * @return <code>true</code> if the implementation can more closely evaluate the
+     * <code>Authentication</code> class presented
+     */
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return false;
+    }
+}