From 8575c5931aac5282ab91b677e37c2e7768e9b817 Mon Sep 17 00:00:00 2001 From: Bunny <1319900154@qq.com> Date: Wed, 16 Jul 2025 13:59:52 +0800 Subject: [PATCH] =?UTF-8?q?:sparkles:=20=E5=AE=9E=E7=8E=B0=E6=B3=A8?= =?UTF-8?q?=E9=94=80=E5=A4=84=E7=90=86=E5=99=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/SecurityWebConfiguration.java | 4 ++ .../filter/JwtAuthenticationFilter.java | 7 +++ .../handler/JwtTokenLogoutHandler.java | 48 +++++++++++++++++ .../handler/SecurityAccessDeniedHandler.java | 3 +- .../SecurityAuthenticationEntryPoint.java | 1 + .../provider/JwtAuthenticationProvider.java | 53 +++++++++++++++++++ 6 files changed, 115 insertions(+), 1 deletion(-) create mode 100644 spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java create mode 100644 spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java create mode 100644 spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java b/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java index 590125b..271fe4d 100644 --- a/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/config/SecurityWebConfiguration.java @@ -5,6 +5,7 @@ import com.spring.step2.security.handler.SecurityAuthenticationEntryPoint; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -17,6 +18,8 @@ import org.springframework.security.web.SecurityFilterChain; @RequiredArgsConstructor public class SecurityWebConfiguration { + private final AuthenticationProvider jwtAuthenticationProvider; + @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @@ -54,6 +57,7 @@ public class SecurityWebConfiguration { // 没有权限访问 exception.accessDeniedHandler(new SecurityAccessDeniedHandler()); }) + .authenticationProvider(jwtAuthenticationProvider) ; return http.build(); diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java b/spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java new file mode 100644 index 0000000..6178101 --- /dev/null +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/filter/JwtAuthenticationFilter.java @@ -0,0 +1,7 @@ +package com.spring.step2.security.filter; + +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter { + +} diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java new file mode 100644 index 0000000..c1781a9 --- /dev/null +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/JwtTokenLogoutHandler.java @@ -0,0 +1,48 @@ +package com.spring.step2.security.handler; + +import com.alibaba.fastjson2.JSON; +import com.spring.step2.domain.vo.result.Result; +import com.spring.step2.domain.vo.result.ResultCodeEnum; +import com.spring.step2.security.service.JwtBearTokenService; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.logout.LogoutHandler; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; + +/** + * 实现注销处理器 + */ +@Slf4j +@Component +@RequiredArgsConstructor +public class JwtTokenLogoutHandler implements LogoutHandler { + + private final JwtBearTokenService jwtBearTokenService; + + @Override + public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { + try { + String authorizationToken = request.getHeader("Authorization"); + if (StringUtils.hasText(authorizationToken)) { + // 如果当前用户信息存在redis中可以通过这个进行退出 + String username = jwtBearTokenService.getUsernameFromToken(authorizationToken); + log.info("username : {}", username); + } + + Result result = Result.success(ResultCodeEnum.SUCCESS_LOGOUT); + // 转成JSON格式 + Object json = JSON.toJSON(result); + + // 返回响应 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().println(json); + response.flushBuffer(); + } catch (Exception e) { + throw new RuntimeException(e); + } + } +} diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java index 5c9ea6a..b5b2cea 100644 --- a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAccessDeniedHandler.java @@ -14,7 +14,7 @@ import java.io.IOException; @Slf4j public class SecurityAccessDeniedHandler implements AccessDeniedHandler { - + @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { log.error("SecurityAccessDeniedHandler:{}", accessDeniedException.getLocalizedMessage()); @@ -28,5 +28,6 @@ public class SecurityAccessDeniedHandler implements AccessDeniedHandler { // 返回响应 response.setContentType("application/json;charset=UTF-8"); response.getWriter().println(json); + response.flushBuffer(); } } diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java index fed3884..a856959 100644 --- a/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/handler/SecurityAuthenticationEntryPoint.java @@ -27,5 +27,6 @@ public class SecurityAuthenticationEntryPoint implements AuthenticationEntryPoin // 返回响应 response.setContentType("application/json;charset=UTF-8"); response.getWriter().println(json); + response.flushBuffer(); } } diff --git a/spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java b/spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java new file mode 100644 index 0000000..dae68c9 --- /dev/null +++ b/spring-security/step-2/src/main/java/com/spring/step2/security/provider/JwtAuthenticationProvider.java @@ -0,0 +1,53 @@ +package com.spring.step2.security.provider; + +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.stereotype.Component; + +@Component +public class JwtAuthenticationProvider implements AuthenticationProvider { + /** + * Performs authentication with the same contract as + * {@link AuthenticationManager#authenticate(Authentication)} + * . + * + * @param authentication the authentication request object. + * @return a fully authenticated object including credentials. May return + * null if the AuthenticationProvider is unable to support + * authentication of the passed Authentication object. In such a case, + * the next AuthenticationProvider that supports the presented + * Authentication class will be tried. + * @throws AuthenticationException if authentication fails. + */ + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + return null; + } + + /** + * Returns true if this AuthenticationProvider supports the + * indicated Authentication object. + *

+ * Returning true does not guarantee an + * AuthenticationProvider will be able to authenticate the presented + * Authentication object. It simply indicates it can support closer + * evaluation of it. An AuthenticationProvider can still return + * null from the {@link #authenticate(Authentication)} method to indicate + * another AuthenticationProvider should be tried. + *

+ *

+ * Selection of an AuthenticationProvider capable of performing + * authentication is conducted at runtime the ProviderManager. + *

+ * + * @param authentication + * @return true if the implementation can more closely evaluate the + * Authentication class presented + */ + @Override + public boolean supports(Class authentication) { + return false; + } +}