【功能优化】SYSTEM:支持通过 refreshToken 认证,解决部分场景不方便刷新访问令牌场景

This commit is contained in:
YunaiV 2024-10-02 14:54:00 +08:00
parent c2937bd087
commit a9928fa227
4 changed files with 17 additions and 16 deletions

View File

@ -13,7 +13,7 @@ import java.util.Set;
/**
* 基于 MyBatis Plus 多租户的功能实现 DB 层面的多租户的功能
*
* @author
* @author 芋道源码
*/
public class TenantDatabaseInterceptor implements TenantLineHandler {

View File

@ -109,9 +109,7 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService {
// 获取不到 MySQL 中获取访问令牌
accessTokenDO = oauth2AccessTokenMapper.selectByAccessToken(accessToken);
if (accessTokenDO != null && DateUtils.isExpired(accessTokenDO.getExpiresTime())) {
accessTokenDO = null;
}
if (accessTokenDO == null) {
// 特殊 MySQL 中获取刷新令牌原因解决部分场景不方便刷新访问令牌场景
// 例如说积木报表只允许传递 token不允许传递 refresh_token导致无法刷新访问令牌
// 再例如说前端 WebSocket token 直接跟在 url 无法传递 refresh_token
@ -119,9 +117,10 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService {
if (refreshTokenDO != null && !DateUtils.isExpired(refreshTokenDO.getExpiresTime())) {
accessTokenDO = convertToAccessToken(refreshTokenDO);
}
}
// 如果在 MySQL 存在则往 Redis 中写入
if (accessTokenDO != null) {
if (accessTokenDO != null && !DateUtils.isExpired(accessTokenDO.getExpiresTime())) {
oauth2AccessTokenRedisDAO.set(accessTokenDO);
}
return accessTokenDO;

View File

@ -158,10 +158,11 @@ public class OAuth2TokenServiceImplTest extends BaseDbAndRedisUnitTest {
.setAccessTokenValiditySeconds(30);
when(oauth2ClientService.validOAuthClientFromCache(eq(clientId))).thenReturn(clientDO);
// mock 数据访问令牌
OAuth2RefreshTokenDO refreshTokenDO = randomPojo(OAuth2RefreshTokenDO.class)
.setRefreshToken(refreshToken).setClientId(clientId)
OAuth2RefreshTokenDO refreshTokenDO = randomPojo(OAuth2RefreshTokenDO.class, o ->
o.setRefreshToken(refreshToken).setClientId(clientId)
.setExpiresTime(LocalDateTime.now().plusDays(1))
.setUserType(UserTypeEnum.ADMIN.getValue());
.setUserType(UserTypeEnum.ADMIN.getValue())
.setTenantId(TenantContextHolder.getTenantId()));
oauth2RefreshTokenMapper.insert(refreshTokenDO);
// mock 数据访问令牌
OAuth2AccessTokenDO accessTokenDO = randomPojo(OAuth2AccessTokenDO.class).setRefreshToken(refreshToken)

View File

@ -473,7 +473,7 @@ CREATE TABLE IF NOT EXISTS "system_oauth2_access_token" (
"updater" varchar DEFAULT '',
"update_time" datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
"deleted" bit NOT NULL DEFAULT FALSE,
"tenant_id" bigint NOT NULL,
"tenant_id" bigint not null,
PRIMARY KEY ("id")
) COMMENT 'OAuth2 访问令牌';
@ -491,6 +491,7 @@ CREATE TABLE IF NOT EXISTS "system_oauth2_refresh_token" (
"updater" varchar DEFAULT '',
"update_time" datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
"deleted" bit NOT NULL DEFAULT FALSE,
"tenant_id" bigint not null default '0',
PRIMARY KEY ("id")
) COMMENT 'OAuth2 刷新令牌';