...

2022-05-12 11:31:48 +08:00 · 2022-05-12 11:31:48 +08:00 · d5f249ccb6
parent 5583c2b609
commit d5f249ccb6
2 changed files with 15 additions and 14 deletions
--- a/renren-admin/pom.xml
+++ b/renren-admin/pom.xml
@ -286,6 +286,13 @@
                            <descriptors>
                                <descriptor>src/main/resources/assembly/assembly.xml</descriptor>
                            </descriptors>
+
+                            <archive>
+                                <manifest>
+                                    <addClasspath>true</addClasspath>
+                                    <classpathPrefix>libs/</classpathPrefix>
+                                </manifest>
+                            </archive>
                        </configuration>
                    </execution>
                </executions>
--- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
+++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
@ -5,7 +5,6 @@ import com.yawei.pso.PSORequest;
 import com.yawei.pso.SSOResponse;
 import com.yawei.pso.TicketManager;
 import io.renren.common.constant.Constant;
-import io.renren.common.exception.ErrorCode;
 import io.renren.common.interceptor.Validator;
 import io.renren.common.interceptor.YaweiSSOProperties;
 import io.renren.common.utils.HttpContextUtils;
@ -15,17 +14,13 @@ import org.apache.http.HttpStatus;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
-import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Lazy;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.RequestMethod;

 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@ -36,11 +31,10 @@ import java.util.Map;

 /**
 * oauth2过滤器
- *
 */
@Component()
@Scope("prototype")
-public class  Oauth2Filter extends AuthenticatingFilter {
+public class Oauth2Filter extends AuthenticatingFilter {

    public final static String SEESION_USER = "seesion_user";

@ -52,7 +46,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
        //获取请求token
        String token = getRequestToken((HttpServletRequest) request);

-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            return null;
        }

@ -61,7 +55,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {

    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
-        if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){
+        if (((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())) {
            return true;
        }

@ -74,9 +68,9 @@ public class  Oauth2Filter extends AuthenticatingFilter {

        //获取请求token，如果token不存在，直接返回401
        String token = getRequestToken((HttpServletRequest) request);
-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {

-            yaweiHandle((HttpServletRequest)request, (HttpServletResponse)response);
+            yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);

 //            HttpServletResponse httpResponse = (HttpServletResponse) response;
 //            httpResponse.setContentType("application/json;charset=utf-8");
@ -117,12 +111,12 @@ public class  Oauth2Filter extends AuthenticatingFilter {
    /**
     * 获取请求的token
     */
-    private String getRequestToken(HttpServletRequest httpRequest){
+    private String getRequestToken(HttpServletRequest httpRequest) {
        //从header中获取token
        String token = httpRequest.getHeader(Constant.TOKEN_HEADER);

        //如果header中不存在token，则从参数中获取token
-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            token = httpRequest.getParameter(Constant.TOKEN_HEADER);
        }

@ -132,7 +126,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
    public boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
        // 获取当前请求的url
        String requestUri = request.getHeader("REQUESTURI");
-        if (requestUri == null){
+        if (requestUri == null) {
            requestUri = request.getRequestURI();
        }