|
|
@@ -31,7 +31,14 @@ public class RedisTokenValidator implements OAuth2TokenValidator<Jwt> {
|
|
|
|
|
|
@Override
|
|
|
public OAuth2TokenValidatorResult validate(Jwt jwt) {
|
|
|
- // 尝试批量从Redis获取令牌相关信息,如果Redis读取失败则降级为只校验令牌过期时间
|
|
|
+ // 校验令牌是否过期
|
|
|
+ if (this.timestampValidator.validate(jwt).hasErrors()) {
|
|
|
+ throw new OAuth2AuthenticationException(new OAuth2Error(
|
|
|
+ "TOKEN_EXPIRED", ApplicationContextHolder.getMessage("Token.Expired"), null
|
|
|
+ ));
|
|
|
+ }
|
|
|
+
|
|
|
+ // 基于Redis令牌有效性校验
|
|
|
String key = OAuthContextHolder.key(OAuthContextHolder.getId(jwt));
|
|
|
Collection<Object> fields = Arrays.asList(
|
|
|
SessionContextHolder.HEADER_SCOPE,
|
|
|
@@ -43,13 +50,6 @@ public class RedisTokenValidator implements OAuth2TokenValidator<Jwt> {
|
|
|
} catch (Exception e) {
|
|
|
log.warn("Redis token validate failed: {}", e.getMessage());
|
|
|
|
|
|
- // 校验令牌是否过期
|
|
|
- if (this.timestampValidator.validate(jwt).hasErrors()) {
|
|
|
- throw new OAuth2AuthenticationException(new OAuth2Error(
|
|
|
- "TOKEN_EXPIRED", ApplicationContextHolder.getMessage("Token.Expired"), null
|
|
|
- ));
|
|
|
- }
|
|
|
-
|
|
|
// 初始化会话信息
|
|
|
SessionContextHolder.initializeSession(
|
|
|
OAuthContextHolder.getId(jwt),
|
|
|
@@ -58,8 +58,6 @@ public class RedisTokenValidator implements OAuth2TokenValidator<Jwt> {
|
|
|
);
|
|
|
return OAuth2TokenValidatorResult.success();
|
|
|
}
|
|
|
-
|
|
|
- // 基于Redis令牌有效性校验
|
|
|
String scope = String.valueOf(ObjectUtils.size(values) > 0 ? values.get(0) : null);
|
|
|
String token = String.valueOf(ObjectUtils.size(values) > 1 ? values.get(1) : null);
|
|
|
if (StringUtils.isEmpty(token)) {
|
woody