UserToken问题

login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/UserTokenManager.java

@@ -0,0 +1,48 @@
+package ink.wgink.login.oauth2.client.auth;
+
+import ink.wgink.login.oauth2.client.auth.manager.UserToken;
+import ink.wgink.pojo.bos.LoginUser;
+import ink.wgink.pojo.bos.UserInfoBO;
+import org.springframework.security.core.GrantedAuthority;
+
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+
+public class UserTokenManager {
+
+    private static final UserTokenManager USER_TOKEN_MANAGER = Builder.USER_TOKEN_MANAGER;
+    private static final Map<String, UserToken> LOGIN_USER_MAP = new ConcurrentHashMap<>();
+
+    private UserTokenManager() {
+    }
+
+    public static UserTokenManager getInstance() {
+        return USER_TOKEN_MANAGER;
+    }
+
+    public UserToken get(String userId) {
+        return LOGIN_USER_MAP.get(userId);
+    }
+
+
+    public void refresh(UserInfoBO userInfo, Set<GrantedAuthority> grantedAuthorities) {
+        LOGIN_USER_MAP.put(userInfo.getUserId(), new UserToken(userInfo.getUserId(), userInfo, grantedAuthorities, System.currentTimeMillis()));
+    }
+
+
+    public void removeTimeout() {
+        Set<String> keySet = LOGIN_USER_MAP.keySet();
+        keySet.forEach(key -> {
+            UserToken userToken = LOGIN_USER_MAP.get(key);
+            if (userToken != null && userToken.getLastUpdateTime() + 3600 * 1000 < System.currentTimeMillis()) {
+                LOGIN_USER_MAP.remove(key);
+            }
+        });
+    }
+
+    private static class Builder {
+        public static UserTokenManager USER_TOKEN_MANAGER = new UserTokenManager();
+    }
+
+}

login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/filter/UserTokenFilter.java

@@ -0,0 +1,54 @@
+package ink.wgink.login.oauth2.client.auth.filter;
+
+import com.alibaba.excel.util.StringUtils;
+import ink.wgink.exceptions.SearchException;
+import ink.wgink.login.oauth2.client.auth.UserTokenManager;
+import ink.wgink.login.oauth2.client.auth.manager.UserToken;
+import ink.wgink.pojo.bos.UserInfoBO;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.context.SecurityContextHolderStrategy;
+import org.springframework.security.web.context.SecurityContextRepository;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Order(value = Ordered.HIGHEST_PRECEDENCE)
+@Component
+@WebFilter(filterName = "ContentCachingFilter", urlPatterns = "/*")
+public class UserTokenFilter extends OncePerRequestFilter {
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String userId = request.getHeader("X-USER-ID");
+        if (StringUtils.isBlank(userId)) {
+            filterChain.doFilter(request, response);
+            return;
+        }
+        UserTokenManager userTokenManager = UserTokenManager.getInstance();
+        UserToken userToken = userTokenManager.get(userId);
+        if (userToken == null) {
+            throw new SearchException("用户未登录，userId异常");
+        }
+        UserInfoBO userInfo = userToken.getUserInfo();
+        userTokenManager.refresh(userInfo, userToken.getGrantedAuthorities());
+        UsernamePasswordAuthenticationToken userAuthenticationTokenResult = new UsernamePasswordAuthenticationToken(userInfo, null, userToken.getGrantedAuthorities());
+        SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder.getContextHolderStrategy();
+        SecurityContext context = securityContextHolderStrategy.createEmptyContext();
+        context.setAuthentication(userAuthenticationTokenResult);
+        securityContextHolderStrategy.setContext(context);
+        request.getSession().setAttribute("SPRING_SECURITY_CONTEXT", context);
+        filterChain.doFilter(request, response);
+    }
+
+
+}

login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/auth/manager/UserToken.java

@@ -0,0 +1,58 @@
+package ink.wgink.login.oauth2.client.auth.manager;
+
+import ink.wgink.pojo.bos.LoginUser;
+import ink.wgink.pojo.bos.UserInfoBO;
+import org.springframework.security.core.GrantedAuthority;
+
+import java.util.Set;
+
+public class UserToken {
+
+    private String userId;
+    private UserInfoBO userInfo;
+    private Set<GrantedAuthority> grantedAuthorities;
+    private long lastUpdateTime;
+
+    public UserToken() {
+    }
+
+    public UserToken(String userId, UserInfoBO userInfo, Set<GrantedAuthority> grantedAuthorities, long lastUpdateTime) {
+        this.userId = userId;
+        this.userInfo = userInfo;
+        this.grantedAuthorities = grantedAuthorities;
+        this.lastUpdateTime = lastUpdateTime;
+    }
+
+    public String getUserId() {
+        return userId == null ? "" : userId.trim();
+    }
+
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
+    public UserInfoBO getUserInfo() {
+        return userInfo;
+    }
+
+    public void setUserInfo(UserInfoBO userInfo) {
+        this.userInfo = userInfo;
+    }
+
+    public Set<GrantedAuthority> getGrantedAuthorities() {
+        return grantedAuthorities;
+    }
+
+    public void setGrantedAuthorities(Set<GrantedAuthority> grantedAuthorities) {
+        this.grantedAuthorities = grantedAuthorities;
+    }
+
+    public long getLastUpdateTime() {
+        return lastUpdateTime;
+    }
+
+    public void setLastUpdateTime(long lastUpdateTime) {
+        this.lastUpdateTime = lastUpdateTime;
+    }
+
+}

login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/converter/OAuth2ClientUserAuthConverter.java

@@ -1,6 +1,8 @@
 package ink.wgink.login.oauth2.client.converter;
 
 import com.alibaba.fastjson.JSONObject;
+import ink.wgink.login.oauth2.client.auth.UserTokenManager;
+import ink.wgink.pojo.bos.LoginUser;
 import ink.wgink.pojo.bos.RoleGrantedAuthorityBO;
 import ink.wgink.pojo.bos.UserInfoBO;
 import org.slf4j.Logger;
@@ -51,6 +53,7 @@ public class OAuth2ClientUserAuthConverter implements UserAuthenticationConverte
                         (List<String>) authMap.get("queries"));
                 grantedAuthorities.add(roleGrantedAuthorityBO);
             });
+            UserTokenManager.getInstance().refresh((UserInfoBO) principal, grantedAuthorities);
             return new UsernamePasswordAuthenticationToken(principal, "N/A", grantedAuthorities);
         }
         return null;