6 år sedan · 6b9f1991ae
--- a/common/common-rest-model/src/main/java/com/yihu/jw/restmodel/ResultStatus.java
+++ b/common/common-rest-model/src/main/java/com/yihu/jw/restmodel/ResultStatus.java
@ -11,10 +11,11 @@ public class ResultStatus {
 
				    /**
			
 
				     * 1100多错误码 与授权相关的
			
 
				     */
			
 
				    public static final Integer ERROR_TOKEN = 1100; //token有误,错误的token  或者 过期的token
			
 
				    public static final Integer EXPIRE = 1100; //过期的token
			
 
				    public static final Integer NULL_TOKEN = 1101;// token为空
			
 
				    public static final Integer INVALID_GRANT = 1102; //授权失败,看具体报错信息,如验证码错误,密码错误等
			
 
				    public static final Integer INVALID_GRANT = 1102; //授权失败,看具体报错信息,如验证码错误,密码错误等,  [登陆时候,用户不存在/应用不存在,归位此类,方便前端判断]
			
 
				    public static final Integer NO_PERMI = 1103; //无权限访问
			
 
				    public static final Integer INVALID_TOKEN = 1104;//被踢了 ,账号在别处登陆
			
 
				
			
 
				
			
 
				    /**
			
--- a/gateway/ag-basic/src/main/java/com/yihu/jw/gateway/filter/BasicZuulFilter.java
+++ b/gateway/ag-basic/src/main/java/com/yihu/jw/gateway/filter/BasicZuulFilter.java
@ -68,6 +68,7 @@ public class BasicZuulFilter extends ZuulFilter {
 
				                || url.contains("/basePatient/forgetPwd")//忘记密码
			
 
				                || url.contains("/basePatient/sendCaptcha")//发送短信
			
 
				                || url.contains("/sms_gateway/send")//发送短信
			
 
				                || url.contains("/accountAppeal/create")
			
 
				                || url.contains("/open/")) {//开发接口
			
 
				            return true;
			
 
				        }
			
@ -88,10 +89,10 @@ public class BasicZuulFilter extends ZuulFilter {
 
				        }
			
 
				        OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(accessToken);
			
 
				        if (null == oAuth2AccessToken) {
			
 
				            return this.forbidden(ctx, ResultStatus.ERROR_TOKEN, "invalid token");
			
 
				            return this.forbidden(ctx, ResultStatus.INVALID_TOKEN, "invalid token");
			
 
				        }
			
 
				        if (oAuth2AccessToken.isExpired()) {
			
 
				            return this.forbidden(ctx, ResultStatus.ERROR_TOKEN, "expired token");
			
 
				            return this.forbidden(ctx, ResultStatus.EXPIRE, "expired token");
			
 
				        }
			
 
				        //将token的认证信息附加到请求中，转发给下游微服务
			
 
				        OAuth2Authentication auth = tokenStore.readAuthentication(accessToken);
			
--- a/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java
+++ b/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java
@ -479,7 +479,7 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
 
				                throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
			
 
				            }
			
 
				            /*如果是移动端登陆则移除之前的token，
			
 
				            在网关处通过HTTP状态码告知前端是过期（402）还是账号在别处登陆（403），
			
 
				            在网关处通过HTTP状态码告知前端是过期 还是账号在别处登陆
			
 
				            实现同一账号只能在一处登陆*/
			
 
				            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
			
 
				            if (request.getHeader("login-device") != null && request.getHeader("login-device").equals("mobile")) {
			
@ -555,13 +555,13 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
 
				    public ResponseEntity<Oauth2Envelop> handleException(Exception e) throws Exception {
			
 
				        LOG.debug(e.getMessage(), e);
			
 
				        if (e instanceof UsernameNotFoundException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("用户不存在!", ResultStatus.USER_NO_EXIST), e);
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("账号或者密码错误!", ResultStatus.INVALID_GRANT), e);
			
 
				        } else if (e instanceof NoSuchClientException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("应用未注册!", ResultStatus.APP_NO_EXIST), e);
			
 
				        } else if (e instanceof InvalidGrantException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("应用未注册!", ResultStatus.INVALID_GRANT), e);
			
 
				        } else if (e instanceof InvalidGrantException || e instanceof UsernameNotFoundException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop(invalidGrantMessage((InvalidGrantException)e), ResultStatus.INVALID_GRANT), e);
			
 
				        } else if (e instanceof InvalidTokenException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("Token有误/过期!", ResultStatus.ERROR_TOKEN), e);
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("Token过期!", ResultStatus.EXPIRE), e);
			
 
				        } else if (e instanceof InvalidRequestException) {
			
 
				            return handleOAuth2Exception(new Oauth2Envelop("参数" + e.getMessage() + "缺失!", ResultStatus.ERROR_PARA), e);
			
 
				        } else if (e instanceof IllegalAccessException) {
			
--- a/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/error/WlyyOAuth2ExceptionTranslator.java
+++ b/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/error/WlyyOAuth2ExceptionTranslator.java
@ -66,7 +66,8 @@ public class WlyyOAuth2ExceptionTranslator implements WebResponseExceptionTransl
 
				        headers.set("Pragma", "no-cache");
			
 
				        if (status == ResultStatus.USER_NO_EXIST
			
 
				                || status == ResultStatus.APP_NO_EXIST
			
 
				                || status == ResultStatus.ERROR_TOKEN
			
 
				                || status == ResultStatus.EXPIRE
			
 
				                || status == ResultStatus.INVALID_TOKEN
			
 
				                || status == ResultStatus.NULL_TOKEN
			
 
				                || status == ResultStatus.INVALID_GRANT
			
 
				                || e instanceof InsufficientScopeException) {