From ab220215c894c1f29cb971b2c6b2bc0334571244 Mon Sep 17 00:00:00 2001 From: suhao <1152067570@qq.com> Date: Tue, 27 May 2025 15:32:41 +0800 Subject: [PATCH 1/2] =?UTF-8?q?refactor:=20=E8=87=AA=E5=AE=9A=E4=B9=89?= =?UTF-8?q?=E7=9A=84=E4=B8=A4=E4=B8=AAsecurity=E8=BF=87=E6=BB=A4=E5=99=A8?= =?UTF-8?q?=E7=A7=BB=E9=99=A4@Component=E6=B3=A8=E8=A7=A3=EF=BC=8C?= =?UTF-8?q?=E4=BB=85=E6=B3=A8=E5=85=A5security=E8=BF=87=E6=BB=A4=E5=99=A8?= =?UTF-8?q?=E9=93=BE=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/AuthorizationServerConfiguration.java | 15 +++++++++++---- .../support/filter/PasswordDecoderFilter.java | 3 +-- .../auth/support/filter/ValidateCodeFilter.java | 3 +-- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java index ad49efd00..5aa625192 100755 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java @@ -20,6 +20,7 @@ import com.pig4cloud.pig.auth.support.CustomeOAuth2AccessTokenGenerator; import com.pig4cloud.pig.auth.support.core.CustomeOAuth2TokenCustomizer; import com.pig4cloud.pig.auth.support.core.FormIdentityLoginConfigurer; import com.pig4cloud.pig.auth.support.core.PigDaoAuthenticationProvider; +import com.pig4cloud.pig.auth.support.filter.AuthSecurityConfigProperties; import com.pig4cloud.pig.auth.support.filter.PasswordDecoderFilter; import com.pig4cloud.pig.auth.support.filter.ValidateCodeFilter; import com.pig4cloud.pig.auth.support.handler.PigAuthenticationFailureEventHandler; @@ -67,9 +68,15 @@ public class AuthorizationServerConfiguration { private final OAuth2AuthorizationService authorizationService; - private final PasswordDecoderFilter passwordDecoderFilter; + private final AuthSecurityConfigProperties authSecurityConfigProperties; - private final ValidateCodeFilter validateCodeFilter; + private PasswordDecoderFilter passwordDecoderFilter(AuthSecurityConfigProperties authSecurityConfigProperties) { + return new PasswordDecoderFilter(authSecurityConfigProperties); + } + + private ValidateCodeFilter validateCodeFilter(AuthSecurityConfigProperties authSecurityConfigProperties) { + return new ValidateCodeFilter(authSecurityConfigProperties); + } /** * Authorization Server 配置,仅对 /oauth2/** 的请求有效 @@ -85,9 +92,9 @@ public class AuthorizationServerConfiguration { OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer(); // 增加验证码过滤器 - http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class); + http.addFilterBefore(validateCodeFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); // 增加密码解密过滤器 - http.addFilterBefore(passwordDecoderFilter, UsernamePasswordAuthenticationFilter.class); + http.addFilterBefore(passwordDecoderFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); http.with(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点 tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java index 299affdda..cf307b45e 100755 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java @@ -30,7 +30,6 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import javax.crypto.spec.IvParameterSpec; @@ -43,7 +42,7 @@ import java.util.Map; * @date 2019 /2/1 密码解密工具类 */ @Slf4j -@Component +//@Component @RequiredArgsConstructor public class PasswordDecoderFilter extends OncePerRequestFilter { diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java index 1eb5dd1bc..5aad3368f 100644 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java @@ -22,7 +22,6 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; -import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import java.io.IOException; @@ -35,7 +34,7 @@ import java.util.Optional; * 登录前置处理器: 前端密码传输密文解密,验证码处理 */ @Slf4j -@Component +//@Component @RequiredArgsConstructor public class ValidateCodeFilter extends OncePerRequestFilter { -- Gitee From 1ccaf7212215ddd7c27e73d14513a76154c067b7 Mon Sep 17 00:00:00 2001 From: suhao <1152067570@qq.com> Date: Fri, 30 May 2025 13:45:00 +0800 Subject: [PATCH 2/2] =?UTF-8?q?refactor:=20=E8=87=AA=E5=AE=9A=E4=B9=89?= =?UTF-8?q?=E7=9A=84=E4=B8=A4=E4=B8=AAsecurity=E8=BF=87=E6=BB=A4=E5=99=A8?= =?UTF-8?q?=E7=A7=BB=E9=99=A4@Component=E6=B3=A8=E8=A7=A3=EF=BC=8C?= =?UTF-8?q?=E4=BB=85=E6=B3=A8=E5=85=A5security=E8=BF=87=E6=BB=A4=E5=99=A8?= =?UTF-8?q?=E9=93=BE=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/AuthorizationServerConfiguration.java | 12 ++---------- .../auth/support/filter/PasswordDecoderFilter.java | 1 - .../pig/auth/support/filter/ValidateCodeFilter.java | 1 - 3 files changed, 2 insertions(+), 12 deletions(-) diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java index 5aa625192..29b4c7209 100755 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java @@ -70,14 +70,6 @@ public class AuthorizationServerConfiguration { private final AuthSecurityConfigProperties authSecurityConfigProperties; - private PasswordDecoderFilter passwordDecoderFilter(AuthSecurityConfigProperties authSecurityConfigProperties) { - return new PasswordDecoderFilter(authSecurityConfigProperties); - } - - private ValidateCodeFilter validateCodeFilter(AuthSecurityConfigProperties authSecurityConfigProperties) { - return new ValidateCodeFilter(authSecurityConfigProperties); - } - /** * Authorization Server 配置,仅对 /oauth2/** 的请求有效 * @param http http @@ -92,9 +84,9 @@ public class AuthorizationServerConfiguration { OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer(); // 增加验证码过滤器 - http.addFilterBefore(validateCodeFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); + http.addFilterBefore(new ValidateCodeFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); // 增加密码解密过滤器 - http.addFilterBefore(passwordDecoderFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); + http.addFilterBefore(new PasswordDecoderFilter(authSecurityConfigProperties), UsernamePasswordAuthenticationFilter.class); http.with(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点 tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java index cf307b45e..8789a0c10 100755 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/PasswordDecoderFilter.java @@ -42,7 +42,6 @@ import java.util.Map; * @date 2019 /2/1 密码解密工具类 */ @Slf4j -//@Component @RequiredArgsConstructor public class PasswordDecoderFilter extends OncePerRequestFilter { diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java index 5aad3368f..7bb29dd7c 100644 --- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java +++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java @@ -34,7 +34,6 @@ import java.util.Optional; * 登录前置处理器: 前端密码传输密文解密,验证码处理 */ @Slf4j -//@Component @RequiredArgsConstructor public class ValidateCodeFilter extends OncePerRequestFilter { -- Gitee