3 주 전 · b2436937fc
--- a/flow-common/flow-common-oauth2-starter/pom.xml
+++ b/flow-common/flow-common-oauth2-starter/pom.xml
@@ -48,6 +48,17 @@
 
				             <artifactId>flow-common-redis-starter</artifactId>
			
 
				             <version>0.0.1-SNAPSHOT</version>
			
 
				         </dependency>
			
 
				+
			
 
				+        <dependency>
			
 
				+            <groupId>org.slf4j</groupId>
			
 
				+            <artifactId>slf4j-api</artifactId>
			
 
				+            <version>1.7.36</version>
			
 
				+        </dependency>
			
 
				+        <dependency>
			
 
				+            <groupId>org.projectlombok</groupId>
			
 
				+            <artifactId>lombok</artifactId>
			
 
				+            <scope>provided</scope>
			
 
				+        </dependency>
			
 
				     </dependencies>
			
 
				 
			
 
				 </project>
			
--- a/flow-common/flow-common-oauth2-starter/src/main/java/com/flow/common/oauth2/configure/AuthorizationServerConfigure.java
+++ b/flow-common/flow-common-oauth2-starter/src/main/java/com/flow/common/oauth2/configure/AuthorizationServerConfigure.java
@@ -1,5 +1,6 @@
 
				 package com.flow.common.oauth2.configure;
			
 
				 
			
 
				+import lombok.extern.slf4j.Slf4j;
			
 
				 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
@@ -34,11 +35,13 @@ import org.springframework.security.web.authentication.preauth.PreAuthenticatedA
 
				 
			
 
				 import javax.sql.DataSource;
			
 
				 import java.util.ArrayList;
			
 
				+import java.util.Date;
			
 
				 import java.util.HashMap;
			
 
				 import java.util.Map;
			
 
				 
			
 
				 @Configuration
			
 
				 @EnableAuthorizationServer
			
 
				+@Slf4j
			
 
				 public class AuthorizationServerConfigure extends AuthorizationServerConfigurerAdapter {
			
 
				     private final AuthenticationManager authenticationManager;
			
 
				     private final UserDetailsService userDetailsService;
			
@@ -98,19 +101,21 @@ public class AuthorizationServerConfigure extends AuthorizationServerConfigurerA
 
				     @Override
			
 
				     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
			
 
				         endpoints
			
 
				-                //认证管理器
			
 
				+                // 认证管理器
			
 
				                 .authenticationManager(authenticationManager)
			
 
				-                //用户信息
			
 
				+                // 用户信息
			
 
				                 .userDetailsService(userDetailsService)
			
 
				                 .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
			
 
				                 // 授权码管理策略，针对授权码模式有效，会将授权码放到 auth_code 表，授权后就会删除它
			
 
				                 .authorizationCodeServices(jdbcAuthorizationCodeServices());
			
 
				         // 使用redis的token方式
			
 
				         endpoints
			
 
				-                //token存储
			
 
				+                // token存储
			
 
				                 .tokenStore(tokenStore())
			
 
				                 // 添加令牌增强器
			
 
				                 .tokenEnhancer(customTokenEnhancer());
			
 
				+        // 明确地设置自定义的 tokenServices
			
 
				+        //.tokenServices(tokenServices());
			
 
				 
			
 
				 
			
 
				         // 自定义异常转换类(替换oauth2默认返回格式，改成AjaxResponse统一格式)
			
@@ -154,12 +159,19 @@ public class AuthorizationServerConfigure extends AuthorizationServerConfigurerA
 
				                         tokenStore.removeRefreshToken(existingAccessToken.getRefreshToken());
			
 
				                     }
			
 
				                 }*/
			
 
				+
			
 
				+                log.info("使用了自定义的方法");
			
 
				                 return super.createAccessToken(authentication);
			
 
				             }
			
 
				         };
			
 
				 
			
 
				-        // 设置 Token 的有效期为一年（365 天 × 24 小时 × 60 分钟 × 60 秒）
			
 
				-        tokenServices.setAccessTokenValiditySeconds(365 * 24 * 60 * 60);
			
 
				+        // 设置 Access Token 有效期为 1 分钟
			
 
				+        // 默认Access Token 有效期：2分钟
			
 
				+        // tokenServices.setAccessTokenValiditySeconds(60);
			
 
				+
			
 
				+        // 设置 Refresh Token 有效期为 365 天
			
 
				+        // 默认Refresh Token 有效期：7天
			
 
				+        // tokenServices.setRefreshTokenValiditySeconds(60 * 60 * 24 * 365);
			
 
				 
			
 
				         // 请求回来的token都会变.但是请求的refresh token不会续期(false)或者重置为初始化时间(true)
			
 
				         tokenServices.setReuseRefreshToken(true);
			
@@ -167,8 +179,8 @@ public class AuthorizationServerConfigure extends AuthorizationServerConfigurerA
 
				         tokenServices.setSupportRefreshToken(true);
			
 
				         tokenServices.setClientDetailsService(clientDetailsService);
			
 
				         // token加强链
			
 
				-        //TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
			
 
				-        //tokenEnhancerChain.setTokenEnhancers(Lists.newArrayList(tokenEnhancer()));
			
 
				+        // TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
			
 
				+        // tokenEnhancerChain.setTokenEnhancers(Lists.newArrayList(tokenEnhancer()));
			
 
				         tokenServices.setTokenEnhancer(customTokenEnhancer());
			
 
				         // token存储
			
 
				         tokenServices.setTokenStore(tokenStore());
			
@@ -180,6 +192,9 @@ public class AuthorizationServerConfigure extends AuthorizationServerConfigurerA
 
				             list.add(provider);
			
 
				             tokenServices.setAuthenticationManager(new ProviderManager(list));
			
 
				         }
			
 
				+
			
 
				+        // tokenServices.setAccessTokenValiditySeconds(60);
			
 
				+        log.info("tokenServices: {}", tokenServices);
			
 
				         return tokenServices;
			
 
				     }
			
 
				 
			
@@ -199,6 +214,8 @@ public class AuthorizationServerConfigure extends AuthorizationServerConfigurerA
 
				                     additionalInformation.put("clientId", authentication.getOAuth2Request().getClientId());
			
 
				                     additionalInformation.put("resourceIds", authentication.getOAuth2Request().getResourceIds());
			
 
				                     ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation);
			
 
				+                    // 设置过期时间
			
 
				+                    ((DefaultOAuth2AccessToken) accessToken).setExpiration(new Date(System.currentTimeMillis() + 30 * 1000));
			
 
				                 }
			
 
				                 return accessToken;
			
 
				             }
			
--- a/flow-oauth/flow-oauth-biz/src/main/java/com/flow/service/impl/AuthServiceImpl.java
+++ b/flow-oauth/flow-oauth-biz/src/main/java/com/flow/service/impl/AuthServiceImpl.java
@@ -130,8 +130,8 @@ public class AuthServiceImpl implements AuthService {
 
				             } catch (JSONException e) {
			
 
				                 throw new BaseException("用户信息异常，请联系管理员");
			
 
				             }
			
 
				-            //long time = jsonObject.getLong("time");
			
 
				-            //String type = jsonObject.getString("type");
			
 
				+            // long time = jsonObject.getLong("time");
			
 
				+            // String type = jsonObject.getString("type");
			
 
				 
			
 
				             // 判断时间戳是否过期
			
 
				             // if (now - time < 10000) {
			
@@ -140,7 +140,7 @@ public class AuthServiceImpl implements AuthService {
 
				             //
			
 
				             // }
			
 
				             if (StringUtils.isNotBlank(user)) {
			
 
				-                 accessToken = loginByUsername(user);
			
 
				+                accessToken = loginByUsername(user);
			
 
				             }
			
 
				         }
			
 
				         return accessToken;
			
@@ -201,6 +201,9 @@ public class AuthServiceImpl implements AuthService {
 
				 
			
 
				         // 直接生成token
			
 
				         OAuth2AccessToken token = tokenServices.createAccessToken(oauth2Authentication);
			
 
				+
			
 
				+        log.info("token 过期时间{}", token.getExpiration());
			
 
				+        // OAuth2AccessToken token = tokenServices.tokenServices().createAccessToken(oauth2Authentication);
			
 
				         return new AccessToken(token);
			
 
				     }