diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java index 3918568d..e13491bc 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java @@ -18,7 +18,6 @@ package me.zhengjie.modules.security.security; import cn.hutool.core.date.DateField; import cn.hutool.core.date.DateUtil; import cn.hutool.core.util.IdUtil; -import cn.hutool.core.util.ObjectUtil; import io.jsonwebtoken.*; import io.jsonwebtoken.io.Decoders; import io.jsonwebtoken.security.Keys; @@ -28,19 +27,12 @@ import me.zhengjie.utils.RedisUtils; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.stereotype.Component; - import javax.servlet.http.HttpServletRequest; import java.security.Key; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; +import java.util.*; import java.util.concurrent.TimeUnit; -import java.util.stream.Collectors; /** * @author / @@ -79,17 +71,9 @@ public class TokenProvider implements InitializingBean { * @return / */ public String createToken(Authentication authentication) { - /* - * 获取权限列表 - */ - String authorities = authentication.getAuthorities().stream() - .map(GrantedAuthority::getAuthority) - .collect(Collectors.joining(",")); - return jwtBuilder // 加入ID确保生成的 Token 都不一致 .setId(IdUtil.simpleUUID()) - .claim(AUTHORITIES_KEY, authorities) .setSubject(authentication.getName()) .compact(); } @@ -102,16 +86,8 @@ public class TokenProvider implements InitializingBean { */ Authentication getAuthentication(String token) { Claims claims = getClaims(token); - - // fix bug: 当前用户如果没有任何权限时,在输入用户名后,刷新验证码会抛IllegalArgumentException - Object authoritiesStr = claims.get(AUTHORITIES_KEY); - Collection authorities = - ObjectUtil.isNotEmpty(authoritiesStr) ? - Arrays.stream(authoritiesStr.toString().split(",")) - .map(SimpleGrantedAuthority::new) - .collect(Collectors.toList()) : Collections.emptyList(); - User principal = new User(claims.getSubject(), "******", authorities); - return new UsernamePasswordAuthenticationToken(principal, token, authorities); + User principal = new User(claims.getSubject(), "******", new ArrayList<>()); + return new UsernamePasswordAuthenticationToken(principal, token, new ArrayList<>()); } public Claims getClaims(String token) {