forked from kidgrow-microservices-platform
blame | history | raw
zhaoxiaohao
2021-03-08 3cc66f911c6a7b0d55ddb58c67e16963195ea351 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

package com.kidgrow.oauth2.handler;


 


import cn.hutool.core.util.StrUtil;


import com.kidgrow.authclient.util.AuthUtils;


import com.kidgrow.common.constant.SecurityConstants;


import com.kidgrow.redis.util.RedisUtils;


import lombok.extern.slf4j.Slf4j;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.core.Authentication;


import org.springframework.security.oauth2.common.OAuth2AccessToken;


import org.springframework.security.oauth2.common.OAuth2RefreshToken;


import org.springframework.security.oauth2.provider.OAuth2Authentication;


import org.springframework.security.oauth2.provider.OAuth2Request;


import org.springframework.security.oauth2.provider.token.TokenStore;


import org.springframework.security.web.authentication.logout.LogoutHandler;


import org.springframework.util.Assert;


 


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


 


/**


 * 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>


 *


 * @Description: <br>


 * @Project: <br>


 * @CreateDate: Created in 2020/2/20 09:58 <br>


 * @Author: <a href="4345453@kidgrow.com">liuke</a>


 */


@Slf4j


public class OauthLogoutHandler implements LogoutHandler {


    @Autowired


    private TokenStore tokenStore;


    @Autowired


    private RedisUtils redisUtils;


 


    @Override


    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {


        Assert.notNull(tokenStore, "tokenStore must be set");


        String token = request.getParameter("token");


        if (StrUtil.isEmpty(token)) {


            token = AuthUtils.extractToken(request);


        }


        if(StrUtil.isNotEmpty(token)){


            OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);


            OAuth2RefreshToken refreshToken;


            String clientId="";//属于哪个服务


            String userName="";//用户的名称


            if (existingAccessToken != null) {


                if (existingAccessToken.getRefreshToken() != null) {


                    //获取用户信息


                    Object o = redisUtils.get(SecurityConstants.REDIS_TOKEN_AUTH + existingAccessToken.getValue());


                    if(o!=null){


                        OAuth2Authentication accessToken = (OAuth2Authentication)o;


                        OAuth2Request requestOuth = accessToken.getOAuth2Request();


                        userName=accessToken.getName();


                        clientId=requestOuth.getClientId();


                    }


                    log.info("remove refreshToken!", existingAccessToken.getRefreshToken());


                    refreshToken = existingAccessToken.getRefreshToken();


                    tokenStore.removeRefreshToken(refreshToken);


                }


                log.info("remove existingAccessToken!", existingAccessToken);


                tokenStore.removeAccessToken(existingAccessToken);


                //将 token与 用户的关联  清除;


                redisUtils.removeAll(SecurityConstants.REDIS_UNAME_TO_ACCESS+clientId+":"+userName);


            }


        }


    }


}