~admin/kidgrow-microservices-platform.git

			@@ -1,6 +1,8 @@
			package com.kidgrow.zuul.filter;

			import cn.hutool.core.util.StrUtil;
			import com.alibaba.fastjson.JSON;
			import com.kidgrow.authclient.util.AuthUtils;
			import com.kidgrow.common.model.ResultBody;
			import com.kidgrow.common.model.SysOrganization;
			import com.kidgrow.common.model.SysUser;
			@@ -19,8 +21,12 @@
			import org.springframework.security.core.Authentication;
			import org.springframework.security.core.context.SecurityContextHolder;
			import org.springframework.security.core.context.SecurityContextImpl;
			import org.springframework.security.oauth2.common.OAuth2AccessToken;
			import org.springframework.security.oauth2.common.OAuth2RefreshToken;
			import org.springframework.security.oauth2.provider.OAuth2Authentication;
			import org.springframework.security.oauth2.provider.token.TokenStore;
			import org.springframework.stereotype.Component;
			import org.springframework.util.Assert;

			import javax.servlet.http.HttpServletRequest;
			import java.util.*;
			@@ -59,6 +65,8 @@
			private SysUserOrgService sysUserOrgService;
			@Autowired
			private SysOrganizationService sysOrganizationService;
			@Autowired
			private TokenStore tokenStore;

			private final String CLIENTID = "webApp";//运营端

			@@ -72,6 +80,10 @@
			// 获取request对象
			HttpServletRequest request = currentContext.getRequest();
			//security会把一个SecurityContextImpl对象存储到session中，此对象中有当前用户的各种资料
			String token = request.getParameter("token");
			if (StrUtil.isEmpty(token)) {
			token = AuthUtils.extractToken(request);
			}
			SecurityContextImpl securityContextImpl = (SecurityContextImpl) request
			.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
			authentication = securityContextImpl.getAuthentication();
			@@ -88,6 +100,8 @@
			*/
			List<SysUserOrg> sysUserOrgs = this.getSysUserOrg(user.getId());
			if (sysUserOrgs == null \|\| sysUserOrgs.isEmpty()) {
			//退出的操作
			this.logout(request);
			ctx.setSendZuulResponse(false);
			ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
			// String str = new String("您的组织已经被禁用，请联系管理员".getBytes("utf-8"), "utf-8");
			@@ -108,12 +122,16 @@
			map.put("id", sysUserOrg.getOrgId());
			List<SysOrganization> sysOrganizations = JSON.parseArray(JSON.toJSONString(sysOrganizationService.getListByMap(map).getData()), SysOrganization.class);
			if (sysOrganizations == null \|\| sysOrganizations.size() <= 0) {
			//退出的操作
			this.logout(request);
			ctx.setSendZuulResponse(false);
			ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
			ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用，请联系管理员")));
			} else {
			for (SysOrganization sysOrganization : sysOrganizations) {
			if (!sysOrganization.getEnabled() \|\| sysOrganization.getIsDel()) {
			//退出的操作
			this.logout(request);
			ctx.setSendZuulResponse(false);
			ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
			ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用，请联系管理员")));
			@@ -127,6 +145,27 @@
			}
			return null;
			}
			//根据token退出
			public void logout(HttpServletRequest request) {
			Assert.notNull(tokenStore, "tokenStore must be set");
			String token = request.getParameter("token");
			if (StrUtil.isEmpty(token)) {
			token = AuthUtils.extractToken(request);
			}
			if(StrUtil.isNotEmpty(token)){
			OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
			OAuth2RefreshToken refreshToken;
			if (existingAccessToken != null) {
			if (existingAccessToken.getRefreshToken() != null) {
			log.info("remove refreshToken!", existingAccessToken.getRefreshToken());
			refreshToken = existingAccessToken.getRefreshToken();
			tokenStore.removeRefreshToken(refreshToken);
			}
			log.info("remove existingAccessToken!", existingAccessToken);
			tokenStore.removeAccessToken(existingAccessToken);
			}
			}
			}

			/**
			* 通过userID 获取组织的关系

	kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java	39 ●●●●● patch \| view \| raw \| blame \| history
	kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java	5 ●●●●● patch \| view \| raw \| blame \| history

			@@ -2,7 +2,6 @@

			import cn.hutool.core.util.StrUtil;
			import com.kidgrow.authclient.util.AuthUtils;
			import com.kidgrow.redis.util.RedisUtils;
			import lombok.extern.slf4j.Slf4j;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.security.core.Authentication;
			@@ -27,8 +26,8 @@
			public class OauthLogoutHandler implements LogoutHandler {
			@Autowired
			private TokenStore tokenStore;
			@Autowired
			private RedisUtils redisUtils;
			// @Autowired
			// private RedisUtils redisUtils;

			@Override
			public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {