yexuejc/yexuejc-springboot
1
0
Fork 0
mirror of https://gitee.com/incloudcode/yexuejc-springboot.git synced 2025-07-13 23:37:28 +08:00
Code Issues Releases Wiki Activity

1.1.9 下放私有参数给子类

Browse Source
This commit is contained in:
maxf 2018-11-23 11:16:22 +08:00
parent e1ea387530
commit 02d4a44efc
7 changed files with 30 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
UPDATE.md
View File

@ -1,7 +1,7 @@
yexuejc-springboot 更新内容 yexuejc-springboot 更新内容
------------------- -------------------
#### version 1.1.6-1.1.8 #### version 1.1.6-1.1.9
**time2018-11-21 15:03:01** <br/> **time2018-11-21 15:03:01** <br/>
**branch** master <br/> **branch** master <br/>
**关联工程:** <br/> **关联工程:** <br/>

2
pom.xml
View File

@ -5,7 +5,7 @@
<groupId>com.yexuejc.springboot</groupId> <groupId>com.yexuejc.springboot</groupId>
<artifactId>yexuejc-springboot-parent</artifactId> <artifactId>yexuejc-springboot-parent</artifactId>
<version>1.1.8</version> <version>1.1.9</version>
<packaging>pom</packaging> <packaging>pom</packaging>
<name>${project.artifactId}</name> <name>${project.artifactId}</name>

2
yexuejc-springboot-base/pom.xml
View File

@ -9,7 +9,7 @@
<parent> <parent>
<groupId>com.yexuejc.springboot</groupId> <groupId>com.yexuejc.springboot</groupId>
<artifactId>yexuejc-springboot-parent</artifactId> <artifactId>yexuejc-springboot-parent</artifactId>
<version>1.1.8</version> <version>1.1.9</version>
<!-- 本地打包:使用相对关联路径 --> <!-- 本地打包:使用相对关联路径 -->
<!--<relativePath>../../yexuejc</relativePath>--> <!--<relativePath>../../yexuejc</relativePath>-->
</parent> </parent>

32
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/ConsumerAuthenticationProcessingFilter.java
View File

@ -20,37 +20,37 @@ public class ConsumerAuthenticationProcessingFilter extends AbstractAuthenticati
// ~ Static fields/initializers // ~ Static fields/initializers
// ===================================================================================== // =====================================================================================
public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "username"; protected static final String SPRING_SECURITY_FORM_USERNAME_KEY = "username";
public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "password"; protected static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "password";
/** /**
* 登录方式 * 登录方式
*/ */
public static final String SPRING_SECURITY_FORM_LOGTYPE_KEY = "logtype"; protected static final String SPRING_SECURITY_FORM_LOGTYPE_KEY = "logtype";
public static final String SPRING_SECURITY_FORM_OPENID_KEY = "openid"; protected static final String SPRING_SECURITY_FORM_OPENID_KEY = "openid";
/********************************** 第三方登录时附带信息*************************************/ /********************************** 第三方登录时附带信息*************************************/
/** /**
* 头像 * 头像
*/ */
public static final String SPRING_SECURITY_FORM_HEAD_KEY = "head"; protected static final String SPRING_SECURITY_FORM_HEAD_KEY = "head";
/** /**
* 昵称 * 昵称
*/ */
public static final String SPRING_SECURITY_FORM_NICKNAME_KEY = "nickname"; protected static final String SPRING_SECURITY_FORM_NICKNAME_KEY = "nickname";
/** /**
* 性别 * 性别
*/ */
public static final String SPRING_SECURITY_FORM_SEX_KEY = "sex"; protected static final String SPRING_SECURITY_FORM_SEX_KEY = "sex";
/********************************** 第三方登录时附带信息*************************************/ /********************************** 第三方登录时附带信息*************************************/
private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY; protected String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY; protected String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
private String logtypeParameter = SPRING_SECURITY_FORM_LOGTYPE_KEY; protected String logtypeParameter = SPRING_SECURITY_FORM_LOGTYPE_KEY;
private String openidParameter = SPRING_SECURITY_FORM_OPENID_KEY; protected String openidParameter = SPRING_SECURITY_FORM_OPENID_KEY;
private String headParameter = SPRING_SECURITY_FORM_HEAD_KEY; protected String headParameter = SPRING_SECURITY_FORM_HEAD_KEY;
private String nicknameParameter = SPRING_SECURITY_FORM_NICKNAME_KEY; protected String nicknameParameter = SPRING_SECURITY_FORM_NICKNAME_KEY;
private String sexParameter = SPRING_SECURITY_FORM_SEX_KEY; protected String sexParameter = SPRING_SECURITY_FORM_SEX_KEY;
private boolean postOnly = true; protected boolean postOnly = true;
private boolean reverse = true; protected boolean reverse = true;
// ~ Constructors // ~ Constructors
// =================================================================================================== // ===================================================================================================

14
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/ConsumerAuthenticationProvider.java
View File

@ -51,12 +51,12 @@ public class ConsumerAuthenticationProvider extends AbstractUserDetailsAuthentic
* PasswordEncoder#matches(CharSequence, String)} on when the user is * PasswordEncoder#matches(CharSequence, String)} on when the user is
* not found to avoid SEC-2056. * not found to avoid SEC-2056.
*/ */
private static final String USER_NOT_FOUND_PASSWORD = "userNotFoundPassword"; protected static final String USER_NOT_FOUND_PASSWORD = "userNotFoundPassword";
// ~ Instance fields // ~ Instance fields
// ================================================================================================ // ================================================================================================
private PasswordEncoder passwordEncoder; protected PasswordEncoder passwordEncoder;
/** /**
* The password used to perform * The password used to perform
@ -65,10 +65,10 @@ public class ConsumerAuthenticationProvider extends AbstractUserDetailsAuthentic
* {@link PasswordEncoder} implementations will short circuit if the password is not * {@link PasswordEncoder} implementations will short circuit if the password is not
* in a valid format. * in a valid format.
*/ */
private volatile String userNotFoundEncodedPassword; protected volatile String userNotFoundEncodedPassword;
private UserDetailsService userDetailsService; protected UserDetailsService userDetailsService;
private final UserService accountView; protected final UserService accountView;
public ConsumerAuthenticationProvider(UserDetailsService userDetailsService, UserService accountView) { public ConsumerAuthenticationProvider(UserDetailsService userDetailsService, UserService accountView) {
@ -263,13 +263,13 @@ public class ConsumerAuthenticationProvider extends AbstractUserDetailsAuthentic
} }
} }
private void prepareTimingAttackProtection() { protected void prepareTimingAttackProtection() {
if (this.userNotFoundEncodedPassword == null) { if (this.userNotFoundEncodedPassword == null) {
this.userNotFoundEncodedPassword = this.passwordEncoder.encode(USER_NOT_FOUND_PASSWORD); this.userNotFoundEncodedPassword = this.passwordEncoder.encode(USER_NOT_FOUND_PASSWORD);
} }
} }
private void mitigateAgainstTimingAttack(UsernamePasswordAuthenticationToken authentication) { protected void mitigateAgainstTimingAttack(UsernamePasswordAuthenticationToken authentication) {
if (authentication.getCredentials() != null) { if (authentication.getCredentials() != null) {
String presentedPassword = authentication.getCredentials().toString(); String presentedPassword = authentication.getCredentials().toString();
this.passwordEncoder.matches(presentedPassword, "{MD5}" + this.userNotFoundEncodedPassword); this.passwordEncoder.matches(presentedPassword, "{MD5}" + this.userNotFoundEncodedPassword);

6
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/ConsumerSecurityContextRepository.java
View File

@ -34,10 +34,10 @@ import java.util.Map;
*/ */
public class ConsumerSecurityContextRepository implements SecurityContextRepository { public class ConsumerSecurityContextRepository implements SecurityContextRepository {
protected final Log logger = LogFactory.getLog(this.getClass()); protected final Log logger = LogFactory.getLog(this.getClass());
private static final String TOKEN = "token"; protected static final String TOKEN = "token";
private static final String ROLES = "roles"; protected static final String ROLES = "roles";
private final RedisTemplate<Object, Object> redisTemplate0; protected final RedisTemplate<Object, Object> redisTemplate0;
public ConsumerSecurityContextRepository(RedisTemplate<Object, Object> redisTemplate0) { public ConsumerSecurityContextRepository(RedisTemplate<Object, Object> redisTemplate0) {
this.redisTemplate0 = redisTemplate0; this.redisTemplate0 = redisTemplate0;

2
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/UserDetailsManager.java
View File

@ -24,7 +24,7 @@ import java.util.List;
*/ */
public class UserDetailsManager extends InMemoryUserDetailsManager { public class UserDetailsManager extends InMemoryUserDetailsManager {
private final UserService userService; protected final UserService userService;
public UserDetailsManager(UserService userService) { public UserDetailsManager(UserService userService) {
this.userService = userService; this.userService = userService;