| | |
|---|
| | | .get(getAccessKey(realAccessToken)); |
|---|
| | | |
|---|
| | | if (userInfoInTokenBO == null) { |
|---|
| | | throw new YamiShopBindException(403,"accessToken 已过期"); |
|---|
| | | throw new YamiShopBindException(403,"accessToken has expired"); |
|---|
| | | } |
|---|
| | | return userInfoInTokenBO; |
|---|
| | | } |
|---|
| | |
|---|
| | | String accessToken = stringRedisTemplate.opsForValue().get(getRefreshToAccessKey(realRefreshToken)); |
|---|
| | | |
|---|
| | | if (StrUtil.isBlank(accessToken)) { |
|---|
| | | throw new YamiShopBindException(403,"refreshToken 已过期"); |
|---|
| | | throw new YamiShopBindException(403,"refreshToken has expired"); |
|---|
| | | } |
|---|
| | | UserInfoInTokenBO userInfoInTokenBO = getUserInfoByAccessToken(accessToken, |
|---|
| | | false); |
|---|
| | |
|---|
| | | int expiresIn = getExpiresIn(sysType); |
|---|
| | | long second = 1000L; |
|---|
| | | if (System.currentTimeMillis() - createTokenTime > expiresIn * second) { |
|---|
| | | logger.error("登录token已过期"); |
|---|
| | | throw new YamiShopBindException(403,"token error"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | catch (Exception e) { |
|---|
| | | }catch (Exception e) { |
|---|
| | | logger.error("登录token异常"+e.getMessage()); |
|---|
| | | e.printStackTrace(); |
|---|
| | | throw new YamiShopBindException(403,"token error"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 防止解密后的token是脚本,从而对redis进行攻击,uuid只能是数字和小写字母 |
|---|
| | | if (!PrincipalUtil.isSimpleChar(decryptToken)) { |
|---|
| | | logger.error("token解密异常:"+decryptStr); |
|---|
| | | throw new YamiShopBindException(403,"token error"); |
|---|
| | | } |
|---|
| | | return decryptToken; |
|---|
