From 6bcbe72b43d6fa041d06878d1dae09a6d8903895 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期五, 11 八月 2023 16:19:02 +0800
Subject: [PATCH] [ADD] 為了解決滲透測試JWT token 登出未失效問題, 在登出後會需要建立黑名單並在filter中確定token是否非黑名單

---
 pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
index f157b02..b5924f2 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
@@ -58,7 +58,8 @@
                     return getConsultantTokenAndRecordLoginTime(account, credentials);
                 }
                 else {
-                    throw new EServiceErrorException(eServiceResponse.getMsg());
+                	log.debug("account:{},error:{}",account,eServiceResponse.getMsg());
+                    throw new EServiceErrorException("撣唾��Ⅳ�隤�");
                 }
             }
 
@@ -69,7 +70,7 @@
     }
 
     private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {
-        Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("閰脤“����蒂銝��慦�像�蝟餌絞銝�"));
+        Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("撣唾��Ⅳ�隤�"));
 
         List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
         UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);

--
Gitblit v1.8.0