From e828225de7636d0195db2c3c9b1701a5b2f12049 Mon Sep 17 00:00:00 2001
From: Tomas <tomasysh@gmail.com>
Date: 星期四, 14 九月 2023 18:01:33 +0800
Subject: [PATCH] Merge branch '滲透' of https://dev.pollex.com.tw:8443/r/pcalife/PAM into 滲透

---
 pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java |   23 +++++++++++++++++++++--
 1 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java b/pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java
index 1986286..9662a39 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java
@@ -7,8 +7,12 @@
 import java.security.Key;
 import java.util.*;
 import java.util.stream.Collectors;
+
+import javax.servlet.http.HttpServletResponse;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -16,6 +20,11 @@
 import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
+
+import com.pollex.pam.business.config.AppProperties;
+import com.pollex.pam.business.domain.TokenBlackList;
+import com.pollex.pam.business.repository.TokenBlackListRepository;
+
 import tech.jhipster.config.JHipsterProperties;
 
 @Component
@@ -33,6 +42,12 @@
     private final long tokenValidityInMilliseconds;
 
     private final long tokenValidityInMillisecondsForRememberMe;
+
+    @Autowired
+    TokenBlackListRepository tokenBlackListRepository;
+    
+    @Autowired
+	AppProperties applicationProperties;
 
     public TokenProvider(JHipsterProperties jHipsterProperties) {
         byte[] keyBytes;
@@ -84,8 +99,7 @@
             .filter(auth -> !auth.trim().isEmpty())
             .map(SimpleGrantedAuthority::new)
             .collect(Collectors.toList());
-
-        User principal = new User(claims.getSubject(), "", authorities);
+        User principal = new User(claims.getSubject(), applicationProperties.getDefaultPaxxword(), authorities);
         UsernamePasswordAuthenticationToken authInfo = new UsernamePasswordAuthenticationToken(principal, token, authorities);
         authInfo.setDetails(claims.get(AUTHORITIES_DETAILS));
 
@@ -102,4 +116,9 @@
         }
         return false;
     }
+
+	public boolean isBlackListToken(String jwt) {
+		Optional<TokenBlackList> tokenBlack = tokenBlackListRepository.findById(jwt);
+    	return tokenBlack.isPresent();
+	}
 }

--
Gitblit v1.8.0