代码调整

08.src/Xingxi/xingxi-miniprogram-api/src/main/java/com/xingxi/api/configuration/security/SpringWebSecurityConfiguration.java

@@ -1,7 +1,9 @@
 package com.xingxi.api.configuration.security;
 
+import cn.binarywang.wx.miniapp.api.WxMaService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import me.chanjar.weixin.mp.api.WxMpService;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -30,6 +33,15 @@ class SpringWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
     @Value("${spring.application.cors.allowedHeaders}")
     private String[] allowedHeaders;
 
+    private final JwtAuthenticationManager jwtAuthenticationManager;
+    private final WxLoginAuthenticationManager wxLoginAuthenticationManager;
+    private final WxAuthenticationSuccessHandler wxAuthenticationSuccessHandler;
+    private final WxAuthenticationFailureHandler wxAuthenticationFailureHandler;
+    private final WxAuthenticationEntryPoint wxAuthenticationEntryPoint;
+    private final WxAccessDeniedHandler wxAccessDeniedHandler;
+    private final WxMaService wxMaService;
+    private final WxMpService wxMpService;
+
     // cors
     @Bean("corsConfigurationSource")
     public CorsConfigurationSource corsConfigurationSource() {
@@ -41,7 +53,6 @@ class SpringWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
         source.registerCorsConfiguration(pathPattern, configuration);
         return source;
     }
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.csrf()
@@ -52,16 +63,37 @@ class SpringWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
                 .cors()
                 .and()
                 .authorizeRequests()
-                .antMatchers("/error/**", "/unifiedpay/**", "/api/store/wxlogin", "/wxpay/**").permitAll()
+                .antMatchers("/error/**", "/unifiedpay/**").permitAll()
                 .anyRequest().authenticated()
                 .and()
                 .exceptionHandling()
-                .authenticationEntryPoint(null)
-                .accessDeniedHandler(null);
+                .authenticationEntryPoint(wxAuthenticationEntryPoint)
+                .accessDeniedHandler(wxAccessDeniedHandler);
+        // 使用WxAppletAuthenticationFilter替换默认的认证过滤器UsernamePasswordAuthenticationFilter
+
+
+        http.addFilterAt(wxLoginAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
+                // 在WxAppletAuthenticationFilter前面添加用于验证jwt，识别用户是否登录的过滤器
+                .addFilterBefore(jwtAuthenticationTokenFilter(), WxLoginAuthenticationProcessingFilter.class);
+    }
+
+    @Bean
+    public JwtAuthenticationFilter jwtAuthenticationTokenFilter() {
+        log.debug("JwtAuthenticationFilter created.");
+        return new JwtAuthenticationFilter(jwtAuthenticationManager);
+    }
+
+    @Bean
+    public WxLoginAuthenticationProcessingFilter wxLoginAuthenticationProcessingFilter() {
+        log.debug("WxLoginAuthenticationProcessingFilter created.");
+        WxLoginAuthenticationProcessingFilter filter = new WxLoginAuthenticationProcessingFilter(wxLoginAuthenticationManager, wxMaService, wxMpService);
+        filter.setAuthenticationSuccessHandler(wxAuthenticationSuccessHandler);
+        filter.setAuthenticationFailureHandler(wxAuthenticationFailureHandler);
+        return filter;
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/api/store/wxlogin", "/wxpay/**");
     }
-//
-//    @Override
-//    public void configure(WebSecurity web) throws Exception {
-//
-//    }
 }

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/META-INF/apiclient_cert.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEITCCAwmgAwIBAgIUT74STeWq1T4f9S50ATGmBy/mkvEwDQYJKoZIhvcNAQEL
+BQAwXjELMAkGA1UEBhMCQ04xEzARBgNVBAoTClRlbnBheS5jb20xHTAbBgNVBAsT
+FFRlbnBheS5jb20gQ0EgQ2VudGVyMRswGQYDVQQDExJUZW5wYXkuY29tIFJvb3Qg
+Q0EwHhcNMjUwNTA2MTI0MTQ5WhcNMzAwNTA1MTI0MTQ5WjB7MRMwEQYDVQQDDAox
+NzA5MzM3MjEwMRswGQYDVQQKDBLlvq7kv6HllYbmiLfns7vnu58xJzAlBgNVBAsM
+HuS4iua1t+mmqOemp+WVhui0uOaciemZkOWFrOWPuDELMAkGA1UEBhMCQ04xETAP
+BgNVBAcMCFNoZW5aaGVuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+vwu+mxVg80S1sLasQt9tJXSiP6y6EvBqA+I+ILsjcjvNhLyklUR8heh4bZII7laF
+Z1865HZvQFy6gMM8cHAY29gYtGAHJpmMaDRstQUhZsUB0V3SJexGdJMXFJzDcTEG
+pwKC1V+nKo8oLYu0Z1Qp8qRRMfnxZRTHpsGxS3urrIvuxjUYT4MtP5LfpFgGyzzA
+KkESxazNNF/tmSPcFsJ4Avvi0185pk0ywUteI1v1X6TNwveSoVEsTCQkCY+xHQ8s
+wgXKzsWltND7izxV9v160l0lDm+BE6WlCIOkpgpg4NvCUMs09XJqIKJ5WTpZZ7KS
+e8ZNsu0710DkIaaRyKqsywIDAQABo4G5MIG2MAkGA1UdEwQCMAAwCwYDVR0PBAQD
+AgP4MIGbBgNVHR8EgZMwgZAwgY2ggYqggYeGgYRodHRwOi8vZXZjYS5pdHJ1cy5j
+b20uY24vcHVibGljL2l0cnVzY3JsP0NBPTFCRDQyMjBFNTBEQkMwNEIwNkFEMzk3
+NTQ5ODQ2QzAxQzNFOEVCRDImc2c9SEFDQzQ3MUI2NTQyMkUxMkIyN0E5RDMzQTg3
+QUQxQ0RGNTkyNkUxNDAzNzEwDQYJKoZIhvcNAQELBQADggEBAJbIWrtDSomABA61
+5X4FgVC4M9WIjiZJDgPgf3W8ztVnXTMuk5uD1Lxb/W5Dx04ZXfbcb/ALz00MnbyK
+JOvY0w34p0ye8wsHAUlxhXOMOjiNSIQrzbMeeO4IicD6bFIFfVS7iS1WkH4MuiC0
+qrt3+UPWVBa3e8BAca+8TohM+HJpSWxpy9vxRNi5ESWR1DSupPykJEJiRquQ3eXT
+z00lQuuqxgldT2qioGoxcjCn891UedKtViE3PXgkU34YWLqrMu5O0PvcDyVb9/fT
+6IbG9C4Z4AyN91oYwpeXph5WQApgiOLl9LLwUN1IDzYvbXGbRudYbvypSHy88+Yf
+6y1/s3w=
+-----END CERTIFICATE-----

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/META-INF/apiclient_key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/C76bFWDzRLWw
+tqxC320ldKI/rLoS8GoD4j4guyNyO82EvKSVRHyF6HhtkgjuVoVnXzrkdm9AXLqA
+wzxwcBjb2Bi0YAcmmYxoNGy1BSFmxQHRXdIl7EZ0kxcUnMNxMQanAoLVX6cqjygt
+i7RnVCnypFEx+fFlFMemwbFLe6usi+7GNRhPgy0/kt+kWAbLPMAqQRLFrM00X+2Z
+I9wWwngC++LTXzmmTTLBS14jW/VfpM3C95KhUSxMJCQJj7EdDyzCBcrOxaW00PuL
+PFX2/XrSXSUOb4ETpaUIg6SmCmDg28JQyzT1cmogonlZOllnspJ7xk2y7TvXQOQh
+ppHIqqzLAgMBAAECggEBAIHa98nt9CImd+EPqXMi7stgxc/GFgw9gbH2HAifau6A
+m6c3mh8jmAhlBUZk1tE52h9zaVJU9jWnUdWn3vMGHr9/2PrxsqqYAAnsaF96h0OV
+cTDgNrE0MoeWWz/Vdjr/+eeXG1rxU2zoNYUPyqXZXVHiQpZXr67nOvWr/liyTPRQ
+Ue2d/mHYFXlWfEURPcBsyL8Tk33Ehz4Q2QYykn71q002qgb91vnvyjMaQsUsuQZ6
+OZVlvbte3p74MWDLv/XNd2LbesWosyRs6BXxMauckXcK1WVKCV5C5feWu76daHOv
+7Q5jOuN4KgCDlZ0Q+I9tA0T4HYqNSaD1FufZdKAeAWECgYEA+5X9ZGeiAbYoKOR4
+A9srNhLEkEKko8dVUvtomnV0WAaZ2tuiWzOBmTyZFrdQkQV9P8oxad0X5pl7tdKF
+Vm5RLtb1LWcodf4f2KZiqQOPpoDAYvCJ14EfLdFo3K/HJXMeNdcCYHyTN0cCJuYz
+zLFeUolVt4nPN7B+w+q6pWLQVMMCgYEAwmXWGRMX5UpW5qKOrVWW8MQe1STi9lgo
+IvjJhB/CITXruA3Cskpvt8yZPCB/w9Lgpjy6mf8UZoB+nUPB7Yd1uVJdmh9bHaOW
+zRx+4JZujBsbeWUsTJMn58g4c0SzZLU3weKj5KyfQxNK7zJ5MLm+xQ5ckrJ5YP8T
+6oKpySYmp1kCgYANhjOX6SZBV0xzXkzBUE/TWVDtvFdjYnzIuDEYVIYLkVdF95aT
+toIZ/bLxEKupEBV6j2D2oub9A3UuAgIe8lE05mNJrIj1RtLpb5BQK5vWRIeTCgEu
+74cAjIhJjL102upd1JARJcE4MH4CH0/bihFa+Hz+H89e3AMEfyLHbzdpxwKBgHt0
+WOdLrN08vLtzeNCzjkwRANOzvT9c9QBgpvl1gb+9kpksg/zeMNy03ovEx98AyRJJ
+dufdioMeD0qogTvrzuOGX1NFnoPQJDDWa+0NG992R5hsnBl1St5z1QW/F35ZZ7OF
+zzemOO5MDkah8zzyeSiD2l5/YX4r/+XqXREVXW7hAoGAPCCPTfM5wFBPejI5SUDS
+Bs1FPvRY0nDJrTQ9JlYdcaSHDHy3nLukJKrl9JoApFTgyUQFllP4JpniFPqGKh/x
+xs8u2xvzxwcePbliTRHnfkjTf0paez7QGkJf7PJ1qPzH3f5+btmIsS+utB5v29LJ
+TbctUOY6P/kh2C518AmGOq8=
+-----END PRIVATE KEY-----

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/application-local.yml

@@ -11,8 +11,8 @@ spring:
           enabled: "true"
           app-id: "wx12e34630814e5d30"
           mch-id: "1709337210"
-          apiv3-key: "Xiangmai20231225Xiangmai20231225"
-          cert-serial-no: 6BAA04DCBF80E735518219CC8BCD196BE039F713
+          apiv3-key: "mF9oH1oV9wY3gL8iW3kU4fJ7fE1dW4vK"
+          cert-serial-no: 4FBE124DE5AAD53E1FF52E740131A6072FE692F1
           private-key-path: "classpath:META-INF/apiclient_key.pem"
           private-cert-path: "classpath:META-INF/apiclient_cert.pem"
     request:

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/application-release.yml

@@ -11,8 +11,8 @@ spring:
           enabled: "true"
           app-id: "wx12e34630814e5d30"
           mch-id: "1709337210"
-          apiv3-key: "Xiangmai20231225Xiangmai20231225"
-          cert-serial-no: 6BAA04DCBF80E735518219CC8BCD196BE039F713
+          apiv3-key: "mF9oH1oV9wY3gL8iW3kU4fJ7fE1dW4vK"
+          cert-serial-no: 4FBE124DE5AAD53E1FF52E740131A6072FE692F1
           private-key-path: "classpath:META-INF/apiclient_key.pem"
           private-cert-path: "classpath:META-INF/apiclient_cert.pem"
     request:

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/application-test.yml

@@ -11,8 +11,8 @@ spring:
           enabled: "true"
           app-id: "wx12e34630814e5d30"
           mch-id: "1709337210"
-          apiv3-key: "Xiangmai20231225Xiangmai20231225"
-          cert-serial-no: 6BAA04DCBF80E735518219CC8BCD196BE039F713
+          apiv3-key: "mF9oH1oV9wY3gL8iW3kU4fJ7fE1dW4vK"
+          cert-serial-no: 4FBE124DE5AAD53E1FF52E740131A6072FE692F1
           private-key-path: "classpath:META-INF/apiclient_key.pem"
           private-cert-path: "classpath:META-INF/apiclient_cert.pem"
     request:

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/logback-local.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <!-- 日志存放路径 -->
-	<property name="log.path" value="/home/appuser/server/dev/xingxi-miniprogram-store-api/logs/" />
+	<property name="log.path" value="/home/appuser/server/dev/xingxi-miniprogram-api/logs/" />
     <!-- 日志输出格式 -->
 	<property name="log.pattern" value="%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />
 

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/logback-release.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <!-- 日志存放路径 -->
-	<property name="log.path" value="/home/appuser/server/xingxi-miniprogram-store-api/logs/" />
+	<property name="log.path" value="/home/appuser/server/xingxi-miniprogram-api/logs/" />
     <!-- 日志输出格式 -->
 	<property name="log.pattern" value="%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />
 

08.src/Xingxi/xingxi-miniprogram-api/src/main/resources/logback-test.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <!-- 日志存放路径 -->
-	<property name="log.path" value="/home/appuser/server/xingxi-miniprogram-store-api/logs/" />
+	<property name="log.path" value="/home/appuser/server/xingxi-miniprogram-api/logs/" />
     <!-- 日志输出格式 -->
 	<property name="log.pattern" value="%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />