Fix -在开启认证的情况下增加token解析认证处理方式

ref ： alibaba#10169 alibaba#9109 alibaba#8107 alibaba#10176
MentosL · Mar 27, 2023 · d65077b · d65077b
1 parent f7756b7
commit d65077b
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/...ault-impl/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/UserController.java b/...ault-impl/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/UserController.java
@@ -152,7 +152,7 @@ public Object updateUser(@RequestParam String username, @RequestParam String new
  response.sendError(HttpServletResponse.SC_FORBIDDEN, "authorization failed!");
  return null;
  }
- } catch (HttpSessionRequiredException e) {
+ } catch (HttpSessionRequiredException | AccessException e) {
  response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "session expired!");
  return null;
  }
@@ -167,15 +167,15 @@ public Object updateUser(@RequestParam String username, @RequestParam String new
  return RestResultUtils.success("update user ok!");
  }
 
- private boolean hasPermission(String username, HttpServletRequest request) throws HttpSessionRequiredException {
+ private boolean hasPermission(String username, HttpServletRequest request) throws HttpSessionRequiredException,AccessException {
  if (!authConfigs.isAuthEnabled()) {
  return true;
  }
  IdentityContext identityContext = (IdentityContext) request.getSession()
  .getAttribute(com.alibaba.nacos.plugin.auth.constant.Constants.Identity.IDENTITY_CONTEXT);
  NacosUser user;
  if (identityContext == null
- || (user = (NacosUser) identityContext.getParameter(AuthConstants.NACOS_USER_KEY)) == null) {
+ || (user = (NacosUser) identityContext.getParameter(AuthConstants.NACOS_USER_KEY)) == null || (user = iAuthenticationManager.authenticate(request)) == null) {
  throw new HttpSessionRequiredException("session expired!");
  }
  // admin