研究了很久的Security,以下是我对它的一些理解,先贴上代码,本案例是给手机端做Rest接口,包括两种登录方式(用户名密码登录,短信验证码登录),结合JWT token安全验证。
主配置代码
package com.aiot.manager.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author zhangwj
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private String[] excludeUrl = {"/message/getCode/*", "/login/refreshToken"};
@Autowired
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
@Autowired
private UserService userService;
@Bean
public PasswordEncoder passwordEncoder() {
return new MyPasswordEncoder();
}
@Autowired
private MobileCodeAuthProvider mobileCodeAuthProvider;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Bean()
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public MobileCodeAuthenticationFilter mobileCodeAuthenticationFilter() {
MobileCodeAuthenticationFilter filter = new MobileCodeAuthenticationFilter();
filter.setAuthenticationManager(authenticationManager);
filter.setAuthenticationSuccessHandler(new GoAuthenticationSuccessHandler());
filter.setAuthenticationFailureHandler(new GoAuthenticationFailureHandler());
return filter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.httpBasic().authenticationEntryPoint(new GoAuthenticationEntryPoint()).and().authorizeRequests().antMatchers(excludeUrl).permitAll()
.antMatchers("/**").authenticated().anyRequest().permitAll().and().formLogin().loginProcessingUrl("/login/password").usernameParameter("userName").passwordParameter("password")
.successHandler(new GoAuthenticationSuccessHandler())
.failureHandler(new GoAuthenticationFailureHandler()).permitAll().and().logout().logoutUrl("/login/out")
.logoutSuccessHandler(new GoLogoutSuccessHandler());
http.addFilter(mobileCodeAuthenticationFilter()).addFilter(jwtAuthenticationTokenFilter);
http.exceptionHandling()
.accessDeniedHandler(new GoAccessDeniedHandler());
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
mobileCodeAuthProvider.setUserService(userService);
auth.authenticationProvider(mobileCodeAuthProvider).userDetailsService(userService);
}
}
自定义短信验证filter
package com.aiot.manager.security;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
/**
* 短信验证码
* @author zhangwj
*/
public class MobileCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "userName";
public static final String SPRING_SECURITY_FORM_MSGCODE_KEY = "msgCode";
private boolean postOnly = true;
public MobileCodeAuthenticationFilter() {
super(new AntPathRequestMatcher("/login/code", "POST"));
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException, ServletException {
String key = "POST";
if (postOnly && !key.equals(request.getMethod())) {
throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
}
MobileCodeAuthenticationToken authRequest = new MobileCodeAuthenticationToken(getUserName(request),
getMsgCode(request));
setDetails(request, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
protected String getUserName(HttpServletRequest request) {
return request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY);
}
protected String getMsgCode(HttpServletRequest request) {
return request.getParameter(SPRING_SECURITY_FORM_MSGCODE_KEY);
}
protected void setDetails(HttpServletRequest request, MobileCodeAuthenticationToken authRequest) {
authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
}
}
package com.aiot.manager.security;
import java.util.Collection;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;
/**
* @author zhangwj
*/
public class MobileCodeAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
private final Object principal;
private Object credentials;
public MobileCodeAuthenticationToken(Object principal, Object credentials) {
super(null);
this.principal = principal;
this.credentials = credentials;
}
public MobileCodeAuthenticationToken(Object principal, Object credentials,
Collection<? extends GrantedAuthority> authorities) {
super(authorities);
this.principal = principal;
this.credentials = credentials;
super.setAuthenticated(true);
}
@Override
public Object getCredentials() {
return this.credentials;
}
@Override
public Object getPrincipal() {
return this.principal;
}
public void setCredentials(Object credentials) {
this.credentials = credentials;
}
}
package com.aiot.manager.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
/**
* 手机短信登录验证
*
* @author zhangwj
*/
@Component
@PropertySource(value = {"classpath:config.properties"}, encoding = "UTF-8")
public class MobileCodeAuthProvider implements AuthenticationProvider {
@Value(value = "${message.redis.key}")
private String REDIS_KEY;
private UserService userService;
@Autowired
private RedisTemplate<String, String> redisTemplate;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
MobileCodeAuthenticationToken authenticationToken = (MobileCodeAuthenticationToken) authentication;
String mobile = (String) authenticationToken.getPrincipal();
String code = (String) authenticationToken.getCredentials();
if (StringUtils.hasText(mobile) && StringUtils.hasText(code)) {
String oldCode = redisTemplate.opsForValue().get(REDIS_KEY + mobile);
if (StringUtils.hasText(oldCode)) {
if (oldCode.equals(code)) {
UserDetails userDetails = userService.loadUserByUsername(mobile);
MobileCodeAuthenticationToken authenticationResult = new MobileCodeAuthenticationToken(userDetails, "",
userDetails.getAuthorities());
authenticationResult.setDetails(authenticationToken.getDetails());
return authenticationResult;
}
}
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return MobileCodeAuthenticationToken.class.isAssignableFrom(authentication);
}
public void setUserService(UserService userService) {
this.userService = userService;
}
}
配置验证后处理
package com.aiot.manager.security;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 如果用户已经通过身份验证,试图访问受保护的(该用户没有权限的)资源
*
* @author zhangwj
*/
public class GoAccessDeniedHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.INSUFFICIENTAUTHORITY.getSubCode(),ESubCodeEnum.INSUFFICIENTAUTHORITY.getSubMsg())));
response.getWriter().flush();
}
}
package com.aiot.manager.security;
import com.aiot.manager.mvc.pojo.LoginUserPojo;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.aiot.manager.publics.util.JwtTokenUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
/**
* @author zhangwj
*/
@PropertySource(value = {"classpath:config.properties"}, encoding = "UTF-8")
public class GoAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
LoginUserPojo userDetails = (LoginUserPojo) authentication.getPrincipal();
String access_token = JwtTokenUtils.generateToken(userDetails.getUsername(), userDetails.getUserRole(), false);
String refresh_token = JwtTokenUtils.generateToken(userDetails.getUsername(), userDetails.getUserRole(), true);
Map<String, String> map = new HashMap<>(6);
map.put("user_name", userDetails.getUsername());
map.put("user_role", userDetails.getUserRole());
map.put("access_token", access_token);
map.put("expires_in", JwtTokenUtils.EXPIRATION.toString());
map.put("refresh_token", refresh_token);
map.put("re_expires_in", JwtTokenUtils.REFRESH_EXPIRATION.toString());
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.LOGINSUCCESS.getSubCode(), ESubCodeEnum.LOGINSUCCESS.getSubMsg(), map)));
response.getWriter().flush();
}
}
package com.aiot.manager.security;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 如果身份验证失败时调用
*
* @author zhangwj
*/
public class GoAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.VALIDATIONFAILED.getSubCode(), ESubCodeEnum.VALIDATIONFAILED.getSubMsg())));
response.getWriter().flush();
}
}
package com.aiot.manager.security;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 它负责启动未经过身份验证的用户的身份验证过程(当他们试图访问受保护的资源
*
* @author zhangwj
*/
public class GoAuthenticationEntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.CANNOTACCESS.getSubCode(), ESubCodeEnum.CANNOTACCESS.getSubMsg())));
response.getWriter().flush();
}
}
package com.aiot.manager.security;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 注销成功
*
* @author zhangwj
*/
public class GoLogoutSuccessHandler implements LogoutSuccessHandler {
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.LOGOUTSUCCESS.getSubCode(), ESubCodeEnum.LOGOUTSUCCESS.getSubMsg())));
response.getWriter().flush();
}
}
JWT验证filter
package com.aiot.manager.security;
import com.aiot.manager.mvc.pojo.LoginUserPojo;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.aiot.manager.publics.util.JwtTokenUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 拦截token
*
* @author zhangwj
*/
@Component
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
@Autowired
private UserService userService;
private String tokenHeader = "authorization";
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String authHeader = request.getHeader(tokenHeader);
if (JwtTokenUtils.isTokenExpired(authHeader)) {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.TOKENEXPIRE.getSubCode(), ESubCodeEnum.TOKENEXPIRE.getSubMsg())));
response.getWriter().flush();
return;
}
String userName = JwtTokenUtils.getClaimKeyUserNameFromToken(authHeader);
String userRole = JwtTokenUtils.getClaimKeyUserRoleFromToken(authHeader);
if (StringUtils.hasText(userName) && StringUtils.hasText(userRole) && SecurityContextHolder.getContext().getAuthentication() == null) {
LoginUserPojo userDetails = (LoginUserPojo) userService.loadUserByUsername(userName);
if (userRole.equals(userDetails.getUserRole())) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
filterChain.doFilter(request, response);
}
}
}
其他配置代码
package com.aiot.manager.security;
import com.aiot.manager.publics.util.JwtTokenUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
/**
* 自定义密码验证
*
* @author zhangwj
*/
public class MyPasswordEncoder implements PasswordEncoder {
private static final Logger log = LoggerFactory.getLogger(MyPasswordEncoder.class);
@Override
public String encode(CharSequence rawPassword) {
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
Base64.Encoder base64en = Base64.getEncoder();
return base64en.encodeToString(md5.digest(rawPassword.toString().getBytes("utf-8")));
} catch (NoSuchAlgorithmException e1) {
log.error("密码加密失败:{}", e1);
return null;
} catch (UnsupportedEncodingException e2) {
log.error("密码加密失败:{}", e2);
return null;
}
}
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
if (this.encode(rawPassword).equals(encodedPassword)) {
return true;
}
return false;
}
}
package com.aiot.manager.security;
import com.aiot.manager.mvc.dao.LoginUserDao;
import com.aiot.manager.mvc.pojo.LoginUserPojo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
/**
* @author zhangwj
*/
@Service
public class UserService implements UserDetailsService {
@Autowired
private LoginUserDao loginUserDao;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
if (StringUtils.hasText(username)) {
LoginUserPojo loginUserPojo = loginUserDao.getLoginUserByUserName(username);
if (loginUserPojo != null) {
return loginUserPojo;
}
}
throw new UsernameNotFoundException("用户不存在");
}
}
package com.aiot.manager.publics.util;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.apache.tomcat.util.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
/**
* JWT工具类
*
* @author zhangwj
*/
public class JwtTokenUtils implements Serializable {
private static final Logger log = LoggerFactory.getLogger(JwtTokenUtils.class);
private static final String CLAIM_KEY_USERNAME = "userName";
private static final String CLAIM_KEY_USER_ROLE = "userRole";
private static final long serialVersionUID = -8305152446124853696L;
private static final SignatureAlgorithm JWT_ALG = SignatureAlgorithm.HS256;
private static final String JWT_RULE = "jwt_role";
private static final String ISS_USER = "leShare";
public static final Long EXPIRATION = 50L;
public static final Long REFRESH_EXPIRATION = 172800L;
private static final String TOKEN_HEAD = "Bearer ";
/**
* 从数据声明生成令牌
*
* @param
* @return
*/
public static String generateToken(final String userName, final String userRole, boolean rememberMe) {
try {
Map<String, Object> claims = new HashMap<>(2);
claims.put(CLAIM_KEY_USERNAME, userName);
claims.put(CLAIM_KEY_USER_ROLE, userRole);
return TOKEN_HEAD + generateToken(claims, rememberMe);
} catch (Exception e) {
log.error("创建token失败:{}", e);
return null;
}
}
public static String getClaimKeyUserNameFromToken(String token) {
String subject;
try {
final Claims claims = getClaimsFromToken(token);
subject = claims.get(CLAIM_KEY_USERNAME).toString();
} catch (Exception e) {
subject = null;
}
return subject;
}
public static String getClaimKeyUserRoleFromToken(String token) {
String subject;
try {
final Claims claims = getClaimsFromToken(token);
subject = claims.get(CLAIM_KEY_USER_ROLE).toString();
} catch (Exception e) {
subject = null;
}
return subject;
}
private static Claims getClaimsFromToken(String token) {
try {
if (StringUtils.hasText(token) && token.startsWith(TOKEN_HEAD)) {
String newToken = token.substring(TOKEN_HEAD.length());
SecretKey key = generalKey(JWT_ALG, JWT_RULE);
return Jwts.parser().setSigningKey(key).parseClaimsJws(newToken).getBody();
}
return null;
} catch (Exception e) {
return null;
}
}
private static Date generateExpirationDate(Long time, Long expiration) {
return new Date(time + expiration * 1000);
}
private static String generateToken(Map<String, Object> claims, boolean rememberMe) {
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
SecretKey key = generalKey(JWT_ALG, JWT_RULE);
Long expiration = EXPIRATION;
if (rememberMe) {
expiration = REFRESH_EXPIRATION;
}
return Jwts.builder().setClaims(claims).setId(UUID.randomUUID().toString())
.setIssuedAt(now).setIssuer(ISS_USER).setExpiration(generateExpirationDate(nowMillis, expiration))
.signWith(JWT_ALG, key).compact();
}
private static SecretKey generalKey(SignatureAlgorithm alg, String rule) {
byte[] encodedKey = Base64.decodeBase64(rule);
return new SecretKeySpec(encodedKey, alg.getJcaName());
}
/**
* 验证token是否过期
*
* @param token
* @return
*/
public static boolean isTokenExpired(String token) {
try {
Claims claims = getClaimsFromToken(token);
Date expiration = claims.getExpiration();
return expiration.before(new Date());
} catch (RuntimeException e) {
return true;
}
}
}
package com.aiot.manager.publics.response;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.annotation.JSONField;
import java.io.Serializable;
/**
* API基础响应信息。
*
* @param <T>
* @author zhangwj
*/
public class ResultUtils<T> implements Serializable {
private static final long serialVersionUID = 1L;
/**
* 网关code
*/
@JSONField(name = "code")
private String code;
/**
* 网关msg
*/
@JSONField(name = "msg", ordinal = 1)
private String msg;
/**
* 业务code
*/
@JSONField(name = "sub_code", ordinal = 2)
private String subCode;
/**
* 业务msg
*/
@JSONField(name = "sub_msg", ordinal = 3)
private String subMsg;
/**
* 业务data
*/
@JSONField(name = "data", ordinal = 4)
private T data;
public static <T> ResultUtils<T> success(String subCode, String subMsg, T data) {
return new ResultUtils<T>(ECodeEnum.SUCCESS.getCode(), ECodeEnum.SUCCESS.getMsg(), subCode, subMsg, data);
}
public static <T> ResultUtils<T> success(String subCode, String subMsg) {
return new ResultUtils<T>(ECodeEnum.SUCCESS.getCode(), ECodeEnum.SUCCESS.getMsg(), subCode, subMsg, null);
}
public static <T> ResultUtils<T> fail(String subCode, String subMsg) {
return new ResultUtils<T>(ECodeEnum.FAIL.getCode(), ECodeEnum.FAIL.getMsg(), subCode, subMsg, null);
}
public static <T> ResultUtils<T> fail(String subCode, String subMsg, T data) {
return new ResultUtils<T>(ECodeEnum.FAIL.getCode(), ECodeEnum.FAIL.getMsg(), subCode, subMsg, data);
}
public ResultUtils() {
super();
}
private ResultUtils(String code, String msg, String subCode, String subMsg, T data) {
super();
this.code = code;
this.msg = msg;
this.subCode = subCode;
this.subMsg = subMsg;
this.data = data;
}
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
public String getSubCode() {
return subCode;
}
public void setSubCode(String subCode) {
this.subCode = subCode;
}
public String getSubMsg() {
return subMsg;
}
public void setSubMsg(String subMsg) {
this.subMsg = subMsg;
}
public T getData() {
return data;
}
public void setData(T data) {
this.data = data;
}
public static void main(String[] args) {
System.out.println(JSON.toJSONString(
ResultUtils.success(ESubCodeEnum.LOGINFAIL.getSubCode(), ESubCodeEnum.LOGINFAIL.getSubMsg())));
}
}
package com.aiot.manager.publics.response;
/**
* @author zhangwj
*/
public enum ECodeEnum {
SUCCESS("10000", "Success"), FAIL("10001", "Service Currently Unavailable");
private String code;
private String msg;
ECodeEnum(String code, String msg) {
this.code = code;
this.msg = msg;
}
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
}
package com.aiot.manager.publics.response;
/**
* @author zhangwj
*/
public enum ESubCodeEnum {
SUCCESS("20000", "操作成功"), FAIL("20001", "操作失败"),
LOGINSUCCESS("20002", "登录成功"), LOGINFAIL("20003", "登录失败"),
INSUFFICIENTAUTHORITY("20004", "权限不足"),
CANNOTACCESS("20005", "无法访问"), VALIDATIONFAILED("20006", "验证失败"),
LOGOUTSUCCESS("20007", "注销成功"), TOKENEXPIRE("20008", "授权过期"),
REFRESHTOKENSUCCESS("20009", "重新授权成功"), REFRESHTOKENFAIL("20010", "重新授权失败");
private ESubCodeEnum(String subCode, String subMsg) {
this.subCode = subCode;
this.subMsg = subMsg;
}
private String subCode;
private String subMsg;
public String getSubCode() {
return subCode;
}
public void setSubCode(String subCode) {
this.subCode = subCode;
}
public String getSubMsg() {
return subMsg;
}
public void setSubMsg(String subMsg) {
this.subMsg = subMsg;
}
}