@ExceptionHandler(DataIntegrityViolationException.class) 公共 ResponseEntity handleRegisterUsernameDuplication(DataIntegrityViolationException e){ 错误对象 错误对象 = 新的错误对象( HttpStatus.CONFLICT.value(), e.getMessage(), 新日期() ); 返回新的 ResponseEntity<>(errorObject, HttpStatus.CONFLICT); }
@ExceptionHandler(ExpiredJwtException.class)
public ResponseEntity<ErrorObject> handleJwtExpiration(ExpiredJwtException e){
ErrorObject errorObject = new ErrorObject(
HttpStatus.UNAUTHORIZED.value(),
e.getMessage(),
new Date()
);
return new ResponseEntity<>(errorObject, HttpStatus.UNAUTHORIZED);
}
}
但是当令牌过期时,使用
4034012023-12-06T17:01:13.459+01:00 ERROR 11489 --- [nio-8080-exec-5] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
io.jsonwebtoken.ExpiredJwtException: JWT expired at 2023-12-06T16:01:12Z. Current time: 2023-12-06T16:01:13Z, a difference of 1457 milliseconds. Allowed clock skew: 0 milliseconds.
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:427) ~[jjwt-impl-0.11.5.jar:0.11.5]
...
来自客户:
ERROR
Request failed with status code 403
AxiosError@http://localhost:3000/static/js/bundle.js:66657:18
settle@http://localhost:3000/static/js/bundle.js:67310:12
onloadend@http://localhost:3000/static/js/bundle.js:65992:6
我怀疑是因为 Spring Security 首先处理该场景。
如果您有
SecurityFilterChainHttpSecurity@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http
.oauth2ResourceServer()
.authenticationEntryPoint(yourAuthenticationEntryPointGoesHere)
.and()
.build();
}
实现
AuthenticationEntryPointcommence