From e3cb45f5baee4ca847c91585946e6db48a6a6228 Mon Sep 17 00:00:00 2001
From: lucca suen <72333564+lucca-suen@users.noreply.github.com>
Date: Thu, 27 Apr 2023 10:49:17 +0800
Subject: [PATCH] optimize 1192: Set a friendly prompt respectively when the
 login user does not exist and the password is wrong  (#1194)

* optimize: set a friendly prompt respectively when the login user does not exist and the password is wrong.

* test: add test for JWTAuthenticationFilter.getMessage

* style: Add a blank line for JWTAuthenticationFilterTest.class

---------

Co-authored-by: lucca <luccasuen.dev@gmail.com>
---
 .../auth/config/GlobalSecurityConfig.java     | 20 ++++++++++++++-----
 .../auth/filter/JWTAuthenticationFilter.java  | 20 ++++++++++++++++++-
 .../service/impl/UserDetailsServiceImpl.java  |  1 -
 .../java/cn/hippo4j/auth/toolkit/ReturnT.java |  6 +++---
 .../filter/JWTAuthenticationFilterTest.java   | 19 ++++++++++++++++++
 .../cn/hippo4j/auth/toolkit/ReturnTTest.java  |  2 +-
 6 files changed, 57 insertions(+), 11 deletions(-)
 create mode 100644 hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/filter/JWTAuthenticationFilterTest.java

diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
index f3f0d9ea..b053a48f 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
@@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
@@ -86,11 +87,6 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter {
         return source;
     }
 
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
-    }
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.cors().and().csrf().disable()
@@ -111,6 +107,20 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter {
         web.ignoring().antMatchers(ignores);
     }
 
+    /**
+     * Injection DaoAuthenticationProvider
+     * Modify hideUserNotFoundExceptions initial value to false
+     * Solve the problem of UserNotFoundException don't throw
+     */
+    @Bean
+    public DaoAuthenticationProvider authenticationProvider() {
+        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
+        provider.setHideUserNotFoundExceptions(false);
+        provider.setUserDetailsService(userDetailsService);
+        provider.setPasswordEncoder(bCryptPasswordEncoder());
+        return provider;
+    }
+
     private void disableAuthenticationIfNeeded(HttpSecurity http) throws Exception {
         if (Boolean.FALSE.equals(enableAuthentication)) {
             http.authorizeRequests().antMatchers("/hippo4j/v1/cs/**").permitAll();
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java
index 997fb078..a397a4cf 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java
@@ -31,6 +31,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import javax.servlet.FilterChain;
@@ -72,8 +73,12 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
             rememberMe.set(loginUser.getRememberMe());
             authenticate = authenticationManager.authenticate(
                     new UsernamePasswordAuthenticationToken(loginUser.getUsername(), loginUser.getPassword(), new ArrayList()));
+        } catch (UsernameNotFoundException e) {
+            log.warn("User {} not found", e.getMessage());
+            throw e;
         } catch (BadCredentialsException e) {
             log.warn("Bad credentials exception: {}", e.getMessage());
+            throw e;
         } catch (Exception e) {
             log.error("Attempt authentication error", e);
         }
@@ -108,6 +113,19 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
     @Override
     protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException {
         response.setCharacterEncoding("UTF-8");
-        response.getWriter().write(JSONUtil.toJSONString(new ReturnT(ReturnT.JWT_FAIL_CODE, "Server Error")));
+        response.getWriter().write(JSONUtil.toJSONString(new ReturnT(ReturnT.JWT_FAIL_CODE, getMessage(failed))));
+    }
+
+    /**
+     * Return different echo information to the front end according to different exception types
+     */
+    private String getMessage(AuthenticationException failed) {
+        String message = "Server Error";
+        if (failed instanceof UsernameNotFoundException) {
+            message = "用户不存在";
+        } else if (failed instanceof BadCredentialsException) {
+            message = "密码错误";
+        }
+        return message;
     }
 }
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java
index da6d359b..dc62a170 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java
@@ -59,7 +59,6 @@ public class UserDetailsServiceImpl implements UserDetailsService {
         }
         UserInfo userInfo = userMapper.selectOne(Wrappers.lambdaQuery(UserInfo.class).eq(UserInfo::getUserName, userName));
         if (Objects.isNull(userInfo)) {
-            log.warn("User {} not found", userName);
             throw new UsernameNotFoundException(userName);
         }
         JwtUser jwtUser = new JwtUser();
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java
index ed76b4f5..1309c91f 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java
@@ -43,13 +43,13 @@ public class ReturnT<T> implements Serializable {
 
     private int code;
 
-    private String msg;
+    private String message;
 
     private T content;
 
-    public ReturnT(int code, String msg) {
+    public ReturnT(int code, String message) {
         this.code = code;
-        this.msg = msg;
+        this.message = message;
     }
 
     public ReturnT(T content) {
diff --git a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/filter/JWTAuthenticationFilterTest.java b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/filter/JWTAuthenticationFilterTest.java
new file mode 100644
index 00000000..69bb388d
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/filter/JWTAuthenticationFilterTest.java
@@ -0,0 +1,19 @@
+package cn.hippo4j.auth.filter;
+
+import cn.hippo4j.common.toolkit.ReflectUtil;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+class JWTAuthenticationFilterTest {
+
+    @Test
+    void getMessageTest() {
+        JWTAuthenticationFilter filter = new JWTAuthenticationFilter(null);
+        Assertions.assertEquals("用户不存在", ReflectUtil.invoke(filter,
+                "getMessage", new UsernameNotFoundException("")));
+        Assertions.assertEquals("密码错误", ReflectUtil.invoke(filter,
+                "getMessage", new BadCredentialsException("")));
+    }
+}
diff --git a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java
index 8c2ff9b2..695c714d 100644
--- a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java
+++ b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java
@@ -39,7 +39,7 @@ public final class ReturnTTest {
 
     @Test
     public void assertGetMessage() {
-        Assert.isNull(returnT.getMsg());
+        Assert.isNull(returnT.getMessage());
     }
 
     @Test