更新

backend/common/common-security/src/main/java/com/k12study/common/security/context/RequestUserContext.java

@@ -1,10 +1,17 @@
 package com.k12study.common.security.context;
+import java.util.List;
 
 public record RequestUserContext(
         String userId,
         String username,
         String displayName,
+        String adcode,
         String tenantId,
-        String deptId
+        String tenantPath,
+        String deptId,
+        String deptPath,
+        List<String> roleCodes,
+        String clientType,
+        String sessionId
 ) {
 }

backend/common/common-security/src/main/java/com/k12study/common/security/jwt/JwtTokenProvider.java

@@ -5,8 +5,10 @@ import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.security.Keys;
 import java.nio.charset.StandardCharsets;
+import java.time.Duration;
 import java.time.Instant;
 import java.util.Date;
+import java.util.List;
 import javax.crypto.SecretKey;
 
 public class JwtTokenProvider {
@@ -19,15 +21,29 @@ public class JwtTokenProvider {
     }
 
     public String createAccessToken(JwtUserPrincipal principal) {
+        return createToken(principal, authProperties.getAccessTokenTtl());
+    }
+
+    public String createRefreshToken(JwtUserPrincipal principal) {
+        return createToken(principal, authProperties.getRefreshTokenTtl());
+    }
+
+    private String createToken(JwtUserPrincipal principal, Duration ttl) {
         Instant now = Instant.now();
         return Jwts.builder()
                 .subject(principal.userId())
                 .claim("username", principal.username())
                 .claim("displayName", principal.displayName())
+                .claim("adcode", principal.adcode())
                 .claim("tenantId", principal.tenantId())
+                .claim("tenantPath", principal.tenantPath())
                 .claim("deptId", principal.deptId())
+                .claim("deptPath", principal.deptPath())
+                .claim("roleCodes", principal.roleCodes())
+                .claim("clientType", principal.clientType())
+                .claim("sessionId", principal.sessionId())
                 .issuedAt(Date.from(now))
-                .expiration(Date.from(now.plus(authProperties.getAccessTokenTtl())))
+                .expiration(Date.from(now.plus(ttl)))
                 .signWith(secretKey)
                 .compact();
     }
@@ -38,12 +54,23 @@ public class JwtTokenProvider {
                 .build()
                 .parseSignedClaims(token)
                 .getPayload();
+        @SuppressWarnings("unchecked")
+        List<String> roleCodes = claims.get("roleCodes", List.class);
+        if (roleCodes == null) {
+            roleCodes = List.of();
+        }
         return new JwtUserPrincipal(
                 claims.getSubject(),
                 claims.get("username", String.class),
                 claims.get("displayName", String.class),
+                claims.get("adcode", String.class),
                 claims.get("tenantId", String.class),
-                claims.get("deptId", String.class)
+                claims.get("tenantPath", String.class),
+                claims.get("deptId", String.class),
+                claims.get("deptPath", String.class),
+                roleCodes,
+                claims.get("clientType", String.class),
+                claims.get("sessionId", String.class)
         );
     }
 }

backend/common/common-security/src/main/java/com/k12study/common/security/jwt/JwtUserPrincipal.java

@@ -1,10 +1,17 @@
 package com.k12study.common.security.jwt;
+import java.util.List;
 
 public record JwtUserPrincipal(
         String userId,
         String username,
         String displayName,
+        String adcode,
         String tenantId,
-        String deptId
+        String tenantPath,
+        String deptId,
+        String deptPath,
+        List<String> roleCodes,
+        String clientType,
+        String sessionId
 ) {
 }