Home Explore Help
Sign In
Another
/
iot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix:【system】优化 createOAuth2AccessToken 的 tenantId 逻辑,优先使用 OAuth2RefreshTokenDO

YunaiV 5 months ago
parent
d2dd2f10f5
commit
ab8e68d3a2
1 changed files with 7 additions and 1 deletions
Split View Show Diff Stats
  1. 7 1
      yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java

+ 7 - 1
yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java
View File 

@@ -180,7 +180,13 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService {
 
                 .setClientId(clientDO.getClientId()).setScopes(refreshTokenDO.getScopes())
 
                 .setRefreshToken(refreshTokenDO.getRefreshToken())
 
                 .setExpiresTime(LocalDateTime.now().plusSeconds(clientDO.getAccessTokenValiditySeconds()));
 
-        accessTokenDO.setTenantId(TenantContextHolder.getTenantId()); // 手动设置租户编号,避免缓存到 Redis 的时候,无对应的租户编号
 
+        // 优先从 refreshToken 获取租户编号,避免 ThreadLocal 被污染时导致 tenantId 为 null
 
+        // 可能关联的 issue:https://t.zsxq.com/JIi5G
 
+        Long tenantId = refreshTokenDO.getTenantId();
 
+        if (tenantId == null) {
 
+            tenantId = TenantContextHolder.getTenantId();
 
+        }
 
+        accessTokenDO.setTenantId(tenantId);
 
         oauth2AccessTokenMapper.insert(accessTokenDO);
 
         // 记录到 Redis 中
 
         oauth2AccessTokenRedisDAO.set(accessTokenDO);