Commits

明点软件 committed 6c13211

修复过期时间不刷新的bug

Comments (0)

Files changed (12)

Grails-spring-security-taobao-grailsPlugins.iml

+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4">
+  <component name="FacetManager">
+    <facet type="hibernate" name="Hibernate">
+      <configuration>
+        <datasource-map />
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/hibernate-2.1.0">
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/hibernate-2.1.0/grails-app/i18n" isTestSource="false" />
+    </content>
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/release-2.0.4">
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/release-2.0.4/src/java" isTestSource="false" />
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/release-2.0.4/src/groovy" isTestSource="false" />
+    </content>
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/rest-client-builder-1.0.2">
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/rest-client-builder-1.0.2/src/groovy" isTestSource="false" />
+    </content>
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3">
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3/src/java" isTestSource="false" />
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3/src/groovy" isTestSource="false" />
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3/grails-app/i18n" isTestSource="false" />
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3/grails-app/services" isTestSource="false" />
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/spring-security-core-1.2.7.3/grails-app/taglib" isTestSource="false" />
+    </content>
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/tomcat-2.1.0" />
+    <content url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/webxml-1.4.1">
+      <sourceFolder url="file://$USER_HOME$/.grails/2.1.0/projects/spring-security-taobao/plugins/webxml-1.4.1/src/groovy" isTestSource="false" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" scope="PROVIDED" name="grails-2.1.0" level="application" />
+    <orderEntry type="module-library" exported="">
+      <library name="Grails User Library (Grails-spring-security-taobao-grailsPlugins)">
+        <CLASSES>
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-web/jars/spring-security-web-3.0.7.RELEASE.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-core/jars/spring-security-core-3.0.7.RELEASE.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/nekohtml/nekohtml/jars/nekohtml-1.9.6.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/nekohtml/xercesMinimal/jars/xercesMinimal-1.9.6.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-http-shared/jars/wagon-http-shared-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-http-lightweight/jars/wagon-http-lightweight-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-file/jars/wagon-file-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-error-diagnostics/jars/maven-error-diagnostics-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-plugin-registry/jars/maven-plugin-registry-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-profile/jars/maven-profile-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-settings/jars/maven-settings-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-project/jars/maven-project-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-model/jars/maven-model-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/backport-util-concurrent/backport-util-concurrent/jars/backport-util-concurrent-3.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-provider-api/jars/wagon-provider-api-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-repository-metadata/jars/maven-repository-metadata-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-artifact-manager/jars/maven-artifact-manager-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-artifact/jars/maven-artifact-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-interpolation/jars/plexus-interpolation-1.11.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-utils/jars/plexus-utils-1.5.15.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-container-default/jars/plexus-container-default-1.0-alpha-9-stable-1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/classworlds/classworlds/jars/classworlds-1.1-alpha-2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/ant/ant/jars/ant-1.6.5.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-ant-tasks/jars/maven-ant-tasks-2.1.0.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/xml-resolver/xml-resolver/jars/xml-resolver-1.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/xerces/xercesImpl/jars/xercesImpl-2.8.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sourceforge.nekohtml/nekohtml/jars/nekohtml-1.9.9.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-analysis/jars/asm-analysis-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-util/jars/asm-util-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-tree/jars/asm-tree-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-commons/jars/asm-commons-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm/jars/asm-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.groovy/groovy/jars/groovy-1.7-rc-2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sf.ezmorph/ezmorph/jars/ezmorph-1.0.6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sf.json-lib/json-lib/jars/json-lib-2.3-jdk15.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/commons-logging/commons-logging/jars/commons-logging-1.1.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.httpcomponents/httpcore/jars/httpcore-4.0.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.httpcomponents/httpclient/jars/httpclient-4.0.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.groovy.modules.http-builder/http-builder/jars/http-builder-0.5.0.jar!/" />
+        </CLASSES>
+        <JAVADOC />
+        <SOURCES />
+      </library>
+    </orderEntry>
+  </component>
+</module>
+

Grails-spring-security-taobao.iml

+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4">
+  <component name="FacetManager">
+    <facet type="Spring" name="Spring">
+      <configuration>
+        <fileset id="fileset1" name="Xml Application Context" removed="false">
+          <file>file://$MODULE_DIR$/web-app/WEB-INF/applicationContext.xml</file>
+        </fileset>
+      </configuration>
+    </facet>
+    <facet type="web" name="GrailsWeb">
+      <configuration>
+        <webroots>
+          <root url="file://$MODULE_DIR$/web-app" relative="/" />
+          <root url="file://$MODULE_DIR$/grails-app/views" relative="/" />
+        </webroots>
+        <sourceRoots />
+      </configuration>
+    </facet>
+    <facet type="hibernate" name="Hibernate">
+      <configuration>
+        <datasource-map>
+          <unit-entry name="Gorm" />
+          <unit-entry name="sessionFactory" />
+        </datasource-map>
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/src/java" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/utils" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/src/groovy" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/controllers" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/domain" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/services" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/taglib" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/test/unit" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/test/integration" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/grails-app/i18n" isTestSource="false" />
+      <excludeFolder url="file://$MODULE_DIR$/target/classes" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module-library" exported="">
+      <library name="Grails User Library (Grails-spring-security-taobao)">
+        <CLASSES>
+          <root url="file://$MODULE_DIR$/lib" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-web/jars/spring-security-web-3.0.7.RELEASE.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-core/jars/spring-security-core-3.0.7.RELEASE.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/nekohtml/nekohtml/jars/nekohtml-1.9.6.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/nekohtml/xercesMinimal/jars/xercesMinimal-1.9.6.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-http-shared/jars/wagon-http-shared-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-http-lightweight/jars/wagon-http-lightweight-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-file/jars/wagon-file-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-error-diagnostics/jars/maven-error-diagnostics-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-plugin-registry/jars/maven-plugin-registry-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-profile/jars/maven-profile-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-settings/jars/maven-settings-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-project/jars/maven-project-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-model/jars/maven-model-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/backport-util-concurrent/backport-util-concurrent/jars/backport-util-concurrent-3.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven.wagon/wagon-provider-api/jars/wagon-provider-api-1.0-beta-6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-repository-metadata/jars/maven-repository-metadata-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-artifact-manager/jars/maven-artifact-manager-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-artifact/jars/maven-artifact-2.2.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-interpolation/jars/plexus-interpolation-1.11.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-utils/jars/plexus-utils-1.5.15.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.plexus/plexus-container-default/jars/plexus-container-default-1.0-alpha-9-stable-1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/classworlds/classworlds/jars/classworlds-1.1-alpha-2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/ant/ant/jars/ant-1.6.5.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.maven/maven-ant-tasks/jars/maven-ant-tasks-2.1.0.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/xml-resolver/xml-resolver/jars/xml-resolver-1.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/xerces/xercesImpl/jars/xercesImpl-2.8.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sourceforge.nekohtml/nekohtml/jars/nekohtml-1.9.9.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-analysis/jars/asm-analysis-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-util/jars/asm-util-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-tree/jars/asm-tree-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm-commons/jars/asm-commons-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/asm/asm/jars/asm-3.2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.groovy/groovy/jars/groovy-1.7-rc-2.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sf.ezmorph/ezmorph/jars/ezmorph-1.0.6.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/net.sf.json-lib/json-lib/jars/json-lib-2.3-jdk15.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/commons-logging/commons-logging/jars/commons-logging-1.1.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.httpcomponents/httpcore/jars/httpcore-4.0.1.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.apache.httpcomponents/httpclient/jars/httpclient-4.0.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.codehaus.groovy.modules.http-builder/http-builder/jars/http-builder-0.5.0.jar!/" />
+        </CLASSES>
+        <JAVADOC />
+        <SOURCES>
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-web/sources/spring-security-web-3.0.7.RELEASE-sources.jar!/" />
+          <root url="jar://$USER_HOME$/.grails/ivy-cache/org.springframework.security/spring-security-core/sources/spring-security-core-3.0.7.RELEASE-sources.jar!/" />
+        </SOURCES>
+        <jarDirectory url="file://$MODULE_DIR$/lib" recursive="false" />
+      </library>
+    </orderEntry>
+    <orderEntry type="library" name="grails-2.1.0" level="application" />
+    <orderEntry type="module" module-name="Grails-spring-security-taobao-grailsPlugins" />
+  </component>
+</module>
+

SpringSecurityTaobaoGrailsPlugin.groovy

 */
 class SpringSecurityTaobaoGrailsPlugin {
     // the plugin version
-    def version = "1.0.4"
+    def version = "1.0.8"
     // the version or versions of Grails the plugin is designed for
     def grailsVersion = "2.1 > *"
     // the other plugins this plugin depends on

grails-app/conf/Config.groovy

 		   'org.codehaus.groovy.grails.plugins.springsecurity'
 
     warn   'org.mortbay.log'
+
+    debug 'com.mingidea'
 }
 
 grails.plugins.springsecurity.expiredUrl = '/expired'
 
 // Added by the Spring Security Core plugin:
-grails.plugins.springsecurity.useHttpSessionEventPublisher = true 
-grails.plugins.springsecurity.userLookup.userDomainClassName = 'test.User'
-grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'test.UserRole'
+grails.plugins.springsecurity.useHttpSessionEventPublisher = true 
+grails.plugins.springsecurity.userLookup.userDomainClassName = 'test.User'
+grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'test.UserRole'
 grails.plugins.springsecurity.authority.className = 'test.Role'
 grails.plugins.springsecurity.taobao.accountDomainClassName = 'test.TaobaoAccount'
+
+
 //test_app_1的appkey 和 appscert
 grails.plugins.springsecurity.taobao.appSecretMap = ['12264981' : '4aaaabc0a7057c3fd36b8de889d4aa65']
 
 grails.plugins.springsecurity.interceptUrlMap = [
     '/secure/**':    ['ROLE_USER'],
     '/admin**':   ['ROLE_ADMIN', 'IS_AUTHENTICATED_FULLY']
- ]
-grails.views.default.codec="none" // none, html, base64
-grails.views.gsp.encoding="UTF-8"
+ ]
+grails.views.default.codec="none" // none, html, base64
+grails.views.gsp.encoding="UTF-8"

grails-app/controllers/test/TestController.groovy

 class TestController {
     def springSecurityService
     def concurrentSessionFilter
-    def index = { 
-        def user = springSecurityService.currentUser
-        render 'user id: '
+    def index = {
+        println request.requestURI
+//        def user = springSecurityService.currentUser
+//        render 'user id: '
+        render 'i'
     }
     
     def expire = {
-<plugin name='spring-security-taobao' version='1.0.4' grailsVersion='2.1 &gt; *'>
+<plugin name='spring-security-taobao' version='1.0.8' grailsVersion='2.1 &gt; *'>
   <author>Simon Leung</author>
   <authorEmail>simon.r.leung@gmail.com</authorEmail>
   <title>Spring Security Taobao Plugin</title>

src/groovy/test/Test.groovy

+package test
+
+import org.apache.commons.codec.digest.DigestUtils
+import org.apache.commons.codec.binary.Base64
+
+
+class Test {
+    static void main(args) {
+        String appKey = '12264981'
+        String p ='ZXhwaXJlc19pbj04NTgxMCZpZnJhbWU9MSZyMV9leHBpcmVzX2luPTg1ODExJnIyX2V4cGlyZXNfaW49ODU4MTEmcmVfZXhwaXJlc19pbj04NTgxMCZyZWZyZXNoX3Rva2VuPTYxMDA4MDhmZjc3MTdjZDIxNzQ1ZDgzYTY3ZjhlZWUwY2UyYzQ1NWJlOWVhMWNiNTQ0NTg2NzQmdHM9MTM0NjU2NzkzNTQyNCZ2aXNpdG9yX2lkPTU0NDU4Njc0JnZpc2l0b3Jfbmljaz1sOTU1NjY1MDUmdzFfZXhwaXJlc19pbj04NTgxMSZ3Ml9leHBpcmVzX2luPTA='
+        String s = '4aaaabc0a7057c3fd36b8de889d4aa65'
+        String session = '6102608ed396a1d6197f646a1b3b889da61442f607d07fd54458674'
+        String text = appKey + p + session + s
+        def md5  = DigestUtils.md5(text)
+        println Base64.encodeBase64String(md5)
+		
+		//d();
+    }
+	
+	public static d() {
+		String url = 'top_appkey=12264981&top_parameters=ZXhwaXJlc19pbj04NTgxMCZpZnJhbWU9MSZyMV9leHBpcmVzX2luPTg1ODExJnIyX2V4cGlyZXNfaW49ODU4MTEmcmVfZXhwaXJlc19pbj04NTgxMCZyZWZyZXNoX3Rva2VuPTYxMDA4MDhmZjc3MTdjZDIxNzQ1ZDgzYTY3ZjhlZWUwY2UyYzQ1NWJlOWVhMWNiNTQ0NTg2NzQmdHM9MTM0NjU2NzkzNTQyNCZ2aXNpdG9yX2lkPTU0NDU4Njc0JnZpc2l0b3Jfbmljaz1sOTU1NjY1MDUmdzFfZXhwaXJlc19pbj04NTgxMSZ3Ml9leHBpcmVzX2luPTA%3D&top_session=6102608ed396a1d6197f646a1b3b889da61442f607d07fd54458674&from_site=fuwu&top_sign=rw%2B3NEpjMD35nN1%2FvXLCjw%3D%3D';
+		println URLDecoder.decode(url, "UTF-8")
+	}
+
+    public void s() {
+
+    }
+}

src/groovy/test/TestTaobaoAuthenticationDao.groovy

 
 import com.mingidea.security.taobao.TaobaoAuthenticationDao
 import com.mingidea.security.taobao.TaobaoUser
+import org.apache.commons.codec.digest.DigestUtils
+import org.apache.commons.codec.binary.Base64
 
 class TestTaobaoAuthenticationDao implements TaobaoAuthenticationDao {
 
+
+
 	public TaobaoUser find(String nick, String appKey) {
 		return null;
 	}

src/java/com/mingidea/security/taobao/TaobaoAuthenticationProcessingFilter.java

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 
 public class TaobaoAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
+    private static Logger log = LoggerFactory.getLogger(TaobaoAuthenticationProcessingFilter.class);
 
     public TaobaoAuthenticationProcessingFilter() {
         super("/j_spring_taobao_security_check");
     @Override
     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
         throws AuthenticationException, IOException, ServletException {
+
         TaobaoCredentials credentials = TaobaoCredentials.build(request);
-        
         TaobaoAuthenticationToken token = new TaobaoAuthenticationToken(credentials);
         // delegate to the authentication provider
         Authentication authentication = this.getAuthenticationManager().authenticate(token);

src/java/com/mingidea/security/taobao/TaobaoAuthenticationProvider.java

 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeansException;
         String mainNickname = credentials.getVisitorNick(); // 主账号
         String subNickname = credentials.getSubTaobaoUserNick(); // 子账号
         String nickname = (subNickname != null) ? subNickname : mainNickname;
-
         String appKey = credentials.getAppKey();
-        String session = credentials.getSession();
 
         TaobaoUser taobaoUser = taobaoAuthenticationDao.find(nickname, appKey);
         if (taobaoUser == null) {
             log.debug("create taobao user {}", nickname);
-            taobaoUser = new TaobaoUser(nickname, appKey, session);
-            taobaoUser.setExpiresIn(credentials.getExpiresIn());
-            taobaoUser.setR1ExpiresIn(credentials.getR1ExpiresIn());
-            taobaoUser.setR2ExpiresIn(credentials.getR2ExpiresIn());
-            taobaoUser.setW1ExpiresIn(credentials.getW1ExpiresIn());
-            taobaoUser.setW2ExpiresIn(credentials.getR2ExpiresIn());
-            taobaoUser.setRefreshToken(credentials.getRefreshToken());
-            taobaoUser.setReExpiresIn(credentials.getReExpiresIn());
-            taobaoAuthenticationDao.create(taobaoUser);
+            taobaoUser = new TaobaoUser(nickname, appKey);
+            copyProperties(credentials, taobaoUser);
             applicationContext.publishEvent(new TaobaoUserCreatedEvent(this, taobaoUser));
         } else {
-            if (taobaoUser.getSession() != session) {
-                log.debug("update taobao user {} with session {}", nickname, session);
-                taobaoUser.setSession(session);
-                taobaoAuthenticationDao.update(taobaoUser);
-                applicationContext.publishEvent(new TaobaoUserUpdatedEvent(this, taobaoUser));
-            }
+            log.debug("update taobao user {} with session {}", nickname, credentials.getSession());
+            copyProperties(credentials, taobaoUser);
+            taobaoAuthenticationDao.update(taobaoUser);
+            applicationContext.publishEvent(new TaobaoUserUpdatedEvent(this, taobaoUser));
         }
 
         UserDetails userDetails = taobaoAuthenticationDao.getPrincipal(taobaoUser);
     }
 
     /**
+     * copy properties from credentials to taobao user
+     */
+    private void copyProperties(TaobaoCredentials credentials, TaobaoUser taobaoUser) {
+        taobaoUser.setSession(taobaoUser.getSession());
+        taobaoUser.setTimestamp(credentials.getTimestamp());
+        taobaoUser.setExpiresIn(credentials.getExpiresIn());
+        taobaoUser.setR1ExpiresIn(credentials.getR1ExpiresIn());
+        taobaoUser.setR2ExpiresIn(credentials.getR2ExpiresIn());
+        taobaoUser.setW1ExpiresIn(credentials.getW1ExpiresIn());
+        taobaoUser.setW2ExpiresIn(credentials.getR2ExpiresIn());
+        taobaoUser.setRefreshToken(credentials.getRefreshToken());
+        taobaoUser.setReExpiresIn(credentials.getReExpiresIn());
+    }
+
+    /**
      * @throws BadCredentialsException credentials is invalid
      */
     private void validateCredentials(TaobaoCredentials credentials) throws BadCredentialsException {
         // apache commons codec的版本要在1.5及以上,否则计算出来的签名会多一个回车导致异常
         String calculatedSign = Base64.encodeBase64String(md5);
         if (!calculatedSign.equals(sign)) {
-            throw new BadCredentialsException("The sign is invalid: " + sign);
+            throw new BadCredentialsException("The sign is invalid expected sign is: " + sign + ", but calculated is : " + calculatedSign);
         }
     }
 

src/java/com/mingidea/security/taobao/TaobaoCredentials.java

 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.util.Assert;
 
 /**
  */
 public class TaobaoCredentials implements Serializable {
     private static final long serialVersionUID = 1L;
+    private static Logger log = LoggerFactory.getLogger(TaobaoCredentials.class);
 
     private String appKey;
     private String session;
             } catch (UnsupportedEncodingException e) {
                 //ignore
             }
+            log.debug("top parameters: {}", decodedParameters);
             Map<String, String> parameterMap = parseParameters(decodedParameters);
             credentials.timestamp = Long.parseLong(parameterMap.get("ts"));
             credentials.iframe = parameterMap.get("iframe");

src/java/com/mingidea/security/taobao/TaobaoUser.java

     private String session;
 
     private long timestamp;
+
+    /** sesion key 失效时间 */
     private long expiresIn;
+
     private long r1ExpiresIn;
     private long r2ExpiresIn;
     private long w1ExpiresIn;
     private long w2ExpiresIn;
+
+    /** refresh token 失效时间 */
     private long reExpiresIn;
 
     private String refreshToken;
 
-    public TaobaoUser(String nickname, String appKey, String session) {
+    public TaobaoUser(String nickname, String appKey) {
         this.nickname = nickname;
         this.appKey = appKey;
-        this.session = session;
     }
 
     public void setNickname(String nickname) {