Skip to content

WxOpenComponentServiceImpl高并发情况下有不停刷新access_token的风险 #1300

New issue
New issue
Closed
Closed
WxOpenComponentServiceImpl高并发情况下有不停刷新access_token的风险#1300
Labels
开放平台
@ZHAMoonlight

Description

@ZHAMoonlight
ZHAMoonlight
opened on Nov 26, 2019

`private String get(String uri, String accessTokenKey) throws WxErrorException {
String componentAccessToken = this.getComponentAccessToken(false);
String uriWithComponentAccessToken = uri + (uri.contains("?") ? "&" : "?") + accessTokenKey + "=" + componentAccessToken;

    try {
        return this.getWxOpenService().get(uriWithComponentAccessToken, (String)null);
    } catch (WxErrorException var7) {
        WxError error = var7.getError();
        if (error.getErrorCode() == 42001 || error.getErrorCode() == 40001 || error.getErrorCode() == 40014) {
            this.getWxOpenConfigStorage().expireComponentAccessToken();
            if (this.getWxOpenConfigStorage().autoRefreshToken()) {
                return this.get(uri, accessTokenKey);
            }
        }

        if (error.getErrorCode() != 0) {
            throw new WxErrorException(error, var7);
        } else {
            return null;
        }
    }
}`

当access_token过期的时候,如果大量请求同时进入到 this.getWxOpenConfigStorage().expireComponentAccessToken();这行代码,会导致刚刚刷新的access_token被过期,相当于是并发情况下释放了非自己的锁

Metadata

Metadata

Assignees

No one assigned

    Labels

    开放平台

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions