ubcs.git - Gitblit

¶Ô±ÈÐÂÎÄ¼þ
			@@ -0,0 +1,106 @@
			/*
			* Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
			*
			* Redistribution and use in source and binary forms, with or without
			* modification, are permitted provided that the following conditions are met:
			*
			* Redistributions of source code must retain the above copyright notice,
			* this list of conditions and the following disclaimer.
			* Redistributions in binary form must reproduce the above copyright
			* notice, this list of conditions and the following disclaimer in the
			* documentation and/or other materials provided with the distribution.
			* Neither the name of the dreamlu.net developer nor the names of its
			* contributors may be used to endorse or promote products derived from
			* this software without specific prior written permission.
			* Author: Chill åºéª (smallchill@163.com)
			*/
			package com.vci.ubcs.auth.granter;

			import com.vci.ubcs.auth.constant.AuthConstant;
			import com.vci.ubcs.auth.service.BladeUserDetails;
			import com.vci.ubcs.auth.utils.TokenUtil;
			import com.vci.ubcs.system.user.entity.User;
			import com.vci.ubcs.system.user.entity.UserInfo;
			import com.vci.ubcs.system.user.entity.UserOauth;
			import com.vci.ubcs.system.user.feign.IUserClient;
			import me.zhyd.oauth.model.AuthCallback;
			import me.zhyd.oauth.model.AuthResponse;
			import me.zhyd.oauth.model.AuthUser;
			import me.zhyd.oauth.request.AuthRequest;
			import org.springblade.core.social.props.SocialProperties;
			import org.springblade.core.social.utils.SocialUtil;
			import org.springblade.core.tool.api.R;
			import org.springblade.core.tool.support.Kv;
			import org.springblade.core.tool.utils.BeanUtil;
			import org.springblade.core.tool.utils.Func;
			import org.springblade.core.tool.utils.WebUtil;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.context.annotation.Bean;
			import org.springframework.context.annotation.Configuration;
			import org.springframework.core.env.Environment;
			import org.springframework.security.authentication.*;
			import org.springframework.security.core.Authentication;
			import org.springframework.security.core.authority.AuthorityUtils;
			import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
			import org.springframework.security.oauth2.provider.*;
			import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
			import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
			import org.springframework.stereotype.Component;

			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import java.util.LinkedHashMap;
			import java.util.Map;
			import java.util.Objects;

			/**
			* ç¬¬ä¸æ¹ç»å½è®¤è¯ç±»
			*
			* @author Chill
			*/
			public class PwdFreeLoginTokenGranter extends AbstractTokenGranter {
			private static final String GRANT_TYPE = "passwordfree";
			private final IUserClient userClient;

			public PwdFreeLoginTokenGranter(AuthorizationServerTokenServices tokenServices, IUserClient userClient, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {
			super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
			this.userClient = userClient;
			}

			@Override
			protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
			// è¯·æ±å¤´ç§æ·ä¿¡æ¯
			HttpServletRequest request = WebUtil.getRequest();
			String tenantId = Func.toStr(request.getHeader(TokenUtil.TENANT_HEADER_KEY), TokenUtil.DEFAULT_TENANT_ID);

			// è·åè¯·æ±åæ°
			Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());

			// æ ¹æ®åæ°è¿è¡èªå®ä¹çææé»è¾
			String userName = parameters.get("username");
			// è¿ç¨è°ç¨ï¼è·åè®¤è¯ä¿¡æ¯
			R<UserInfo> result = userClient.userInfo(tenantId,userName);
			BladeUserDetails bladeUserDetails;

			// æå»ºææä¿¡æ¯
			User user = result.getData().getUser();
			Kv detail = result.getData().getDetail();
			if (user == null \|\| user.getId() == null) {
			throw new InvalidGrantException("passwordfree grant failure, user is null");
			}
			bladeUserDetails = new BladeUserDetails(user.getId(),
			tenantId, result.getData().getOauthId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(result.getData().getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
			user.getName(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
			AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));

			// ç»è£è®¤è¯æ°æ®ï¼å³éå¯ç æ ¡éª
			Authentication userAuth = new UsernamePasswordAuthenticationToken(bladeUserDetails, null, bladeUserDetails.getAuthorities());
			((AbstractAuthenticationToken) userAuth).setDetails(parameters);
			OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);

			// è¿å OAuth2Authentication
			return new OAuth2Authentication(storedOAuth2Request, userAuth);
			}

			}