统一业务系统系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
ludc
2023-09-15 b89fc7c55c756e71d5c5133a799430c294059be1 
 Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/granter/PwdFreeLoginTokenGranter.java


@@ -34,11 +34,12 @@


import org.springblade.core.tool.utils.BeanUtil;


import org.springblade.core.tool.utils.Func;


import org.springblade.core.tool.utils.WebUtil;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.beans.factory.annotation.Value;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.authentication.AbstractAuthenticationToken;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.core.env.Environment;


import org.springframework.security.authentication.*;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.authority.AuthorityUtils;


import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;


@@ -47,6 +48,7 @@


import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;


import org.springframework.stereotype.Component;




import javax.annotation.Resource;


import javax.servlet.http.HttpServletRequest;


import java.util.LinkedHashMap;


import java.util.Map;


@@ -59,12 +61,11 @@


 */


public class PwdFreeLoginTokenGranter extends AbstractTokenGranter {


   private static final String GRANT_TYPE = "passwordfree";


   private static final Integer AUTH_SUCCESS_CODE = 2000;


   private final AuthenticationManager authenticationManager;


   private final IUserClient userClient;




   public PwdFreeLoginTokenGranter(AuthenticationManager authenticationManager, AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {


   public PwdFreeLoginTokenGranter(AuthorizationServerTokenServices tokenServices, IUserClient userClient, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {


      super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);


      this.authenticationManager = authenticationManager;


      this.userClient = userClient;


   }




   @Override


@@ -77,32 +78,21 @@


      Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());




      // 根据参数进行自定义的授权逻辑


      // 示例中使用了硬编码的方式验证账号和生成授权信息


      String userName = parameters.get("username");


      String password = parameters.get("password");


      // 组装数据


      //UserOauth userOauth = Objects.requireNonNull(BeanUtil.copy(authUser, UserOauth.class));


      //userOauth.setTenantId(tenantId);


      //userOauth.setUuid(authUser.getUuid());




      // 远程调用,获取认证信息


      //R<UserInfo> result = userClient.userAuthInfo(userOauth);


      BladeUserDetails bladeUserDetails = null;


      // 配置的密码,所有走免密接口的都设置统一的密码


      if ("password".equals(password)) {


         // 构建授权信息


         //User user = result.getData().getUser();


         //Kv detail = result.getData().getDetail();


//         if (user == null || user.getId() == null) {


//            throw new InvalidGrantException("social grant failure, user is null");


//         }


//         bladeUserDetails = new BladeUserDetails(user.getId(),


//            tenantId, result.getData().getOauthId(), userName, "webservice免密登录", "0", "0", "0", "0", Func.toStr(userOauth.getAvatar(), TokenUtil.DEFAULT_AVATAR),


//            userName, AuthConstant.ENCRYPT + password, detail, true, true, true, true,


//            AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));


      } else {


         throw new InvalidGrantException("passwordfree grant failure, auth response is not success");


      R<UserInfo> result = userClient.userInfo(tenantId,userName);


      BladeUserDetails bladeUserDetails;




      // 构建授权信息


      User user = result.getData().getUser();


      Kv detail = result.getData().getDetail();


      if (user == null || user.getId() == null) {


         throw new InvalidGrantException("passwordfree grant failure, user is null");


      }


      bladeUserDetails = new BladeUserDetails(user.getId(),


         tenantId, result.getData().getOauthId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(result.getData().getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),


         user.getName(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,


         AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));




      // 组装认证数据,关闭密码校验


      Authentication userAuth = new UsernamePasswordAuthenticationToken(bladeUserDetails, null, bladeUserDetails.getAuthorities());