| | |
|---|
| | | package org.springblade.auth.granter; |
|---|
| | | |
|---|
| | | import com.baomidou.mybatisplus.core.toolkit.StringUtils; |
|---|
| | | import org.springblade.auth.utils.TokenUtil; |
|---|
| | | import org.springblade.common.cache.CacheNames; |
|---|
| | | import org.springblade.core.redis.cache.BladeRedis; |
|---|
| | |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { |
|---|
| | | HttpServletRequest request = WebUtil.getRequest(); |
|---|
| | | // 增加验证码判断 |
|---|
| | | String key = request.getHeader(TokenUtil.CAPTCHA_HEADER_KEY); |
|---|
| | | String code = request.getHeader(TokenUtil.CAPTCHA_HEADER_CODE); |
|---|
| | | // 获取验证码 |
|---|
| | | String redisCode = bladeRedis.get(CacheNames.CAPTCHA_KEY + key); |
|---|
| | | // 判断验证码 |
|---|
| | | if (code == null || !StringUtil.equalsIgnoreCase(redisCode, code)) { |
|---|
| | | throw new UserDeniedAuthorizationException(TokenUtil.CAPTCHA_NOT_CORRECT); |
|---|
| | | } |
|---|
| | | |
|---|
| | | Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters()); |
|---|
| | | String username = parameters.get("username"); |
|---|
| | | String password = parameters.get("password"); |
|---|
| | |
|---|
| | | Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password); |
|---|
| | | ((AbstractAuthenticationToken) userAuth).setDetails(parameters); |
|---|
| | | try { |
|---|
| | | userAuth = authenticationManager.authenticate(userAuth); |
|---|
| | | userAuth = authenticationManager.authenticate(userAuth); |
|---|
| | | } |
|---|
| | | catch (AccountStatusException | BadCredentialsException ase) { |
|---|
| | | //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31) |
|---|
