Home Explore Help
Register Sign In
zhuwei
/
bladex
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0b440b48cb
Branches Tags
bladex
/
blade-auth
/
src
/
main
/
java
/
org
/
springblade
/
auth
/
granter
/
SocialTokenGranter.java

SocialTokenGranter.java 6.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. /*
    2. 

  2.  *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
    3. 

  3.  *
    4. 

  4.  *  Redistribution and use in source and binary forms, with or without
    5. 

  5.  *  modification, are permitted provided that the following conditions are met:
    6. 

  6.  *
    7. 

  7.  *  Redistributions of source code must retain the above copyright notice,
    8. 

  8.  *  this list of conditions and the following disclaimer.
    9. 

  9.  *  Redistributions in binary form must reproduce the above copyright
    10. 

  10.  *  notice, this list of conditions and the following disclaimer in the
    11. 

  11.  *  documentation and/or other materials provided with the distribution.
    12. 

  12.  *  Neither the name of the dreamlu.net developer nor the names of its
    13. 

  13.  *  contributors may be used to endorse or promote products derived from
    14. 

  14.  *  this software without specific prior written permission.
    15. 

  15.  *  Author: Chill 庄骞 (smallchill@163.com)
    16. 

  16.  */
    17. 

  17. package org.springblade.auth.granter;
    18. 

  18. 

  19. import me.zhyd.oauth.model.AuthCallback;
    20. 

  20. import me.zhyd.oauth.model.AuthResponse;
    21. 

  21. import me.zhyd.oauth.model.AuthUser;
    22. 

  22. import me.zhyd.oauth.request.AuthRequest;
    23. 

  23. import org.springblade.auth.constant.AuthConstant;
    24. 

  24. import org.springblade.auth.service.BladeUserDetails;
    25. 

  25. import org.springblade.auth.utils.TokenUtil;
    26. 

  26. import org.springblade.core.social.props.SocialProperties;
    27. 

  27. import org.springblade.core.social.utils.SocialUtil;
    28. 

  28. import org.springblade.core.tool.api.R;
    29. 

  29. import org.springblade.core.tool.support.Kv;
    30. 

  30. import org.springblade.core.tool.utils.BeanUtil;
    31. 

  31. import org.springblade.core.tool.utils.Func;
    32. 

  32. import org.springblade.core.tool.utils.WebUtil;
    33. 

  33. import org.springblade.system.user.entity.User;
    34. 

  34. import org.springblade.system.user.entity.UserInfo;
    35. 

  35. import org.springblade.system.user.entity.UserOauth;
    36. 

  36. import org.springblade.system.user.feign.IUserClient;
    37. 

  37. import org.springframework.security.authentication.AbstractAuthenticationToken;
    38. 

  38. import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
    39. 

  39. import org.springframework.security.core.Authentication;
    40. 

  40. import org.springframework.security.core.authority.AuthorityUtils;
    41. 

  41. import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
    42. 

  42. import org.springframework.security.oauth2.provider.*;
    43. 

  43. import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
    44. 

  44. import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
    45. 

  45. 

  46. import javax.servlet.http.HttpServletRequest;
    47. 

  47. import java.util.LinkedHashMap;
    48. 

  48. import java.util.Map;
    49. 

  49. import java.util.Objects;
    50. 

  50. 

  51. /**
    52. 

  52.  * 第三方登录认证类
    53. 

  53.  *
    54. 

  54.  * @author Chill
    55. 

  55.  */
    56. 

  56. public class SocialTokenGranter extends AbstractTokenGranter {
    57. 

  57.     private static final String GRANT_TYPE = "social";
    58. 

  58.     private static final Integer AUTH_SUCCESS_CODE = 2000;
    59. 

  59. 

  60.     private final IUserClient userClient;
    61. 

  61.     private final SocialProperties socialProperties;
    62. 

  62. 

  63.     protected SocialTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory, IUserClient userClient, SocialProperties socialProperties) {
    64. 

  64.         super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
    65. 

  65.         this.userClient = userClient;
    66. 

  66.         this.socialProperties = socialProperties;
    67. 

  67.     }
    68. 

  68. 

  69.     @Override
    70. 

  70.     protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
    71. 

  71.         // 请求头租户信息
    72. 

  72.         HttpServletRequest request = WebUtil.getRequest();
    73. 

  73.         String tenantId = Func.toStr(request.getHeader(TokenUtil.TENANT_HEADER_KEY), TokenUtil.DEFAULT_TENANT_ID);
    74. 

  74. 

  75.         Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());
    76. 

  76.         // 开放平台来源
    77. 

  77.         String sourceParameter = parameters.get("source");
    78. 

  78.         // 匹配是否有别名定义
    79. 

  79.         String source = socialProperties.getAlias().getOrDefault(sourceParameter, sourceParameter);
    80. 

  80.         // 开放平台授权码
    81. 

  81.         String code = parameters.get("code");
    82. 

  82.         // 开放平台状态吗
    83. 

  83.         String state = parameters.get("state");
    84. 

  84. 

  85.         // 获取开放平台授权数据
    86. 

  86.         AuthRequest authRequest = SocialUtil.getAuthRequest(source, socialProperties);
    87. 

  87.         AuthCallback authCallback = new AuthCallback();
    88. 

  88.         authCallback.setCode(code);
    89. 

  89.         authCallback.setState(state);
    90. 

  90.         AuthResponse authResponse = authRequest.login(authCallback);
    91. 

  91.         AuthUser authUser;
    92. 

  92.         if (authResponse.getCode() == AUTH_SUCCESS_CODE) {
    93. 

  93.             authUser = (AuthUser) authResponse.getData();
    94. 

  94.         } else {
    95. 

  95.             throw new InvalidGrantException("social grant failure, auth response is not success");
    96. 

  96.         }
    97. 

  97. 

  98.         // 组装数据
    99. 

  99.         UserOauth userOauth = Objects.requireNonNull(BeanUtil.copy(authUser, UserOauth.class));
    100. 

  100.         userOauth.setSource(authUser.getSource());
    101. 

  101.         userOauth.setTenantId(tenantId);
    102. 

  102.         userOauth.setUuid(authUser.getUuid());
    103. 

  103. 

  104.         // 远程调用,获取认证信息
    105. 

  105.         R<UserInfo> result = userClient.userAuthInfo(userOauth);
    106. 

  106.         BladeUserDetails bladeUserDetails;
    107. 

  107.         if (result.isSuccess()) {
    108. 

  108.             User user = result.getData().getUser();
    109. 

  109.             Kv detail = result.getData().getDetail();
    110. 

  110.             if (user == null || user.getId() == null) {
    111. 

  111.                 throw new InvalidGrantException("social grant failure, user is null");
    112. 

  112.             }
    113. 

  113.             bladeUserDetails = new BladeUserDetails(user.getId(), user.getPhone(),
    114. 

  114.                     tenantId, result.getData().getOauthId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(result.getData().getRoles()), Func.toStr(userOauth.getAvatar(), TokenUtil.DEFAULT_AVATAR),
    115. 

  115.                     userOauth.getUsername(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
    116. 

  116.                     AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));
    117. 

  117.         } else {
    118. 

  118.             throw new InvalidGrantException("social grant failure, feign client return error");
    119. 

  119.         }
    120. 

  120. 

  121.         // 组装认证数据,关闭密码校验
    122. 

  122.         Authentication userAuth = new UsernamePasswordAuthenticationToken(bladeUserDetails, null, bladeUserDetails.getAuthorities());
    123. 

  123.         ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
    124. 

  124.         OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
    125. 

  125. 

  126.         // 返回 OAuth2Authentication
    127. 

  127.         return new OAuth2Authentication(storedOAuth2Request, userAuth);
    128. 

  128.     }
    129. 

  129. 

  130. }
    131.