From 1750327010ec28f21f9f03b683ad48219f8ddd5f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AD=99=E5=B0=8F=E4=BA=91?= <sunpengchina85@gmail.com>
Date: Sat, 19 Jul 2025 11:35:12 +0800
Subject: [PATCH] xx

---
 .../oauth/oidc/config/SecurityConfig.java     | 50 +----------
 .../CustomAuthenticationProvider.java         | 87 +++++++++++++++++++
 2 files changed, 89 insertions(+), 48 deletions(-)
 create mode 100644 oidc/src/main/java/com/tuoheng/oauth/oidc/provider/CustomAuthenticationProvider.java

diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
index d90e8ba..273a93e 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
@@ -32,16 +32,7 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.stereotype.Component;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-import jakarta.servlet.http.HttpServletRequest;
-import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
+import com.tuoheng.oauth.oidc.provider.CustomAuthenticationProvider;
 
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
@@ -216,42 +207,5 @@ public class SecurityConfig {
         return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder();
     }
 
-    // 自定义认证提供者 - 用于验证参数接收
-    @Component
-    public static class CustomAuthenticationProvider implements AuthenticationProvider {
-
-        @Override
-        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-            if (authentication instanceof UsernamePasswordAuthenticationToken) {
-                String username = authentication.getName();
-                String password = authentication.getCredentials().toString();
-                
-                // 获取HttpServletRequest来读取表单参数
-                ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
-                String tenantCode = null;
-                String clientId = null;
-                
-                if (attributes != null) {
-                    HttpServletRequest request = attributes.getRequest();
-                    tenantCode = request.getParameter("tenant_code");
-                    clientId = request.getParameter("client_id");
-                }
-                
-                // 打印接收到的参数用于验证
-                System.out.println("=== 认证参数验证 ===");
-                System.out.println("用户名: " + username);
-                System.out.println("密码: " + password);
-                System.out.println("租户代码: " + tenantCode);
-                System.out.println("客户端ID: " + clientId);
-
-                return new CustomAuthenticationToken(username, password, tenantCode, clientId);
-            }
-            return null;
-        }
-
-        @Override
-        public boolean supports(Class<?> authentication) {
-            return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
-        }
-    }
+    
 }
\ No newline at end of file
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/CustomAuthenticationProvider.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/CustomAuthenticationProvider.java
new file mode 100644
index 0000000..85363bd
--- /dev/null
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/CustomAuthenticationProvider.java
@@ -0,0 +1,87 @@
+package com.tuoheng.oauth.oidc.provider;
+
+import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import jakarta.servlet.http.HttpServletRequest;
+
+/**
+ * 自定义认证提供者，处理包含租户代码和客户端ID的认证
+ */
+@Component
+public class CustomAuthenticationProvider implements AuthenticationProvider {
+
+    @Autowired
+    private UserDetailsService userDetailsService;
+
+    @Autowired
+    private PasswordEncoder passwordEncoder;
+
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        if (authentication instanceof UsernamePasswordAuthenticationToken) {
+            String username = authentication.getName();
+            String password = authentication.getCredentials().toString();
+            
+            // 获取HttpServletRequest来读取表单参数
+            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+            String tenantCode = null;
+            String clientId = null;
+            
+            if (attributes != null) {
+                HttpServletRequest request = attributes.getRequest();
+                tenantCode = request.getParameter("tenant_code");
+                clientId = request.getParameter("client_id");
+            }
+            
+            // 打印接收到的参数用于验证
+            System.out.println("=== 认证参数验证 ===");
+            System.out.println("用户名: " + username);
+            System.out.println("密码: " + password);
+            System.out.println("租户代码: " + tenantCode);
+            System.out.println("客户端ID: " + clientId);
+
+            //这边需要从数据库获取数据做教育
+
+            // 6. 创建认证成功的自定义Token
+            System.out.println("认证成功 - 用户: " + username + ", 租户: " + tenantCode + ", 客户端: " + clientId);
+            
+            // 创建用户详情和权限
+            UserDetails userDetails = org.springframework.security.core.userdetails.User.builder()
+                    .username(username)
+                    .password(passwordEncoder.encode(password))
+                    .roles("USER")
+                    .build();
+            
+            // 创建已认证的Token，包含权限信息
+            return new CustomAuthenticationToken(userDetails, password, userDetails.getAuthorities(), tenantCode, clientId);
+        }
+        return null;
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
+    }
+
+    /**
+     * 验证用户名和密码
+     * 这里可以自定义验证逻辑，比如查询数据库
+     */
+    private boolean isValidUser(String username, String password) {
+        // 这里使用简单的硬编码验证，实际应用中应该查询数据库
+        return ("user".equals(username) && "password".equals(password)) ||
+               ("admin".equals(username) && "admin123".equals(password)) ||
+               ("user2".equals(username) && "password2".equals(password));
+    }
+} 
\ No newline at end of file