This commit is contained in:
孙小云
parent
454349a35f
commit
1750327010
|
|
@ -32,16 +32,7 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
||||||
import org.springframework.web.cors.CorsConfiguration;
|
import org.springframework.web.cors.CorsConfiguration;
|
||||||
import org.springframework.web.cors.CorsConfigurationSource;
|
import org.springframework.web.cors.CorsConfigurationSource;
|
||||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||||
import org.springframework.security.authentication.AuthenticationProvider;
|
import com.tuoheng.oauth.oidc.provider.CustomAuthenticationProvider;
|
||||||
import org.springframework.security.authentication.BadCredentialsException;
|
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
||||||
import org.springframework.security.core.Authentication;
|
|
||||||
import org.springframework.security.core.AuthenticationException;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.web.context.request.RequestContextHolder;
|
|
||||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
|
|
||||||
|
|
||||||
import java.security.KeyPair;
|
import java.security.KeyPair;
|
||||||
import java.security.KeyPairGenerator;
|
import java.security.KeyPairGenerator;
|
||||||
|
|
@ -216,42 +207,5 @@ public class SecurityConfig {
|
||||||
return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder();
|
return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
||||||
// 自定义认证提供者 - 用于验证参数接收
|
|
||||||
@Component
|
|
||||||
public static class CustomAuthenticationProvider implements AuthenticationProvider {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
|
|
||||||
if (authentication instanceof UsernamePasswordAuthenticationToken) {
|
|
||||||
String username = authentication.getName();
|
|
||||||
String password = authentication.getCredentials().toString();
|
|
||||||
|
|
||||||
// 获取HttpServletRequest来读取表单参数
|
|
||||||
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
|
||||||
String tenantCode = null;
|
|
||||||
String clientId = null;
|
|
||||||
|
|
||||||
if (attributes != null) {
|
|
||||||
HttpServletRequest request = attributes.getRequest();
|
|
||||||
tenantCode = request.getParameter("tenant_code");
|
|
||||||
clientId = request.getParameter("client_id");
|
|
||||||
}
|
|
||||||
|
|
||||||
// 打印接收到的参数用于验证
|
|
||||||
System.out.println("=== 认证参数验证 ===");
|
|
||||||
System.out.println("用户名: " + username);
|
|
||||||
System.out.println("密码: " + password);
|
|
||||||
System.out.println("租户代码: " + tenantCode);
|
|
||||||
System.out.println("客户端ID: " + clientId);
|
|
||||||
|
|
||||||
return new CustomAuthenticationToken(username, password, tenantCode, clientId);
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean supports(Class<?> authentication) {
|
|
||||||
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
@ -0,0 +1,87 @@
|
||||||
|
package com.tuoheng.oauth.oidc.provider;
|
||||||
|
|
||||||
|
import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
|
import org.springframework.security.authentication.BadCredentialsException;
|
||||||
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.core.AuthenticationException;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.context.request.RequestContextHolder;
|
||||||
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 自定义认证提供者,处理包含租户代码和客户端ID的认证
|
||||||
|
*/
|
||||||
|
@Component
|
||||||
|
public class CustomAuthenticationProvider implements AuthenticationProvider {
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private UserDetailsService userDetailsService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private PasswordEncoder passwordEncoder;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
|
||||||
|
if (authentication instanceof UsernamePasswordAuthenticationToken) {
|
||||||
|
String username = authentication.getName();
|
||||||
|
String password = authentication.getCredentials().toString();
|
||||||
|
|
||||||
|
// 获取HttpServletRequest来读取表单参数
|
||||||
|
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
||||||
|
String tenantCode = null;
|
||||||
|
String clientId = null;
|
||||||
|
|
||||||
|
if (attributes != null) {
|
||||||
|
HttpServletRequest request = attributes.getRequest();
|
||||||
|
tenantCode = request.getParameter("tenant_code");
|
||||||
|
clientId = request.getParameter("client_id");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 打印接收到的参数用于验证
|
||||||
|
System.out.println("=== 认证参数验证 ===");
|
||||||
|
System.out.println("用户名: " + username);
|
||||||
|
System.out.println("密码: " + password);
|
||||||
|
System.out.println("租户代码: " + tenantCode);
|
||||||
|
System.out.println("客户端ID: " + clientId);
|
||||||
|
|
||||||
|
//这边需要从数据库获取数据做教育
|
||||||
|
|
||||||
|
// 6. 创建认证成功的自定义Token
|
||||||
|
System.out.println("认证成功 - 用户: " + username + ", 租户: " + tenantCode + ", 客户端: " + clientId);
|
||||||
|
|
||||||
|
// 创建用户详情和权限
|
||||||
|
UserDetails userDetails = org.springframework.security.core.userdetails.User.builder()
|
||||||
|
.username(username)
|
||||||
|
.password(passwordEncoder.encode(password))
|
||||||
|
.roles("USER")
|
||||||
|
.build();
|
||||||
|
|
||||||
|
// 创建已认证的Token,包含权限信息
|
||||||
|
return new CustomAuthenticationToken(userDetails, password, userDetails.getAuthorities(), tenantCode, clientId);
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean supports(Class<?> authentication) {
|
||||||
|
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 验证用户名和密码
|
||||||
|
* 这里可以自定义验证逻辑,比如查询数据库
|
||||||
|
*/
|
||||||
|
private boolean isValidUser(String username, String password) {
|
||||||
|
// 这里使用简单的硬编码验证,实际应用中应该查询数据库
|
||||||
|
return ("user".equals(username) && "password".equals(password)) ||
|
||||||
|
("admin".equals(username) && "admin123".equals(password)) ||
|
||||||
|
("user2".equals(username) && "password2".equals(password));
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue