sunpeng
/
oidc-gateway-demo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xx

This commit is contained in:
孙小云 2025-07-19 11:35:12 +08:00
parent 454349a35f
commit 1750327010
2 changed files with 89 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
View File

@ -32,16 +32,7 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import jakarta.servlet.http.HttpServletRequest;
import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
import com.tuoheng.oauth.oidc.provider.CustomAuthenticationProvider;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
@ -216,42 +207,5 @@ public class SecurityConfig {
return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder();
}
// 自定义认证提供者 - 用于验证参数接收
@Component
public static class CustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (authentication instanceof UsernamePasswordAuthenticationToken) {
String username = authentication.getName();
String password = authentication.getCredentials().toString();
// 获取HttpServletRequest来读取表单参数
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
String tenantCode = null;
String clientId = null;
if (attributes != null) {
HttpServletRequest request = attributes.getRequest();
tenantCode = request.getParameter("tenant_code");
clientId = request.getParameter("client_id");
}
// 打印接收到的参数用于验证
System.out.println("=== 认证参数验证 ===");
System.out.println("用户名: " + username);
System.out.println("密码: " + password);
System.out.println("租户代码: " + tenantCode);
System.out.println("客户端ID: " + clientId);
return new CustomAuthenticationToken(username, password, tenantCode, clientId);
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}
}
}

87
oidc/src/main/java/com/tuoheng/oauth/oidc/provider/CustomAuthenticationProvider.java Normal file
View File

@ -0,0 +1,87 @@
package com.tuoheng.oauth.oidc.provider;
import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import jakarta.servlet.http.HttpServletRequest;
/**
* 自定义认证提供者处理包含租户代码和客户端ID的认证
*/
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private PasswordEncoder passwordEncoder;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (authentication instanceof UsernamePasswordAuthenticationToken) {
String username = authentication.getName();
String password = authentication.getCredentials().toString();
// 获取HttpServletRequest来读取表单参数
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
String tenantCode = null;
String clientId = null;
if (attributes != null) {
HttpServletRequest request = attributes.getRequest();
tenantCode = request.getParameter("tenant_code");
clientId = request.getParameter("client_id");
}
// 打印接收到的参数用于验证
System.out.println("=== 认证参数验证 ===");
System.out.println("用户名: " + username);
System.out.println("密码: " + password);
System.out.println("租户代码: " + tenantCode);
System.out.println("客户端ID: " + clientId);
//这边需要从数据库获取数据做教育
// 6. 创建认证成功的自定义Token
System.out.println("认证成功 - 用户: " + username + ", 租户: " + tenantCode + ", 客户端: " + clientId);
// 创建用户详情和权限
UserDetails userDetails = org.springframework.security.core.userdetails.User.builder()
.username(username)
.password(passwordEncoder.encode(password))
.roles("USER")
.build();
// 创建已认证的Token包含权限信息
return new CustomAuthenticationToken(userDetails, password, userDetails.getAuthorities(), tenantCode, clientId);
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}
/**
* 验证用户名和密码
* 这里可以自定义验证逻辑比如查询数据库
*/
private boolean isValidUser(String username, String password) {
// 这里使用简单的硬编码验证实际应用中应该查询数据库
return ("user".equals(username) && "password".equals(password)) ||
("admin".equals(username) && "admin123".equals(password)) ||
("user2".equals(username) && "password2".equals(password));
}
}