diff --git a/gateway/.idea/workspace.xml b/gateway/.idea/workspace.xml
index fc978c1..83db469 100644
--- a/gateway/.idea/workspace.xml
+++ b/gateway/.idea/workspace.xml
@@ -107,6 +107,7 @@
+
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
index 08da866..d90e8ba 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
@@ -41,6 +41,7 @@ import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import jakarta.servlet.http.HttpServletRequest;
+import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
@@ -242,13 +243,8 @@ public class SecurityConfig {
System.out.println("密码: " + password);
System.out.println("租户代码: " + tenantCode);
System.out.println("客户端ID: " + clientId);
-
- // 这里只是验证参数接收,暂时使用简单的用户验证
- if ("user".equals(username) && "password".equals(password)) {
- return new UsernamePasswordAuthenticationToken(username, password, authentication.getAuthorities());
- } else {
- throw new BadCredentialsException("用户名或密码错误");
- }
+
+ return new CustomAuthenticationToken(username, password, tenantCode, clientId);
}
return null;
}
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomAuthenticationToken.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomAuthenticationToken.java
new file mode 100644
index 0000000..039a190
--- /dev/null
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomAuthenticationToken.java
@@ -0,0 +1,61 @@
+package com.tuoheng.oauth.oidc.token;
+
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+
+import java.util.Collection;
+
+/**
+ * 自定义认证Token,包含租户代码和客户端ID
+ */
+public class CustomAuthenticationToken extends UsernamePasswordAuthenticationToken {
+
+ private final String tenantCode;
+ private final String clientId;
+
+ /**
+ * 构造函数 - 用于认证请求
+ */
+ public CustomAuthenticationToken(Object principal, Object credentials, String tenantCode, String clientId) {
+ super(principal, credentials);
+ this.tenantCode = tenantCode;
+ this.clientId = clientId;
+ }
+
+ /**
+ * 构造函数 - 用于已认证的token
+ */
+ public CustomAuthenticationToken(Object principal, Object credentials,
+ Collection authorities, String tenantCode, String clientId) {
+ super(principal, credentials, authorities);
+ this.tenantCode = tenantCode;
+ this.clientId = clientId;
+ }
+
+ /**
+ * 获取租户代码
+ */
+ public String getTenantCode() {
+ return tenantCode;
+ }
+
+ /**
+ * 获取客户端ID
+ */
+ public String getClientId() {
+ return clientId;
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append(super.toString());
+ if (tenantCode != null) {
+ sb.append("; TenantCode: ").append(tenantCode);
+ }
+ if (clientId != null) {
+ sb.append("; ClientId: ").append(clientId);
+ }
+ return sb.toString();
+ }
+}
\ No newline at end of file