xx

2025-07-19 11:26:07 +08:00 · 2025-07-19 11:26:07 +08:00 · 454349a35f
parent 7710f8c36a
commit 454349a35f
3 changed files with 65 additions and 7 deletions
--- a/gateway/.idea/workspace.xml
+++ b/gateway/.idea/workspace.xml
@ -107,6 +107,7 @@
      <workItem from="1752886146802" duration="788000" />
      <workItem from="1752887366989" duration="14000" />
      <workItem from="1752887418038" duration="62000" />
+      <workItem from="1752888896680" duration="878000" />
    </task>
    <servers />
  </component>
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
@ -41,6 +41,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import jakarta.servlet.http.HttpServletRequest;
+import com.tuoheng.oauth.oidc.token.CustomAuthenticationToken;

 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
@ -243,12 +244,7 @@ public class SecurityConfig {
                System.out.println("租户代码: " + tenantCode);
                System.out.println("客户端ID: " + clientId);

-                // 这里只是验证参数接收，暂时使用简单的用户验证
-                if ("user".equals(username) && "password".equals(password)) {
-                    return new UsernamePasswordAuthenticationToken(username, password, authentication.getAuthorities());
-                } else {
-                    throw new BadCredentialsException("用户名或密码错误");
-                }
+                return new CustomAuthenticationToken(username, password, tenantCode, clientId);
            }
            return null;
        }
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomAuthenticationToken.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomAuthenticationToken.java
@ -0,0 +1,61 @@
+package com.tuoheng.oauth.oidc.token;
+
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+
+import java.util.Collection;
+
+/**
+ * 自定义认证Token，包含租户代码和客户端ID
+ */
+public class CustomAuthenticationToken extends UsernamePasswordAuthenticationToken {
+
+    private final String tenantCode;
+    private final String clientId;
+
+    /**
+     * 构造函数 - 用于认证请求
+     */
+    public CustomAuthenticationToken(Object principal, Object credentials, String tenantCode, String clientId) {
+        super(principal, credentials);
+        this.tenantCode = tenantCode;
+        this.clientId = clientId;
+    }
+
+    /**
+     * 构造函数 - 用于已认证的token
+     */
+    public CustomAuthenticationToken(Object principal, Object credentials, 
+                                  Collection<? extends GrantedAuthority> authorities, String tenantCode, String clientId) {
+        super(principal, credentials, authorities);
+        this.tenantCode = tenantCode;
+        this.clientId = clientId;
+    }
+
+    /**
+     * 获取租户代码
+     */
+    public String getTenantCode() {
+        return tenantCode;
+    }
+
+    /**
+     * 获取客户端ID
+     */
+    public String getClientId() {
+        return clientId;
+    }
+
+    @Override
+    public String toString() {
+        StringBuilder sb = new StringBuilder();
+        sb.append(super.toString());
+        if (tenantCode != null) {
+            sb.append("; TenantCode: ").append(tenantCode);
+        }
+        if (clientId != null) {
+            sb.append("; ClientId: ").append(clientId);
+        }
+        return sb.toString();
+    }
+}