diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
index 2b98558..316022c 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
@@ -102,7 +102,7 @@ public class SecurityConfig {
.oidc(Customizer.withDefaults()); // 启用 OpenID Connect
http.exceptionHandling(exceptions ->
- exceptions.authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint("/login"))
+ exceptions.authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint("/tologin"))
);
return http.build();
@@ -119,23 +119,23 @@ public class SecurityConfig {
.requestMatchers("/.well-known/openid_configuration").permitAll()
.requestMatchers("/oauth2/jwks").permitAll()
.requestMatchers("/logout").permitAll()
- .requestMatchers("/login").permitAll()
+ .requestMatchers("/tologin").permitAll()
.requestMatchers("/oidc-logout").permitAll()
.anyRequest().authenticated()
)
.oauth2ResourceServer(oauth2 -> oauth2.jwt()) // 新增,支持JWT
.formLogin(form -> form
- .loginPage("/login")
- .loginProcessingUrl("/login")
+ .loginPage("/tologin")
+ .loginProcessingUrl("/tologin")
.defaultSuccessUrl("/")
- .failureUrl("/login?error=bad_credentials")
+ .failureUrl("/tologin?error=bad_credentials")
.permitAll()
)
.cors(cors -> cors.configurationSource(corsConfigurationSource())) // 添加CORS支持
.csrf(csrf -> csrf.ignoringRequestMatchers("/logout")) // 禁用logout端点的CSRF保护
.logout(logout -> logout
.logoutUrl("/logout")
- .logoutSuccessUrl("/login?logout")
+ .logoutSuccessUrl("/tologin?logout")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.permitAll()
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/LoginController.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/LoginController.java
index 4ef1146..bf79651 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/LoginController.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/LoginController.java
@@ -15,7 +15,7 @@ import java.nio.file.Paths;
public class LoginController {
- @GetMapping("/login")
+ @GetMapping("/tologin")
@ResponseBody
public String login(HttpServletRequest request, @RequestParam(value = "client_id", required = false) String clientId) throws IOException {
// 读取静态HTML文件
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/OidcLogoutController.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/OidcLogoutController.java
index 9ce3f56..a841057 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/OidcLogoutController.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/controller/OidcLogoutController.java
@@ -26,6 +26,6 @@ public class OidcLogoutController {
if (redirectUri != null && !redirectUri.isEmpty()) {
return "redirect:" + redirectUri;
}
- return "redirect:/login?logout";
+ return "redirect:/tologin?logout";
}
}
\ No newline at end of file
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java
index 7a3d66d..973d437 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java
@@ -55,6 +55,9 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider
*/
UserDetailsInfo userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode);
+ /**
+ * 往Token里面加信息
+ */
if (userDetails != null && passwordEncoder.matches(password, userDetails.getUserDetails().getPassword())) {
System.out.println("用户认证成功");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
@@ -65,6 +68,9 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider
details.put("tenant_code", tenantCode);
details.put("clientIds",userDetails.getUserDetails().getAuthorities().toString());
details.put("isLongToken",userDetails.getIslongToken());
+ /**
+ *
+ */
token.setDetails(details);
return token;
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java
index 70e2811..3aa1d46 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java
@@ -30,7 +30,8 @@ public class CustomUserDetailsService implements UserDetailsService {
*/
public UserDetailsInfo loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException {
- if(!dbService.isValidClientId(clientId)) {
+
+ if(!dbService.isValidClientId(clientId)) {
return null;
}
@@ -49,18 +50,19 @@ public class CustomUserDetailsService implements UserDetailsService {
DbService.UserInfo userInfo = dbService.getUser(clientId,tenantCode,username);
if(Objects.nonNull(userInfo)) {
- String[] authorities = userInfo.validClient.toArray(new String[0]);
+ String[] validUrls = userInfo.validClient.toArray(new String[0]);
UserDetailsInfo userDetailsInfo = new UserDetailsInfo();
userDetailsInfo.userDetails = org.springframework.security.core.userdetails.User.builder()
.username(userInfo.userName)
.password(passwordEncoder.encode(userInfo.password))
- .authorities(authorities)
+ .authorities(validUrls)
.accountExpired(false)
.accountLocked(false)
.credentialsExpired(false)
.disabled(false)
.build();
userDetailsInfo.islongToken = userInfo.longToken;
+// userDetailsInfo.setValidUrl(validUrls);
return userDetailsInfo;
}else {
diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java
index 59326ea..55bf229 100644
--- a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java
+++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java
@@ -3,6 +3,8 @@ package com.tuoheng.oauth.oidc.service;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
+import java.util.List;
+
public class UserDetailsInfo {
public UserDetails getUserDetails() {
return userDetails;
@@ -22,4 +24,14 @@ public class UserDetailsInfo {
UserDetails userDetails;
Boolean islongToken;
+
+ public String[] getValidUrl() {
+ return validUrl;
+ }
+
+ public void setValidUrl(String[] validUrl) {
+ this.validUrl = validUrl;
+ }
+
+ String[] validUrl;
}
diff --git a/oidc/src/main/resources/static/login.html b/oidc/src/main/resources/static/login.html
index 9a858ac..d8ceb99 100644
--- a/oidc/src/main/resources/static/login.html
+++ b/oidc/src/main/resources/static/login.html
@@ -148,7 +148,7 @@
-