sunpeng
/
oidc-gateway-demo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xx

This commit is contained in:
孙小云 2025-07-25 10:50:16 +08:00
parent c13eb5df79
commit 964532d142
7 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java
View File

@ -102,7 +102,7 @@ public class SecurityConfig {
.oidc(Customizer.withDefaults()); // 启用 OpenID Connect
http.exceptionHandling(exceptions ->
exceptions.authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint("/login"))
exceptions.authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint("/tologin"))
);
return http.build();
@ -119,23 +119,23 @@ public class SecurityConfig {
.requestMatchers("/.well-known/openid_configuration").permitAll()
.requestMatchers("/oauth2/jwks").permitAll()
.requestMatchers("/logout").permitAll()
.requestMatchers("/login").permitAll()
.requestMatchers("/tologin").permitAll()
.requestMatchers("/oidc-logout").permitAll()
.anyRequest().authenticated()
)
.oauth2ResourceServer(oauth2 -> oauth2.jwt()) // 新增支持JWT
.formLogin(form -> form
.loginPage("/login")
.loginProcessingUrl("/login")
.loginPage("/tologin")
.loginProcessingUrl("/tologin")
.defaultSuccessUrl("/")
.failureUrl("/login?error=bad_credentials")
.failureUrl("/tologin?error=bad_credentials")
.permitAll()
)
.cors(cors -> cors.configurationSource(corsConfigurationSource())) // 添加CORS支持
.csrf(csrf -> csrf.ignoringRequestMatchers("/logout")) // 禁用logout端点的CSRF保护
.logout(logout -> logout
.logoutUrl("/logout")
.logoutSuccessUrl("/login?logout")
.logoutSuccessUrl("/tologin?logout")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.permitAll()

2
oidc/src/main/java/com/tuoheng/oauth/oidc/controller/LoginController.java
View File

@ -15,7 +15,7 @@ import java.nio.file.Paths;
public class LoginController {
@GetMapping("/login")
@GetMapping("/tologin")
@ResponseBody
public String login(HttpServletRequest request, @RequestParam(value = "client_id", required = false) String clientId) throws IOException {
// 读取静态HTML文件

2
oidc/src/main/java/com/tuoheng/oauth/oidc/controller/OidcLogoutController.java
View File

@ -26,6 +26,6 @@ public class OidcLogoutController {
if (redirectUri != null && !redirectUri.isEmpty()) {
return "redirect:" + redirectUri;
}
return "redirect:/login?logout";
return "redirect:/tologin?logout";
}
}

6
oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java
View File

@ -55,6 +55,9 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider
*/
UserDetailsInfo userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode);
/**
* 往Token里面加信息
*/
if (userDetails != null && passwordEncoder.matches(password, userDetails.getUserDetails().getPassword())) {
System.out.println("用户认证成功");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
@ -65,6 +68,9 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider
details.put("tenant_code", tenantCode);
details.put("clientIds",userDetails.getUserDetails().getAuthorities().toString());
details.put("isLongToken",userDetails.getIslongToken());
/**
*
*/
token.setDetails(details);
return token;

6
oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java
View File

@ -30,6 +30,7 @@ public class CustomUserDetailsService implements UserDetailsService {
*/
public UserDetailsInfo loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException {
if(!dbService.isValidClientId(clientId)) {
return null;
}
@ -49,18 +50,19 @@ public class CustomUserDetailsService implements UserDetailsService {
DbService.UserInfo userInfo = dbService.getUser(clientId,tenantCode,username);
if(Objects.nonNull(userInfo)) {
String[] authorities = userInfo.validClient.toArray(new String[0]);
String[] validUrls = userInfo.validClient.toArray(new String[0]);
UserDetailsInfo userDetailsInfo = new UserDetailsInfo();
userDetailsInfo.userDetails = org.springframework.security.core.userdetails.User.builder()
.username(userInfo.userName)
.password(passwordEncoder.encode(userInfo.password))
.authorities(authorities)
.authorities(validUrls)
.accountExpired(false)
.accountLocked(false)
.credentialsExpired(false)
.disabled(false)
.build();
userDetailsInfo.islongToken = userInfo.longToken;
// userDetailsInfo.setValidUrl(validUrls);
return userDetailsInfo;
}else {

12
oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java
View File

@ -3,6 +3,8 @@ package com.tuoheng.oauth.oidc.service;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.List;
public class UserDetailsInfo {
public UserDetails getUserDetails() {
return userDetails;
@ -22,4 +24,14 @@ public class UserDetailsInfo {
UserDetails userDetails;
Boolean islongToken;
public String[] getValidUrl() {
return validUrl;
}
public void setValidUrl(String[] validUrl) {
this.validUrl = validUrl;
}
String[] validUrl;
}

2
oidc/src/main/resources/static/login.html
View File

@ -148,7 +148,7 @@
<div id="error-message" class="error-message"></div>
<form id="login-form" method="post" action="/login">
<form id="login-form" method="post" action="/tologin">
<input type="hidden" id="csrf-parameter" name="" value="" />
<input type="hidden" id="client-id" name="client_id" value="" />