From 9d790b699999e6fcd340a1c47816546c30fd72a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AD=99=E5=B0=8F=E4=BA=91?= Date: Mon, 21 Jul 2025 18:39:09 +0800 Subject: [PATCH] xx --- .../com/tuoheng/oauth/oidc/db/DbService.java | 19 ++++++++++++-- .../TenantAwareAuthenticationProvider.java | 11 ++++---- .../service/CustomUserDetailsService.java | 8 ++++-- .../oauth/oidc/service/UserDetailsInfo.java | 25 +++++++++++++++++++ .../oidc/token/CustomTokenCustomizer.java | 9 +++++++ 5 files changed, 63 insertions(+), 9 deletions(-) create mode 100644 oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/db/DbService.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/db/DbService.java index bdb146d..3cdfcde 100644 --- a/oidc/src/main/java/com/tuoheng/oauth/oidc/db/DbService.java +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/db/DbService.java @@ -27,17 +27,31 @@ public class DbService { clients.add(new Client(2L, "b-client","b-secret","https://b.local.com/callback")); // 租户-客户端关系 + // 租户t1 可以登录 a b + // 租户t2 可以登录 a tenantClients.add(new TenantClient(1L, 1L,1L)); tenantClients.add(new TenantClient(2L, 1L,2L)); tenantClients.add(new TenantClient(3L, 2L,1L)); // 为租户添加用户 + // t1 u1 可登录 a b users.add(new User(1L,1L,"u1","u1",true,false)); - users.add(new User(2L,1L,"u2","u2",false,false)); + users.add(new User(2L,1L,"u2","u2",false,true)); users.add(new User(3L,2L,"u3","u3",false,false)); + users.add(new User(4L,2L,"u2","u2",false,false)); // 添加系统的普通用户 + // t1 u2 可以登录 a + // t2 u3 可以登录 a userClientAuthorities.add(new UserClientAuthorities(1L,2L,1L)); + userClientAuthorities.add(new UserClientAuthorities(2L,3L,1L)); + userClientAuthorities.add(new UserClientAuthorities(3L,4L,1L)); + + // 总结 + // t1 u1 可以登录 a b + // t1 u2 可以登录 a + // t2 u3 可以登录 a + // t2 u2 可以登录 a } @@ -45,6 +59,7 @@ public class DbService { public static class UserInfo { public String userName; public String password; + public Boolean longToken = false; public List validClient; } @@ -166,7 +181,7 @@ public class DbService { userInfo.validClient = clientUrls; } - + userInfo.longToken = user.getLongToken(); return userInfo; } diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java index 13f28e4..c2f9163 100644 --- a/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java @@ -1,6 +1,7 @@ package com.tuoheng.oauth.oidc.provider; import com.tuoheng.oauth.oidc.service.CustomUserDetailsService; +import com.tuoheng.oauth.oidc.service.UserDetailsInfo; import jakarta.servlet.http.HttpServletRequest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationProvider; @@ -48,18 +49,18 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider /** * 这边判断用户是否有权限 */ - UserDetails userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode); + UserDetailsInfo userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode); - - if (userDetails != null && passwordEncoder.matches(password, userDetails.getPassword())) { + if (userDetails != null && passwordEncoder.matches(password, userDetails.getUserDetails().getPassword())) { System.out.println("用户认证成功"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( - userDetails, password, userDetails.getAuthorities()); + userDetails, password, userDetails.getUserDetails().getAuthorities()); Map details = new HashMap<>(); details.put("client_id", clientId); details.put("tenant_code", tenantCode); - details.put("clientIds",userDetails.getAuthorities().toString()); + details.put("clientIds",userDetails.getUserDetails().getAuthorities().toString()); + details.put("isLongToken",userDetails.getIslongToken()); token.setDetails(details); return token; diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java index 7f56cfc..f64764a 100644 --- a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java @@ -28,7 +28,7 @@ public class CustomUserDetailsService implements UserDetailsService { * @return * @throws UsernameNotFoundException */ - public UserDetails loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException { + public UserDetailsInfo loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException { if(!dbService.isValidClientId(clientId)) { return null; @@ -46,7 +46,9 @@ public class CustomUserDetailsService implements UserDetailsService { if(Objects.nonNull(userInfo)) { String[] authorities = userInfo.validClient.toArray(new String[0]); - return org.springframework.security.core.userdetails.User.builder() + + UserDetailsInfo userDetailsInfo = new UserDetailsInfo(); + userDetailsInfo.userDetails = org.springframework.security.core.userdetails.User.builder() .username(userInfo.userName) .password(passwordEncoder.encode(userInfo.password)) .authorities(authorities) @@ -55,6 +57,8 @@ public class CustomUserDetailsService implements UserDetailsService { .credentialsExpired(false) .disabled(false) .build(); + userDetailsInfo.islongToken = userInfo.longToken; + return userDetailsInfo; }else { return null; diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java new file mode 100644 index 0000000..59326ea --- /dev/null +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java @@ -0,0 +1,25 @@ +package com.tuoheng.oauth.oidc.service; + +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; + +public class UserDetailsInfo { + public UserDetails getUserDetails() { + return userDetails; + } + + public void setUserDetails(UserDetails userDetails) { + this.userDetails = userDetails; + } + + public Boolean getIslongToken() { + return islongToken; + } + + public void setIslongToken(Boolean islongToken) { + this.islongToken = islongToken; + } + + UserDetails userDetails; + Boolean islongToken; +} diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomTokenCustomizer.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomTokenCustomizer.java index f4329dc..4b04762 100644 --- a/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomTokenCustomizer.java +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomTokenCustomizer.java @@ -7,7 +7,10 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext; import org.springframework.stereotype.Component; +import java.time.Instant; +import java.time.temporal.ChronoUnit; import java.util.Map; +import java.util.Objects; @Component public class CustomTokenCustomizer implements OAuth2TokenCustomizer { @@ -33,6 +36,12 @@ public class CustomTokenCustomizer implements OAuth2TokenCustomizer