sunpeng
/
oidc-gateway-demo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xx

This commit is contained in:
孙小云 2025-07-21 18:39:09 +08:00
parent fe56edd54f
commit 9d790b6999
5 changed files with 63 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
oidc/src/main/java/com/tuoheng/oauth/oidc/db/DbService.java
View File

@ -27,17 +27,31 @@ public class DbService {
clients.add(new Client(2L, "b-client","b-secret","https://b.local.com/callback"));
// 租户-客户端关系
// 租户t1 可以登录 a b
// 租户t2 可以登录 a
tenantClients.add(new TenantClient(1L, 1L,1L));
tenantClients.add(new TenantClient(2L, 1L,2L));
tenantClients.add(new TenantClient(3L, 2L,1L));
// 为租户添加用户
// t1 u1 可登录 a b
users.add(new User(1L,1L,"u1","u1",true,false));
users.add(new User(2L,1L,"u2","u2",false,false));
users.add(new User(2L,1L,"u2","u2",false,true));
users.add(new User(3L,2L,"u3","u3",false,false));
users.add(new User(4L,2L,"u2","u2",false,false));
// 添加系统的普通用户
// t1 u2 可以登录 a
// t2 u3 可以登录 a
userClientAuthorities.add(new UserClientAuthorities(1L,2L,1L));
userClientAuthorities.add(new UserClientAuthorities(2L,3L,1L));
userClientAuthorities.add(new UserClientAuthorities(3L,4L,1L));
// 总结
// t1 u1 可以登录 a b
// t1 u2 可以登录 a
// t2 u3 可以登录 a
// t2 u2 可以登录 a
}
@ -45,6 +59,7 @@ public class DbService {
public static class UserInfo {
public String userName;
public String password;
public Boolean longToken = false;
public List<String> validClient;
}
@ -166,7 +181,7 @@ public class DbService {
userInfo.validClient = clientUrls;
}
userInfo.longToken = user.getLongToken();
return userInfo;
}

11
oidc/src/main/java/com/tuoheng/oauth/oidc/provider/TenantAwareAuthenticationProvider.java
View File

@ -1,6 +1,7 @@
package com.tuoheng.oauth.oidc.provider;
import com.tuoheng.oauth.oidc.service.CustomUserDetailsService;
import com.tuoheng.oauth.oidc.service.UserDetailsInfo;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
@ -48,18 +49,18 @@ public class TenantAwareAuthenticationProvider implements AuthenticationProvider
/**
* 这边判断用户是否有权限
*/
UserDetails userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode);
UserDetailsInfo userDetails = userDetailsService.loadUserByUsername(username,clientId,tenantCode);
if (userDetails != null && passwordEncoder.matches(password, userDetails.getPassword())) {
if (userDetails != null && passwordEncoder.matches(password, userDetails.getUserDetails().getPassword())) {
System.out.println("用户认证成功");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
userDetails, password, userDetails.getAuthorities());
userDetails, password, userDetails.getUserDetails().getAuthorities());
Map<String, Object> details = new HashMap<>();
details.put("client_id", clientId);
details.put("tenant_code", tenantCode);
details.put("clientIds",userDetails.getAuthorities().toString());
details.put("clientIds",userDetails.getUserDetails().getAuthorities().toString());
details.put("isLongToken",userDetails.getIslongToken());
token.setDetails(details);
return token;

8
oidc/src/main/java/com/tuoheng/oauth/oidc/service/CustomUserDetailsService.java
View File

@ -28,7 +28,7 @@ public class CustomUserDetailsService implements UserDetailsService {
* @return
* @throws UsernameNotFoundException
*/
public UserDetails loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException {
public UserDetailsInfo loadUserByUsername(String username,String clientId,String tenantCode) throws UsernameNotFoundException {
if(!dbService.isValidClientId(clientId)) {
return null;
@ -46,7 +46,9 @@ public class CustomUserDetailsService implements UserDetailsService {
if(Objects.nonNull(userInfo)) {
String[] authorities = userInfo.validClient.toArray(new String[0]);
return org.springframework.security.core.userdetails.User.builder()
UserDetailsInfo userDetailsInfo = new UserDetailsInfo();
userDetailsInfo.userDetails = org.springframework.security.core.userdetails.User.builder()
.username(userInfo.userName)
.password(passwordEncoder.encode(userInfo.password))
.authorities(authorities)
@ -55,6 +57,8 @@ public class CustomUserDetailsService implements UserDetailsService {
.credentialsExpired(false)
.disabled(false)
.build();
userDetailsInfo.islongToken = userInfo.longToken;
return userDetailsInfo;
}else {
return null;

25
oidc/src/main/java/com/tuoheng/oauth/oidc/service/UserDetailsInfo.java Normal file
View File

@ -0,0 +1,25 @@
package com.tuoheng.oauth.oidc.service;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
public class UserDetailsInfo {
public UserDetails getUserDetails() {
return userDetails;
}
public void setUserDetails(UserDetails userDetails) {
this.userDetails = userDetails;
}
public Boolean getIslongToken() {
return islongToken;
}
public void setIslongToken(Boolean islongToken) {
this.islongToken = islongToken;
}
UserDetails userDetails;
Boolean islongToken;
}

9
oidc/src/main/java/com/tuoheng/oauth/oidc/token/CustomTokenCustomizer.java
View File

@ -7,7 +7,10 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext;
import org.springframework.stereotype.Component;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Map;
import java.util.Objects;
@Component
public class CustomTokenCustomizer implements OAuth2TokenCustomizer<JwtEncodingContext> {
@ -33,6 +36,12 @@ public class CustomTokenCustomizer implements OAuth2TokenCustomizer<JwtEncodingC
if(clientIds != null) {
context.getClaims().claim("clientIds", clientIds);
}
Boolean isLongToken = (Boolean) details.get("isLongToken");
if(Objects.equals(isLongToken, Boolean.TRUE)) {
Instant now = Instant.now();
Instant expiresAt = now.plus(30, ChronoUnit.DAYS);
context.getClaims().expiresAt(expiresAt);
}
}
}
}