xx

oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java

@@ -32,6 +32,15 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import jakarta.servlet.http.HttpServletRequest;
 
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
@@ -72,7 +81,7 @@ public class SecurityConfig {
     // 配置应用安全过滤器链
     @Bean
     @Order(2)
-    public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
+    public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http, CustomAuthenticationProvider customAuthenticationProvider) throws Exception {
         http
                 .authorizeHttpRequests(authorize ->
                         authorize
@@ -84,6 +93,7 @@ public class SecurityConfig {
                                 .anyRequest().authenticated()
                 )
                 .oauth2ResourceServer(oauth2 -> oauth2.jwt()) // 新增，支持JWT
+                .authenticationProvider(customAuthenticationProvider) // 添加自定义认证提供者
                 .formLogin(form -> form
                         .loginPage("/login")
                         .loginProcessingUrl("/login")
@@ -204,4 +214,48 @@ public class SecurityConfig {
     public PasswordEncoder passwordEncoder() {
         return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder();
     }
+
+    // 自定义认证提供者 - 用于验证参数接收
+    @Component
+    public static class CustomAuthenticationProvider implements AuthenticationProvider {
+
+        @Override
+        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+            if (authentication instanceof UsernamePasswordAuthenticationToken) {
+                String username = authentication.getName();
+                String password = authentication.getCredentials().toString();
+                
+                // 获取HttpServletRequest来读取表单参数
+                ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+                String tenantCode = null;
+                String clientId = null;
+                
+                if (attributes != null) {
+                    HttpServletRequest request = attributes.getRequest();
+                    tenantCode = request.getParameter("tenant_code");
+                    clientId = request.getParameter("client_id");
+                }
+                
+                // 打印接收到的参数用于验证
+                System.out.println("=== 认证参数验证 ===");
+                System.out.println("用户名: " + username);
+                System.out.println("密码: " + password);
+                System.out.println("租户代码: " + tenantCode);
+                System.out.println("客户端ID: " + clientId);
+                
+                // 这里只是验证参数接收，暂时使用简单的用户验证
+                if ("user".equals(username) && "password".equals(password)) {
+                    return new UsernamePasswordAuthenticationToken(username, password, authentication.getAuthorities());
+                } else {
+                    throw new BadCredentialsException("用户名或密码错误");
+                }
+            }
+            return null;
+        }
+
+        @Override
+        public boolean supports(Class<?> authentication) {
+            return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
+        }
+    }
 }

oidc/src/main/resources/static/login.html

@@ -150,6 +150,7 @@
         
         <form id="login-form" method="post" action="/login">
             <input type="hidden" id="csrf-parameter" name="" value="" />
+            <input type="hidden" id="client-id" name="client_id" value="" />
             
             <div class="form-group">
                 <label for="username">用户名</label>
@@ -163,7 +164,7 @@
             
             <div class="form-group">
                 <label for="tenant-code">租户代码</label>
-                <input type="text" id="tenant-code" name="tenant-code" placeholder="请输入租户代码" autocomplete="off">
+                <input type="text" id="tenant-code" name="tenant_code" placeholder="请输入租户代码" autocomplete="off">
             </div>
             
             <div class="checkbox-group">
@@ -180,11 +181,17 @@
     </div>
     
     <script>
-        // 页面加载时检查错误参数
+        // 页面加载时检查错误参数和设置client_id
         window.addEventListener('DOMContentLoaded', function() {
             // 检查是否有错误参数
             const urlParams = new URLSearchParams(window.location.search);
             const error = urlParams.get('error');
+            const clientId = urlParams.get('client_id');
+            
+            // 设置client_id到隐藏字段
+            if (clientId) {
+                document.getElementById('client-id').value = clientId;
+            }
             
             if (error) {
                 const errorMessage = document.getElementById('error-message');