diff --git a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java index 42be227..08da866 100644 --- a/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java +++ b/oidc/src/main/java/com/tuoheng/oauth/oidc/config/SecurityConfig.java @@ -32,6 +32,15 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.stereotype.Component; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import jakarta.servlet.http.HttpServletRequest; import java.security.KeyPair; import java.security.KeyPairGenerator; @@ -72,7 +81,7 @@ public class SecurityConfig { // 配置应用安全过滤器链 @Bean @Order(2) - public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception { + public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http, CustomAuthenticationProvider customAuthenticationProvider) throws Exception { http .authorizeHttpRequests(authorize -> authorize @@ -84,6 +93,7 @@ public class SecurityConfig { .anyRequest().authenticated() ) .oauth2ResourceServer(oauth2 -> oauth2.jwt()) // 新增,支持JWT + .authenticationProvider(customAuthenticationProvider) // 添加自定义认证提供者 .formLogin(form -> form .loginPage("/login") .loginProcessingUrl("/login") @@ -204,4 +214,48 @@ public class SecurityConfig { public PasswordEncoder passwordEncoder() { return new org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder(); } + + // 自定义认证提供者 - 用于验证参数接收 + @Component + public static class CustomAuthenticationProvider implements AuthenticationProvider { + + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + if (authentication instanceof UsernamePasswordAuthenticationToken) { + String username = authentication.getName(); + String password = authentication.getCredentials().toString(); + + // 获取HttpServletRequest来读取表单参数 + ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); + String tenantCode = null; + String clientId = null; + + if (attributes != null) { + HttpServletRequest request = attributes.getRequest(); + tenantCode = request.getParameter("tenant_code"); + clientId = request.getParameter("client_id"); + } + + // 打印接收到的参数用于验证 + System.out.println("=== 认证参数验证 ==="); + System.out.println("用户名: " + username); + System.out.println("密码: " + password); + System.out.println("租户代码: " + tenantCode); + System.out.println("客户端ID: " + clientId); + + // 这里只是验证参数接收,暂时使用简单的用户验证 + if ("user".equals(username) && "password".equals(password)) { + return new UsernamePasswordAuthenticationToken(username, password, authentication.getAuthorities()); + } else { + throw new BadCredentialsException("用户名或密码错误"); + } + } + return null; + } + + @Override + public boolean supports(Class authentication) { + return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication); + } + } } \ No newline at end of file diff --git a/oidc/src/main/resources/static/login.html b/oidc/src/main/resources/static/login.html index f754b8f..05976d2 100644 --- a/oidc/src/main/resources/static/login.html +++ b/oidc/src/main/resources/static/login.html @@ -150,6 +150,7 @@
+
@@ -163,7 +164,7 @@
- +
@@ -180,11 +181,17 @@