新增相关认证逻辑

tuoheng_oidc_server/src/main/java/com/tuoheng/controller/ThirdController.java

@@ -26,14 +26,13 @@ public class ThirdController {
     private ThirdService thirdService;
 
     @GetMapping("/authorize")
-    public JsonResult authorize(String token) {
-        return thirdService.authorize(token);
+    public JsonResult authorize(String clientId) {
+        return thirdService.authorize(clientId);
     }
 
     @GetMapping(value = "/redirect")
     public void redirect(HttpServletRequest req, HttpServletResponse resp) throws Exception {
-        //String contNo =req.getParameter("contNo"); //保单号
         log.info("访问www.baidu.com");
-        resp.sendRedirect("http://192.168.12.15:8080/transfer?token=123124124");
+        resp.sendRedirect("http://192.168.12.15:8080/transfer?clientId=tuoheng-airport-admin");
     }
 }

tuoheng_oidc_server/src/main/java/com/tuoheng/mapper/RegisteredClientMapper.java

@@ -0,0 +1,15 @@
+package com.tuoheng.mapper;
+
+import com.tuoheng.model.po.RegisteredClientPo;
+import com.tuoheng.until.JsonResult;
+import org.apache.ibatis.annotations.Param;
+
+/**
+ * @Author xiaoying
+ * @Date 2023/11/13 16:56
+ */
+public interface RegisteredClientMapper {
+
+    RegisteredClientPo selectClient(@Param("clientId") String clientId);
+
+}

tuoheng_oidc_server/src/main/java/com/tuoheng/model/po/RegisteredClientPo.java

@@ -0,0 +1,19 @@
+package com.tuoheng.model.po;
+
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+/**
+ * @Author xiaoying
+ * @Date 2023/11/13 16:52
+ */
+@Data
+@Accessors(chain = true)
+public class RegisteredClientPo {
+
+    private Integer id;
+
+    private String clientId;
+
+    private String clientSecret;
+}

tuoheng_oidc_server/src/main/java/com/tuoheng/model/result/ProfileResult.java

@@ -17,5 +17,6 @@ public class ProfileResult {
     private String userId;
     private String userName;
     private List<ClientRoleDto> clientRoleList;
+    private String azp;
 
 }

tuoheng_oidc_server/src/main/java/com/tuoheng/service/ThirdService.java

@@ -6,5 +6,5 @@ import javax.servlet.http.HttpServletRequest;
 
 public interface ThirdService {
 
-    JsonResult authorize(String token);
+    JsonResult authorize(String clientId);
 }

tuoheng_oidc_server/src/main/java/com/tuoheng/service/impl/ThirdServiceImpl.java

@@ -3,7 +3,10 @@ package com.tuoheng.service.impl;
 import com.alibaba.fastjson.JSONObject;
 import com.tuoheng.constants.OidcConstant;
 import com.tuoheng.constants.ThirdConstant;
+import com.tuoheng.exception.DiyException;
+import com.tuoheng.mapper.RegisteredClientMapper;
 import com.tuoheng.model.dto.ClientRoleDto;
+import com.tuoheng.model.po.RegisteredClientPo;
 import com.tuoheng.model.result.ProfileResult;
 import com.tuoheng.model.result.TokenResult;
 import com.tuoheng.service.ThirdService;
@@ -17,8 +20,11 @@ import org.springframework.http.*;
 import org.springframework.stereotype.Service;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
+import org.springframework.util.ObjectUtils;
+import org.springframework.util.StringUtils;
 import org.springframework.web.client.RestTemplate;
 
+import java.rmi.ServerException;
 import java.util.Base64;
 import java.util.List;
 
@@ -35,58 +41,57 @@ public class ThirdServiceImpl implements ThirdService {
 
     @Value("${oauth2.token.issuer}")
     private String tokenIssuer;
+    @Autowired
+    private RegisteredClientMapper registeredClientMapper;
+
+    private static final String username = "csadmin";
+
+    private static final String password = "thjs2023";
 
 
     /**
      * 根据第三方授权验证token 进行获取用户信息并跳转相关地址
      *
-     * @param token 第三方token
+     * @param clientId 平台标识
      * @return
      */
     @Override
-    public JsonResult authorize(String token) {
-
-        //String result = HttpUtils.sendPost(ThirdConstant.OAUTH_URL, token);
-        //此时模拟已获取username 以及password
-        String result = "csadmin";
+    public JsonResult authorize(String clientId) {
 
         //通过oidc的密码模式获取授权token 等相关信息数据
-        TokenResult tokenResult = getToken(result);
-        //封装用户名
-        tokenResult.setUserName(result);
+        TokenResult tokenResult = getToken(clientId);
+        tokenResult.setUserName(username);
         //此时通过token获取当前用户的相关权限信息并进行封装
-        tokenResult = getClientResult(tokenResult);
+        tokenResult = getClientResult(tokenResult, clientId);
         //数据封装完毕返回数据 以及相关地址 -> 是否重定向
-
-
         return JsonResult.success(tokenResult);
     }
 
     /**
      * 通过账号密码获取token
-     *
-     * @param result
      */
-    private TokenResult getToken(String result) {
-
-        String url = tokenIssuer + OidcConstant.OAUTH2_TOKEN;
+    private TokenResult getToken(String clientId) {
 
+        RegisteredClientPo clientPo = registeredClientMapper.selectClient(clientId);
+        if (ObjectUtils.isEmpty(clientPo)) {
+            throw new DiyException("该clientId不存在本系统中");
+        }
 
+        String url = tokenIssuer + OidcConstant.OAUTH2_TOKEN;
         MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
-        //TODO result含有参数
-        params.add("password", "thjs2023");
-        params.add("username", "csadmin");
+        params.add("password", password);
+        //定死账号密码
+        params.add("username", username);
         params.add("grant_type", "password");
         params.add("scope", "openid profile");
         //机场标识
-        String userMsg = "tuoheng-airport-admin" + ":" + "NjHifmmB41rH6bJTd4A7RA==";
+        String userMsg = clientPo.getClientId() + ":" + clientPo.getClientSecret();
         String authorization = Base64.getEncoder().encodeToString(userMsg.getBytes());
 
         ParameterizedTypeReference<TokenResult> parameterizedTypeReference =
                 new ParameterizedTypeReference<TokenResult>() {
                 };
 
-
         HttpHeaders headers = new HttpHeaders();
         headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
         headers.add("Authorization", "Basic " + authorization);
@@ -102,7 +107,7 @@ public class ThirdServiceImpl implements ThirdService {
      * @param tokenResult
      * @return
      */
-    private TokenResult getClientResult(TokenResult tokenResult) {
+    private TokenResult getClientResult(TokenResult tokenResult, String clientId) {
 
         String url = tokenIssuer + OidcConstant.GET_USERINFO;
 
@@ -128,7 +133,8 @@ public class ThirdServiceImpl implements ThirdService {
         tokenResult.setUserId(result.getUserId());
         tokenResult.setUserName(result.getUserName());
         ProfileResult profile = new ProfileResult();
-        BeanUtils.copyProperties(tokenResult,profile);
+        BeanUtils.copyProperties(tokenResult, profile);
+        profile.setSub(clientId);
         profile.setAuthority(authorityList);
         profile.setClientRoleList(clientRoleDtoList);
         tokenResult.setProfile(profile);

tuoheng_oidc_server/src/main/resources/mapper/RegisteredClientMapper.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.tuoheng.mapper.RegisteredClientMapper">
+
+
+    <select id="selectClient" resultType="com.tuoheng.model.po.RegisteredClientPo">
+        select id, client_id, client_secret
+        from tuoheng_oidc.oauth2_registered_client
+        where client_id = #{clientId}
+    </select>
+</mapper>