Bläddra i källkod

新增相关认证逻辑

tags/v2.5.2^2
xiaoying 1 år sedan
förälder
incheckning
1f127c7440
7 ändrade filer med 80 tillägg och 29 borttagningar
  1. +3
    -4
      tuoheng_oidc_server/src/main/java/com/tuoheng/controller/ThirdController.java
  2. +15
    -0
      tuoheng_oidc_server/src/main/java/com/tuoheng/mapper/RegisteredClientMapper.java
  3. +19
    -0
      tuoheng_oidc_server/src/main/java/com/tuoheng/model/po/RegisteredClientPo.java
  4. +1
    -0
      tuoheng_oidc_server/src/main/java/com/tuoheng/model/result/ProfileResult.java
  5. +1
    -1
      tuoheng_oidc_server/src/main/java/com/tuoheng/service/ThirdService.java
  6. +30
    -24
      tuoheng_oidc_server/src/main/java/com/tuoheng/service/impl/ThirdServiceImpl.java
  7. +11
    -0
      tuoheng_oidc_server/src/main/resources/mapper/RegisteredClientMapper.xml

+ 3
- 4
tuoheng_oidc_server/src/main/java/com/tuoheng/controller/ThirdController.java Visa fil

@@ -26,14 +26,13 @@ public class ThirdController {
private ThirdService thirdService;

@GetMapping("/authorize")
public JsonResult authorize(String token) {
return thirdService.authorize(token);
public JsonResult authorize(String clientId) {
return thirdService.authorize(clientId);
}

@GetMapping(value = "/redirect")
public void redirect(HttpServletRequest req, HttpServletResponse resp) throws Exception {
//String contNo =req.getParameter("contNo"); //保单号
log.info("访问www.baidu.com");
resp.sendRedirect("http://192.168.12.15:8080/transfer?token=123124124");
resp.sendRedirect("http://192.168.12.15:8080/transfer?clientId=tuoheng-airport-admin");
}
}

+ 15
- 0
tuoheng_oidc_server/src/main/java/com/tuoheng/mapper/RegisteredClientMapper.java Visa fil

@@ -0,0 +1,15 @@
package com.tuoheng.mapper;

import com.tuoheng.model.po.RegisteredClientPo;
import com.tuoheng.until.JsonResult;
import org.apache.ibatis.annotations.Param;

/**
* @Author xiaoying
* @Date 2023/11/13 16:56
*/
public interface RegisteredClientMapper {

RegisteredClientPo selectClient(@Param("clientId") String clientId);

}

+ 19
- 0
tuoheng_oidc_server/src/main/java/com/tuoheng/model/po/RegisteredClientPo.java Visa fil

@@ -0,0 +1,19 @@
package com.tuoheng.model.po;

import lombok.Data;
import lombok.experimental.Accessors;

/**
* @Author xiaoying
* @Date 2023/11/13 16:52
*/
@Data
@Accessors(chain = true)
public class RegisteredClientPo {

private Integer id;

private String clientId;

private String clientSecret;
}

+ 1
- 0
tuoheng_oidc_server/src/main/java/com/tuoheng/model/result/ProfileResult.java Visa fil

@@ -17,5 +17,6 @@ public class ProfileResult {
private String userId;
private String userName;
private List<ClientRoleDto> clientRoleList;
private String azp;

}

+ 1
- 1
tuoheng_oidc_server/src/main/java/com/tuoheng/service/ThirdService.java Visa fil

@@ -6,5 +6,5 @@ import javax.servlet.http.HttpServletRequest;

public interface ThirdService {

JsonResult authorize(String token);
JsonResult authorize(String clientId);
}

+ 30
- 24
tuoheng_oidc_server/src/main/java/com/tuoheng/service/impl/ThirdServiceImpl.java Visa fil

@@ -3,7 +3,10 @@ package com.tuoheng.service.impl;
import com.alibaba.fastjson.JSONObject;
import com.tuoheng.constants.OidcConstant;
import com.tuoheng.constants.ThirdConstant;
import com.tuoheng.exception.DiyException;
import com.tuoheng.mapper.RegisteredClientMapper;
import com.tuoheng.model.dto.ClientRoleDto;
import com.tuoheng.model.po.RegisteredClientPo;
import com.tuoheng.model.result.ProfileResult;
import com.tuoheng.model.result.TokenResult;
import com.tuoheng.service.ThirdService;
@@ -17,8 +20,11 @@ import org.springframework.http.*;
import org.springframework.stereotype.Service;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;

import java.rmi.ServerException;
import java.util.Base64;
import java.util.List;

@@ -35,58 +41,57 @@ public class ThirdServiceImpl implements ThirdService {

@Value("${oauth2.token.issuer}")
private String tokenIssuer;
@Autowired
private RegisteredClientMapper registeredClientMapper;

private static final String username = "csadmin";

private static final String password = "thjs2023";


/**
* 根据第三方授权验证token 进行获取用户信息并跳转相关地址
*
* @param token 第三方token
* @param clientId 平台标识
* @return
*/
@Override
public JsonResult authorize(String token) {

//String result = HttpUtils.sendPost(ThirdConstant.OAUTH_URL, token);
//此时模拟已获取username 以及password
String result = "csadmin";
public JsonResult authorize(String clientId) {

//通过oidc的密码模式获取授权token 等相关信息数据
TokenResult tokenResult = getToken(result);
//封装用户名
tokenResult.setUserName(result);
TokenResult tokenResult = getToken(clientId);
tokenResult.setUserName(username);
//此时通过token获取当前用户的相关权限信息并进行封装
tokenResult = getClientResult(tokenResult);
tokenResult = getClientResult(tokenResult, clientId);
//数据封装完毕返回数据 以及相关地址 -> 是否重定向


return JsonResult.success(tokenResult);
}

/**
* 通过账号密码获取token
*
* @param result
*/
private TokenResult getToken(String result) {

String url = tokenIssuer + OidcConstant.OAUTH2_TOKEN;
private TokenResult getToken(String clientId) {

RegisteredClientPo clientPo = registeredClientMapper.selectClient(clientId);
if (ObjectUtils.isEmpty(clientPo)) {
throw new DiyException("该clientId不存在本系统中");
}

String url = tokenIssuer + OidcConstant.OAUTH2_TOKEN;
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
//TODO result含有参数
params.add("password", "thjs2023");
params.add("username", "csadmin");
params.add("password", password);
//定死账号密码
params.add("username", username);
params.add("grant_type", "password");
params.add("scope", "openid profile");
//机场标识
String userMsg = "tuoheng-airport-admin" + ":" + "NjHifmmB41rH6bJTd4A7RA==";
String userMsg = clientPo.getClientId() + ":" + clientPo.getClientSecret();
String authorization = Base64.getEncoder().encodeToString(userMsg.getBytes());

ParameterizedTypeReference<TokenResult> parameterizedTypeReference =
new ParameterizedTypeReference<TokenResult>() {
};


HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.add("Authorization", "Basic " + authorization);
@@ -102,7 +107,7 @@ public class ThirdServiceImpl implements ThirdService {
* @param tokenResult
* @return
*/
private TokenResult getClientResult(TokenResult tokenResult) {
private TokenResult getClientResult(TokenResult tokenResult, String clientId) {

String url = tokenIssuer + OidcConstant.GET_USERINFO;

@@ -128,7 +133,8 @@ public class ThirdServiceImpl implements ThirdService {
tokenResult.setUserId(result.getUserId());
tokenResult.setUserName(result.getUserName());
ProfileResult profile = new ProfileResult();
BeanUtils.copyProperties(tokenResult,profile);
BeanUtils.copyProperties(tokenResult, profile);
profile.setSub(clientId);
profile.setAuthority(authorityList);
profile.setClientRoleList(clientRoleDtoList);
tokenResult.setProfile(profile);

+ 11
- 0
tuoheng_oidc_server/src/main/resources/mapper/RegisteredClientMapper.xml Visa fil

@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.tuoheng.mapper.RegisteredClientMapper">


<select id="selectClient" resultType="com.tuoheng.model.po.RegisteredClientPo">
select id, client_id, client_secret
from tuoheng_oidc.oauth2_registered_client
where client_id = #{clientId}
</select>
</mapper>

Laddar…
Avbryt
Spara