package com.tuoheng.config; | package com.tuoheng.config; | ||||
import com.tuoheng.mapper.UserMapper; | |||||
import com.tuoheng.model.dto.UserBaseInfoDto; | |||||
import com.tuoheng.service.OidcUserInfoService; | import com.tuoheng.service.OidcUserInfoService; | ||||
import com.tuoheng.service.impl.OidcUserInfoServiceImpl; | |||||
import lombok.RequiredArgsConstructor; | import lombok.RequiredArgsConstructor; | ||||
import org.springframework.beans.factory.annotation.Autowired; | import org.springframework.beans.factory.annotation.Autowired; | ||||
import org.springframework.context.annotation.Bean; | import org.springframework.context.annotation.Bean; | ||||
@Autowired | @Autowired | ||||
private DataSource dataSource; | private DataSource dataSource; | ||||
@Autowired | |||||
private UserMapper userMapper; | |||||
@Bean | @Bean | ||||
@Order(1) | @Order(1) | ||||
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { | public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { | ||||
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = | OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = | ||||
new OAuth2AuthorizationServerConfigurer<>(); | new OAuth2AuthorizationServerConfigurer<>(); | ||||
OidcUserInfoService oidcUserInfoService = new OidcUserInfoService(); | |||||
OidcUserInfoServiceImpl oidcUserInfoService = new OidcUserInfoServiceImpl(); | |||||
//自定义用户映射器 | //自定义用户映射器 | ||||
Function<OidcUserInfoAuthenticationContext, OidcUserInfo> userInfoMapper = (context) -> { | Function<OidcUserInfoAuthenticationContext, OidcUserInfo> userInfoMapper = (context) -> { | ||||
OidcUserInfoAuthenticationToken authentication = context.getAuthentication(); | OidcUserInfoAuthenticationToken authentication = context.getAuthentication(); | ||||
JwtAuthenticationToken principal = (JwtAuthenticationToken) authentication.getPrincipal(); | JwtAuthenticationToken principal = (JwtAuthenticationToken) authentication.getPrincipal(); | ||||
return oidcUserInfoService.loadUser(principal.getName(), context.getAccessToken().getScopes()); | |||||
UserBaseInfoDto userBaseInfoDto = userMapper.getUserBaseInfo(principal.getName()); | |||||
return oidcUserInfoService.loadUser(principal.getName(), context.getAccessToken().getScopes(), userBaseInfoDto); | |||||
}; | }; | ||||
authorizationServerConfigurer.oidc((oidc) -> { | authorizationServerConfigurer.oidc((oidc) -> { | ||||
oidc.userInfoEndpoint((userInfo) -> userInfo.userInfoMapper(userInfoMapper)); | oidc.userInfoEndpoint((userInfo) -> userInfo.userInfoMapper(userInfoMapper)); |
package com.tuoheng.mapper; | package com.tuoheng.mapper; | ||||
import com.tuoheng.model.dto.UserBaseInfoDto; | |||||
import com.tuoheng.model.po.UserPo; | import com.tuoheng.model.po.UserPo; | ||||
import org.apache.ibatis.annotations.Mapper; | import org.apache.ibatis.annotations.Mapper; | ||||
int insertUser(UserPo userPo); | int insertUser(UserPo userPo); | ||||
UserBaseInfoDto getUserBaseInfo(String username); | |||||
} | } |
package com.tuoheng.model.dto; | |||||
import lombok.Data; | |||||
/** | |||||
* @author chenjiandong | |||||
* @description: TODO | |||||
* @date 2022/10/9 13:46 | |||||
*/ | |||||
@Data | |||||
public class UserBaseInfoDto { | |||||
private Integer userId; | |||||
private String userName; | |||||
private String authority; | |||||
} |
package com.tuoheng.service; | package com.tuoheng.service; | ||||
import com.nimbusds.jose.shaded.json.JSONObject; | |||||
import org.springframework.security.oauth2.core.oidc.OidcScopes; | |||||
import com.tuoheng.model.dto.UserBaseInfoDto; | |||||
import org.springframework.security.oauth2.core.oidc.OidcUserInfo; | import org.springframework.security.oauth2.core.oidc.OidcUserInfo; | ||||
import org.springframework.util.CollectionUtils; | |||||
import java.time.LocalDateTime; | |||||
import java.time.format.DateTimeFormatter; | |||||
import java.util.Collections; | |||||
import java.util.Set; | import java.util.Set; | ||||
/** | /** | ||||
* @description: TODO | * @description: TODO | ||||
* @date 2022/9/29 10:17 | * @date 2022/9/29 10:17 | ||||
*/ | */ | ||||
public class OidcUserInfoService { | |||||
public interface OidcUserInfoService { | |||||
OidcUserInfo loadUser(String name, Set<String> scopes, UserBaseInfoDto userBaseInfoDto); | |||||
public OidcUserInfo loadUser(String name, Set<String> scopes) { | |||||
OidcUserInfo.Builder builder = OidcUserInfo.builder().subject(name); | |||||
if (!CollectionUtils.isEmpty(scopes)) { | |||||
if (scopes.contains(OidcScopes.PROFILE)) { | |||||
builder.name("First Last") | |||||
.givenName("First") | |||||
.familyName("Last") | |||||
.middleName("Middle") | |||||
.nickname("User") | |||||
.preferredUsername(name) | |||||
.profile("http://127.0.0.1:8080/" + name) | |||||
.picture("http://127.0.0.1:8080/" + name + ".jpg") | |||||
.website("http://127.0.0.1:8080/") | |||||
.gender("female") | |||||
.birthdate("2022-05-24") | |||||
.zoneinfo("China/Beijing") | |||||
.locale("zh-cn") | |||||
.updatedAt(LocalDateTime.now().format(DateTimeFormatter.ISO_LOCAL_DATE)); | |||||
} | |||||
if (scopes.contains(OidcScopes.EMAIL)) { | |||||
builder.email(name + "@163.com").emailVerified(true); | |||||
} | |||||
if (scopes.contains(OidcScopes.ADDRESS)) { | |||||
JSONObject address = new JSONObject(); | |||||
address.put("address", Collections.singletonMap("formatted", "Champ de Mars\n5 Av. Anatole France\n75007 Paris\nFrance")); | |||||
builder.address(address.toJSONString()); | |||||
} | |||||
if (scopes.contains(OidcScopes.PHONE)) { | |||||
builder.phoneNumber("13728903134").phoneNumberVerified("false"); | |||||
} | |||||
} | |||||
return builder.build(); | |||||
} | |||||
} | } |
package com.tuoheng.service.impl; | |||||
import com.nimbusds.jose.shaded.json.JSONObject; | |||||
import com.tuoheng.mapper.UserMapper; | |||||
import com.tuoheng.model.dto.UserBaseInfoDto; | |||||
import com.tuoheng.service.OidcUserInfoService; | |||||
import org.springframework.beans.factory.annotation.Autowired; | |||||
import org.springframework.security.oauth2.core.oidc.OidcScopes; | |||||
import org.springframework.security.oauth2.core.oidc.OidcUserInfo; | |||||
import org.springframework.stereotype.Service; | |||||
import org.springframework.util.CollectionUtils; | |||||
import java.time.LocalDateTime; | |||||
import java.time.format.DateTimeFormatter; | |||||
import java.util.Calendar; | |||||
import java.util.Collections; | |||||
import java.util.Set; | |||||
/** | |||||
* @author chenjiandong | |||||
* @description: TODO | |||||
* @date 2022/10/9 13:40 | |||||
*/ | |||||
@Service | |||||
public class OidcUserInfoServiceImpl implements OidcUserInfoService { | |||||
@Override | |||||
public OidcUserInfo loadUser(String name, Set<String> scopes, UserBaseInfoDto userBaseInfoDto) { | |||||
OidcUserInfo.Builder builder = OidcUserInfo.builder().subject(String.valueOf(Calendar.getInstance().getTimeInMillis())); | |||||
if (!CollectionUtils.isEmpty(scopes)) { | |||||
if (scopes.contains(OidcScopes.PROFILE)) { | |||||
builder.claim("userId", userBaseInfoDto.getUserId()) | |||||
.claim("userName", userBaseInfoDto.getUserName()) | |||||
.claim("authority", userBaseInfoDto.getAuthority()); | |||||
} | |||||
/*if (scopes.contains(OidcScopes.EMAIL)) { | |||||
builder.email(name + "@163.com").emailVerified(true); | |||||
} | |||||
if (scopes.contains(OidcScopes.ADDRESS)) { | |||||
JSONObject address = new JSONObject(); | |||||
address.put("address", Collections.singletonMap("formatted", "Champ de Mars\n5 Av. Anatole France\n75007 Paris\nFrance")); | |||||
builder.address(address.toJSONString()); | |||||
} | |||||
if (scopes.contains(OidcScopes.PHONE)) { | |||||
builder.phoneNumber("13728903134").phoneNumberVerified("false"); | |||||
}*/ | |||||
} | |||||
return builder.build(); | |||||
} | |||||
} |
package com.tuoheng.service.impl; | package com.tuoheng.service.impl; | ||||
import com.sun.deploy.util.StringUtils; | |||||
import com.tuoheng.mapper.AuthoritiesMapper; | import com.tuoheng.mapper.AuthoritiesMapper; | ||||
import com.tuoheng.mapper.UserMapper; | import com.tuoheng.mapper.UserMapper; | ||||
import com.tuoheng.model.param.CreateUserDto; | import com.tuoheng.model.param.CreateUserDto; | ||||
import com.tuoheng.model.po.UserPo; | import com.tuoheng.model.po.UserPo; | ||||
import com.tuoheng.service.UserSevice; | import com.tuoheng.service.UserSevice; | ||||
import com.tuoheng.until.JsonResult; | import com.tuoheng.until.JsonResult; | ||||
import org.apache.tomcat.util.buf.StringUtils; | |||||
import org.springframework.beans.factory.annotation.Autowired; | import org.springframework.beans.factory.annotation.Autowired; | ||||
import org.springframework.security.core.userdetails.User; | import org.springframework.security.core.userdetails.User; | ||||
import org.springframework.security.core.userdetails.UserDetails; | import org.springframework.security.core.userdetails.UserDetails; | ||||
.setUsername(createUserDto.getUsername()) | .setUsername(createUserDto.getUsername()) | ||||
.setPassword("{bcrypt}" + new BCryptPasswordEncoder().encode(createUserDto.getPassword())); | .setPassword("{bcrypt}" + new BCryptPasswordEncoder().encode(createUserDto.getPassword())); | ||||
userMapper.insertUser(userPo); | userMapper.insertUser(userPo); | ||||
String roles = StringUtils.join(createUserDto.getRoles(),","); | |||||
String roles = StringUtils.join(createUserDto.getRoles(),','); | |||||
AuthoritiesPo authoritiesPo = new AuthoritiesPo() | AuthoritiesPo authoritiesPo = new AuthoritiesPo() | ||||
.setUserId(userPo.getId()) | .setUserId(userPo.getId()) |
values (#{username}, #{password}) | values (#{username}, #{password}) | ||||
</insert> | </insert> | ||||
<select id="getUserBaseInfo" resultType="com.tuoheng.model.dto.UserBaseInfoDto"> | |||||
select a.id as userId, a.username as userName, b.authority | |||||
from users a | |||||
inner join authorities b on a.id = b.user_id | |||||
where a.username = #{username} | |||||
</select> | |||||
</mapper> | </mapper> |