gitee
/
eiam
mirror of https://gitee.com/topiam/eiam
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

优化支付宝认证

pull/37/head
smallbun 2023-08-28 22:12:11 +08:00
parent 3950546186
commit 3da3515b71
3 changed files with 6 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipayClient.java
View File

@ -56,14 +56,18 @@ public class AlipayClient {
}
retryTimes = retryTimes + 1;
try {
//@formatter:off
java.util.Map<String, String> systemParams = TeaConverter.buildMap(
new TeaPair("method", "alipay.system.oauth.token"),
new TeaPair("app_id", kernel.getConfig("appId")),
new TeaPair("timestamp", kernel.getTimestamp()), new TeaPair("format", "json"),
new TeaPair("timestamp", kernel.getTimestamp()),
new TeaPair("format", "json"),
new TeaPair("version", "1.0"),
new TeaPair("charset", "UTF-8"),
new TeaPair("sign_type", kernel.getConfig("signType")),
new TeaPair("app_cert_sn", kernel.getMerchantCertSN()),
new TeaPair("alipay_root_cert_sn", kernel.getAlipayRootCertSN()));
//@formatter:no
java.util.Map<String, Object> bizParams = new java.util.HashMap<>();
java.util.Map<String, String> textParams = TeaConverter.buildMap(
new TeaPair("grant_type", "authorization_code"), new TeaPair("code", code));
@ -100,73 +104,6 @@ public class AlipayClient {
throw new TeaUnretryableException(request);
}
/**
*
*
* @param authToken {@link String}
* @return {@link AlipaySystemOauthTokenResponse}
* @throws Exception Exception
*/
public AlipaySystemUserInfoShareResponse getUserInfo(String authToken) throws Exception {
java.util.Map<String, Object> runtime = getRuntime();
TeaRequest request = null;
long now = System.currentTimeMillis();
int retryTimes = 0;
while (Tea.allowRetry((java.util.Map<String, Object>) runtime.get("retry"), retryTimes,
now)) {
if (retryTimes > 0) {
int backoffTime = Tea.getBackoffTime(runtime.get("backoff"), retryTimes);
if (backoffTime > 0) {
Tea.sleep(backoffTime);
}
}
retryTimes = retryTimes + 1;
try {
java.util.Map<String, String> systemParams = TeaConverter.buildMap(
new TeaPair("method", "alipay.user.info.share"),
new TeaPair("app_id", kernel.getConfig("appId")),
new TeaPair("timestamp", kernel.getTimestamp()), new TeaPair("format", "json"),
new TeaPair("charset", "UTF-8"),
new TeaPair("sign_type", kernel.getConfig("signType")),
new TeaPair("app_cert_sn", kernel.getMerchantCertSN()),
new TeaPair("alipay_root_cert_sn", kernel.getAlipayRootCertSN()));
java.util.Map<String, Object> bizParams = new java.util.HashMap<>();
java.util.Map<String, String> textParams = TeaConverter
.buildMap(new TeaPair("auth_token", authToken));
request = getRequest(systemParams, bizParams, textParams);
TeaResponse response = Tea.doAction(request, runtime);
java.util.Map<String, Object> respMap = kernel.readAsJson(response,
"alipay.user.info.share");
if (kernel.isCertMode()) {
if (kernel.verify(respMap,
kernel.extractAlipayPublicKey(kernel.getAlipayCertSN(respMap)))) {
return TeaModel.toModel(kernel.toRespModel(respMap),
new AlipaySystemUserInfoShareResponse());
}
} else {
if (kernel.verify(respMap, kernel.getConfig("alipayPublicKey"))) {
return TeaModel.toModel(kernel.toRespModel(respMap),
new AlipaySystemUserInfoShareResponse());
}
}
throw new TeaException(
TeaConverter.buildMap(new TeaPair("message", "验签失败,请检查支付宝公钥设置是否正确。")));
} catch (Exception e) {
if (Tea.isRetryable(e)) {
continue;
}
throw new RuntimeException(e);
}
}
throw new TeaUnretryableException(request);
}
private TeaRequest getRequest(Map<String, String> systemParams, Map<String, Object> bizParams,
Map<String, String> textParams) throws Exception {
TeaRequest request = new TeaRequest();

79
eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipaySystemUserInfoShareResponse.java
View File

@ -1,79 +0,0 @@
/*
* eiam-authentication-alipay - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.authentication.alipay.client;
import com.aliyun.tea.NameInMap;
import com.aliyun.tea.TeaModel;
import com.aliyun.tea.Validation;
import lombok.Getter;
import lombok.Setter;
/**
*
* @author TopIAM
* Created by support@topiam.cn on 2023/8/25 22:26
*/
@Getter
@Setter
public class AlipaySystemUserInfoShareResponse extends TeaModel {
@NameInMap("http_body")
@Validation(required = true)
public String httpBody;
@NameInMap("code")
@Validation(required = true)
public String code;
@NameInMap("msg")
@Validation(required = true)
public String msg;
@NameInMap("sub_code")
@Validation(required = true)
public String subCode;
@NameInMap("sub_msg")
@Validation(required = true)
public String subMsg;
@NameInMap("user_id")
@Validation(required = true)
public String userId;
@NameInMap("avatar")
@Validation(required = true)
public String avatar;
@NameInMap("city")
@Validation(required = true)
public Long city;
@NameInMap("nick_name")
@Validation(required = true)
public String nickName;
@NameInMap("province")
@Validation(required = true)
public Long province;
@NameInMap("gender")
@Validation(required = true)
public Long gender;
}

9
eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/filter/AlipayLoginAuthenticationFilter.java
View File

@ -41,7 +41,6 @@ import com.alipay.easysdk.kernel.Context;
import cn.topiam.employee.authentication.alipay.AlipayIdpOAuth2Config;
import cn.topiam.employee.authentication.alipay.client.AlipayClient;
import cn.topiam.employee.authentication.alipay.client.AlipaySystemOauthTokenResponse;
import cn.topiam.employee.authentication.alipay.client.AlipaySystemUserInfoShareResponse;
import cn.topiam.employee.authentication.common.authentication.IdpUserDetails;
import cn.topiam.employee.authentication.common.filter.AbstractIdpAuthenticationProcessingFilter;
import cn.topiam.employee.authentication.common.service.UserIdpService;
@ -136,16 +135,10 @@ public class AlipayLoginAuthenticationFilter extends AbstractIdpAuthenticationPr
logger.error("支付宝认证获取 access_token 失败: [" + token.getHttpBody() + "]");
throw new TopIamException(token.getSubMsg());
}
String accessToken = token.getAccessToken();
AlipaySystemUserInfoShareResponse userInfo = client.getUserInfo(accessToken);
if (!StringUtils.isBlank(userInfo.getCode())) {
logger.error("支付宝认证获取用户信息失败: [" + userInfo.getHttpBody() + "]");
throw new TopIamException(userInfo.getSubMsg());
}
//执行逻辑
IdpUserDetails idpUserDetails = IdpUserDetails.builder().openId(token.getOpenId())
.providerType(ALIPAY_OAUTH).providerCode(providerCode).providerId(providerId)
.avatarUrl(userInfo.getAvatar()).nickName(userInfo.getNickName()).build();
.build();
return attemptAuthentication(request, response, idpUserDetails);
} catch (Exception e) {
throw new RuntimeException(e);