⚡ 优化支付宝认证

2023-08-28 22:12:11 +08:00 · 2023-08-28 22:12:11 +08:00 · 3da3515b71
parent 3950546186
commit 3da3515b71
3 changed files with 6 additions and 155 deletions
--- a/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipayClient.java
+++ b/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipayClient.java
@ -56,14 +56,18 @@ public class AlipayClient {
            }
            retryTimes = retryTimes + 1;
            try {
                //@formatter:off
                java.util.Map<String, String> systemParams = TeaConverter.buildMap(
                    new TeaPair("method", "alipay.system.oauth.token"),
                    new TeaPair("app_id", kernel.getConfig("appId")),
-                    new TeaPair("timestamp", kernel.getTimestamp()), new TeaPair("format", "json"),
+                    new TeaPair("timestamp", kernel.getTimestamp()),
                    new TeaPair("format", "json"),
                    new TeaPair("version", "1.0"),
                    new TeaPair("charset", "UTF-8"),
                    new TeaPair("sign_type", kernel.getConfig("signType")),
                    new TeaPair("app_cert_sn", kernel.getMerchantCertSN()),
                    new TeaPair("alipay_root_cert_sn", kernel.getAlipayRootCertSN()));
                //@formatter:no
                java.util.Map<String, Object> bizParams = new java.util.HashMap<>();
                java.util.Map<String, String> textParams = TeaConverter.buildMap(
                    new TeaPair("grant_type", "authorization_code"), new TeaPair("code", code));
@ -100,73 +104,6 @@ public class AlipayClient {
        throw new TeaUnretryableException(request);
    }
    /**
     * 获取用户信息
     *
     * @param authToken {@link String}
     * @return {@link AlipaySystemOauthTokenResponse}
     * @throws Exception Exception
     */
    public AlipaySystemUserInfoShareResponse getUserInfo(String authToken) throws Exception {
        java.util.Map<String, Object> runtime = getRuntime();
        TeaRequest request = null;
        long now = System.currentTimeMillis();
        int retryTimes = 0;
        while (Tea.allowRetry((java.util.Map<String, Object>) runtime.get("retry"), retryTimes,
            now)) {
            if (retryTimes > 0) {
                int backoffTime = Tea.getBackoffTime(runtime.get("backoff"), retryTimes);
                if (backoffTime > 0) {
                    Tea.sleep(backoffTime);
                }
            }
            retryTimes = retryTimes + 1;
            try {
                java.util.Map<String, String> systemParams = TeaConverter.buildMap(
                    new TeaPair("method", "alipay.user.info.share"),
                    new TeaPair("app_id", kernel.getConfig("appId")),
                    new TeaPair("timestamp", kernel.getTimestamp()), new TeaPair("format", "json"),
                    new TeaPair("charset", "UTF-8"),
                    new TeaPair("sign_type", kernel.getConfig("signType")),
                    new TeaPair("app_cert_sn", kernel.getMerchantCertSN()),
                    new TeaPair("alipay_root_cert_sn", kernel.getAlipayRootCertSN()));
                java.util.Map<String, Object> bizParams = new java.util.HashMap<>();
                java.util.Map<String, String> textParams = TeaConverter
                    .buildMap(new TeaPair("auth_token", authToken));
                request = getRequest(systemParams, bizParams, textParams);
                TeaResponse response = Tea.doAction(request, runtime);
                java.util.Map<String, Object> respMap = kernel.readAsJson(response,
                    "alipay.user.info.share");
                if (kernel.isCertMode()) {
                    if (kernel.verify(respMap,
                        kernel.extractAlipayPublicKey(kernel.getAlipayCertSN(respMap)))) {
                        return TeaModel.toModel(kernel.toRespModel(respMap),
                            new AlipaySystemUserInfoShareResponse());
                    }
                } else {
                    if (kernel.verify(respMap, kernel.getConfig("alipayPublicKey"))) {
                        return TeaModel.toModel(kernel.toRespModel(respMap),
                            new AlipaySystemUserInfoShareResponse());
                    }
                }
                throw new TeaException(
                    TeaConverter.buildMap(new TeaPair("message", "验签失败，请检查支付宝公钥设置是否正确。")));
            } catch (Exception e) {
                if (Tea.isRetryable(e)) {
                    continue;
                }
                throw new RuntimeException(e);
            }
        }
        throw new TeaUnretryableException(request);
    }
    private TeaRequest getRequest(Map<String, String> systemParams, Map<String, Object> bizParams,
                                  Map<String, String> textParams) throws Exception {
        TeaRequest request = new TeaRequest();
--- a/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipaySystemUserInfoShareResponse.java
+++ b/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/client/AlipaySystemUserInfoShareResponse.java
@ -1,79 +0,0 @@
 /*
 * eiam-authentication-alipay - Employee Identity and Access Management
 * Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package cn.topiam.employee.authentication.alipay.client;
 import com.aliyun.tea.NameInMap;
 import com.aliyun.tea.TeaModel;
 import com.aliyun.tea.Validation;
 import lombok.Getter;
 import lombok.Setter;
 /**
 *
 * @author TopIAM
 * Created by support@topiam.cn on  2023/8/25 22:26
 */
@Getter
@Setter
 public class AlipaySystemUserInfoShareResponse extends TeaModel {
    @NameInMap("http_body")
    @Validation(required = true)
    public String httpBody;
    @NameInMap("code")
    @Validation(required = true)
    public String code;
    @NameInMap("msg")
    @Validation(required = true)
    public String msg;
    @NameInMap("sub_code")
    @Validation(required = true)
    public String subCode;
    @NameInMap("sub_msg")
    @Validation(required = true)
    public String subMsg;
    @NameInMap("user_id")
    @Validation(required = true)
    public String userId;
    @NameInMap("avatar")
    @Validation(required = true)
    public String avatar;
    @NameInMap("city")
    @Validation(required = true)
    public Long   city;
    @NameInMap("nick_name")
    @Validation(required = true)
    public String nickName;
    @NameInMap("province")
    @Validation(required = true)
    public Long   province;
    @NameInMap("gender")
    @Validation(required = true)
    public Long   gender;
 }
--- a/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/filter/AlipayLoginAuthenticationFilter.java
+++ b/eiam-authentication/eiam-authentication-alipay/src/main/java/cn/topiam/employee/authentication/alipay/filter/AlipayLoginAuthenticationFilter.java
@ -41,7 +41,6 @@ import com.alipay.easysdk.kernel.Context;
 import cn.topiam.employee.authentication.alipay.AlipayIdpOAuth2Config;
 import cn.topiam.employee.authentication.alipay.client.AlipayClient;
 import cn.topiam.employee.authentication.alipay.client.AlipaySystemOauthTokenResponse;
 import cn.topiam.employee.authentication.alipay.client.AlipaySystemUserInfoShareResponse;
 import cn.topiam.employee.authentication.common.authentication.IdpUserDetails;
 import cn.topiam.employee.authentication.common.filter.AbstractIdpAuthenticationProcessingFilter;
 import cn.topiam.employee.authentication.common.service.UserIdpService;
@ -136,16 +135,10 @@ public class AlipayLoginAuthenticationFilter extends AbstractIdpAuthenticationPr
                logger.error("支付宝认证获取 access_token 失败: [" + token.getHttpBody() + "]");
                throw new TopIamException(token.getSubMsg());
            }
            String accessToken = token.getAccessToken();
            AlipaySystemUserInfoShareResponse userInfo = client.getUserInfo(accessToken);
            if (!StringUtils.isBlank(userInfo.getCode())) {
                logger.error("支付宝认证获取用户信息失败: [" + userInfo.getHttpBody() + "]");
                throw new TopIamException(userInfo.getSubMsg());
            }
            //执行逻辑
            IdpUserDetails idpUserDetails = IdpUserDetails.builder().openId(token.getOpenId())
                .providerType(ALIPAY_OAUTH).providerCode(providerCode).providerId(providerId)
-                .avatarUrl(userInfo.getAvatar()).nickName(userInfo.getNickName()).build();
+                .build();
            return attemptAuthentication(request, response, idpUserDetails);
        } catch (Exception e) {
            throw new RuntimeException(e);