⚡ 完善

2023-08-14 02:54:12 +00:00 · 2023-08-14 02:54:12 +00:00 · 48d9d203f6
parent bf6b381d3f
commit 48d9d203f6
3 changed files with 22 additions and 28 deletions
--- a/eiam-authentication/eiam-authentication-all/pom.xml
+++ b/eiam-authentication/eiam-authentication-all/pom.xml
@ -75,11 +75,5 @@
            <artifactId>eiam-authentication-mail</artifactId>
            <version>${project.version}</version>
        </dependency>
-        <!--gitee-->
-        <dependency>
-            <groupId>cn.topiam</groupId>
-            <artifactId>eiam-authentication-gitee</artifactId>
-            <version>${project.version}</version>
-        </dependency>
    </dependencies>
 </project>
--- a/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java
+++ b/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java
@ -30,6 +30,7 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;

@ -40,7 +41,6 @@ import cn.topiam.employee.authentication.common.authentication.IdpUserDetails;
 import cn.topiam.employee.authentication.common.filter.AbstractIdpAuthenticationProcessingFilter;
 import cn.topiam.employee.authentication.common.service.UserIdpService;
 import cn.topiam.employee.authentication.wechat.WeChatIdpScanCodeConfig;
-import cn.topiam.employee.authentication.wechat.constant.WeChatAuthenticationConstants;
 import cn.topiam.employee.common.entity.authn.IdentityProviderEntity;
 import cn.topiam.employee.common.repository.authentication.IdentityProviderRepository;
 import cn.topiam.employee.core.help.ServerHelp;
@ -51,8 +51,10 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import static org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE;

-import static cn.topiam.employee.authentication.common.IdentityProviderType.*;
+import static cn.topiam.employee.authentication.common.IdentityProviderType.WECHAT_QR;
+import static cn.topiam.employee.authentication.common.IdentityProviderType.WECHAT_WORK_QR;
 import static cn.topiam.employee.authentication.common.constant.AuthenticationConstants.*;
+import static cn.topiam.employee.authentication.wechat.constant.WeChatAuthenticationConstants.QrConnect.*;

 /**
 * 微信扫码登录过滤器
@ -62,12 +64,12 @@ import static cn.topiam.employee.authentication.common.constant.AuthenticationCo
 */
@SuppressWarnings("DuplicatedCode")
 public class WeChatScanCodeLoginAuthenticationFilter extends
-                                                     AbstractIdpAuthenticationProcessingFilter {
+        AbstractIdpAuthenticationProcessingFilter {

    public final static String                DEFAULT_FILTER_PROCESSES_URI = WECHAT_QR
-        .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
+            .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
    public static final AntPathRequestMatcher REQUEST_MATCHER              = new AntPathRequestMatcher(
-        DEFAULT_FILTER_PROCESSES_URI, HttpMethod.GET.name());
+            DEFAULT_FILTER_PROCESSES_URI, HttpMethod.GET.name());

    /**
     * Creates a new instance
@ -91,9 +93,9 @@ public class WeChatScanCodeLoginAuthenticationFilter extends
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request,
                                                HttpServletResponse response) throws AuthenticationException,
-                                                                              IOException {
+            IOException {
        OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
-            response);
+                response);
        RequestMatcher.MatchResult matcher = REQUEST_MATCHER.matcher(request);
        Map<String, String> variables = matcher.getVariables();
        String providerCode = variables.get(PROVIDER_CODE);
@ -120,45 +122,44 @@ public class WeChatScanCodeLoginAuthenticationFilter extends
        //获取身份提供商
        IdentityProviderEntity provider = getIdentityProviderEntity(providerCode);
        WeChatIdpScanCodeConfig config = JSONObject.parseObject(provider.getConfig(),
-            WeChatIdpScanCodeConfig.class);
+                WeChatIdpScanCodeConfig.class);
        if (Objects.isNull(config)) {
            logger.error("未查询到微信扫码登录配置");
            //无效身份提供商
            OAuth2Error oauth2Error = new OAuth2Error(
-                AbstractIdpAuthenticationProcessingFilter.INVALID_IDP_CONFIG);
+                    AbstractIdpAuthenticationProcessingFilter.INVALID_IDP_CONFIG);
            throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
        }
        //获取access token
        HashMap<String, String> param = new HashMap<>(16);
-        param.put(WeChatAuthenticationConstants.QrConnect.APP_ID, config.getAppId());
-        param.put(WeChatAuthenticationConstants.QrConnect.SECRET, config.getAppSecret());
+        param.put(APP_ID, config.getAppId());
+        param.put(SECRET, config.getAppSecret());
        param.put(OAuth2ParameterNames.CODE, code);
        param.put(OAuth2ParameterNames.GRANT_TYPE, AUTHORIZATION_CODE.getValue());
-        JSONObject result = JSON.parseObject(
-            HttpClientUtils.get(WeChatAuthenticationConstants.QrConnect.ACCESS_TOKEN, param));
-        if (result.containsKey(WeChatAuthenticationConstants.QrConnect.ERROR_CODE)) {
+        JSONObject result = JSON.parseObject(HttpClientUtils.get(ACCESS_TOKEN, param));
+        if (result.containsKey(ERROR_CODE)) {
            logger.error("获取access_token发生错误:  " + result.toJSONString());
            throw new TopIamException("获取access_token发生错误:  " + result.toJSONString());
        }
        // 获取user信息
        param = new HashMap<>(16);
        param.put(OAuth2ParameterNames.ACCESS_TOKEN,
-            result.getString(OAuth2ParameterNames.ACCESS_TOKEN));
-        result = JSON.parseObject(
-            HttpClientUtils.get(WeChatAuthenticationConstants.QrConnect.USER_INFO, param));
-        if (result.containsKey(WeChatAuthenticationConstants.QrConnect.ERROR_CODE)) {
+                result.getString(OAuth2ParameterNames.ACCESS_TOKEN));
+        result = JSON.parseObject(HttpClientUtils.get(USER_INFO, param));
+        if (result.containsKey(ERROR_CODE)) {
            logger.error("获取微信用户个人信息发生错误:  " + result.toJSONString());
            throw new TopIamException("获取微信用户个人信息发生错误:  " + result.toJSONString());
        }
        // 返回
-        IdpUserDetails idpUserDetails = IdpUserDetails.builder().openId(param.get("id"))
-            .providerCode(providerCode).providerId(providerId).providerType(GITEE_OAUTH).build();
+        IdpUserDetails idpUserDetails = IdpUserDetails.builder()
+                .openId(param.get(OidcScopes.OPENID)).providerCode(providerCode).providerId(providerId)
+                .providerType(WECHAT_QR).build();
        return attemptAuthentication(request, response, idpUserDetails);
    }

    public static String getLoginUrl(String providerId) {
        String url = ServerHelp.getPortalPublicBaseUrl() + WECHAT_QR.getLoginPathPrefix() + "/"
-                     + providerId;
+                + providerId;
        return url.replaceAll("(?<!(http:|https:))/+", "/");
    }

--- a/eiam-authentication/pom.xml
+++ b/eiam-authentication/pom.xml
@ -42,7 +42,6 @@
        <module>eiam-authentication-all</module>
        <module>eiam-authentication-mail</module>
        <module>eiam-authentication-sms</module>
-        <module>eiam-authentication-gitee</module>
    </modules>

    <dependencies>