From 48d9d203f656e6f758dc5cac5d004db3af10071f Mon Sep 17 00:00:00 2001
From: kay <729048330@qq.com>
Date: Mon, 14 Aug 2023 02:54:12 +0000
Subject: [PATCH] =?UTF-8?q?:zap:=20=E5=AE=8C=E5=96=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../eiam-authentication-all/pom.xml | 6 ---
...ChatScanCodeLoginAuthenticationFilter.java | 43 ++++++++++---------
eiam-authentication/pom.xml | 1 -
3 files changed, 22 insertions(+), 28 deletions(-)
diff --git a/eiam-authentication/eiam-authentication-all/pom.xml b/eiam-authentication/eiam-authentication-all/pom.xml
index ac8bf3ee..315402fa 100644
--- a/eiam-authentication/eiam-authentication-all/pom.xml
+++ b/eiam-authentication/eiam-authentication-all/pom.xml
@@ -75,11 +75,5 @@
eiam-authentication-mail
${project.version}
-
-
- cn.topiam
- eiam-authentication-gitee
- ${project.version}
-
\ No newline at end of file
diff --git a/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java b/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java
index 0e6e0425..34de61d1 100644
--- a/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java
+++ b/eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java
@@ -30,6 +30,7 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -40,7 +41,6 @@ import cn.topiam.employee.authentication.common.authentication.IdpUserDetails;
import cn.topiam.employee.authentication.common.filter.AbstractIdpAuthenticationProcessingFilter;
import cn.topiam.employee.authentication.common.service.UserIdpService;
import cn.topiam.employee.authentication.wechat.WeChatIdpScanCodeConfig;
-import cn.topiam.employee.authentication.wechat.constant.WeChatAuthenticationConstants;
import cn.topiam.employee.common.entity.authn.IdentityProviderEntity;
import cn.topiam.employee.common.repository.authentication.IdentityProviderRepository;
import cn.topiam.employee.core.help.ServerHelp;
@@ -51,8 +51,10 @@ import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import static org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE;
-import static cn.topiam.employee.authentication.common.IdentityProviderType.*;
+import static cn.topiam.employee.authentication.common.IdentityProviderType.WECHAT_QR;
+import static cn.topiam.employee.authentication.common.IdentityProviderType.WECHAT_WORK_QR;
import static cn.topiam.employee.authentication.common.constant.AuthenticationConstants.*;
+import static cn.topiam.employee.authentication.wechat.constant.WeChatAuthenticationConstants.QrConnect.*;
/**
* 微信扫码登录过滤器
@@ -62,12 +64,12 @@ import static cn.topiam.employee.authentication.common.constant.AuthenticationCo
*/
@SuppressWarnings("DuplicatedCode")
public class WeChatScanCodeLoginAuthenticationFilter extends
- AbstractIdpAuthenticationProcessingFilter {
+ AbstractIdpAuthenticationProcessingFilter {
public final static String DEFAULT_FILTER_PROCESSES_URI = WECHAT_QR
- .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
+ .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
public static final AntPathRequestMatcher REQUEST_MATCHER = new AntPathRequestMatcher(
- DEFAULT_FILTER_PROCESSES_URI, HttpMethod.GET.name());
+ DEFAULT_FILTER_PROCESSES_URI, HttpMethod.GET.name());
/**
* Creates a new instance
@@ -91,9 +93,9 @@ public class WeChatScanCodeLoginAuthenticationFilter extends
@Override
public Authentication attemptAuthentication(HttpServletRequest request,
HttpServletResponse response) throws AuthenticationException,
- IOException {
+ IOException {
OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
- response);
+ response);
RequestMatcher.MatchResult matcher = REQUEST_MATCHER.matcher(request);
Map variables = matcher.getVariables();
String providerCode = variables.get(PROVIDER_CODE);
@@ -120,45 +122,44 @@ public class WeChatScanCodeLoginAuthenticationFilter extends
//获取身份提供商
IdentityProviderEntity provider = getIdentityProviderEntity(providerCode);
WeChatIdpScanCodeConfig config = JSONObject.parseObject(provider.getConfig(),
- WeChatIdpScanCodeConfig.class);
+ WeChatIdpScanCodeConfig.class);
if (Objects.isNull(config)) {
logger.error("未查询到微信扫码登录配置");
//无效身份提供商
OAuth2Error oauth2Error = new OAuth2Error(
- AbstractIdpAuthenticationProcessingFilter.INVALID_IDP_CONFIG);
+ AbstractIdpAuthenticationProcessingFilter.INVALID_IDP_CONFIG);
throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
}
//获取access token
HashMap param = new HashMap<>(16);
- param.put(WeChatAuthenticationConstants.QrConnect.APP_ID, config.getAppId());
- param.put(WeChatAuthenticationConstants.QrConnect.SECRET, config.getAppSecret());
+ param.put(APP_ID, config.getAppId());
+ param.put(SECRET, config.getAppSecret());
param.put(OAuth2ParameterNames.CODE, code);
param.put(OAuth2ParameterNames.GRANT_TYPE, AUTHORIZATION_CODE.getValue());
- JSONObject result = JSON.parseObject(
- HttpClientUtils.get(WeChatAuthenticationConstants.QrConnect.ACCESS_TOKEN, param));
- if (result.containsKey(WeChatAuthenticationConstants.QrConnect.ERROR_CODE)) {
+ JSONObject result = JSON.parseObject(HttpClientUtils.get(ACCESS_TOKEN, param));
+ if (result.containsKey(ERROR_CODE)) {
logger.error("获取access_token发生错误: " + result.toJSONString());
throw new TopIamException("获取access_token发生错误: " + result.toJSONString());
}
// 获取user信息
param = new HashMap<>(16);
param.put(OAuth2ParameterNames.ACCESS_TOKEN,
- result.getString(OAuth2ParameterNames.ACCESS_TOKEN));
- result = JSON.parseObject(
- HttpClientUtils.get(WeChatAuthenticationConstants.QrConnect.USER_INFO, param));
- if (result.containsKey(WeChatAuthenticationConstants.QrConnect.ERROR_CODE)) {
+ result.getString(OAuth2ParameterNames.ACCESS_TOKEN));
+ result = JSON.parseObject(HttpClientUtils.get(USER_INFO, param));
+ if (result.containsKey(ERROR_CODE)) {
logger.error("获取微信用户个人信息发生错误: " + result.toJSONString());
throw new TopIamException("获取微信用户个人信息发生错误: " + result.toJSONString());
}
// 返回
- IdpUserDetails idpUserDetails = IdpUserDetails.builder().openId(param.get("id"))
- .providerCode(providerCode).providerId(providerId).providerType(GITEE_OAUTH).build();
+ IdpUserDetails idpUserDetails = IdpUserDetails.builder()
+ .openId(param.get(OidcScopes.OPENID)).providerCode(providerCode).providerId(providerId)
+ .providerType(WECHAT_QR).build();
return attemptAuthentication(request, response, idpUserDetails);
}
public static String getLoginUrl(String providerId) {
String url = ServerHelp.getPortalPublicBaseUrl() + WECHAT_QR.getLoginPathPrefix() + "/"
- + providerId;
+ + providerId;
return url.replaceAll("(?eiam-authentication-all
eiam-authentication-mail
eiam-authentication-sms
- eiam-authentication-gitee