⚡ 优化

2024-12-25 08:23:14 +08:00 · 2024-12-25 08:23:14 +08:00 · cbaa427c3d
parent cefc688978
commit cbaa427c3d
3 changed files with 15 additions and 13 deletions
--- a/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/configurer/DingTalkAuthenticationConfigurer.java
+++ b/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/configurer/DingTalkAuthenticationConfigurer.java
@ -29,8 +29,8 @@ import org.springframework.util.Assert;

 import cn.topiam.employee.authentication.common.IdentityProviderAuthenticationService;
 import cn.topiam.employee.authentication.common.client.RegisteredIdentityProviderClientRepository;
+import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthenticationFilter;
 import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthorizationRequestRedirectFilter;
-import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOauthAuthenticationFilter;

 import lombok.NonNull;
 import lombok.Setter;
@ -44,10 +44,10 @@ import static cn.topiam.employee.support.security.util.HttpSecurityFilterOrderRe
 */
@SuppressWarnings("AlibabaClassNamingShouldBeCamel")
 public final class DingTalkAuthenticationConfigurer extends
-                                                    AbstractAuthenticationFilterConfigurer<HttpSecurity, DingTalkAuthenticationConfigurer, DingtalkOauthAuthenticationFilter> {
+                                                    AbstractAuthenticationFilterConfigurer<HttpSecurity, DingTalkAuthenticationConfigurer, DingtalkOAuth2AuthenticationFilter> {
    @Setter
    @NonNull
-    private String                                           loginProcessingUrl = DingtalkOauthAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
+    private String                                           loginProcessingUrl = DingtalkOAuth2AuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;

    private final RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository;
    private final IdentityProviderAuthenticationService      identityProviderAuthenticationService;
@ -76,7 +76,7 @@ public final class DingTalkAuthenticationConfigurer extends
    @Override
    public void init(HttpSecurity http) throws Exception {
        //钉钉登录认证
-        this.setAuthenticationFilter(new DingtalkOauthAuthenticationFilter(
+        this.setAuthenticationFilter(new DingtalkOAuth2AuthenticationFilter(
            registeredIdentityProviderClientRepository, identityProviderAuthenticationService));
        putFilterBefore(http, this.getAuthenticationFilter(),
            OAuth2LoginAuthenticationFilter.class);
@ -95,7 +95,7 @@ public final class DingTalkAuthenticationConfigurer extends
    public RequestMatcher getRequestMatcher() {
        return new OrRequestMatcher(
            DingtalkOAuth2AuthorizationRequestRedirectFilter.getRequestMatcher(),
-            DingtalkOauthAuthenticationFilter.getRequestMatcher());
+            DingtalkOAuth2AuthenticationFilter.getRequestMatcher());
    }

    public static DingTalkAuthenticationConfigurer dingTalkOAuth2(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,
--- a/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthenticationFilter.java
+++ b/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthenticationFilter.java
@ -23,6 +23,7 @@ import java.util.Objects;
 import java.util.UUID;
 import java.util.concurrent.TimeUnit;

+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.core.Authentication;
@ -73,8 +74,8 @@ import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthen
 * Created by support@topiam.cn on 2021/12/8 21:11
 */
@SuppressWarnings("DuplicatedCode")
-public class DingtalkOauthAuthenticationFilter extends
-                                               AbstractIdentityProviderAuthenticationProcessingFilter {
+public class DingtalkOAuth2AuthenticationFilter extends
+                                                AbstractIdentityProviderAuthenticationProcessingFilter {
    public final static String                DEFAULT_FILTER_PROCESSES_URI = DINGTALK_OAUTH
        .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
    /**
@ -89,8 +90,8 @@ public class DingtalkOauthAuthenticationFilter extends
     * @param registeredIdentityProviderClientRepository the {@link RegisteredIdentityProviderClientRepository}
     * @param identityProviderAuthenticationService  {@link  IdentityProviderAuthenticationService}
     */
-    public DingtalkOauthAuthenticationFilter(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,
-                                             IdentityProviderAuthenticationService identityProviderAuthenticationService) {
+    public DingtalkOAuth2AuthenticationFilter(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,
+                                              IdentityProviderAuthenticationService identityProviderAuthenticationService) {
        super(REQUEST_MATCHER, identityProviderAuthenticationService,
            registeredIdentityProviderClientRepository);
    }
@ -178,8 +179,9 @@ public class DingtalkOauthAuthenticationFilter extends
     * @return {@link String}
     */
    public String getToken(String authCode, DingTalkIdentityProviderOAuth2Config config) {
+        String cacheKey = OAuth2ParameterNames.ACCESS_TOKEN + DigestUtils.md5Hex(config.toString());
        if (!Objects.isNull(cache)) {
-            return cache.getIfPresent(OAuth2ParameterNames.ACCESS_TOKEN);
+            return cache.getIfPresent(cacheKey);
        }
        Config clientConfig = new Config();
        clientConfig.setProtocol("https");
@ -198,8 +200,8 @@ public class DingtalkOauthAuthenticationFilter extends
            //放入缓存
            cache = Caffeine.newBuilder().expireAfterWrite(body.getExpireIn(), TimeUnit.SECONDS)
                .build();
-            cache.put(OAuth2ParameterNames.ACCESS_TOKEN, body.getAccessToken());
-            return cache.getIfPresent(OAuth2ParameterNames.ACCESS_TOKEN);
+            cache.put(cacheKey, body.getAccessToken());
+            return cache.getIfPresent(cacheKey);
        } catch (Exception exception) {
            throw new RuntimeException(exception.getMessage());
        }
--- a/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthorizationRequestRedirectFilter.java
+++ b/eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthorizationRequestRedirectFilter.java
@ -55,7 +55,7 @@ import static cn.topiam.employee.authentication.common.IdentityProviderType.DING
 import static cn.topiam.employee.authentication.common.constant.AuthenticationConstants.PROVIDER_CODE;
 import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthenticationConstants.CORP_ID;
 import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthenticationConstants.URL_AUTHORIZE;
-import static cn.topiam.employee.authentication.dingtalk.filter.DingtalkOauthAuthenticationFilter.getLoginUrl;
+import static cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthenticationFilter.getLoginUrl;

 /**
 * 微信扫码登录请求重定向过滤器