⚡ 优化

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/configurer/DingTalkAuthenticationConfigurer.java

@@ -29,8 +29,8 @@ import org.springframework.util.Assert;
 
 import cn.topiam.employee.authentication.common.IdentityProviderAuthenticationService;
 import cn.topiam.employee.authentication.common.client.RegisteredIdentityProviderClientRepository;
+import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthenticationFilter;
 import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthorizationRequestRedirectFilter;
-import cn.topiam.employee.authentication.dingtalk.filter.DingtalkOauthAuthenticationFilter;
 
 import lombok.NonNull;
 import lombok.Setter;
@@ -44,10 +44,10 @@ import static cn.topiam.employee.support.security.util.HttpSecurityFilterOrderRe
  */
 @SuppressWarnings("AlibabaClassNamingShouldBeCamel")
 public final class DingTalkAuthenticationConfigurer extends
-                                                    AbstractAuthenticationFilterConfigurer<HttpSecurity, DingTalkAuthenticationConfigurer, DingtalkOauthAuthenticationFilter> {
+                                                    AbstractAuthenticationFilterConfigurer<HttpSecurity, DingTalkAuthenticationConfigurer, DingtalkOAuth2AuthenticationFilter> {
     @Setter
     @NonNull
-    private String                                           loginProcessingUrl = DingtalkOauthAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
+    private String                                           loginProcessingUrl = DingtalkOAuth2AuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
 
     private final RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository;
     private final IdentityProviderAuthenticationService      identityProviderAuthenticationService;
@@ -76,7 +76,7 @@ public final class DingTalkAuthenticationConfigurer extends
     @Override
     public void init(HttpSecurity http) throws Exception {
         //钉钉登录认证
-        this.setAuthenticationFilter(new DingtalkOauthAuthenticationFilter(
+        this.setAuthenticationFilter(new DingtalkOAuth2AuthenticationFilter(
             registeredIdentityProviderClientRepository, identityProviderAuthenticationService));
         putFilterBefore(http, this.getAuthenticationFilter(),
             OAuth2LoginAuthenticationFilter.class);
@@ -95,7 +95,7 @@ public final class DingTalkAuthenticationConfigurer extends
     public RequestMatcher getRequestMatcher() {
         return new OrRequestMatcher(
             DingtalkOAuth2AuthorizationRequestRedirectFilter.getRequestMatcher(),
-            DingtalkOauthAuthenticationFilter.getRequestMatcher());
+            DingtalkOAuth2AuthenticationFilter.getRequestMatcher());
     }
 
     public static DingTalkAuthenticationConfigurer dingTalkOAuth2(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthenticationFilter.java

@@ -23,6 +23,7 @@ import java.util.Objects;
 import java.util.UUID;
 import java.util.concurrent.TimeUnit;
 
+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.core.Authentication;
@@ -73,8 +74,8 @@ import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthen
  * Created by support@topiam.cn on 2021/12/8 21:11
  */
 @SuppressWarnings("DuplicatedCode")
-public class DingtalkOauthAuthenticationFilter extends
+public class DingtalkOAuth2AuthenticationFilter extends
-                                               AbstractIdentityProviderAuthenticationProcessingFilter {
+                                                AbstractIdentityProviderAuthenticationProcessingFilter {
     public final static String                DEFAULT_FILTER_PROCESSES_URI = DINGTALK_OAUTH
         .getLoginPathPrefix() + "/" + "{" + PROVIDER_CODE + "}";
     /**
@@ -89,8 +90,8 @@ public class DingtalkOauthAuthenticationFilter extends
      * @param registeredIdentityProviderClientRepository the {@link RegisteredIdentityProviderClientRepository}
      * @param identityProviderAuthenticationService  {@link  IdentityProviderAuthenticationService}
      */
-    public DingtalkOauthAuthenticationFilter(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,
+    public DingtalkOAuth2AuthenticationFilter(RegisteredIdentityProviderClientRepository registeredIdentityProviderClientRepository,
-                                             IdentityProviderAuthenticationService identityProviderAuthenticationService) {
+                                              IdentityProviderAuthenticationService identityProviderAuthenticationService) {
         super(REQUEST_MATCHER, identityProviderAuthenticationService,
             registeredIdentityProviderClientRepository);
     }
@@ -178,8 +179,9 @@ public class DingtalkOauthAuthenticationFilter extends
      * @return {@link String}
      */
     public String getToken(String authCode, DingTalkIdentityProviderOAuth2Config config) {
+        String cacheKey = OAuth2ParameterNames.ACCESS_TOKEN + DigestUtils.md5Hex(config.toString());
         if (!Objects.isNull(cache)) {
-            return cache.getIfPresent(OAuth2ParameterNames.ACCESS_TOKEN);
+            return cache.getIfPresent(cacheKey);
         }
         Config clientConfig = new Config();
         clientConfig.setProtocol("https");
@@ -198,8 +200,8 @@ public class DingtalkOauthAuthenticationFilter extends
             //放入缓存
             cache = Caffeine.newBuilder().expireAfterWrite(body.getExpireIn(), TimeUnit.SECONDS)
                 .build();
-            cache.put(OAuth2ParameterNames.ACCESS_TOKEN, body.getAccessToken());
+            cache.put(cacheKey, body.getAccessToken());
-            return cache.getIfPresent(OAuth2ParameterNames.ACCESS_TOKEN);
+            return cache.getIfPresent(cacheKey);
         } catch (Exception exception) {
             throw new RuntimeException(exception.getMessage());
         }

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOAuth2AuthorizationRequestRedirectFilter.java

@@ -55,7 +55,7 @@ import static cn.topiam.employee.authentication.common.IdentityProviderType.DING
 import static cn.topiam.employee.authentication.common.constant.AuthenticationConstants.PROVIDER_CODE;
 import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthenticationConstants.CORP_ID;
 import static cn.topiam.employee.authentication.dingtalk.constant.DingTalkAuthenticationConstants.URL_AUTHORIZE;
-import static cn.topiam.employee.authentication.dingtalk.filter.DingtalkOauthAuthenticationFilter.getLoginUrl;
+import static cn.topiam.employee.authentication.dingtalk.filter.DingtalkOAuth2AuthenticationFilter.getLoginUrl;
 
 /**
  * 微信扫码登录请求重定向过滤器