⚡ 优化认证提供商

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkOauthAuthenticationFilter.java

@@ -25,6 +25,7 @@ import java.util.concurrent.TimeUnit;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -104,6 +105,10 @@ public class DingtalkOauthAuthenticationFilter extends AbstractIdpAuthentication
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         TraceUtils.put(UUID.randomUUID().toString());

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkScanCodeAuthenticationFilter.java

@@ -25,6 +25,7 @@ import java.util.concurrent.TimeUnit;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -110,6 +111,10 @@ public class DingtalkScanCodeAuthenticationFilter extends
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         //@formatter:off
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);

eiam-authentication/eiam-authentication-dingtalk/src/main/java/cn/topiam/employee/authentication/dingtalk/filter/DingtalkScanCodeAuthorizationRequestGetFilter.java

@@ -131,24 +131,9 @@ public class DingtalkScanCodeAuthorizationRequestGetFilter extends OncePerReques
                 .state(DEFAULT_STATE_GENERATOR.generateKey())
                 .attributes(attributes);
         builder.parameters(parameters -> {
-            HashMap<String, Object> linkedParameters = new LinkedHashMap<>();
+            parameters.put(APP_ID, parameters.get(OAuth2ParameterNames.CLIENT_ID));
-            parameters.forEach((key, value) -> {
+            parameters.remove(OAuth2ParameterNames.CLIENT_ID);
-                if (OAuth2ParameterNames.CLIENT_ID.equals(key)) {
+            parameters.put(RESPONSE_TYPE, CODE);
-                    linkedParameters.put(APP_ID, value);
-                }
-                if (OAuth2ParameterNames.SCOPE.equals(key)) {
-                    linkedParameters.put(OAuth2ParameterNames.SCOPE, value);
-                }
-                if (OAuth2ParameterNames.STATE.equals(key)) {
-                    linkedParameters.put(OAuth2ParameterNames.STATE, value);
-                }
-                if (OAuth2ParameterNames.REDIRECT_URI.equals(key)) {
-                    linkedParameters.put(OAuth2ParameterNames.REDIRECT_URI, value);
-                }
-            });
-            linkedParameters.put(RESPONSE_TYPE, CODE);
-            parameters.clear();
-            parameters.putAll(linkedParameters);
         });
         //@formatter:on
         this.writeForAuthorization(request, response, builder.build());

eiam-authentication/eiam-authentication-feishu/src/main/java/cn/topiam/employee/authentication/feishu/filter/FeiShuLoginAuthenticationFilter.java

@@ -25,6 +25,7 @@ import java.util.Objects;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.message.BasicHeader;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -90,6 +91,10 @@ public class FeiShuLoginAuthenticationFilter extends AbstractIdpAuthenticationPr
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         RequestMatcher.MatchResult matcher = REQUEST_MATCHER.matcher(request);

eiam-authentication/eiam-authentication-gitee/src/main/java/cn/topiam/employee/authentication/gitee/filter/GiteeLoginAuthenticationFilter.java

@@ -24,6 +24,7 @@ import java.util.Objects;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -94,6 +95,10 @@ public class GiteeLoginAuthenticationFilter extends AbstractIdpAuthenticationPro
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         RequestMatcher.MatchResult matcher = REQUEST_MATCHER.matcher(request);

eiam-authentication/eiam-authentication-github/src/main/java/cn/topiam/employee/authentication/github/filter/GithubOAuth2LoginAuthenticationFilter.java

@@ -25,6 +25,7 @@ import java.util.UUID;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.*;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -94,6 +95,10 @@ public class GithubOAuth2LoginAuthenticationFilter extends
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         TraceUtils.put(UUID.randomUUID().toString());

eiam-authentication/eiam-authentication-qq/src/main/java/cn/topiam/employee/authentication/qq/filter/QqOAuth2LoginAuthenticationFilter.java

@@ -25,6 +25,7 @@ import java.util.UUID;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -96,6 +97,10 @@ public class QqOAuth2LoginAuthenticationFilter extends AbstractIdpAuthentication
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         TraceUtils.put(UUID.randomUUID().toString());

eiam-authentication/eiam-authentication-wechat/src/main/java/cn/topiam/employee/authentication/wechat/filter/WeChatScanCodeLoginAuthenticationFilter.java

@@ -24,6 +24,7 @@ import java.util.Objects;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -94,6 +95,10 @@ public class WeChatScanCodeLoginAuthenticationFilter extends
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);
         RequestMatcher.MatchResult matcher = REQUEST_MATCHER.matcher(request);

eiam-authentication/eiam-authentication-wechatwork/src/main/java/cn/topiam/employee/authentication/wechatwork/filter/WeChatWorkScanCodeLoginAuthenticationFilter.java

@@ -26,6 +26,7 @@ import java.util.concurrent.TimeUnit;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -96,6 +97,10 @@ public class WeChatWorkScanCodeLoginAuthenticationFilter extends
     public Authentication attemptAuthentication(HttpServletRequest request,
                                                 HttpServletResponse response) throws AuthenticationException,
                                                                               IOException {
+        if (!REQUEST_MATCHER.matches(request)) {
+            throw new AuthenticationServiceException(
+                "Authentication method not supported: " + request.getMethod());
+        }
         TraceUtils.put(UUID.randomUUID().toString());
         OAuth2AuthorizationRequest authorizationRequest = getOauth2AuthorizationRequest(request,
             response);

eiam-console/src/main/java/cn/topiam/employee/console/converter/authn/IdentityProviderConverter.java

@@ -58,7 +58,6 @@ import cn.topiam.employee.support.repository.page.domain.QueryDslRequest;
 import cn.topiam.employee.support.validation.ValidationUtils;
 
 import jakarta.validation.ConstraintViolationException;
-
 import static cn.topiam.employee.authentication.common.IdentityProviderType.*;
 
 /**