diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java index 8f9e0f4f..e17ea1c6 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java @@ -12,6 +12,7 @@ import org.springframework.security.access.AccessDeniedException; import org.springframework.security.core.AuthenticationException; import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.multipart.MaxUploadSizeExceededException; @@ -32,13 +33,14 @@ public class JeecgBootExceptionHandler { */ @ExceptionHandler(JeecgCaptchaException.class) + @ResponseStatus(HttpStatus.OK) public Result handleJeecgCaptchaException(JeecgCaptchaException e) { log.error(e.getMessage(), e); return Result.error(e.getCode(), e.getMessage()); } @ExceptionHandler(AuthenticationException.class) - @ResponseStatus(HttpStatus.UNAUTHORIZED) + @ResponseStatus(HttpStatus.OK) public Result handleJeecgCaptchaException(AuthenticationException e) { log.error(e.getMessage(), e); return Result.error(401, e.getMessage()); diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java index 450008ea..80d0ccf8 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java @@ -244,7 +244,7 @@ public class SecurityConfig { */ @Bean public AuthorizationServerSettings authorizationServerSettings() { - return AuthorizationServerSettings.builder().build(); + return AuthorizationServerSettings.builder().tokenEndpoint("/sys/login").build(); } /** diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java index 28272010..7d36f07a 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java @@ -38,6 +38,7 @@ import org.springframework.util.Assert; import org.springframework.util.StringUtils; import java.security.Principal; +import java.time.Instant; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -89,13 +90,20 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { String captcha = (String) additionalParameter.get("captcha"); String checkKey = (String) additionalParameter.get("checkKey"); + OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(appGrantAuthenticationToken); + RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); + // 检查登录失败次数 if(isLoginFailOvertimes(username)){ - throw new JeecgBootException("该用户登录失败次数过多,请于10分钟后再次登录!"); + Map map = new HashMap<>(); + map.put("message", "该用户登录失败次数过多,请于10分钟后再次登录!"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } if(captcha==null){ - throw new JeecgBootException("验证码无效"); + Map map = new HashMap<>(); + map.put("message", "验证码无效"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } String lowerCaseCaptcha = captcha.toLowerCase(); // 加入密钥作为混淆,避免简单的拼接,被外部利用,用户自定义该密钥即可 @@ -104,16 +112,15 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { Object checkCode = redisUtil.get(realKey); //当进入登录页时,有一定几率出现验证码错误 #1714 if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) { - log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", checkKey, lowerCaseCaptcha, checkCode); - // 改成特殊的code 便于前端判断 - throw new JeecgCaptchaException(HttpStatus.PRECONDITION_FAILED.value(), "验证码错误"); + Map map = new HashMap<>(); + map.put("message", "验证码错误"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } - OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(appGrantAuthenticationToken); - RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); - if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) { - throw new JeecgBootException("非法登录"); + Map map = new HashMap<>(); + map.put("message", "非法登录"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } // 通过用户名获取用户信息 @@ -131,7 +138,9 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { password = PasswordUtil.encrypt(username, password, loginUser.getSalt()); if (!password.equals(loginUser.getPassword())) { addLoginFailOvertimes(username); - throw new JeecgBootException("用户名或密码不正确"); + Map map = new HashMap<>(); + map.put("message", "用户名或密码不正确"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } //由于在上面已验证过用户名、密码,现在构建一个已认证的对象UsernamePasswordAuthenticationToken @@ -156,9 +165,9 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build(); OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext); if (generatedAccessToken == null) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成访问token,请联系管理系。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成访问token,请联系管理系。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(), @@ -180,9 +189,9 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build(); OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext); if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成刷新token,请联系管理员。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } refreshToken = (OAuth2RefreshToken) generatedRefreshToken; @@ -200,7 +209,7 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser); JSONObject addition = new JSONObject(new LinkedHashMap<>()); - + addition.put("token", accessToken.getTokenValue()); // 设置租户 JSONObject jsonObject = commonAPI.setLoginTenant(username); addition.putAll(jsonObject.getInnerMap()); @@ -224,8 +233,15 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { addition.put("multi_depart", 2); } + // 兼容原有shiro登录结果处理 + Map map = new HashMap<>(); + map.put("result", addition); + map.put("code", 200); + map.put("success", true); + map.put("timestamp", System.currentTimeMillis()); + // 返回access_token、refresh_token以及其它信息给到前端 - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map); } @Override diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java index f49ab5dc..d5c0a287 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java @@ -39,6 +39,7 @@ import org.springframework.util.Assert; import org.springframework.util.StringUtils; import java.security.Principal; +import java.time.Instant; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -90,6 +91,9 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid String captcha = (String) additionalParameter.get("captcha"); String checkKey = (String) additionalParameter.get("checkKey"); + OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken); + RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); + // 检查登录失败次数 if(isLoginFailOvertimes(username)){ throw new JeecgBootException("该用户登录失败次数过多,请于10分钟后再次登录!"); @@ -105,16 +109,15 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid Object checkCode = redisUtil.get(realKey); //当进入登录页时,有一定几率出现验证码错误 #1714 if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) { - log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", checkKey, lowerCaseCaptcha, checkCode); - // 改成特殊的code 便于前端判断 - throw new JeecgCaptchaException(HttpStatus.PRECONDITION_FAILED.value(), "验证码错误"); + Map map = new HashMap<>(); + map.put("message", "验证码错误"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } - OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken); - RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); - if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) { - throw new JeecgBootException("非法登录"); + Map map = new HashMap<>(); + map.put("message", "非法登录"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } // 通过用户名获取用户信息 @@ -132,7 +135,10 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid password = PasswordUtil.encrypt(username, password, loginUser.getSalt()); if (!password.equals(loginUser.getPassword())) { addLoginFailOvertimes(username); - throw new JeecgBootException("用户名或密码不正确"); + + Map map = new HashMap<>(); + map.put("message", "用户名或密码不正确"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } //由于在上面已验证过用户名、密码,现在构建一个已认证的对象UsernamePasswordAuthenticationToken @@ -157,9 +163,9 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build(); OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext); if (generatedAccessToken == null) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成访问token,请联系管理系。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成访问token,请联系管理系。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(), @@ -181,9 +187,9 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build(); OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext); if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成刷新token,请联系管理员。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成访问token,请联系管理系。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } refreshToken = (OAuth2RefreshToken) generatedRefreshToken; @@ -201,6 +207,7 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser); JSONObject addition = new JSONObject(new LinkedHashMap<>()); + addition.put("token", accessToken.getTokenValue()); // 设置租户 JSONObject jsonObject = commonAPI.setLoginTenant(username); @@ -225,8 +232,15 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid addition.put("multi_depart", 2); } + // 兼容原有shiro登录结果处理 + Map map = new HashMap<>(); + map.put("result", addition); + map.put("code", 200); + map.put("success", true); + map.put("timestamp", System.currentTimeMillis()); + // 返回access_token、refresh_token以及其它信息给到前端 - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map); } @Override diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java index d369cb7a..ec73cec1 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java @@ -36,6 +36,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke import org.springframework.util.Assert; import java.security.Principal; +import java.time.Instant; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -89,6 +90,9 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider // 验证码 String captcha = (String) additionalParameter.get("captcha"); + OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(phoneGrantAuthenticationToken); + RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); + // 通过手机号获取用户信息 LoginUser loginUser = commonAPI.getUserByPhone(phone); // 检查用户可行性 @@ -101,15 +105,17 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider if (!captcha.equals(code)) { //update-begin-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户 addLoginFailOvertimes(phone); - //update-end-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户 - throw new JeecgBootException("手机验证码错误"); + + Map map = new HashMap<>(); + map.put("message", "手机验证码错误"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); + } - OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(phoneGrantAuthenticationToken); - RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); - if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) { - throw new JeecgBootException("非法登录"); + Map map = new HashMap<>(); + map.put("message", "非法登录"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } //由于在上面已验证过用户名、密码,现在构建一个已认证的对象UsernamePasswordAuthenticationToken @@ -134,9 +140,9 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build(); OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext); if (generatedAccessToken == null) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成访问token,请联系管理系。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(), @@ -158,9 +164,9 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build(); OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext); if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成刷新token,请联系管理员。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } refreshToken = (OAuth2RefreshToken) generatedRefreshToken; @@ -175,7 +181,7 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider baseCommonService.addLog("用户名: " + loginUser.getUsername() + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser); JSONObject addition = new JSONObject(new LinkedHashMap<>()); - + addition.put("token", accessToken.getTokenValue()); // 设置租户 JSONObject jsonObject = commonAPI.setLoginTenant(loginUser.getUsername()); addition.putAll(jsonObject.getInnerMap()); @@ -199,8 +205,15 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider addition.put("multi_depart", 2); } + // 兼容原有shiro登录结果处理 + Map map = new HashMap<>(); + map.put("result", addition); + map.put("code", 200); + map.put("success", true); + map.put("timestamp", System.currentTimeMillis()); + // 返回access_token、refresh_token以及其它信息给到前端 - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map); } @Override diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java index 5936d9b2..06b2f95c 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java @@ -30,6 +30,7 @@ import org.springframework.stereotype.Component; import org.springframework.util.Assert; import java.security.Principal; +import java.time.Instant; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -80,7 +81,9 @@ public class SelfAuthenticationProvider implements AuthenticationProvider { RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) { - throw new JeecgBootException("非法登录"); + Map map = new HashMap<>(); + map.put("message", "非法登录"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } // 通过用户名获取用户信息 @@ -109,9 +112,10 @@ public class SelfAuthenticationProvider implements AuthenticationProvider { OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build(); OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext); if (generatedAccessToken == null) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成访问token,请联系管理系。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); + } OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(), @@ -133,9 +137,9 @@ public class SelfAuthenticationProvider implements AuthenticationProvider { tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build(); OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext); if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成刷新token,请联系管理员。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } refreshToken = (OAuth2RefreshToken) generatedRefreshToken; @@ -148,7 +152,7 @@ public class SelfAuthenticationProvider implements AuthenticationProvider { authorizationService.save(authorization); JSONObject addition = new JSONObject(new LinkedHashMap<>()); - + addition.put("token", accessToken.getTokenValue()); // 设置租户 JSONObject jsonObject = commonAPI.setLoginTenant(username); addition.putAll(jsonObject.getInnerMap()); @@ -172,8 +176,15 @@ public class SelfAuthenticationProvider implements AuthenticationProvider { addition.put("multi_depart", 2); } + // 兼容原有shiro登录结果处理 + Map map = new HashMap<>(); + map.put("result", addition); + map.put("code", 200); + map.put("success", true); + map.put("timestamp", System.currentTimeMillis()); + // 返回access_token、refresh_token以及其它信息给到前端 - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map); } @Override diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java index 3fffd292..9349f4dc 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java @@ -34,6 +34,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke import org.springframework.util.Assert; import java.security.Principal; +import java.time.Instant; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -95,7 +96,10 @@ public class SocialGrantAuthenticationProvider implements AuthenticationProvider RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) { - throw new JeecgBootException("非法登录"); + Map map = new HashMap<>(); + map.put("message", "非法登录"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); + } //由于在上面已验证过用户名、密码,现在构建一个已认证的对象UsernamePasswordAuthenticationToken @@ -120,9 +124,10 @@ public class SocialGrantAuthenticationProvider implements AuthenticationProvider OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build(); OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext); if (generatedAccessToken == null) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成访问token,请联系管理系。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成访问token,请联系管理系。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); + } OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(), @@ -144,9 +149,9 @@ public class SocialGrantAuthenticationProvider implements AuthenticationProvider tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build(); OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext); if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) { - OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, - "无法生成刷新token,请联系管理员。", ERROR_URI); - throw new OAuth2AuthenticationException(error); + Map map = new HashMap<>(); + map.put("message", "无法生成刷新token,请联系管理员。"); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map); } refreshToken = (OAuth2RefreshToken) generatedRefreshToken; @@ -161,7 +166,7 @@ public class SocialGrantAuthenticationProvider implements AuthenticationProvider baseCommonService.addLog("用户名: " + loginUser.getUsername() + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser); JSONObject addition = new JSONObject(new LinkedHashMap<>()); - + addition.put("token", accessToken.getTokenValue()); // 设置租户 JSONObject jsonObject = commonAPI.setLoginTenant(loginUser.getUsername()); addition.putAll(jsonObject.getInnerMap()); @@ -185,8 +190,16 @@ public class SocialGrantAuthenticationProvider implements AuthenticationProvider addition.put("multi_depart", 2); } + // 兼容原有shiro登录结果处理 + Map map = new HashMap<>(); + map.put("result", addition); + map.put("code", 200); + map.put("success", true); + map.put("timestamp", System.currentTimeMillis()); + + // 返回access_token、refresh_token以及其它信息给到前端 - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition); + return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map); } @Override diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java index 4ec6e130..b3087b3a 100644 --- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java +++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java @@ -89,8 +89,8 @@ public class LoginController { * @return */ @Deprecated - @Operation(summary = "登录接口") - @RequestMapping(value = "/login", method = RequestMethod.POST) +// @Operation(summary = "登录接口") +// @RequestMapping(value = "/login", method = RequestMethod.POST) public Result login(@RequestBody SysLoginModel sysLoginModel){ Result result = new Result(); String username = sysLoginModel.getUsername();