Explorar el Código

接入 浙政钉扫码登陆管理优化

tags/24080901
liuxinxin hace 1 año
padre
commit
41a0c63739
Se han modificado 3 ficheros con 22 adiciones y 18 borrados
  1. +14
    -10
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthFilter.java
  2. +1
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthProvider.java
  3. +7
    -7
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java

pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthFilter.java → pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthFilter.java Ver fichero

@@ -9,7 +9,6 @@ import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@@ -21,7 +20,7 @@ import javax.servlet.http.HttpServletResponse;
* @Date 2020/8/3 8:46 下午
* @Version 1.0
**/
public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessingFilter {
public class CredentialAuthFilter extends AbstractAuthenticationProcessingFilter {

private boolean postOnly = true;

@@ -33,7 +32,7 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
// ~ Constructors
// ===================================================================================================

public UsernamePasswordAuthFilter(String processingUrl) {
public CredentialAuthFilter(String processingUrl) {
super(new AntPathRequestMatcher(processingUrl, HttpMethod.POST.name()));
}

@@ -52,14 +51,12 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
if (StringUtils.isBlank(loginType)) {
throw new BadCredentialsException("登陆类型不能为空");
}
paramValid(identifier, credential, loginType);

if (StringUtils.isBlank(identifier) || StringUtils.isBlank(credential)) {
throw new UsernameNotFoundException("用户名或密码不能为空");
}

identifier = identifier.trim();
credential = credential.trim();
loginType = loginType.trim();
identifier = trim(identifier);
credential = trim(credential);
loginType = trim(loginType);
try {
CredentialAuthToken authRequest = new CredentialAuthToken(identifier, credential, loginType);
// Allow subclasses to set the "details" property
@@ -78,7 +75,7 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
}

private void valid(String identifier, String credential, String loginType) {
private void paramValid(String identifier, String credential, String loginType) {
LoginTypeEnum loginTypeEnum = LoginTypeEnum.valueOf(loginType);
switch (loginTypeEnum) {
case DING_QR_LOGIN: {
@@ -101,4 +98,11 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
break;
}
}

private String trim(String trimStr) {
if (StringUtils.isNotBlank(trimStr)) {
return trimStr.trim();
}
return null;
}
}

pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthProvider.java → pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthProvider.java Ver fichero

@@ -16,7 +16,7 @@ import org.springframework.security.crypto.password.PasswordEncoder;
* @Date 2020/8/3 8:55 下午
* @Version 1.0
**/
public class UsernamePasswordAuthProvider implements AuthenticationProvider {
public class CredentialAuthProvider implements AuthenticationProvider {

private UserDetailsService userDetailsService;


+ 7
- 7
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java Ver fichero

@@ -47,21 +47,21 @@ public class CredentialAuthSecurityConfig

@Override
public void configure(HttpSecurity http) throws Exception {
UsernamePasswordAuthFilter usernamePasswordAuthFilter =
new UsernamePasswordAuthFilter(authProperties.getPasswordLoginUrl());
CredentialAuthFilter credentialAuthFilter =
new CredentialAuthFilter(authProperties.getPasswordLoginUrl());
authenticationManager = http.getSharedObject(AuthenticationManager.class);
usernamePasswordAuthFilter.setAuthenticationManager(authenticationManager);
usernamePasswordAuthFilter.setAuthenticationSuccessHandler(defaultLoginSuccessHandler);
usernamePasswordAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler);
credentialAuthFilter.setAuthenticationManager(authenticationManager);
credentialAuthFilter.setAuthenticationSuccessHandler(defaultLoginSuccessHandler);
credentialAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler);

UsernamePasswordAuthProvider authenticationProvider = new UsernamePasswordAuthProvider();
CredentialAuthProvider authenticationProvider = new CredentialAuthProvider();
authenticationProvider.setUserDetailsService(credentialLoginUserDetailService);
// 确保对密码进行加密的encoder和解密的encoder相同
authenticationProvider.setPasswordEncoder(passwordEncoder);
// 传入浙政钉client
authenticationProvider.setZwddAuthClient(zwddAuthClient);

http.authenticationProvider(authenticationProvider).addFilterAfter(usernamePasswordAuthFilter,
http.authenticationProvider(authenticationProvider).addFilterAfter(credentialAuthFilter,
UsernamePasswordAuthenticationFilter.class);
}



Cargando…
Cancelar
Guardar