From a3c6f1bfc85d1f45979601b773eb1e7d91fc8add Mon Sep 17 00:00:00 2001 From: liuxinxin Date: Tue, 14 Feb 2023 11:14:42 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E5=85=A5=20=E6=B5=99=E6=94=BF?= =?UTF-8?q?=E9=92=89=E6=89=AB=E7=A0=81=E7=99=BB=E9=99=86=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/handler/GlobalResponseHandler.java | 3 +- .../manage/ConstructionPlanManage.java | 3 +- .../pmapi/user/constant/LoginTypeEnum.java | 30 ++++++ .../user/controller/NdUserAuthController.java | 20 ---- .../user/controller/NdUserInfoController.java | 20 ---- .../pmapi/user/controller/UserAuthController.java | 11 ++- .../pmapi/user/manage/UserAuthLoginManage.java | 39 ++++++++ .../user/security/auth/WebSecurityConfig.java | 13 +-- .../AccountIdLoginUserDetailService.java | 42 +++++++++ .../credential/CredentialAuthSecurityConfig.java | 71 ++++++++++++++ .../auth/credential/CredentialAuthToken.java | 84 +++++++++++++++++ .../CredentialLoginUserDetailService.java | 42 +++++++++ .../credential/PhoneNoLoginUserDetailService.java | 42 +++++++++ .../credential/UsernamePasswordAuthFilter.java | 104 +++++++++++++++++++++ .../credential/UsernamePasswordAuthProvider.java | 92 ++++++++++++++++++ .../password/PasswordLoginUserDetailService.java | 42 --------- .../auth/password/UsernamePasswordAuthFilter.java | 71 -------------- .../password/UsernamePasswordAuthProvider.java | 65 ------------- .../UsernamePasswordAuthSecurityConfig.java | 64 ------------- .../auth/password/UsernamePasswordAuthToken.java | 76 --------------- pmapi/src/main/resources/integration/zwdd-dev.yml | 16 +--- 21 files changed, 565 insertions(+), 385 deletions(-) create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/constant/LoginTypeEnum.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserAuthController.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserInfoController.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/AccountIdLoginUserDetailService.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthToken.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/PhoneNoLoginUserDetailService.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthFilter.java create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthProvider.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/PasswordLoginUserDetailService.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthFilter.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthProvider.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java delete mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthToken.java diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java b/pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java index d3090ff..e3f53eb 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java @@ -2,7 +2,6 @@ package com.ningdatech.pmapi.common.handler; import cn.hutool.json.JSONUtil; import com.ningdatech.basic.model.ApiResponse; -import com.ningdatech.pmapi.common.util.BizUtils; import org.springframework.core.MethodParameter; import org.springframework.http.MediaType; import org.springframework.http.converter.HttpMessageConverter; @@ -24,7 +23,7 @@ import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; "com.ningdatech.pmapi.projectlib.controller", "com.ningdatech.pmapi.sys.controller", "com.ningdatech.pmapi.todocenter.controller", - "com.ningdatech.pmapi.user.controller" + "com.ningdatech.pmapi.user.controller", }) public class GlobalResponseHandler implements ResponseBodyAdvice { diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/projectdeclared/manage/ConstructionPlanManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/projectdeclared/manage/ConstructionPlanManage.java index 2d69514..bf442cd 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/projectdeclared/manage/ConstructionPlanManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/projectdeclared/manage/ConstructionPlanManage.java @@ -20,6 +20,7 @@ import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.BeanUtils; import org.springframework.stereotype.Component; + import java.time.LocalDateTime; import java.util.Collections; import java.util.Map; @@ -69,7 +70,7 @@ public class ConstructionPlanManage { //首先要判断 项目当前状态 是不是 方案待申报 VUtils.isTrue(!ProjectStatusEnum.PLAN_TO_BE_DECLARED.getCode().equals(projectInfo.getStatus()) || - !ProjectStatusEnum.NOT_APPROVED.getCode().equals(projectInfo.getStage())) + !ProjectStatusEnum.NOT_APPROVED.getCode().equals(projectInfo.getStage())) .throwMessage("提交失败 该项目不是 待预审状态或者未立项阶段"); //TODO 再判断 该项目是否 真实走完 单位内部审批 diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/constant/LoginTypeEnum.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/constant/LoginTypeEnum.java new file mode 100644 index 0000000..5ed7d49 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/constant/LoginTypeEnum.java @@ -0,0 +1,30 @@ +package com.ningdatech.pmapi.user.constant; + +import io.swagger.annotations.ApiModel; +import lombok.AllArgsConstructor; +import lombok.Getter; + +/** + * @author liuxinxin + * @date 2022/8/17 下午5:55 + */ +@AllArgsConstructor +@Getter +@ApiModel("登陆类型") +public enum LoginTypeEnum { + /** + * 浙政钉扫码登陆 + */ + DING_QR_LOGIN, + + /** + * 手机号验证码登陆 + */ + PHONE_VERIFICATION_CODE_LOGIN, + + /** + * 账号密码登陆 + */ + USERNAME_PASSWORD_LOGIN; + +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserAuthController.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserAuthController.java deleted file mode 100644 index 5ca59b0..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserAuthController.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.ningdatech.pmapi.user.controller; - - -import org.springframework.web.bind.annotation.RequestMapping; - -import org.springframework.stereotype.Controller; - -/** - *

- * 前端控制器 - *

- * - * @author Lierbao - * @since 2023-02-01 - */ -@Controller -@RequestMapping("/pmapi.user/nd-user-auth") -public class NdUserAuthController { - -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserInfoController.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserInfoController.java deleted file mode 100644 index 2e29add..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/NdUserInfoController.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.ningdatech.pmapi.user.controller; - - -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; - -/** - *

- * 前端控制器 - *

- * - * @author Lierbao - * @since 2023-02-01 - */ -@Controller -@RequestMapping("/pmapi.user/nd-user-info") -public class NdUserInfoController { - - -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/UserAuthController.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/UserAuthController.java index efbb287..d4ea3d3 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/UserAuthController.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/UserAuthController.java @@ -36,13 +36,16 @@ public class UserAuthController { private final ObjectMapper objectMapper; - @PostMapping(value = "/login/password", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) + @PostMapping(value = "/login", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) @ApiOperation(value = "账号密码的登陆方式") @ApiImplicitParams({ - @ApiImplicitParam(name = "username", value = "用户名", required = true, paramType = "form", dataType = "String"), - @ApiImplicitParam(name = "password", value = "密码", required = true, paramType = "form", dataType = "String")}) + @ApiImplicitParam(name = "identifier", value = "用户名", required = true, paramType = "form", dataType = "String"), + @ApiImplicitParam(name = "credential", value = "凭证", required = true, paramType = "form", dataType = "String"), + @ApiImplicitParam(name = "loginType", value = "DING_QR_LOGIN 浙政钉扫码登陆,PHONE_VERIFICATION_CODE_LOGIN 手机号验证码登陆" + , required = true, paramType = "form", dataType = "String")}) public void loginByUsernameAndPassword(@RequestParam("username") String username, - @RequestParam("password") String password) { + @RequestParam("credential") String credential, + @RequestParam("loginType") String loginType) { // 不实现任何内容,只是为了出api文档 } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java index d2e5cd2..e36057b 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java @@ -18,6 +18,12 @@ public class UserAuthLoginManage { private final IUserAuthService iUserAuthService; private final IUserInfoService iUserInfoService; + /** + * 根据用户名获取 + * + * @param username + * @return + */ public UserFullInfoDTO queryUserInfoInPasswordAuth(String username) { UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); userFullInfoDTO.setCompanyId(1L); @@ -27,4 +33,37 @@ public class UserAuthLoginManage { userFullInfoDTO.setUsername("测试账号"); return userFullInfoDTO; } + + /** + * 根据手机号获取 + * + * @param phoneNo + * @return + */ + public UserFullInfoDTO queryUserInfoInPhoneNoAuth(String phoneNo) { + UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); + userFullInfoDTO.setCompanyId(1L); + userFullInfoDTO.setUserId(1L); + userFullInfoDTO.setIdentifier("123456"); + userFullInfoDTO.setRealName("测试账号"); + userFullInfoDTO.setUsername("测试账号"); + return userFullInfoDTO; + } + + + /** + * 根据accountId + * + * @param accountId + * @return + */ + public UserFullInfoDTO queryUserInfoInAccountIdAuth(String accountId) { + UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); + userFullInfoDTO.setCompanyId(1L); + userFullInfoDTO.setUserId(1L); + userFullInfoDTO.setIdentifier("123456"); + userFullInfoDTO.setRealName("测试账号"); + userFullInfoDTO.setUsername("测试账号"); + return userFullInfoDTO; + } } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java index ab0bba7..7da9923 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java @@ -1,13 +1,11 @@ package com.ningdatech.pmapi.user.security.auth; -import com.google.common.collect.Lists; -import com.ningdatech.basic.util.CollUtils; import com.ningdatech.basic.util.NdJsonUtil; import com.ningdatech.basic.util.StrPool; import com.ningdatech.pmapi.common.constant.BizConst; import com.ningdatech.pmapi.common.constant.CommonConstant; import com.ningdatech.pmapi.user.security.auth.handler.DefaultExpiredSessionStrategy; -import com.ningdatech.pmapi.user.security.auth.password.UsernamePasswordAuthSecurityConfig; +import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthSecurityConfig; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpStatus; @@ -18,7 +16,6 @@ import org.springframework.security.web.authentication.logout.LogoutSuccessHandl import org.springframework.security.web.csrf.CookieCsrfTokenRepository; import java.io.PrintWriter; -import java.util.ArrayList; import java.util.Map; import java.util.Set; @@ -31,16 +28,16 @@ import java.util.Set; public class WebSecurityConfig extends WebSecurityConfigurerAdapter { private final AuthProperties authProperties; - private final UsernamePasswordAuthSecurityConfig usernamePasswordAuthSecurityConfig; + private final CredentialAuthSecurityConfig credentialAuthSecurityConfig; private final LogoutSuccessHandler logoutSuccessHandler; private final DefaultExpiredSessionStrategy defaultExpiredSessionStrategy; public WebSecurityConfig(AuthProperties authProperties, - UsernamePasswordAuthSecurityConfig usernamePasswordAuthSecurityConfig, + CredentialAuthSecurityConfig credentialAuthSecurityConfig, @Qualifier(value = "defaultLogoutSuccessHandler") LogoutSuccessHandler logoutSuccessHandler, DefaultExpiredSessionStrategy defaultExpiredSessionStrategy) { this.authProperties = authProperties; - this.usernamePasswordAuthSecurityConfig = usernamePasswordAuthSecurityConfig; + this.credentialAuthSecurityConfig = credentialAuthSecurityConfig; this.logoutSuccessHandler = logoutSuccessHandler; this.defaultExpiredSessionStrategy = defaultExpiredSessionStrategy; } @@ -50,7 +47,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { assemblerPreAuthUrls(http); http.formLogin() .loginPage(authProperties.getAuthRequireUrl()) - .and().apply(usernamePasswordAuthSecurityConfig) + .and().apply(credentialAuthSecurityConfig) .and() .authorizeRequests().antMatchers(authProperties.getIgnoreAuthUrlsArray()).permitAll().anyRequest() .authenticated().and() diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/AccountIdLoginUserDetailService.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/AccountIdLoginUserDetailService.java new file mode 100644 index 0000000..6c7ba35 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/AccountIdLoginUserDetailService.java @@ -0,0 +1,42 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + + +import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; +import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +import java.util.Objects; + +/** + * @author LiuXinXin + * @date 2022/9/30 上午9:49 + */ + +@Service("accountIdLoginUserDetailService") +@RequiredArgsConstructor +public class AccountIdLoginUserDetailService implements UserDetailsService { + + private final UserAuthLoginManage userAuthLoginManage; + + @Override + public UserInfoDetails loadUserByUsername(String accountId) throws UsernameNotFoundException { + UserFullInfoDTO userFullInfoDTO = userAuthLoginManage.queryUserInfoInAccountIdAuth(accountId); + if (Objects.isNull(userFullInfoDTO)) { + throw new UsernameNotFoundException(String.format("%s user not exist", accountId)); + } + UserInfoDetails userInfoDetails = new UserInfoDetails(); + userInfoDetails.setUserId(userFullInfoDTO.getUserId()); + userInfoDetails.setUsername(userFullInfoDTO.getUsername()); + userInfoDetails.setRealName(userFullInfoDTO.getRealName()); + userInfoDetails.setRole(userFullInfoDTO.getRole()); + userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode()); + userInfoDetails.setCompanyId(userFullInfoDTO.getCompanyId()); + userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier()); + userInfoDetails.setPassword(userFullInfoDTO.getCredential()); + return userInfoDetails; + } +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java new file mode 100644 index 0000000..56b7432 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java @@ -0,0 +1,71 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + +import com.ningdatech.pmapi.user.security.auth.AuthProperties; +import com.ningdatech.zwdd.client.ZwddAuthClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.SecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.DefaultSecurityFilterChain; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.stereotype.Component; + +/** + * 账号密码登陆的认证配置 + */ +@Component +public class CredentialAuthSecurityConfig + extends SecurityConfigurerAdapter { + + @Autowired + @Qualifier(value = "defaultLoginSuccessHandler") + protected AuthenticationSuccessHandler defaultLoginSuccessHandler; + + @Autowired + @Qualifier(value = "defaultLoginFailureHandler") + protected AuthenticationFailureHandler defaultLoginFailureHandler; + + @Autowired + @Qualifier(value = "credentialLoginUserDetailService") + private UserDetailsService credentialLoginUserDetailService; + + @Autowired + private PasswordEncoder passwordEncoder; + + @Autowired + private AuthProperties authProperties; + + private AuthenticationManager authenticationManager; + + @Autowired + private ZwddAuthClient zwddAuthClient; + + @Override + public void configure(HttpSecurity http) throws Exception { + UsernamePasswordAuthFilter usernamePasswordAuthFilter = + new UsernamePasswordAuthFilter(authProperties.getPasswordLoginUrl()); + authenticationManager = http.getSharedObject(AuthenticationManager.class); + usernamePasswordAuthFilter.setAuthenticationManager(authenticationManager); + usernamePasswordAuthFilter.setAuthenticationSuccessHandler(defaultLoginSuccessHandler); + usernamePasswordAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler); + + UsernamePasswordAuthProvider authenticationProvider = new UsernamePasswordAuthProvider(); + authenticationProvider.setUserDetailsService(credentialLoginUserDetailService); + // 确保对密码进行加密的encoder和解密的encoder相同 + authenticationProvider.setPasswordEncoder(passwordEncoder); + // 传入浙政钉client + authenticationProvider.setZwddAuthClient(zwddAuthClient); + + http.authenticationProvider(authenticationProvider).addFilterAfter(usernamePasswordAuthFilter, + UsernamePasswordAuthenticationFilter.class); + } + + public AuthenticationManager getAuthenticationManager() { + return authenticationManager; + } +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthToken.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthToken.java new file mode 100644 index 0000000..96d37bb --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthToken.java @@ -0,0 +1,84 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + +import com.ningdatech.pmapi.user.constant.LoginTypeEnum; +import org.springframework.security.authentication.AbstractAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.SpringSecurityCoreVersion; + +import java.util.Collection; + +/** + * @Author LiuXinXin + * @Date 2020/8/3 8:52 下午 + * @Version 1.0 + **/ +public class CredentialAuthToken extends AbstractAuthenticationToken { + + private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; + + private final Object principal; + + private final Object credentials; + + private final LoginTypeEnum loginTypeEnum; + + /** + * This constructor can be safely used by any code that wishes to create a + * UsernamePasswordAuthenticationToken, as the {@link #isAuthenticated()} will return + * false. + */ + public CredentialAuthToken(String principal, String credentials, String loginTypeEnum) { + super(null); + this.principal = principal; + this.credentials = credentials; + this.loginTypeEnum = LoginTypeEnum.valueOf(loginTypeEnum); + setAuthenticated(false); + } + + /** + * This constructor should only be used by AuthenticationManager or AuthenticationProvider + * implementations that are satisfied with producing a trusted (i.e. {@link #isAuthenticated()} = true) + * authentication token. + * + * @param principal + * @param authorities + */ + public CredentialAuthToken(Object principal, Object credentials, + Collection authorities) { + super(authorities); + this.principal = principal; + this.credentials = credentials; + this.loginTypeEnum = null; + // must use super, as we override + super.setAuthenticated(true); + } + + public LoginTypeEnum getLoginTypeEnum() { + return this.loginTypeEnum; + } + + @Override + public Object getCredentials() { + return this.credentials; + } + + @Override + public Object getPrincipal() { + return this.principal; + } + + @Override + public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { + if (isAuthenticated) { + throw new IllegalArgumentException( + "Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead"); + } + super.setAuthenticated(false); + } + + @Override + public void eraseCredentials() { + super.eraseCredentials(); + } + +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java new file mode 100644 index 0000000..286de41 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java @@ -0,0 +1,42 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + + +import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; +import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +import java.util.Objects; + +/** + * @author LiuXinXin + * @date 2022/9/30 上午9:49 + */ + +@Service("credentialLoginUserDetailService") +@RequiredArgsConstructor +public class CredentialLoginUserDetailService implements UserDetailsService { + + private final UserAuthLoginManage userAuthLoginManage; + + @Override + public UserInfoDetails loadUserByUsername(String username) throws UsernameNotFoundException { + UserFullInfoDTO userFullInfoDTO = userAuthLoginManage.queryUserInfoInPasswordAuth(username); + if (Objects.isNull(userFullInfoDTO)) { + throw new UsernameNotFoundException(String.format("%s user not exist", username)); + } + UserInfoDetails userInfoDetails = new UserInfoDetails(); + userInfoDetails.setUserId(userFullInfoDTO.getUserId()); + userInfoDetails.setUsername(userFullInfoDTO.getUsername()); + userInfoDetails.setRealName(userFullInfoDTO.getRealName()); + userInfoDetails.setRole(userFullInfoDTO.getRole()); + userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode()); + userInfoDetails.setCompanyId(userFullInfoDTO.getCompanyId()); + userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier()); + userInfoDetails.setPassword(userFullInfoDTO.getCredential()); + return userInfoDetails; + } +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/PhoneNoLoginUserDetailService.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/PhoneNoLoginUserDetailService.java new file mode 100644 index 0000000..12231e3 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/PhoneNoLoginUserDetailService.java @@ -0,0 +1,42 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + + +import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; +import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +import java.util.Objects; + +/** + * @author LiuXinXin + * @date 2022/9/30 上午9:49 + */ + +@Service("phoneNoLoginUserDetailService") +@RequiredArgsConstructor +public class PhoneNoLoginUserDetailService implements UserDetailsService { + + private final UserAuthLoginManage userAuthLoginManage; + + @Override + public UserInfoDetails loadUserByUsername(String username) throws UsernameNotFoundException { + UserFullInfoDTO userFullInfoDTO = userAuthLoginManage.queryUserInfoInPhoneNoAuth(username); + if (Objects.isNull(userFullInfoDTO)) { + throw new UsernameNotFoundException(String.format("%s user not exist", username)); + } + UserInfoDetails userInfoDetails = new UserInfoDetails(); + userInfoDetails.setUserId(userFullInfoDTO.getUserId()); + userInfoDetails.setUsername(userFullInfoDTO.getUsername()); + userInfoDetails.setRealName(userFullInfoDTO.getRealName()); + userInfoDetails.setRole(userFullInfoDTO.getRole()); + userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode()); + userInfoDetails.setCompanyId(userFullInfoDTO.getCompanyId()); + userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier()); + userInfoDetails.setPassword(userFullInfoDTO.getCredential()); + return userInfoDetails; + } +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthFilter.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthFilter.java new file mode 100644 index 0000000..1863b4a --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthFilter.java @@ -0,0 +1,104 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + +import com.ningdatech.basic.exception.BizException; +import com.ningdatech.pmapi.user.constant.LoginTypeEnum; +import org.apache.commons.lang3.StringUtils; +import org.springframework.http.HttpMethod; +import org.springframework.security.authentication.AuthenticationServiceException; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.InternalAuthenticationServiceException; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * @Author LiuXinXin + * @Date 2020/8/3 8:46 下午 + * @Version 1.0 + **/ +public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessingFilter { + + private boolean postOnly = true; + + private static final String IDENTIFIER_PARAMETER = "identifier"; + private static final String CREDENTIAL_PARAMETER = "credential"; + private static final String LOGIN_TYPE_PARAMETER = "loginType"; + + + // ~ Constructors + // =================================================================================================== + + public UsernamePasswordAuthFilter(String processingUrl) { + super(new AntPathRequestMatcher(processingUrl, HttpMethod.POST.name())); + } + + // ~ Methods + // ======================================================================================================== + + @Override + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) + throws AuthenticationException { + if (postOnly && !request.getMethod().equals(HttpMethod.POST.name())) { + throw new AuthenticationServiceException("请求方法错误"); + } + String identifier = request.getParameter(IDENTIFIER_PARAMETER); + String credential = request.getParameter(CREDENTIAL_PARAMETER); + String loginType = request.getParameter(LOGIN_TYPE_PARAMETER); + if (StringUtils.isBlank(loginType)) { + throw new BadCredentialsException("登陆类型不能为空"); + } + + if (StringUtils.isBlank(identifier) || StringUtils.isBlank(credential)) { + throw new UsernameNotFoundException("用户名或密码不能为空"); + } + + identifier = identifier.trim(); + credential = credential.trim(); + loginType = loginType.trim(); + try { + CredentialAuthToken authRequest = new CredentialAuthToken(identifier, credential, loginType); + // Allow subclasses to set the "details" property + setDetails(request, authRequest); + return this.getAuthenticationManager().authenticate(authRequest); + } catch (AuthenticationException e) { + throw new BadCredentialsException("账号或密码错误"); + } catch (BizException e) { + throw new BadCredentialsException(e.getMessage()); + } catch (Exception e) { + throw new InternalAuthenticationServiceException("授权失败:", e); + } + } + + protected void setDetails(HttpServletRequest request, CredentialAuthToken authRequest) { + authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); + } + + private void valid(String identifier, String credential, String loginType) { + LoginTypeEnum loginTypeEnum = LoginTypeEnum.valueOf(loginType); + switch (loginTypeEnum) { + case DING_QR_LOGIN: { + if (StringUtils.isBlank(credential)) { + throw new BadCredentialsException("浙政钉扫码登陆 授权码 不能为空 credential"); + } + } + break; + case USERNAME_PASSWORD_LOGIN: { + if (StringUtils.isBlank(identifier) || StringUtils.isBlank(credential)) { + throw new BadCredentialsException("账号密码登陆 账号密码不能为空 identifier credential"); + } + } + break; + case PHONE_VERIFICATION_CODE_LOGIN: { + if (StringUtils.isBlank(identifier) || StringUtils.isBlank(credential)) { + throw new BadCredentialsException("手机号验证码登陆 手机号或验证码不能为空 identifier credential"); + } + } + break; + } + } +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthProvider.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthProvider.java new file mode 100644 index 0000000..e8c6977 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/UsernamePasswordAuthProvider.java @@ -0,0 +1,92 @@ +package com.ningdatech.pmapi.user.security.auth.credential; + +import com.ningdatech.pmapi.user.constant.LoginTypeEnum; +import com.ningdatech.zwdd.client.ZwddAuthClient; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.InternalAuthenticationServiceException; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.password.PasswordEncoder; + +/** + * @Author LiuXinXin + * @Date 2020/8/3 8:55 下午 + * @Version 1.0 + **/ +public class UsernamePasswordAuthProvider implements AuthenticationProvider { + + private UserDetailsService userDetailsService; + + private PasswordEncoder passwordEncoder; + + private ZwddAuthClient zwddAuthClient; + + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + if (!(authentication instanceof CredentialAuthToken)) { + throw new RuntimeException("CustomAuthProvider 只支持 CustomAuthToken"); + } + CredentialAuthToken authenticationToken = (CredentialAuthToken) authentication; + String credentials = (String) authenticationToken.getCredentials(); + + UserDetails user = null; + LoginTypeEnum loginTypeEnum = authenticationToken.getLoginTypeEnum(); + switch (loginTypeEnum) { + case DING_QR_LOGIN: { + // TODO 补充浙政钉扫码逻辑 + user = userDetailsService.loadUserByUsername((String) authenticationToken.getPrincipal()); + } + break; + case PHONE_VERIFICATION_CODE_LOGIN: { + // TODO + user = userDetailsService.loadUserByUsername((String) authenticationToken.getPrincipal()); + } + break; + case USERNAME_PASSWORD_LOGIN: { + user = userDetailsService.loadUserByUsername((String) authenticationToken.getPrincipal()); + if (user == null) { + throw new InternalAuthenticationServiceException("can not get user info!"); + } + // 账号密码登陆 更改 + additionalAuthenticationChecks(user, authenticationToken); + } + break; + } + + + // 将用户定义的user放入token中,这样可以在session中查询到所有自定义的用户信息 + return new CredentialAuthToken(user, user.getPassword(), user.getAuthorities()); + } + + protected void additionalAuthenticationChecks(UserDetails userDetails, CredentialAuthToken authentication) + throws AuthenticationException { + if (authentication.getCredentials() == null) { + throw new BadCredentialsException("login fail! password is null"); + } + String presentedPassword = authentication.getCredentials().toString(); + if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) { + throw new BadCredentialsException("login fail! password is error"); + } + } + + @Override + public boolean supports(Class authentication) { + return CredentialAuthToken.class.isAssignableFrom(authentication); + } + + public void setUserDetailsService(UserDetailsService userDetailsService) { + this.userDetailsService = userDetailsService; + } + + public void setPasswordEncoder(PasswordEncoder passwordEncoder) { + this.passwordEncoder = passwordEncoder; + } + + public void setZwddAuthClient(ZwddAuthClient zwddAuthClient) { + this.zwddAuthClient = zwddAuthClient; + } + +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/PasswordLoginUserDetailService.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/PasswordLoginUserDetailService.java deleted file mode 100644 index 4c55fde..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/PasswordLoginUserDetailService.java +++ /dev/null @@ -1,42 +0,0 @@ -package com.ningdatech.pmapi.user.security.auth.password; - - -import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; -import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; -import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; -import lombok.RequiredArgsConstructor; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.stereotype.Service; - -import java.util.Objects; - -/** - * @author LiuXinXin - * @date 2022/9/30 上午9:49 - */ - -@Service("passwordLoginUserDetailService") -@RequiredArgsConstructor -public class PasswordLoginUserDetailService implements UserDetailsService { - - private final UserAuthLoginManage userAuthLoginManage; - - @Override - public UserInfoDetails loadUserByUsername(String username) throws UsernameNotFoundException { - UserFullInfoDTO userFullInfoDTO = userAuthLoginManage.queryUserInfoInPasswordAuth(username); - if (Objects.isNull(userFullInfoDTO)) { - throw new UsernameNotFoundException(String.format("%s user not exist", username)); - } - UserInfoDetails userInfoDetails = new UserInfoDetails(); - userInfoDetails.setUserId(userFullInfoDTO.getUserId()); - userInfoDetails.setUsername(userFullInfoDTO.getUsername()); - userInfoDetails.setRealName(userFullInfoDTO.getRealName()); - userInfoDetails.setRole(userFullInfoDTO.getRole()); - userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode()); - userInfoDetails.setCompanyId(userFullInfoDTO.getCompanyId()); - userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier()); - userInfoDetails.setPassword(userFullInfoDTO.getCredential()); - return userInfoDetails; - } -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthFilter.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthFilter.java deleted file mode 100644 index d790723..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthFilter.java +++ /dev/null @@ -1,71 +0,0 @@ -package com.ningdatech.pmapi.user.security.auth.password; - -import com.ningdatech.basic.exception.BizException; -import org.apache.commons.lang3.StringUtils; -import org.springframework.http.HttpMethod; -import org.springframework.security.authentication.AuthenticationServiceException; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.InternalAuthenticationServiceException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * @Author LiuXinXin - * @Date 2020/8/3 8:46 下午 - * @Version 1.0 - **/ -public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessingFilter { - - private boolean postOnly = true; - - private static final String USERNAME_PARAMETER = "username"; - private static final String PASSWORD_PARAMETER = "password"; - - - // ~ Constructors - // =================================================================================================== - - public UsernamePasswordAuthFilter(String processingUrl) { - super(new AntPathRequestMatcher(processingUrl, HttpMethod.POST.name())); - } - - // ~ Methods - // ======================================================================================================== - - @Override - public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) - throws AuthenticationException { - if (postOnly && !request.getMethod().equals(HttpMethod.POST.name())) { - throw new AuthenticationServiceException("请求方法错误"); - } - String username = request.getParameter(USERNAME_PARAMETER); - String password = request.getParameter(PASSWORD_PARAMETER); - if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { - throw new UsernameNotFoundException("用户名或密码不能为空"); - } - username = username.trim(); - password = password.trim(); - try { - UsernamePasswordAuthToken authRequest = new UsernamePasswordAuthToken(username, password); - // Allow subclasses to set the "details" property - setDetails(request, authRequest); - return this.getAuthenticationManager().authenticate(authRequest); - } catch (AuthenticationException e) { - throw new BadCredentialsException("账号或密码错误"); - } catch (BizException e) { - throw new BadCredentialsException(e.getMessage()); - } catch (Exception e) { - throw new InternalAuthenticationServiceException("授权失败:", e); - } - } - - protected void setDetails(HttpServletRequest request, UsernamePasswordAuthToken authRequest) { - authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); - } -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthProvider.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthProvider.java deleted file mode 100644 index f586d5b..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthProvider.java +++ /dev/null @@ -1,65 +0,0 @@ -package com.ningdatech.pmapi.user.security.auth.password; - -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.InternalAuthenticationServiceException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.password.PasswordEncoder; - -/** - * @Author LiuXinXin - * @Date 2020/8/3 8:55 下午 - * @Version 1.0 - **/ -public class UsernamePasswordAuthProvider implements AuthenticationProvider { - - private UserDetailsService userDetailsService; - - private PasswordEncoder passwordEncoder; - - @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - if (!(authentication instanceof UsernamePasswordAuthToken)) { - throw new RuntimeException("CustomAuthProvider 只支持 CustomAuthToken"); - } - UsernamePasswordAuthToken authenticationToken = (UsernamePasswordAuthToken) authentication; - - UserDetails user = userDetailsService.loadUserByUsername((String) authenticationToken.getPrincipal()); - if (user == null) { - throw new InternalAuthenticationServiceException("can not get user info!"); - } - // TODO 开发使用暂时关闭账号密码验证 -// additionalAuthenticationChecks(user, authenticationToken); - // 校验用户是否有当前端的登陆权限 - // 将用户定义的user放入token中,这样可以在session中查询到所有自定义的用户信息 - return new UsernamePasswordAuthToken(user, user.getPassword(), user.getAuthorities()); - } - - protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthToken authentication) - throws AuthenticationException { - if (authentication.getCredentials() == null) { - throw new BadCredentialsException("login fail! password is null"); - } - String presentedPassword = authentication.getCredentials().toString(); - if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) { - throw new BadCredentialsException("login fail! password is error"); - } - } - - @Override - public boolean supports(Class authentication) { - return UsernamePasswordAuthToken.class.isAssignableFrom(authentication); - } - - public void setUserDetailsService(UserDetailsService userDetailsService) { - this.userDetailsService = userDetailsService; - } - - public void setPasswordEncoder(PasswordEncoder passwordEncoder) { - this.passwordEncoder = passwordEncoder; - } - -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java deleted file mode 100644 index ce0759e..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java +++ /dev/null @@ -1,64 +0,0 @@ -package com.ningdatech.pmapi.user.security.auth.password; - -import com.ningdatech.pmapi.user.security.auth.AuthProperties; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.SecurityConfigurerAdapter; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.web.DefaultSecurityFilterChain; -import org.springframework.security.web.authentication.AuthenticationFailureHandler; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.stereotype.Component; - -/** - * 账号密码登陆的认证配置 - */ -@Component -public class UsernamePasswordAuthSecurityConfig - extends SecurityConfigurerAdapter { - - @Autowired - @Qualifier(value = "defaultLoginSuccessHandler") - protected AuthenticationSuccessHandler defaultLoginSuccessHandler; - - @Autowired - @Qualifier(value = "defaultLoginFailureHandler") - protected AuthenticationFailureHandler defaultLoginFailureHandler; - - @Autowired - @Qualifier(value = "passwordLoginUserDetailService") - private UserDetailsService passwordLoginUserDetailService; - - @Autowired - private PasswordEncoder passwordEncoder; - - @Autowired - private AuthProperties authProperties; - - private AuthenticationManager authenticationManager; - - @Override - public void configure(HttpSecurity http) throws Exception { - UsernamePasswordAuthFilter usernamePasswordAuthFilter = - new UsernamePasswordAuthFilter(authProperties.getPasswordLoginUrl()); - authenticationManager = http.getSharedObject(AuthenticationManager.class); - usernamePasswordAuthFilter.setAuthenticationManager(authenticationManager); - usernamePasswordAuthFilter.setAuthenticationSuccessHandler(defaultLoginSuccessHandler); - usernamePasswordAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler); - - UsernamePasswordAuthProvider authenticationProvider = new UsernamePasswordAuthProvider(); - authenticationProvider.setUserDetailsService(passwordLoginUserDetailService); - // 确保对密码进行加密的encoder和解密的encoder相同 - authenticationProvider.setPasswordEncoder(passwordEncoder); - http.authenticationProvider(authenticationProvider).addFilterAfter(usernamePasswordAuthFilter, - UsernamePasswordAuthenticationFilter.class); - } - - public AuthenticationManager getAuthenticationManager() { - return authenticationManager; - } -} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthToken.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthToken.java deleted file mode 100644 index 7be34c1..0000000 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthToken.java +++ /dev/null @@ -1,76 +0,0 @@ -package com.ningdatech.pmapi.user.security.auth.password; - -import org.springframework.security.authentication.AbstractAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.SpringSecurityCoreVersion; - -import java.util.Collection; - -/** - * @Author LiuXinXin - * @Date 2020/8/3 8:52 下午 - * @Version 1.0 - **/ -public class UsernamePasswordAuthToken extends AbstractAuthenticationToken { - - private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; - - private final Object principal; - - private final Object credentials; - - - /** - * This constructor can be safely used by any code that wishes to create a - * UsernamePasswordAuthenticationToken, as the {@link #isAuthenticated()} will return - * false. - */ - public UsernamePasswordAuthToken(String principal, String credentials) { - super(null); - this.principal = principal; - this.credentials = credentials; - setAuthenticated(false); - } - - /** - * This constructor should only be used by AuthenticationManager or AuthenticationProvider - * implementations that are satisfied with producing a trusted (i.e. {@link #isAuthenticated()} = true) - * authentication token. - * - * @param principal - * @param authorities - */ - public UsernamePasswordAuthToken(Object principal, Object credentials, - Collection authorities) { - super(authorities); - this.principal = principal; - this.credentials = credentials; - // must use super, as we override - super.setAuthenticated(true); - } - - @Override - public Object getCredentials() { - return this.credentials; - } - - @Override - public Object getPrincipal() { - return this.principal; - } - - @Override - public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { - if (isAuthenticated) { - throw new IllegalArgumentException( - "Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead"); - } - super.setAuthenticated(false); - } - - @Override - public void eraseCredentials() { - super.eraseCredentials(); - } - -} diff --git a/pmapi/src/main/resources/integration/zwdd-dev.yml b/pmapi/src/main/resources/integration/zwdd-dev.yml index 2acb0d9..52eea82 100644 --- a/pmapi/src/main/resources/integration/zwdd-dev.yml +++ b/pmapi/src/main/resources/integration/zwdd-dev.yml @@ -2,19 +2,11 @@ integration: zzd: #扫码 - app-auth-key: expert-base_dingoa-c5nnefYVnie - app-auth-secret: nm8qtST8uK431HYrjr7srcE23sT4889QgMcYFM3L - # #免登/获取信息 - # app-key: file-manage-4Mjx9358wuxjyYFjY3 - # app-secret: hE41938wqyQ5LOpc1QDRA9e7gb5YugoClWD3nY4O + app-auth-key: ls-rebuild_dingoa-rgeWs3YVr26z + app-auth-secret: 37qCe6ylNMW0N8K2741z0c2b9vJP2gtuMRQQtZ9P + #免登/获取信息 app-key: ls_rebuild-10c8n5X0707yFV7jURr app-secret: gN8J3WazyXLMWKDuFmx6C4yaH5lFUY41x8rYLLo6 #专有钉钉在开发管理工作台,右键查看网页源码realmId: '31141',浙政钉固定196729 tenantId: 31141 - domain: openplatform.dg-work.cn - -# integration.zzd.enabled=true -# #扫码 -# integration.zzd.app-auth-key=file-manage_dingoa-zte2LbiAfIj -# integration.zzd.app-auth-secret=H794aFZf271QbfUr50pbBpBTlXSrWIP71q9RTR34 -# integration.zzd.domain=openplatform.dg-work.cn \ No newline at end of file + domain: openplatform.dg-work.cn \ No newline at end of file