alis
/
alis-ruoyi-up
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update 优化 !pr382 修复一些问题 完事流程逻辑

Browse Source
feature/model
疯狂的狮子Li 1 year ago
parent 6b14778691
commit 06588f3ad4
6 changed files with 90 additions and 154 deletions
Show Stats Download Patch File Download Diff File

25
ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
Unescape Escape View File

@ -103,22 +103,21 @@ public class AuthController {
}
/**
*
*
* @param loginBody
*
*
* @param loginBody
* @return
*/
@SuppressWarnings("unchecked")
@PostMapping("/social/callback")
public R<LoginVo> socialLogin(@RequestBody LoginBody loginBody) {
// 获取第三方登录信息
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
AuthUser authUserData = response.getData();
// 判断授权响应是否成功
if (!response.ok()) {
return R.fail(response.getMsg());
}
return loginService.sociaRegister(authUserData);
public R<LoginVo> socialCallback(@RequestBody LoginBody loginBody) {
// 获取第三方登录信息
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
AuthUser authUserData = response.getData();
// 判断授权响应是否成功
if (!response.ok()) {
return R.fail(response.getMsg());
}
return loginService.sociaRegister(authUserData);
}

12
ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java
Unescape Escape View File

@ -67,13 +67,13 @@ public class SysLoginService {
private final SysUserMapper userMapper;
/**
*
*
* @param authUserData
* @return
*/
public R<LoginVo> sociaRegister(AuthUser authUserData ){
public R<LoginVo> sociaRegister(AuthUser authUserData) {
SysSocialBo bo = new SysSocialBo();
bo.setUserId(LoginHelper.getUserId());
bo.setAuthId(authUserData.getSource() + authUserData.getUuid());
@ -123,9 +123,9 @@ public class SysLoginService {
private SysUserVo loadUserByUsername(String tenantId, String username) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus)
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
.eq(SysUser::getUserName, username));
.select(SysUser::getUserName, SysUser::getStatus)
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
.eq(SysUser::getUserName, username));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new UserException("user.not.exists", username);
@ -225,7 +225,7 @@ public class SysLoginService {
log.info("登录租户:{} 已被停用.", tenantId);
throw new TenantException("tenant.blocked");
} else if (ObjectUtil.isNotNull(tenant.getExpireTime())
&& new Date().after(tenant.getExpireTime())) {
&& new Date().after(tenant.getExpireTime())) {
log.info("登录租户:{} 已超过有效期.", tenantId);
throw new TenantException("tenant.expired");
}

64
ruoyi-admin/src/main/java/org/dromara/web/service/impl/socialAuthStrategy.java → ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java
Unescape Escape View File

@ -11,17 +11,21 @@ import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthUser;
import org.dromara.common.core.constant.Constants;
import org.dromara.common.core.domain.model.LoginBody;
import org.dromara.common.core.domain.model.SocialLogin;
import org.dromara.common.core.domain.model.LoginUser;
import org.dromara.common.core.enums.UserStatus;
import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.core.exception.user.UserException;
import org.dromara.common.core.utils.MessageUtils;
import org.dromara.common.core.utils.ValidatorUtils;
import org.dromara.common.core.validate.auth.SocialGroup;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.social.config.properties.SocialProperties;
import org.dromara.common.social.utils.SocialUtils;
import org.dromara.common.tenant.helper.TenantHelper;
import org.dromara.system.domain.SysClient;
import org.dromara.system.domain.SysUser;
import org.dromara.system.domain.vo.SysSocialVo;
import org.dromara.system.domain.vo.SysUserVo;
import org.dromara.system.mapper.SysUserMapper;
import org.dromara.system.service.ISysSocialService;
import org.dromara.web.domain.vo.LoginVo;
@ -37,7 +41,7 @@ import org.springframework.stereotype.Service;
@Slf4j
@Service("social" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor
public class socialAuthStrategy implements IAuthStrategy {
public class SocialAuthStrategy implements IAuthStrategy {
private final SocialProperties socialProperties;
private final ISysSocialService sysSocialService;
@ -52,13 +56,14 @@ public class socialAuthStrategy implements IAuthStrategy {
/**
* -
* @param clientId id
*
* @param clientId id
* @param loginBody
* @param client
* @param client
*/
@Override
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody,socialProperties);
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
if (!response.ok()) {
throw new ServiceException(response.getMsg());
}
@ -66,30 +71,19 @@ public class socialAuthStrategy implements IAuthStrategy {
SysSocialVo social = sysSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid());
if (!ObjectUtil.isNotNull(social)) {
throw new ServiceException("你还没有绑定第三方账号,绑定后才可以登录!");
}//验证授权表里面的租户id是否包含当前租户id
if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(social.getTenantId())
&& !social.getTenantId().contains(loginBody.getTenantId())) {
}
// 验证授权表里面的租户id是否包含当前租户id
String tenantId = social.getTenantId();
if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(tenantId)
&& !tenantId.contains(loginBody.getTenantId())) {
throw new ServiceException("对不起,你没有权限登录当前租户!");
}
return loadinUser(social, client);
}
/**
*
*
* @param social
* @param client
* @return
*/
private LoginVo loadinUser(SysSocialVo social, SysClient client) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getUserId, social.getUserId()));
SocialLogin loginUser = new SocialLogin();
loginUser.setUserId(user.getUserId());
loginUser.setTenantId(user.getTenantId());
loginUser.setUsername(user.getUserName());
loginUser.setUserType(user.getUserType());
// 执行登录
// 查找用户
SysUserVo user = loadUser(tenantId, social.getUserId());
// 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
LoginUser loginUser = loginService.buildLoginUser(user);
SaLoginModel model = new SaLoginModel();
model.setDevice(client.getDeviceType());
// 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
@ -106,4 +100,22 @@ public class socialAuthStrategy implements IAuthStrategy {
return loginVo;
}
private SysUserVo loadUser(String tenantId, Long userId) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus)
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
.eq(SysUser::getUserId, userId));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", "");
throw new UserException("user.not.exists", "");
} else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
log.info("登录用户:{} 已被停用.", "");
throw new UserException("user.blocked", "");
}
if (TenantHelper.isEnable()) {
return userMapper.selectTenantUserByUserName(user.getUserName(), tenantId);
}
return userMapper.selectUserByUserName(user.getUserName());
}
}

10
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java
Unescape Escape View File

@ -1,7 +1,6 @@
package org.dromara.common.social.config.properties;
import lombok.Data;
import org.springframework.boot.autoconfigure.cache.CacheProperties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
@ -20,7 +19,7 @@ public class SocialProperties {
/**
*
*/
private boolean enabled;
private Boolean enabled;
/**
*
@ -30,11 +29,6 @@ public class SocialProperties {
/**
*
*/
private long timeout;
/**
*
*/
private CacheProperties cache = new CacheProperties();
private Long timeout;
}

3
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java
Unescape Escape View File

@ -7,6 +7,9 @@ import org.dromara.common.social.config.properties.SocialProperties;
import java.time.Duration;
/**
*
*/
@AllArgsConstructor
public class AuthRedisStateCache implements AuthStateCache {

130
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java
Unescape Escape View File

@ -17,6 +17,8 @@ import org.dromara.common.social.config.properties.SocialProperties;
* @author thiszhc
*/
public class SocialUtils {
@SuppressWarnings("unchecked")
public static AuthResponse<AuthUser> loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException {
AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties);
AuthCallback callback = new AuthCallback();
@ -25,7 +27,7 @@ public class SocialUtils {
return authRequest.login(callback);
}
public static AuthRequest getAuthRequest(String source,SocialProperties socialProperties) throws AuthException {
public static AuthRequest getAuthRequest(String source, SocialProperties socialProperties) throws AuthException {
SocialLoginConfigProperties obj = socialProperties.getType().get(source);
if (ObjectUtil.isNull(obj)) {
throw new AuthException("不支持的第三方登录类型");
@ -33,106 +35,32 @@ public class SocialUtils {
String clientId = obj.getClientId();
String clientSecret = obj.getClientSecret();
String redirectUri = obj.getRedirectUri();
AuthRequest authRequest = null;
switch (source.toLowerCase()) {
case "dingtalk" ->
authRequest = new AuthDingTalkRequest(AuthConfig.builder()
.clientId(clientId)
.clientSecret(clientSecret)
.redirectUri(redirectUri)
.build());
case "baidu" ->
authRequest = new AuthBaiduRequest(AuthConfig.builder()
.clientId(clientId)
.clientSecret(clientSecret)
.redirectUri(redirectUri)
.build());
case "github" ->
authRequest = new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "gitee" ->
authRequest = new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "weibo" ->
authRequest = new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "coding" ->
authRequest = new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "oschina" ->
authRequest = new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "alipay" ->
// 支付宝在创建回调地址时不允许使用localhost或者127.0.0.1所以这儿的回调地址使用的局域网内的ip
authRequest = new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "qq" ->
authRequest = new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_open" -> authRequest = new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "csdn" ->
//注意,经咨询CSDN官方客服得知CSDN的授权开放平台已经下线。如果以前申请过的应用可以继续使用但是不再支持申请新的应用。
// so, 本项目中的CSDN登录只能针对少部分用户使用了
authRequest = new AuthCsdnRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "taobao" ->
authRequest = new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "douyin" ->
authRequest = new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "linkedin" ->
authRequest = new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "microsoft" -> authRequest = new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "mi" ->
authRequest = new AuthMiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "toutiao" ->
authRequest = new AuthToutiaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "teambition" -> authRequest = new AuthTeambitionRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "pinterest" -> authRequest = new AuthPinterestRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "renren" ->
authRequest = new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "stack_overflow" -> authRequest = new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
case "huawei" ->
authRequest = new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_enterprise" ->
authRequest = new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
case "kujiale" ->
authRequest = new AuthKujialeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "gitlab" ->
authRequest = new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "meituan" ->
authRequest = new AuthMeituanRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "eleme" ->
authRequest = new AuthElemeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_mp" ->
authRequest = new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "aliyun" ->
authRequest = new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
default -> {
}
}
if (null == authRequest) {
throw new AuthException("未获取到有效的Auth配置");
}
return authRequest;
return switch (source.toLowerCase()) {
case "dingtalk" -> new AuthDingTalkRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "baidu" -> new AuthBaiduRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "github" -> new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "gitee" -> new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "weibo" -> new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "coding" -> new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "oschina" -> new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
// 支付宝在创建回调地址时不允许使用localhost或者127.0.0.1所以这儿的回调地址使用的局域网内的ip
// 使用支付宝需要提供alipay公钥
// case "alipay" -> new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), alipayPublicKey);
case "qq" -> new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "wechat_open" -> new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "taobao" -> new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "douyin" -> new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "linkedin" -> new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "microsoft" -> new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "renren" -> new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "stack_overflow" -> new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
case "huawei" -> new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
case "gitlab" -> new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "wechat_mp" -> new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "aliyun" -> new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
default -> throw new AuthException("未获取到有效的Auth配置");
};
}
}

Write Preview
Loading…
Cancel
Save