admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update 优化 !pr382 修复一些问题 完事流程逻辑

Browse Source
This commit is contained in:
疯狂的狮子Li 2023-07-02 16:13:14 +08:00
parent 6b14778691
commit 06588f3ad4
6 changed files with 90 additions and 154 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
View File

@ -103,22 +103,21 @@ public class AuthController {
} }
/** /**
* 第三方登录回调业务处理 * 第三方登录回调业务处理 绑定授权
* 绑定授权 *
* @param loginBody * @param loginBody 请求体
* @return 结果 * @return 结果
*/ */
@SuppressWarnings("unchecked")
@PostMapping("/social/callback") @PostMapping("/social/callback")
public R<LoginVo> socialLogin(@RequestBody LoginBody loginBody) { public R<LoginVo> socialCallback(@RequestBody LoginBody loginBody) {
// 获取第三方登录信息 // 获取第三方登录信息
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties); AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
AuthUser authUserData = response.getData(); AuthUser authUserData = response.getData();
// 判断授权响应是否成功 // 判断授权响应是否成功
if (!response.ok()) { if (!response.ok()) {
return R.fail(response.getMsg()); return R.fail(response.getMsg());
} }
return loginService.sociaRegister(authUserData); return loginService.sociaRegister(authUserData);
} }

12
ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java
View File

@ -67,13 +67,13 @@ public class SysLoginService {
private final SysUserMapper userMapper; private final SysUserMapper userMapper;
/** /**
* 绑定第三方用户 * 绑定第三方用户
*
* @param authUserData 授权响应实体 * @param authUserData 授权响应实体
* @return 统一响应实体 * @return 统一响应实体
*/ */
public R<LoginVo> sociaRegister(AuthUser authUserData ){ public R<LoginVo> sociaRegister(AuthUser authUserData) {
SysSocialBo bo = new SysSocialBo(); SysSocialBo bo = new SysSocialBo();
bo.setUserId(LoginHelper.getUserId()); bo.setUserId(LoginHelper.getUserId());
bo.setAuthId(authUserData.getSource() + authUserData.getUuid()); bo.setAuthId(authUserData.getSource() + authUserData.getUuid());
@ -123,9 +123,9 @@ public class SysLoginService {
private SysUserVo loadUserByUsername(String tenantId, String username) { private SysUserVo loadUserByUsername(String tenantId, String username) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>() SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus) .select(SysUser::getUserName, SysUser::getStatus)
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId) .eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
.eq(SysUser::getUserName, username)); .eq(SysUser::getUserName, username));
if (ObjectUtil.isNull(user)) { if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", username); log.info("登录用户:{} 不存在.", username);
throw new UserException("user.not.exists", username); throw new UserException("user.not.exists", username);
@ -225,7 +225,7 @@ public class SysLoginService {
log.info("登录租户:{} 已被停用.", tenantId); log.info("登录租户:{} 已被停用.", tenantId);
throw new TenantException("tenant.blocked"); throw new TenantException("tenant.blocked");
} else if (ObjectUtil.isNotNull(tenant.getExpireTime()) } else if (ObjectUtil.isNotNull(tenant.getExpireTime())
&& new Date().after(tenant.getExpireTime())) { && new Date().after(tenant.getExpireTime())) {
log.info("登录租户:{} 已超过有效期.", tenantId); log.info("登录租户:{} 已超过有效期.", tenantId);
throw new TenantException("tenant.expired"); throw new TenantException("tenant.expired");
} }

64
ruoyi-admin/src/main/java/org/dromara/web/service/impl/socialAuthStrategy.java → ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java
View File

@ -11,17 +11,21 @@ import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.model.AuthUser;
import org.dromara.common.core.constant.Constants; import org.dromara.common.core.constant.Constants;
import org.dromara.common.core.domain.model.LoginBody; import org.dromara.common.core.domain.model.LoginBody;
import org.dromara.common.core.domain.model.SocialLogin; import org.dromara.common.core.domain.model.LoginUser;
import org.dromara.common.core.enums.UserStatus;
import org.dromara.common.core.exception.ServiceException; import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.core.exception.user.UserException;
import org.dromara.common.core.utils.MessageUtils; import org.dromara.common.core.utils.MessageUtils;
import org.dromara.common.core.utils.ValidatorUtils; import org.dromara.common.core.utils.ValidatorUtils;
import org.dromara.common.core.validate.auth.SocialGroup; import org.dromara.common.core.validate.auth.SocialGroup;
import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.social.config.properties.SocialProperties; import org.dromara.common.social.config.properties.SocialProperties;
import org.dromara.common.social.utils.SocialUtils; import org.dromara.common.social.utils.SocialUtils;
import org.dromara.common.tenant.helper.TenantHelper;
import org.dromara.system.domain.SysClient; import org.dromara.system.domain.SysClient;
import org.dromara.system.domain.SysUser; import org.dromara.system.domain.SysUser;
import org.dromara.system.domain.vo.SysSocialVo; import org.dromara.system.domain.vo.SysSocialVo;
import org.dromara.system.domain.vo.SysUserVo;
import org.dromara.system.mapper.SysUserMapper; import org.dromara.system.mapper.SysUserMapper;
import org.dromara.system.service.ISysSocialService; import org.dromara.system.service.ISysSocialService;
import org.dromara.web.domain.vo.LoginVo; import org.dromara.web.domain.vo.LoginVo;
@ -37,7 +41,7 @@ import org.springframework.stereotype.Service;
@Slf4j @Slf4j
@Service("social" + IAuthStrategy.BASE_NAME) @Service("social" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor @RequiredArgsConstructor
public class socialAuthStrategy implements IAuthStrategy { public class SocialAuthStrategy implements IAuthStrategy {
private final SocialProperties socialProperties; private final SocialProperties socialProperties;
private final ISysSocialService sysSocialService; private final ISysSocialService sysSocialService;
@ -52,13 +56,14 @@ public class socialAuthStrategy implements IAuthStrategy {
/** /**
* 登录-第三方授权登录 * 登录-第三方授权登录
* @param clientId 客户端id *
* @param clientId 客户端id
* @param loginBody 登录信息 * @param loginBody 登录信息
* @param client 客户端信息 * @param client 客户端信息
*/ */
@Override @Override
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) { public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody,socialProperties); AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
if (!response.ok()) { if (!response.ok()) {
throw new ServiceException(response.getMsg()); throw new ServiceException(response.getMsg());
} }
@ -66,30 +71,19 @@ public class socialAuthStrategy implements IAuthStrategy {
SysSocialVo social = sysSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid()); SysSocialVo social = sysSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid());
if (!ObjectUtil.isNotNull(social)) { if (!ObjectUtil.isNotNull(social)) {
throw new ServiceException("你还没有绑定第三方账号,绑定后才可以登录!"); throw new ServiceException("你还没有绑定第三方账号,绑定后才可以登录!");
}//验证授权表里面的租户id是否包含当前租户id }
if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(social.getTenantId()) // 验证授权表里面的租户id是否包含当前租户id
&& !social.getTenantId().contains(loginBody.getTenantId())) { String tenantId = social.getTenantId();
if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(tenantId)
&& !tenantId.contains(loginBody.getTenantId())) {
throw new ServiceException("对不起,你没有权限登录当前租户!"); throw new ServiceException("对不起,你没有权限登录当前租户!");
} }
return loadinUser(social, client);
}
/** // 查找用户
* 登录用户信息 SysUserVo user = loadUser(tenantId, social.getUserId());
*
* @param social // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
* @param client LoginUser loginUser = loginService.buildLoginUser(user);
* @return
*/
private LoginVo loadinUser(SysSocialVo social, SysClient client) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getUserId, social.getUserId()));
SocialLogin loginUser = new SocialLogin();
loginUser.setUserId(user.getUserId());
loginUser.setTenantId(user.getTenantId());
loginUser.setUsername(user.getUserName());
loginUser.setUserType(user.getUserType());
// 执行登录
SaLoginModel model = new SaLoginModel(); SaLoginModel model = new SaLoginModel();
model.setDevice(client.getDeviceType()); model.setDevice(client.getDeviceType());
// 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
@ -106,4 +100,22 @@ public class socialAuthStrategy implements IAuthStrategy {
return loginVo; return loginVo;
} }
private SysUserVo loadUser(String tenantId, Long userId) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus)
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
.eq(SysUser::getUserId, userId));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", "");
throw new UserException("user.not.exists", "");
} else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
log.info("登录用户:{} 已被停用.", "");
throw new UserException("user.blocked", "");
}
if (TenantHelper.isEnable()) {
return userMapper.selectTenantUserByUserName(user.getUserName(), tenantId);
}
return userMapper.selectUserByUserName(user.getUserName());
}
} }

10
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java
View File

@ -1,7 +1,6 @@
package org.dromara.common.social.config.properties; package org.dromara.common.social.config.properties;
import lombok.Data; import lombok.Data;
import org.springframework.boot.autoconfigure.cache.CacheProperties;
import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -20,7 +19,7 @@ public class SocialProperties {
/** /**
* 是否启用 * 是否启用
*/ */
private boolean enabled; private Boolean enabled;
/** /**
* 授权类型 * 授权类型
@ -30,11 +29,6 @@ public class SocialProperties {
/** /**
* 授权过期时间 * 授权过期时间
*/ */
private long timeout; private Long timeout;
/**
* 授权缓存配置
*/
private CacheProperties cache = new CacheProperties();
} }

3
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java
View File

@ -7,6 +7,9 @@ import org.dromara.common.social.config.properties.SocialProperties;
import java.time.Duration; import java.time.Duration;
/**
* 授权状态缓存
*/
@AllArgsConstructor @AllArgsConstructor
public class AuthRedisStateCache implements AuthStateCache { public class AuthRedisStateCache implements AuthStateCache {

130
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java
View File

@ -17,6 +17,8 @@ import org.dromara.common.social.config.properties.SocialProperties;
* @author thiszhc * @author thiszhc
*/ */
public class SocialUtils { public class SocialUtils {
@SuppressWarnings("unchecked")
public static AuthResponse<AuthUser> loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException { public static AuthResponse<AuthUser> loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException {
AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties); AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties);
AuthCallback callback = new AuthCallback(); AuthCallback callback = new AuthCallback();
@ -25,7 +27,7 @@ public class SocialUtils {
return authRequest.login(callback); return authRequest.login(callback);
} }
public static AuthRequest getAuthRequest(String source,SocialProperties socialProperties) throws AuthException { public static AuthRequest getAuthRequest(String source, SocialProperties socialProperties) throws AuthException {
SocialLoginConfigProperties obj = socialProperties.getType().get(source); SocialLoginConfigProperties obj = socialProperties.getType().get(source);
if (ObjectUtil.isNull(obj)) { if (ObjectUtil.isNull(obj)) {
throw new AuthException("不支持的第三方登录类型"); throw new AuthException("不支持的第三方登录类型");
@ -33,106 +35,32 @@ public class SocialUtils {
String clientId = obj.getClientId(); String clientId = obj.getClientId();
String clientSecret = obj.getClientSecret(); String clientSecret = obj.getClientSecret();
String redirectUri = obj.getRedirectUri(); String redirectUri = obj.getRedirectUri();
AuthRequest authRequest = null; return switch (source.toLowerCase()) {
switch (source.toLowerCase()) { case "dingtalk" -> new AuthDingTalkRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "dingtalk" -> case "baidu" -> new AuthBaiduRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
authRequest = new AuthDingTalkRequest(AuthConfig.builder() case "github" -> new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.clientId(clientId) case "gitee" -> new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.clientSecret(clientSecret) case "weibo" -> new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.redirectUri(redirectUri) case "coding" -> new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.build()); case "oschina" -> new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "baidu" -> // 支付宝在创建回调地址时不允许使用localhost或者127.0.0.1所以这儿的回调地址使用的局域网内的ip
authRequest = new AuthBaiduRequest(AuthConfig.builder() // 使用支付宝需要提供alipay公钥
.clientId(clientId) // case "alipay" -> new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), alipayPublicKey);
.clientSecret(clientSecret) case "qq" -> new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.redirectUri(redirectUri) case "wechat_open" -> new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.build()); case "taobao" -> new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "github" -> case "douyin" -> new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
authRequest = new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret) case "linkedin" -> new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.redirectUri(redirectUri).build()); case "microsoft" -> new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "gitee" -> case "renren" -> new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
authRequest = new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret) case "stack_overflow" -> new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
.redirectUri(redirectUri).build()); case "huawei" -> new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "weibo" -> case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
authRequest = new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret) case "gitlab" -> new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
.redirectUri(redirectUri).build()); case "wechat_mp" -> new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
case "coding" -> case "aliyun" -> new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
authRequest = new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret) default -> throw new AuthException("未获取到有效的Auth配置");
.redirectUri(redirectUri).build()); };
case "oschina" ->
authRequest = new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "alipay" ->
// 支付宝在创建回调地址时不允许使用localhost或者127.0.0.1所以这儿的回调地址使用的局域网内的ip
authRequest = new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "qq" ->
authRequest = new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_open" -> authRequest = new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "csdn" ->
//注意,经咨询CSDN官方客服得知CSDN的授权开放平台已经下线如果以前申请过的应用可以继续使用但是不再支持申请新的应用
// so, 本项目中的CSDN登录只能针对少部分用户使用了
authRequest = new AuthCsdnRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "taobao" ->
authRequest = new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "douyin" ->
authRequest = new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "linkedin" ->
authRequest = new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "microsoft" -> authRequest = new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "mi" ->
authRequest = new AuthMiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "toutiao" ->
authRequest = new AuthToutiaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "teambition" -> authRequest = new AuthTeambitionRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "pinterest" -> authRequest = new AuthPinterestRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).build());
case "renren" ->
authRequest = new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "stack_overflow" -> authRequest = new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
case "huawei" ->
authRequest = new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_enterprise" ->
authRequest = new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId)
.clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
case "kujiale" ->
authRequest = new AuthKujialeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "gitlab" ->
authRequest = new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "meituan" ->
authRequest = new AuthMeituanRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "eleme" ->
authRequest = new AuthElemeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "wechat_mp" ->
authRequest = new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
case "aliyun" ->
authRequest = new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
.redirectUri(redirectUri).build());
default -> {
}
}
if (null == authRequest) {
throw new AuthException("未获取到有效的Auth配置");
}
return authRequest;
} }
} }