|
@@ -25,14 +25,23 @@
|
|
*/
|
|
*/
|
|
package org.springblade.modules.auth.utils;
|
|
package org.springblade.modules.auth.utils;
|
|
|
|
|
|
|
|
+import jakarta.servlet.http.HttpServletResponse;
|
|
import org.springblade.common.cache.SysCache;
|
|
import org.springblade.common.cache.SysCache;
|
|
|
|
+import org.springblade.core.launch.constant.TokenConstant;
|
|
import org.springblade.core.oauth2.provider.OAuth2Request;
|
|
import org.springblade.core.oauth2.provider.OAuth2Request;
|
|
|
|
+import org.springblade.core.oauth2.service.OAuth2Client;
|
|
import org.springblade.core.oauth2.service.OAuth2User;
|
|
import org.springblade.core.oauth2.service.OAuth2User;
|
|
import org.springblade.core.oauth2.service.impl.OAuth2UserDetail;
|
|
import org.springblade.core.oauth2.service.impl.OAuth2UserDetail;
|
|
|
|
+import org.springblade.core.oauth2.utils.OAuth2Util;
|
|
|
|
+import org.springblade.core.secure.TokenInfo;
|
|
|
|
+import org.springblade.core.tool.support.Kv;
|
|
import org.springblade.core.tool.utils.Func;
|
|
import org.springblade.core.tool.utils.Func;
|
|
import org.springblade.modules.system.pojo.entity.User;
|
|
import org.springblade.modules.system.pojo.entity.User;
|
|
import org.springblade.modules.system.pojo.entity.UserInfo;
|
|
import org.springblade.modules.system.pojo.entity.UserInfo;
|
|
|
|
|
|
|
|
+import java.util.HashMap;
|
|
|
|
+import java.util.Map;
|
|
|
|
+
|
|
/**
|
|
/**
|
|
* 认证工具类
|
|
* 认证工具类
|
|
*
|
|
*
|
|
@@ -83,4 +92,188 @@ public class TokenUtil {
|
|
return userDetail;
|
|
return userDetail;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ public static Kv createAuthInfo(UserInfo userInfo) {
|
|
|
|
+ Kv authInfo = Kv.create();
|
|
|
|
+ User user = userInfo.getUser();
|
|
|
|
+ OAuth2Request request = OAuth2Request.create().buildArgs();
|
|
|
|
+ OAuth2User oUser = TokenUtil.convertUser(userInfo, request);
|
|
|
|
+ String clientId = request.getClientId();
|
|
|
|
+ String clientSecret = request.getClientSecret();
|
|
|
|
+ OAuth2Client oAuth2Client = new OAuth2Client() {
|
|
|
|
+ @Override
|
|
|
|
+ public String getClientId() {
|
|
|
|
+ return clientId;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getClientSecret() {
|
|
|
|
+ return clientSecret;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getResourceIds() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getScope() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAuthorizedGrantTypes() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getWebServerRedirectUri() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAuthorities() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public Integer getAccessTokenValidity() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public Integer getRefreshTokenValidity() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAdditionalInformation() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAutoapprove() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+ };
|
|
|
|
+ oUser.setClient(oAuth2Client);
|
|
|
|
+ //设置jwt参数
|
|
|
|
+ Map<String, Object> param = new HashMap<>(16);
|
|
|
|
+ param.put(TokenConstant.TOKEN_TYPE, TokenConstant.ACCESS_TOKEN);
|
|
|
|
+ param.put(TokenConstant.TENANT_ID, user.getTenantId());
|
|
|
|
+ param.put(TokenConstant.USER_ID, Func.toStr(user.getId()));
|
|
|
|
+ param.put(TokenConstant.DEPT_ID, user.getDeptId());
|
|
|
|
+ param.put(TokenConstant.POST_ID, user.getPostId());
|
|
|
|
+ param.put(TokenConstant.ROLE_ID, user.getRoleId());
|
|
|
|
+ param.put(TokenConstant.OAUTH_ID, userInfo.getOauthId());
|
|
|
|
+ param.put(TokenConstant.ACCOUNT, user.getAccount());
|
|
|
|
+ param.put(TokenConstant.USER_NAME, user.getAccount());
|
|
|
|
+ param.put(TokenConstant.NICK_NAME, user.getName());
|
|
|
|
+ param.put(TokenConstant.REAL_NAME, user.getRealName());
|
|
|
|
+ param.put(TokenConstant.ROLE_NAME, Func.join(userInfo.getRoles()));
|
|
|
|
+ param.put(TokenConstant.DETAIL, userInfo.getDetail());
|
|
|
|
+
|
|
|
|
+ //拼装accessToken
|
|
|
|
+ try {
|
|
|
|
+ TokenInfo accessToken = OAuth2Util.createAccessToken(oUser);
|
|
|
|
+ //TokenInfo accessToken = SecureUtil.createJWT(param, "audience", "issuser", TokenConstant.ACCESS_TOKEN);
|
|
|
|
+ //返回accessToken
|
|
|
|
+ return authInfo.set(TokenConstant.TENANT_ID, user.getTenantId())
|
|
|
|
+ .set(TokenConstant.USER_ID, Func.toStr(user.getId()))
|
|
|
|
+ .set(TokenConstant.DEPT_ID, user.getDeptId())
|
|
|
|
+ .set(TokenConstant.POST_ID, user.getPostId())
|
|
|
|
+ .set(TokenConstant.ROLE_ID, user.getRoleId())
|
|
|
|
+ .set(TokenConstant.OAUTH_ID, userInfo.getOauthId())
|
|
|
|
+ .set(TokenConstant.ACCOUNT, user.getAccount())
|
|
|
|
+ .set(TokenConstant.USER_NAME, user.getAccount())
|
|
|
|
+ .set(TokenConstant.NICK_NAME, user.getName())
|
|
|
|
+ .set(TokenConstant.REAL_NAME, user.getRealName())
|
|
|
|
+ .set(TokenConstant.ROLE_NAME, Func.join(userInfo.getRoles()))
|
|
|
|
+ .set(TokenConstant.AVATAR, Func.toStr(user.getAvatar(), TokenConstant.DEFAULT_AVATAR))
|
|
|
|
+ .set(TokenConstant.ACCESS_TOKEN, accessToken.getToken())
|
|
|
|
+ .set(TokenConstant.REFRESH_TOKEN, createRefreshToken(userInfo).getToken())
|
|
|
|
+ .set(TokenConstant.TOKEN_TYPE, TokenConstant.BEARER)
|
|
|
|
+ .set(TokenConstant.EXPIRES_IN, accessToken.getExpire())
|
|
|
|
+ .set(TokenConstant.DETAIL, userInfo.getDetail())
|
|
|
|
+ .set(TokenConstant.LICENSE, TokenConstant.LICENSE_NAME);
|
|
|
|
+ } catch (Exception ex) {
|
|
|
|
+ return authInfo.set("error_code", HttpServletResponse.SC_UNAUTHORIZED).set("error_description", ex.getMessage());
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /**
|
|
|
|
+ * 创建refreshToken
|
|
|
|
+ *
|
|
|
|
+ * @param userInfo 用户信息
|
|
|
|
+ * @return refreshToken
|
|
|
|
+ */
|
|
|
|
+ private static TokenInfo createRefreshToken(UserInfo userInfo) {
|
|
|
|
+ User user = userInfo.getUser();
|
|
|
|
+ OAuth2Request request = OAuth2Request.create().buildArgs();
|
|
|
|
+ OAuth2User oUser = TokenUtil.convertUser(userInfo, request);
|
|
|
|
+ String clientId = request.getClientId();
|
|
|
|
+ String clientSecret = request.getClientSecret();
|
|
|
|
+ OAuth2Client oAuth2Client = new OAuth2Client() {
|
|
|
|
+ @Override
|
|
|
|
+ public String getClientId() {
|
|
|
|
+ return clientId;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getClientSecret() {
|
|
|
|
+ return clientSecret;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getResourceIds() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getScope() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAuthorizedGrantTypes() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getWebServerRedirectUri() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAuthorities() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public Integer getAccessTokenValidity() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public Integer getRefreshTokenValidity() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAdditionalInformation() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ @Override
|
|
|
|
+ public String getAutoapprove() {
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+ };
|
|
|
|
+ oUser.setClient(oAuth2Client);
|
|
|
|
+ Map<String, Object> param = new HashMap<>(16);
|
|
|
|
+ param.put(TokenConstant.TOKEN_TYPE, TokenConstant.REFRESH_TOKEN);
|
|
|
|
+ param.put(TokenConstant.USER_ID, Func.toStr(user.getId()));
|
|
|
|
+ param.put(TokenConstant.DEPT_ID, Func.toStr(user.getDeptId()));
|
|
|
|
+ param.put(TokenConstant.ROLE_ID, Func.toStr(user.getRoleId()));
|
|
|
|
+ return OAuth2Util.createAccessToken(oUser);
|
|
|
|
+ }
|
|
}
|
|
}
|