|
|
@@ -0,0 +1,117 @@
|
|
|
+package org.springblade.auth.granter;
|
|
|
+
|
|
|
+import org.springblade.auth.constant.AuthConstant;
|
|
|
+import org.springblade.auth.service.BladeUserDetails;
|
|
|
+import org.springblade.auth.utils.TokenUtil;
|
|
|
+import org.springblade.common.config.MD5Util;
|
|
|
+import org.springblade.common.enums.NumberEnum;
|
|
|
+import org.springblade.core.tool.api.R;
|
|
|
+import org.springblade.core.tool.utils.DigestUtil;
|
|
|
+import org.springblade.core.tool.utils.Func;
|
|
|
+import org.springblade.core.tool.utils.SpringUtil;
|
|
|
+import org.springblade.system.feign.ISysClient;
|
|
|
+import org.springblade.system.user.entity.User;
|
|
|
+import org.springblade.system.user.entity.UserInfo;
|
|
|
+import org.springblade.system.user.enums.UserEnum;
|
|
|
+import org.springblade.system.user.feign.IUserClient;
|
|
|
+import org.springframework.security.authentication.AbstractAuthenticationToken;
|
|
|
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
+import org.springframework.security.core.Authentication;
|
|
|
+import org.springframework.security.core.authority.AuthorityUtils;
|
|
|
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|
|
+import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
|
|
|
+import org.springframework.security.oauth2.provider.*;
|
|
|
+import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
|
|
|
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
|
|
|
+import org.springframework.util.ObjectUtils;
|
|
|
+import org.springframework.util.StringUtils;
|
|
|
+
|
|
|
+import java.security.NoSuchAlgorithmException;
|
|
|
+import java.util.LinkedHashMap;
|
|
|
+import java.util.Map;
|
|
|
+import java.util.Objects;
|
|
|
+
|
|
|
+/**
|
|
|
+ * @author Rain
|
|
|
+ */
|
|
|
+public class WeChatTokenGranter extends AbstractTokenGranter {
|
|
|
+
|
|
|
+ private static final String GRANT_TYPE = "wechat";
|
|
|
+
|
|
|
+ private final IUserClient userClient;
|
|
|
+
|
|
|
+ protected WeChatTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService,
|
|
|
+ OAuth2RequestFactory oAuth2RequestFactory, IUserClient userClient) {
|
|
|
+ super(tokenServices, clientDetailsService, oAuth2RequestFactory, GRANT_TYPE);
|
|
|
+ this.userClient = userClient;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ @Override
|
|
|
+ protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
|
|
|
+ Map<String, String> requestParams = tokenRequest.getRequestParameters();
|
|
|
+ String phone = requestParams.get(TokenUtil.PHONE);
|
|
|
+ // 前端应固定传 4
|
|
|
+ String loginType = requestParams.get(TokenUtil.GRANT_TYPE_KEY);
|
|
|
+ String storeId = requestParams.get(TokenUtil.STORE_ID);
|
|
|
+ if (!StringUtils.hasText(storeId)) {
|
|
|
+ throw new UserDeniedAuthorizationException("请联系门店添加用户");
|
|
|
+ }
|
|
|
+ if (!StringUtils.hasText(loginType)) {
|
|
|
+ throw new UserDeniedAuthorizationException("缺少平台数据,请退出小程序重新登录");
|
|
|
+ }
|
|
|
+ if (!StringUtils.hasText(phone)) {
|
|
|
+ throw new UserDeniedAuthorizationException("缺少手机号,请在小程序重新授权");
|
|
|
+ }
|
|
|
+ String appletsId = requestParams.get(TokenUtil.APPLETS_ID);
|
|
|
+ String openId = requestParams.get(TokenUtil.OPEN_ID);
|
|
|
+ UserInfo userInfo = userClient.getUserInfoByPhone(phone, loginType);
|
|
|
+ if (!ObjectUtils.isEmpty(userInfo) && NumberEnum.ONE.number.equals(userInfo.getUser().getWorkingStatus())) {
|
|
|
+ throw new UserDeniedAuthorizationException(TokenUtil.USER_NOT_EXIST);
|
|
|
+ }
|
|
|
+ User saveUser = null;
|
|
|
+ boolean userInfoExist = Objects.isNull(userInfo);
|
|
|
+ if (userInfoExist) {
|
|
|
+ saveUser = new User();
|
|
|
+ saveUser.setAppletsId(appletsId);
|
|
|
+ saveUser.setTenantId("000000");
|
|
|
+ saveUser.setAccount(phone);
|
|
|
+ saveUser.setName(phone);
|
|
|
+ saveUser.setRealName(phone);
|
|
|
+ saveUser.setOpenId(openId);
|
|
|
+ saveUser.setUserType(UserEnum.WECHAT.getCategory());
|
|
|
+ saveUser.setUserTypeRole(UserEnum.WECHAT.getCategory());
|
|
|
+ saveUser.setPhone(phone);
|
|
|
+ try {
|
|
|
+ saveUser.setPassword(DigestUtil.hex(MD5Util.encryptionData("Kbs@888")));
|
|
|
+ } catch (NoSuchAlgorithmException e) {
|
|
|
+ throw new RuntimeException(e);
|
|
|
+ }
|
|
|
+ saveUser.setDeptId(storeId);
|
|
|
+ //获取注册用户类型
|
|
|
+ ISysClient sysClient = SpringUtil.getBean(ISysClient.class);
|
|
|
+ R<String> r = sysClient.getRoleIds("000000", "车主");
|
|
|
+ if (r.isSuccess() && !ObjectUtils.isEmpty(r.getData())) {
|
|
|
+ saveUser.setRoleId(r.getData());
|
|
|
+ } else {
|
|
|
+ saveUser.setRoleId("");
|
|
|
+ }
|
|
|
+ R<User> result = userClient.saveUserAndCarOwner(saveUser);
|
|
|
+ if (!result.isSuccess()) {
|
|
|
+ throw new UsernameNotFoundException(result.getMsg());
|
|
|
+ }
|
|
|
+ saveUser = result.getData();
|
|
|
+ }
|
|
|
+
|
|
|
+ Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());
|
|
|
+ User user = Objects.isNull(saveUser) ? userInfo.getUser() : saveUser;
|
|
|
+ BladeUserDetails bladeUserDetails = new BladeUserDetails(user.getId(), user.getTenantId(), null, user.getName(), user.getRealName(), user.getDeptId(),
|
|
|
+ user.getPostId(), user.getRoleId(), userInfoExist ? user.getRoleId() : Func.join(userInfo.getRoles()), "", user.getName(), AuthConstant.ENCRYPT + user.getPassword(),
|
|
|
+ userInfoExist ? null : userInfo.getDetail(), true, true, true, true, AuthorityUtils.commaSeparatedStringToAuthorityList(userInfoExist ? user.getRoleId() : Func.join(userInfo.getRoles())), user.getDeptPid());
|
|
|
+ // 组装认证数据,关闭密码校验
|
|
|
+ Authentication userAuth = new UsernamePasswordAuthenticationToken(bladeUserDetails, null, bladeUserDetails.getAuthorities());
|
|
|
+ ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
|
|
|
+ OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
|
|
|
+ return new OAuth2Authentication(storedOAuth2Request, userAuth);
|
|
|
+ }
|
|
|
+}
|
liyuan