管乐团访问授权

cooleshow-auth/auth-api/src/main/java/com/yonge/cooleshow/auth/api/entity/LoginEntity.java

@@ -18,6 +18,8 @@ public class LoginEntity {
     private String deviceNum;
     //二维码code
     private String qrCode;
+    //关联帐号授权码
+    private String authToken;
     
     public Boolean getIsSurportRegister() {
 		return isSurportRegister;
@@ -82,4 +84,12 @@ public class LoginEntity {
     public void setQrCode(String qrCode) {
         this.qrCode = qrCode;
     }
+
+    public String getAuthToken() {
+        return authToken;
+    }
+
+    public void setAuthToken(String authToken) {
+        this.authToken = authToken;
+    }
 }

cooleshow-auth/auth-server/pom.xml

@@ -17,6 +17,22 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
     <dependencies>
+
+        <dependency>
+            <groupId>com.microsvc.toolkit.config</groupId>
+            <artifactId>microsvc-config-jwt</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-jwt</artifactId>
+            <version>1.0.9.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+            <version>1.2.79</version>
+        </dependency>
+
         <dependency>
             <groupId>com.yonge.toolset</groupId>
             <artifactId>toolset-mybatis</artifactId>

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/core/filter/PhoneLoginAuthenticationFilter.java

@@ -1,12 +1,8 @@
 package com.yonge.cooleshow.auth.core.filter;
 
-import java.io.IOException;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
+import com.yonge.cooleshow.auth.api.entity.LoginEntity;
+import com.yonge.cooleshow.auth.config.token.PhoneAuthenticationToken;
+import com.yonge.cooleshow.common.security.SecurityConstants;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationServiceException;
@@ -15,9 +11,11 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
-import com.yonge.cooleshow.auth.api.entity.LoginEntity;
-import com.yonge.cooleshow.auth.config.token.PhoneAuthenticationToken;
-import com.yonge.cooleshow.common.security.SecurityConstants;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 
 public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 
@@ -27,6 +25,7 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 	private static final String IS_SURPORT_REGISTER = "isSurportRegister";
 	private static final String LOGIN_USER_TYPE = "loginUserType";
 	private static final String QR_CODE = "qrCode";
+	private static final String AUTH_TOKEN = "token";
 
 	private static final String DEVICE_NUM = "deviceNum";
 
@@ -51,6 +50,7 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 		boolean isRegister = StringUtils.equals("true", request.getParameter(IS_SURPORT_REGISTER));
 		String loginUserType = obtainParameter(request, LOGIN_USER_TYPE);
 		String qrCode = obtainParameter(request, QR_CODE);
+		String authToken = obtainParameter(request, AUTH_TOKEN);
 
 		String clientId = request.getParameter(clientIdParameter).toUpperCase();
 
@@ -70,6 +70,7 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 		loginEntity.setLoginUserType(loginUserType);
 		loginEntity.setDeviceNum(deviceNum);
 		loginEntity.setQrCode(qrCode);
+		loginEntity.setAuthToken(authToken);
 
 		authRequest = new PhoneAuthenticationToken(SecurityConstants.PHONE_PRINCIPAL_PREFIX + principal, loginEntity);
 

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/core/provider/PhoneAuthenticationProvider.java

@@ -1,8 +1,15 @@
 package com.yonge.cooleshow.auth.core.provider;
 
-import java.util.Date;
-import java.util.Objects;
-
+import com.microsvc.toolkit.config.jwt.utils.RsaKeyHelper;
+import com.yonge.cooleshow.auth.api.dto.SysUserInfo;
+import com.yonge.cooleshow.auth.api.entity.LoginEntity;
+import com.yonge.cooleshow.auth.api.entity.SysUser;
+import com.yonge.cooleshow.auth.config.token.PhoneAuthenticationToken;
+import com.yonge.cooleshow.auth.service.SysUserDeviceService;
+import com.yonge.cooleshow.auth.service.SysUserService;
+import com.yonge.cooleshow.common.service.IdGeneratorService;
+import com.yonge.toolset.base.exception.BizException;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
@@ -12,16 +19,15 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.jwt.Jwt;
+import org.springframework.security.jwt.JwtHelper;
+import org.springframework.security.jwt.crypto.sign.RsaVerifier;
 import org.springframework.transaction.annotation.Transactional;
 
-import com.yonge.cooleshow.auth.api.dto.SysUserInfo;
-import com.yonge.cooleshow.auth.api.entity.LoginEntity;
-import com.yonge.cooleshow.auth.api.entity.SysUser;
-import com.yonge.cooleshow.auth.config.token.PhoneAuthenticationToken;
-import com.yonge.cooleshow.auth.service.SysUserDeviceService;
-import com.yonge.cooleshow.auth.service.SysUserService;
-import com.yonge.cooleshow.common.service.IdGeneratorService;
-
+import java.security.interfaces.RSAPublicKey;
+import java.util.Date;
+import java.util.Objects;
+@Slf4j
 public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider {
 
     private UserDetailsService userDetailsService;
@@ -49,13 +55,32 @@ public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider
 
         String smsCode = loginEntity.getSmsCode();
         String phone = loginEntity.getPhone();
+        // 二维码登录
         String qrCode = loginEntity.getQrCode();
-        if (StringUtils.isNotEmpty(qrCode) && StringUtils.isEmpty(smsCode)) {
+        // 授权Token登录
+        String authToken = loginEntity.getAuthToken();
+        if (StringUtils.isNotEmpty(qrCode)) {
             // 二维码验证
             boolean b = sysUserService.verifyQrCode(phone, qrCode);
             if (!b) {
                 throw new BadCredentialsException("二维码校验失败");
             }
+        } else if (StringUtils.isNotEmpty(authToken)) {
+            // 授权authToken登录
+            try {
+                RSAPublicKey rsaPublicKey = RsaKeyHelper.getRSAPublicKey("jmedu", "dayaedu", "jmedu.jks", "dayaedu");
+                Jwt jwt = JwtHelper.decodeAndVerify(authToken, new RsaVerifier(rsaPublicKey));
+
+                //获取jwt原始内容
+                String claims = jwt.getClaims();
+                if (StringUtils.isEmpty(claims)) {
+                    throw new BizException("三方授权登录失败");
+                }
+                log.info("retrieveUser claims={}", claims);
+            } catch (Exception e) {
+                log.error("retrieveUser authToken={}", authToken, e);
+            }
+
         } else {
             // 验证码验证
             boolean b = smsCodeService.verifyValidCode(phone, smsCode, "SMS_VERIFY_CODE_LOGIN");

cooleshow-user/user-biz/pom.xml

@@ -23,6 +23,20 @@
             <artifactId>cooleshow-common</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>com.microsvc.toolkit.config</groupId>
+            <artifactId>microsvc-config-jwt</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-jwt</artifactId>
+            <version>1.0.9.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+            <version>1.2.79</version>
+        </dependency>
 
         <dependency>
             <groupId>com.spring4all</groupId>

pom.xml

@@ -57,6 +57,14 @@
 			</dependency>
 
 			<dependency>
+				<groupId>com.microsvc.toolkit</groupId>
+				<artifactId>microsvc-dependencies-bom</artifactId>
+				<version>1.0.0</version>
+				<type>pom</type>
+				<scope>import</scope>
+			</dependency>
+
+			<dependency>
 				<groupId>com.yonge.cooleshow</groupId>
 				<artifactId>auth-api</artifactId>
 				<version>${project.cooleshow.version}</version>
@@ -215,6 +223,16 @@
 
 	<repositories>
 		<repository>
+			<id>alimaven</id>
+			<name>aliyun maven</name>
+			<url>http://maven.aliyun.com/nexus/content/groups/public/</url>
+		</repository>
+		<repository>
+			<id>anigiomaven</id>
+			<name>AnigioMaven</name>
+			<url>http://maven.anigio.com/nexus/content/groups/public/</url>
+		</repository>
+		<repository>
 			<id>spring-milestones</id>
 			<name>Spring Milestones</name>
 			<url>https://repo.spring.io/libs-milestone</url>