|
|
@@ -1,5 +1,33 @@
|
|
|
package com.ym.mec.auth.core.handler;
|
|
|
|
|
|
+import java.io.IOException;
|
|
|
+import java.util.Base64;
|
|
|
+import java.util.Date;
|
|
|
+import java.util.HashMap;
|
|
|
+
|
|
|
+import javax.servlet.http.HttpServletRequest;
|
|
|
+import javax.servlet.http.HttpServletResponse;
|
|
|
+
|
|
|
+import org.apache.commons.collections.MapUtils;
|
|
|
+import org.slf4j.Logger;
|
|
|
+import org.slf4j.LoggerFactory;
|
|
|
+import org.springframework.beans.factory.annotation.Autowired;
|
|
|
+import org.springframework.http.HttpHeaders;
|
|
|
+import org.springframework.http.HttpStatus;
|
|
|
+import org.springframework.http.MediaType;
|
|
|
+import org.springframework.security.authentication.BadCredentialsException;
|
|
|
+import org.springframework.security.core.Authentication;
|
|
|
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
|
|
+import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
|
|
|
+import org.springframework.security.oauth2.provider.ClientDetails;
|
|
|
+import org.springframework.security.oauth2.provider.ClientDetailsService;
|
|
|
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
|
|
+import org.springframework.security.oauth2.provider.OAuth2Request;
|
|
|
+import org.springframework.security.oauth2.provider.TokenRequest;
|
|
|
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
|
|
|
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
|
|
+import org.springframework.stereotype.Component;
|
|
|
+
|
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
|
import com.ym.mec.auth.api.entity.SysUser;
|
|
|
import com.ym.mec.auth.api.entity.SysUserLogin;
|
|
|
@@ -8,17 +36,7 @@ import com.ym.mec.auth.config.constant.SecurityConstants;
|
|
|
import com.ym.mec.auth.service.SysUserLoginLogService;
|
|
|
import com.ym.mec.auth.service.SysUserLoginService;
|
|
|
import com.ym.mec.auth.service.SysUserService;
|
|
|
-import org.slf4j.Logger;
|
|
|
-import org.slf4j.LoggerFactory;
|
|
|
-import org.springframework.beans.factory.annotation.Autowired;
|
|
|
-import org.springframework.security.core.Authentication;
|
|
|
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
|
|
-import org.springframework.stereotype.Component;
|
|
|
-
|
|
|
-import javax.servlet.http.HttpServletRequest;
|
|
|
-import javax.servlet.http.HttpServletResponse;
|
|
|
-import java.util.Date;
|
|
|
-import java.util.HashMap;
|
|
|
+import com.ym.mec.common.entity.HttpResponseResult;
|
|
|
|
|
|
@Component
|
|
|
public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuthenticationSuccessHandler {
|
|
|
@@ -31,6 +49,12 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
|
|
|
private SysUserService sysUserService;
|
|
|
@Autowired
|
|
|
private ObjectMapper objectMapper;
|
|
|
+
|
|
|
+ @Autowired
|
|
|
+ private ClientDetailsService clientDetailsService;
|
|
|
+
|
|
|
+ @Autowired
|
|
|
+ private AuthorizationServerTokenServices defaultAuthorizationServerTokenServices;
|
|
|
|
|
|
private final static Logger logger = LoggerFactory.getLogger(BaseAuthenticationSuccessEventHandler.class);
|
|
|
|
|
|
@@ -65,6 +89,33 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
|
|
|
sysUserLoginLog.setLoginIp(request.getRemoteAddr());
|
|
|
sysUserLoginLog.setUserId(sysUser.getUserId());
|
|
|
sysUserLoginLogService.insert(sysUserLoginLog);
|
|
|
+
|
|
|
+ try {
|
|
|
+ String clientId = request.getParameter("clientId");
|
|
|
+ String clientSecret = request.getParameter("clientSecret");
|
|
|
+ if (clientId == null || clientSecret == null) {
|
|
|
+ throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
|
|
|
+ }
|
|
|
+ String base64ClientCredentials = Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes());
|
|
|
+ HttpHeaders headers = new HttpHeaders();
|
|
|
+ headers.add("Authorization", "Basic " + base64ClientCredentials);
|
|
|
+ headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
|
|
|
+
|
|
|
+ ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
|
|
|
+ TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "password");
|
|
|
+ OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
|
|
|
+
|
|
|
+ OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
|
|
|
+ OAuth2AccessToken oAuth2AccessToken = defaultAuthorizationServerTokenServices.createAccessToken(oAuth2Authentication);
|
|
|
+ logger.info("获取token 成功:{}", oAuth2AccessToken.getValue());
|
|
|
+
|
|
|
+ response.setContentType("application/json; charset=utf-8");
|
|
|
+
|
|
|
+ HttpResponseResult result = new HttpResponseResult(true, HttpStatus.OK.value(), oAuth2AccessToken, "");
|
|
|
+ response.getWriter().write(objectMapper.writeValueAsString(result));
|
|
|
+ } catch (IOException e) {
|
|
|
+ throw new BadCredentialsException("Failed to decode basic authentication token");
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
private SysUserLogin setUserLogin(SysUserLogin userLogin,Date date){
|
yonge