update

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/filter/PhoneLoginAuthenticationFilter.java

@@ -55,7 +55,7 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 	protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult)
 			throws IOException, ServletException {
 		super.successfulAuthentication(request, response, chain, authResult);
-		chain.doFilter(request, response);
+		//chain.doFilter(request, response);
 	}
 
 	private void setDetails(HttpServletRequest request, AbstractAuthenticationToken authRequest) {

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/filter/UsernameAuthenticationFilter.java

@@ -71,7 +71,7 @@ public class UsernameAuthenticationFilter extends AbstractAuthenticationProcessi
 	protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
 			FilterChain chain, Authentication authResult) throws IOException, ServletException {
 		super.successfulAuthentication(request, response, chain, authResult);
-		chain.doFilter(request, response);
+		//chain.doFilter(request, response);
 	}
 
 	/**

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/handler/BaseAuthenticationSuccessEventHandler.java

@@ -1,5 +1,33 @@
 package com.ym.mec.auth.core.handler;
 
+import java.io.IOException;
+import java.util.Base64;
+import java.util.Date;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.collections.MapUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
+import org.springframework.security.oauth2.provider.ClientDetails;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Request;
+import org.springframework.security.oauth2.provider.TokenRequest;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.ym.mec.auth.api.entity.SysUser;
 import com.ym.mec.auth.api.entity.SysUserLogin;
@@ -8,17 +36,7 @@ import com.ym.mec.auth.config.constant.SecurityConstants;
 import com.ym.mec.auth.service.SysUserLoginLogService;
 import com.ym.mec.auth.service.SysUserLoginService;
 import com.ym.mec.auth.service.SysUserService;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.Date;
-import java.util.HashMap;
+import com.ym.mec.common.entity.HttpResponseResult;
 
 @Component
 public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuthenticationSuccessHandler {
@@ -31,6 +49,12 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
 	private SysUserService sysUserService;
 	@Autowired
 	private ObjectMapper objectMapper;
+	
+	@Autowired
+	private ClientDetailsService clientDetailsService;
+
+	@Autowired
+	private AuthorizationServerTokenServices defaultAuthorizationServerTokenServices;
 
 	private final static Logger logger = LoggerFactory.getLogger(BaseAuthenticationSuccessEventHandler.class);
 
@@ -65,6 +89,33 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
 		sysUserLoginLog.setLoginIp(request.getRemoteAddr());
 		sysUserLoginLog.setUserId(sysUser.getUserId());
 		sysUserLoginLogService.insert(sysUserLoginLog);
+		
+		try {
+			String clientId = request.getParameter("clientId");
+			String clientSecret = request.getParameter("clientSecret");
+			if (clientId == null || clientSecret == null) {
+				throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
+			}
+			String base64ClientCredentials = Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes());
+			HttpHeaders headers = new HttpHeaders();
+			headers.add("Authorization", "Basic " + base64ClientCredentials);
+			headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+			ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
+			TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "password");
+			OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
+
+			OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
+			OAuth2AccessToken oAuth2AccessToken = defaultAuthorizationServerTokenServices.createAccessToken(oAuth2Authentication);
+			logger.info("获取token 成功：{}", oAuth2AccessToken.getValue());
+
+			response.setContentType("application/json; charset=utf-8");
+
+			HttpResponseResult result = new HttpResponseResult(true, HttpStatus.OK.value(), oAuth2AccessToken, "");
+			response.getWriter().write(objectMapper.writeValueAsString(result));
+		} catch (IOException e) {
+			throw new BadCredentialsException("Failed to decode basic authentication token");
+		}
 	}
 
 	private SysUserLogin setUserLogin(SysUserLogin userLogin,Date date){