Spring Cloud

springsecurity 企业微信登入

2022-02-07  本文已影响0人  川流不息attitude

springsecurity 企业微信登入

背景 后台系统需要接入 企业微信登入,满足企业员工快速登入系统

  1. 流程图
image.png
  1. 简单代码说明

    自定义一套 springsecurity 认证逻辑

    • 主要就是 根据code 获取绑定用户信息 然后返回登入 token ,和qq ,微信 等第 3方登入 一个套路
    
    // 自定义 WeChatAuthenticationProvider
    public class WeChatAuthenticationProvider  implements AuthenticationProvider {
    
        private UserDetailsService userDetailsService;
    
        public WeChatAuthenticationProvider(UserDetailsService userDetailsService){
            this.userDetailsService = userDetailsService;
        }
    
        @Override
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            WeChatAuthenticationToken authenticationToken = (WeChatAuthenticationToken) authentication;
    
            String userId = (String) authenticationToken.getPrincipal();
    
            UserDetails userDetails = userDetailsService.loadUserByUsername(userId);
    
            // 此时鉴权成功后,应当重新 new 一个拥有鉴权的 authenticationResult 返回
            BrowserAuthenticationToken authenticationResult = new BrowserAuthenticationToken(userDetails, userDetails.getAuthorities());
    
            authenticationResult.setDetails(authenticationToken.getDetails());
    
            return authenticationResult;
        }
    
    
        @Override
        public boolean supports(Class<?> authentication) {
            // 判断 authentication 是不是 SmsCodeAuthenticationToken 的子类或子接口
            return WeChatAuthenticationToken.class.isAssignableFrom(authentication);
        }
    
        public UserDetailsService getUserDetailsService() {
            return userDetailsService;
        }
    
        public void setUserDetailsService(UserDetailsService userDetailsService) {
            this.userDetailsService = userDetailsService;
        }
    }
    
    // 重写 UserDetailsService
        @Override
        public UserDetails loadUserByUsername(String code) throws UsernameNotFoundException {
            String weChatUserId = weChatService.getWeChatUserId(code);
            LambdaQueryWrapper<SysUserWechat> lambda = new QueryWrapper<SysUserWechat>().lambda();
            lambda.eq(SysUserWechat::getDeleted, DataStatusEnum.NORMAL.getCode());
            lambda.eq(SysUserWechat::getWechatId,weChatUserId);
            List<SysUserWechat> sysUserWechats = sysUserWechatService.list(lambda);
    
            if(CollectionUtils.isEmpty(sysUserWechats)){
                throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_601001.getCode());
            }
            SysUserWechat sysUserWechat = sysUserWechats.get(0);
            Long sysUserId = sysUserWechat.getSysUserId();
            SysUser sysUser = userService.selectUserById(sysUserId);
            if (StringUtils.isNull(sysUser)) {
                throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
            }
            if (UserStatus.DELETED.getCode().equals(sysUser.getDelFlag())) {
                throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
            }
            if (UserStatus.DISABLE.getCode().equals(sysUser.getStatus())) {
                throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
            }
    
            return createLoginUser(sysUser);
        }
    
上一篇下一篇

猜你喜欢

热点阅读