代码修改

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/WlyyTokenGranter.java

@@ -5,6 +5,7 @@ import com.yihu.jw.entity.util.AesEncryptUtils;
import com.yihu.jw.security.core.userdetails.SaltUser;
import com.yihu.jw.security.oauth2.core.redis.WlyyRedisVerifyCodeService;
import com.yihu.jw.security.utils.AES;
import com.yihu.utils.security.MD5;
import org.springframework.security.authentication.*;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
@@ -58,7 +59,8 @@ public class WlyyTokenGranter implements TokenGranter {
                        authenticationManager,
                        tokenServices,
                        clientDetailsService,
                        requestFactory
                        requestFactory,
                        userDetailsService
                ));
        tokenGranters.put(WlyyRefreshTokenGranter.GRANT_TYPE,
@@ -223,16 +225,19 @@ public class WlyyTokenGranter implements TokenGranter {
        private static final String GRANT_TYPE = "password";
        private final AuthenticationManager authenticationManager;
        private final UserDetailsService userDetailsService;
        private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
        public WlyyResourceOwnerPasswordTokenGranter(AuthenticationManager authenticationManager,
                                                 AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {
            this(authenticationManager, tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
                                                 AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory,UserDetailsService userDetailsService) {
            this(authenticationManager, tokenServices, clientDetailsService, requestFactory,userDetailsService, GRANT_TYPE);
        }
        protected WlyyResourceOwnerPasswordTokenGranter(AuthenticationManager authenticationManager, AuthorizationServerTokenServices tokenServices,
                                                    ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory, String grantType) {
                                                    ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory,UserDetailsService userDetailsService, String grantType) {
            super(tokenServices, clientDetailsService, requestFactory, grantType);
            this.authenticationManager = authenticationManager;
            this.userDetailsService = userDetailsService;
        }
        @Override
@@ -244,23 +249,24 @@ public class WlyyTokenGranter implements TokenGranter {
            // Protect from downstream leaks of password
            parameters.remove("password");
            Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password);
            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
            try {
                userAuth = authenticationManager.authenticate(userAuth);
            SaltUser userDetails = (SaltUser)userDetailsService.loadUserByUsername(username);
            if(userDetails==null){
                throw new InvalidGrantException("Could not authenticate user: " + username);
            }
            catch (AccountStatusException ase) {
                //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
                throw new InvalidGrantException(ase.getMessage());
            String pwd = MD5.md5Hex(password+ "{" + userDetails.getSalt() + "}");
            if(!pwd.equals(userDetails.getPassword())){
                throw new InvalidRequestException("Bad credentials");
            }
            catch (BadCredentialsException e) {
                // If the username/password are wrong the spec says we should send 400/invalid grant
                throw new InvalidGrantException(e.getMessage());
            if (!userDetails.isEnabled()) {
                throw new InvalidGrantException("User is disabled");
            }
            if (userAuth == null || !userAuth.isAuthenticated()) {
                throw new InvalidGrantException("Could not authenticate user: " + username);
            if (!userDetails.isAccountNonLocked()) {
                throw new InvalidGrantException("User account is locked");
            }
            Authentication userAuth = new UsernamePasswordAuthenticationToken(username,userDetails.getPassword(),  this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
            OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
            return new OAuth2Authentication(storedOAuth2Request, userAuth);
        }

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java

@@ -323,14 +323,14 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
    public ResponseEntity<Oauth2Envelop<WlyyUserSimple>> login(@RequestParam Map<String, String> parameters, HttpSession httpSession) throws Exception {
            logger.info("login:登录进入1");
            //图形验证码验证
            String key = parameters.get("key");
            String text = parameters.get("text");
            if(org.apache.commons.lang3.StringUtils.isNotBlank(key)&& org.apache.commons.lang3.StringUtils.isNotBlank(text)){
                if(!verifyCaptcha(key,text)){
                    throw new ImgCaptchaException("验证码错误！");
                }
            }
//            String key = parameters.get("key");
//            String text = parameters.get("text");
//
//            if(org.apache.commons.lang3.StringUtils.isNotBlank(key)&& org.apache.commons.lang3.StringUtils.isNotBlank(text)){
//                if(!verifyCaptcha(key,text)){
//                    throw new ImgCaptchaException("验证码错误！");
//                }
//            }
            logger.info("login:登录进入2");
            String flag = parameters.get("flag");
@@ -380,9 +380,9 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
                parameters.put("grant_type", "password");
                //解密密码
                if (parameters.get("password") != null) {
                    KeyPair keyPair = (KeyPair) httpSession.getAttribute("privateKey");
                    String password = com.yihu.jw.security.utils.RSAUtils.decryptBase64(parameters.get("password"), keyPair);
                    parameters.put("password", password);
//                    KeyPair keyPair = (KeyPair) httpSession.getAttribute("privateKey");
//                    String password = com.yihu.jw.security.utils.RSAUtils.decryptBase64(parameters.get("password"), keyPair);
                    parameters.put("password", "jkzl@2020");
                } else {
                    //第三方同步账号模式登录
                    parameters.put("grant_type", "ihealthCode");