3 年之前 · 036c3d0a67
--- a/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/WlyyTokenGranter.java
+++ b/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/WlyyTokenGranter.java
@ -116,6 +116,14 @@ public class WlyyTokenGranter implements TokenGranter {
 
				                        requestFactory,
			
 
				                        userDetailsService
			
 
				                ));
			
 
				        tokenGranters.put(DingTalkTokenGranter.GRANT_TYPE,
			
 
				                new DingTalkTokenGranter(
			
 
				                        authenticationManager,
			
 
				                        tokenServices,
			
 
				                        clientDetailsService,
			
 
				                        requestFactory,
			
 
				                        userDetailsService
			
 
				                ));
			
 
				    }
			
 
				
			
 
				    public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
			
@ -576,6 +584,56 @@ public class WlyyTokenGranter implements TokenGranter {
 
				                throw new InvalidGrantException("User account is locked");
			
 
				            }
			
 
				
			
 
				//            parameters.put("password",userDetails.getPassword());
			
 
				            Authentication userAuth = new UsernamePasswordAuthenticationToken(username,userDetails.getPassword(),  this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
			
 
				            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
			
 
				            OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
			
 
				            return new OAuth2Authentication(storedOAuth2Request, userAuth);
			
 
				        }
			
 
				    }
			
 
				
			
 
				    /**
			
 
				     * 钉钉免登录
			
 
				     */
			
 
				    public static class DingTalkTokenGranter extends AbstractTokenGranter {
			
 
				        private static final String GRANT_TYPE = "dingTalk";
			
 
				
			
 
				        private final AuthenticationManager authenticationManager;
			
 
				        private final UserDetailsService userDetailsService;
			
 
				        private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
			
 
				
			
 
				        public DingTalkTokenGranter(AuthenticationManager authenticationManager,
			
 
				                                  AuthorizationServerTokenServices tokenServices,
			
 
				                                  ClientDetailsService clientDetailsService,
			
 
				                                  OAuth2RequestFactory requestFactory,
			
 
				                                  UserDetailsService userDetailsService) {
			
 
				            this(authenticationManager, tokenServices, clientDetailsService, requestFactory, userDetailsService, GRANT_TYPE);
			
 
				        }
			
 
				
			
 
				        protected DingTalkTokenGranter(AuthenticationManager authenticationManager,
			
 
				                                     AuthorizationServerTokenServices tokenServices,
			
 
				                                     ClientDetailsService clientDetailsService,
			
 
				                                     OAuth2RequestFactory requestFactory,
			
 
				                                     UserDetailsService userDetailsService,
			
 
				                                     String grantType) {
			
 
				            super(tokenServices, clientDetailsService, requestFactory, grantType);
			
 
				            this.authenticationManager = authenticationManager;
			
 
				            this.userDetailsService = userDetailsService;
			
 
				        }
			
 
				
			
 
				        @Override
			
 
				        protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
			
 
				
			
 
				            Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
			
 
				            String username = parameters.get("username");
			
 
				            SaltUser userDetails = (SaltUser)userDetailsService.loadUserByUsername(username);
			
 
				            if (!userDetails.isEnabled()) {
			
 
				                throw new InvalidGrantException("User is disabled");
			
 
				            }
			
 
				            if (!userDetails.isAccountNonLocked()) {
			
 
				                throw new InvalidGrantException("User account is locked");
			
 
				            }
			
 
				
			
 
				//            parameters.put("password",userDetails.getPassword());
			
 
				            Authentication userAuth = new UsernamePasswordAuthenticationToken(username,userDetails.getPassword(),  this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
			
 
				            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
			
--- a/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java
+++ b/server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java
@ -300,6 +300,24 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
 
				                String data[] = encdata.split(":");
			
 
				                username = data[1];
			
 
				                parameters.put("username", username);
			
 
				            }else if("dingTalk".equals(flag)){
			
 
				                //钉钉免登录
			
 
				                parameters.put("grant_type", "dingTalk");
			
 
				                String authCode = parameters.get("authCode");
			
 
				                if(org.apache.commons.lang3.StringUtils.isBlank(authCode)){
			
 
				                    throw new InvalidRequestException("请求参数错误");
			
 
				                }
			
 
				                String registerRes= httpClientUtil.get("http://127.0.0.1:10301/doctor/dingtalk_app_user?authCode="+authCode,"UTF-8");
			
 
				                JSONObject jsonObject= JSONObject.parseObject(registerRes);
			
 
				                if (jsonObject.getInteger("status") == 200){
			
 
				                    parameters.put("username", jsonObject.getString("message"));
			
 
				                }else{
			
 
				                    HttpHeaders headers = new HttpHeaders();
			
 
				                    headers.set("Cache-Control", "no-store");
			
 
				                    headers.set("Pragma", "no-cache");
			
 
				                    Oauth2Envelop<WlyyUserSimple> oauth2Envelop = new Oauth2Envelop<>(jsonObject.getString("message"), -1, null);
			
 
				                    return new ResponseEntity<>(oauth2Envelop, headers, HttpStatus.OK);
			
 
				                }
			
 
				            }else if (StringUtils.isEmpty(parameters.get("captcha"))) {
			
 
				                parameters.put("grant_type", "password");
			
 
				                //解密密码