车间能级提升-智能设备管理系统
blame | 历史 | 原始文档
baoshiwei
2025-03-21 fc5d43e590ac5453f1e1f96fcf84f558f383ca40 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

package org.dromara.common.social.keycloak;


 


import cn.hutool.core.codec.Base64;


import cn.hutool.core.lang.Dict;


import cn.hutool.core.util.StrUtil;


import cn.hutool.http.HttpRequest;


import cn.hutool.http.HttpResponse;


import com.xkcoding.http.support.HttpHeader;


import me.zhyd.oauth.cache.AuthStateCache;


import me.zhyd.oauth.config.AuthConfig;


import me.zhyd.oauth.exception.AuthException;


import me.zhyd.oauth.model.AuthCallback;


import me.zhyd.oauth.model.AuthToken;


import me.zhyd.oauth.model.AuthUser;


import me.zhyd.oauth.request.AuthDefaultRequest;


import me.zhyd.oauth.utils.HttpUtils;


import me.zhyd.oauth.utils.UrlBuilder;


import org.dromara.common.core.domain.model.PasswordLoginBody;


import org.dromara.common.core.utils.SpringUtils;


import org.dromara.common.json.utils.JsonUtils;


 


/**


 * Keycloak OAuth2 认证请求


 */


public class AuthKeycloakRequest extends AuthDefaultRequest {


 


    public static final String SERVER_URL = SpringUtils.getProperty("justauth.type.keycloak.server-url");


    public static final String REALM = SpringUtils.getProperty("justauth.type.keycloak.realm");


 


    public AuthKeycloakRequest(AuthConfig config) {


        super(config, AuthKeycloakSource.KEYCLOAK);


    }


 


    public AuthKeycloakRequest(AuthConfig config, AuthStateCache authStateCache) {


        super(config, AuthKeycloakSource.KEYCLOAK, authStateCache);


    }


 


 


    public  AuthToken getAccessToken(PasswordLoginBody loginBody) {


 


        HttpRequest request = HttpRequest.post(SERVER_URL + "/realms/" + REALM + "/protocol/openid-connect/token")


            .form("grant_type", "password")


            .form("client_id", config.getClientId())


            .form("client_secret", config.getClientSecret())


            .form("username", loginBody.getUsername())


            .form("password", loginBody.getPassword())


            .form("scope", "openid");


 


        HttpResponse response = request.execute();


 


        Dict object = JsonUtils.parseMap(response.body());


 


        if (object.containsKey("error")) {


            throw new AuthException(object.getStr("error_description"));


        }


        if (object.containsKey("message")) {


            throw new AuthException(object.getStr("message"));


        }


        return AuthToken.builder()


            .accessToken(object.getStr("access_token"))


            .refreshToken(object.getStr("refresh_token"))


            .idToken(object.getStr("id_token"))


            .tokenType(object.getStr("token_type"))


            .expireIn(object.getInt("expires_in"))


            .build();


    }


 


    @Override


    public AuthToken getAccessToken(AuthCallback authCallback) {


        String body = doPostAuthorizationCode(authCallback.getCode());


        Dict object = JsonUtils.parseMap(body);


 


        if (object.containsKey("error")) {


            throw new AuthException(object.getStr("error_description"));


        }


        if (object.containsKey("message")) {


            throw new AuthException(object.getStr("message"));


        }


 


        return AuthToken.builder()


            .accessToken(object.getStr("access_token"))


            .refreshToken(object.getStr("refresh_token"))


            .idToken(object.getStr("id_token"))


            .tokenType(object.getStr("token_type"))


            .expireIn(object.getInt("expires_in"))


            .build();


    }


 


    @Override


    public AuthUser getUserInfo(AuthToken authToken) {


        String body = doGetUserInfo(authToken);


        Dict object = JsonUtils.parseMap(body);


 


        if (object.containsKey("error")) {


            throw new AuthException(object.getStr("error_description"));


        }


        if (object.containsKey("message")) {


            throw new AuthException(object.getStr("message"));


        }


 


        return AuthUser.builder()


            .uuid(object.getStr("sub"))


            .username(object.getStr("preferred_username"))


            .nickname(object.getStr("name"))


            .email(object.getStr("email"))


            .token(authToken)


            .source(this.source.toString())


            .build();


    }


 


    @Override


    protected String doPostAuthorizationCode(String code) {


        HttpRequest request = HttpRequest.post(source.accessToken())


            .header("Authorization", "Basic " + Base64.encode("%s:%s".formatted(config.getClientId(), config.getClientSecret())))


            .form("grant_type", "authorization_code")


            .form("code", code)


            .form("redirect_uri", config.getRedirectUri());


        HttpResponse response = request.execute();


        return response.body();


    }


 


    @Override


    protected String doGetUserInfo(AuthToken authToken) {


        try {


            return new HttpUtils(config.getHttpConfig()).get(source.userInfo(), null, new HttpHeader()


                .add("Content-Type", "application/json")


                .add("Authorization", "Bearer " + authToken.getAccessToken()), false).getBody();


        } catch (Exception e) {


            e.printStackTrace();


        }


        return null;


    }


 


    @Override


    public String authorize(String state) {


        return UrlBuilder.fromBaseUrl(super.authorize(state))


            .queryParam("scope", StrUtil.join("%20", config.getScopes()))


            .build();


    }


 


 


 


 


}