update 优化 !pr382 修复一些问题 完事流程逻辑

疯狂的狮子Li

2023-07-02 06588f3ad4cdc711cd349fbca25e43960bcb8562

update 优化 !pr382 修复一些问题 完事流程逻辑

 ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java

@@ -103,22 +103,21 @@
    }

    /**
     * ç¬¬ä¸‰æ–¹ç™»å½•å›žè°ƒä¸šåŠ¡å¤„理
     *  ç»‘定授权
     * @param loginBody
     * ç¬¬ä¸‰æ–¹ç™»å½•å›žè°ƒä¸šåŠ¡å¤„理 ç»‘定授权
     *
     * @param loginBody è¯·æ±‚体
     * @return ç»“æžœ
     */
    @SuppressWarnings("unchecked")
    @PostMapping("/social/callback")
    public R<LoginVo> socialLogin(@RequestBody LoginBody loginBody) {
            // èŽ·å–第三方登录信息
            AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
            AuthUser authUserData = response.getData();
            // åˆ¤æ–­æŽˆæƒå“åº”是否成功
            if (!response.ok()) {
                return R.fail(response.getMsg());
            }
            return loginService.sociaRegister(authUserData);
    public R<LoginVo> socialCallback(@RequestBody LoginBody loginBody) {
        // èŽ·å–第三方登录信息
        AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
        AuthUser authUserData = response.getData();
        // åˆ¤æ–­æŽˆæƒå“åº”是否成功
        if (!response.ok()) {
            return R.fail(response.getMsg());
        }
        return loginService.sociaRegister(authUserData);
    }



 ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java

@@ -67,13 +67,13 @@
    private final SysUserMapper userMapper;



    /**
     * ç»‘定第三方用户
     *
     * @param authUserData æŽˆæƒå“åº”实体
     * @return ç»Ÿä¸€å“åº”实体
     */
    public R<LoginVo> sociaRegister(AuthUser authUserData ){
    public R<LoginVo> sociaRegister(AuthUser authUserData) {
        SysSocialBo bo = new SysSocialBo();
        bo.setUserId(LoginHelper.getUserId());
        bo.setAuthId(authUserData.getSource() + authUserData.getUuid());
@@ -123,9 +123,9 @@

    private SysUserVo loadUserByUsername(String tenantId, String username) {
        SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
                .select(SysUser::getUserName, SysUser::getStatus)
                .eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
                .eq(SysUser::getUserName, username));
            .select(SysUser::getUserName, SysUser::getStatus)
            .eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
            .eq(SysUser::getUserName, username));
        if (ObjectUtil.isNull(user)) {
            log.info("登录用户：{} ä¸å­˜åœ¨.", username);
            throw new UserException("user.not.exists", username);
@@ -225,7 +225,7 @@
            log.info("登录租户：{} å·²è¢«åœç”¨.", tenantId);
            throw new TenantException("tenant.blocked");
        } else if (ObjectUtil.isNotNull(tenant.getExpireTime())
            && new Date().after(tenant.getExpireTime())) {
                   && new Date().after(tenant.getExpireTime())) {
            log.info("登录租户：{} å·²è¶…过有效期.", tenantId);
            throw new TenantException("tenant.expired");
        }

 ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java

ÎļþÃû´Ó ruoyi-admin/src/main/java/org/dromara/web/service/impl/socialAuthStrategy.java ÐÞ¸Ä
@@ -11,17 +11,21 @@
import me.zhyd.oauth.model.AuthUser;
import org.dromara.common.core.constant.Constants;
import org.dromara.common.core.domain.model.LoginBody;
import org.dromara.common.core.domain.model.SocialLogin;
import org.dromara.common.core.domain.model.LoginUser;
import org.dromara.common.core.enums.UserStatus;
import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.core.exception.user.UserException;
import org.dromara.common.core.utils.MessageUtils;
import org.dromara.common.core.utils.ValidatorUtils;
import org.dromara.common.core.validate.auth.SocialGroup;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.social.config.properties.SocialProperties;
import org.dromara.common.social.utils.SocialUtils;
import org.dromara.common.tenant.helper.TenantHelper;
import org.dromara.system.domain.SysClient;
import org.dromara.system.domain.SysUser;
import org.dromara.system.domain.vo.SysSocialVo;
import org.dromara.system.domain.vo.SysUserVo;
import org.dromara.system.mapper.SysUserMapper;
import org.dromara.system.service.ISysSocialService;
import org.dromara.web.domain.vo.LoginVo;
@@ -37,7 +41,7 @@
@Slf4j
@Service("social" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor
public class socialAuthStrategy implements IAuthStrategy {
public class SocialAuthStrategy implements IAuthStrategy {

    private final SocialProperties socialProperties;
    private final ISysSocialService sysSocialService;
@@ -52,13 +56,14 @@

    /**
     * ç™»å½•-第三方授权登录
     * @param clientId å®¢æˆ·ç«¯id
     *
     * @param clientId  å®¢æˆ·ç«¯id
     * @param loginBody ç™»å½•ä¿¡æ¯
     * @param client å®¢æˆ·ç«¯ä¿¡æ¯
     * @param client    å®¢æˆ·ç«¯ä¿¡æ¯
     */
    @Override
    public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
        AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody,socialProperties);
        AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
        if (!response.ok()) {
            throw new ServiceException(response.getMsg());
        }
@@ -66,30 +71,19 @@
        SysSocialVo social = sysSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid());
        if (!ObjectUtil.isNotNull(social)) {
            throw new ServiceException("你还没有绑定第三方账号，绑定后才可以登录！");
        }//验证授权表里面的租户id是否包含当前租户id
        if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(social.getTenantId())
            && !social.getTenantId().contains(loginBody.getTenantId())) {
        }
        // éªŒè¯æŽˆæƒè¡¨é‡Œé¢çš„租户id是否包含当前租户id
        String tenantId = social.getTenantId();
        if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(tenantId)
            && !tenantId.contains(loginBody.getTenantId())) {
            throw new ServiceException("对不起，你没有权限登录当前租户！");
        }
        return loadinUser(social, client);
    }

    /**
     * ç™»å½•ç”¨æˆ·ä¿¡æ¯
     *
     * @param social
     * @param client
     * @return
     */
    private LoginVo loadinUser(SysSocialVo social, SysClient client) {
        SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
            .eq(SysUser::getUserId, social.getUserId()));
        SocialLogin loginUser = new SocialLogin();
        loginUser.setUserId(user.getUserId());
        loginUser.setTenantId(user.getTenantId());
        loginUser.setUsername(user.getUserName());
        loginUser.setUserType(user.getUserType());
        // æ‰§è¡Œç™»å½•
        // æŸ¥æ‰¾ç”¨æˆ·
        SysUserVo user = loadUser(tenantId, social.getUserId());

        // æ­¤å¤„可根据登录用户的数据不同 è‡ªè¡Œåˆ›å»º loginUser å±žæ€§ä¸å¤Ÿç”¨ç»§æ‰¿æ‰©å±•å°±è¡Œäº†
        LoginUser loginUser = loginService.buildLoginUser(user);
        SaLoginModel model = new SaLoginModel();
        model.setDevice(client.getDeviceType());
        // è‡ªå®šä¹‰åˆ†é… ä¸åŒç”¨æˆ·ä½“ç³» ä¸åŒ token æŽˆæƒæ—¶é—´ ä¸è®¾ç½®é»˜è®¤èµ°å…¨å±€ yml é…ç½®
@@ -106,4 +100,22 @@
        return loginVo;
    }

    private SysUserVo loadUser(String tenantId, Long userId) {
        SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
            .select(SysUser::getUserName, SysUser::getStatus)
            .eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
            .eq(SysUser::getUserId, userId));
        if (ObjectUtil.isNull(user)) {
            log.info("登录用户：{} ä¸å­˜åœ¨.", "");
            throw new UserException("user.not.exists", "");
        } else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
            log.info("登录用户：{} å·²è¢«åœç”¨.", "");
            throw new UserException("user.blocked", "");
        }
        if (TenantHelper.isEnable()) {
            return userMapper.selectTenantUserByUserName(user.getUserName(), tenantId);
        }
        return userMapper.selectUserByUserName(user.getUserName());
    }

}

 ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java

@@ -1,7 +1,6 @@
package org.dromara.common.social.config.properties;

import lombok.Data;
import org.springframework.boot.autoconfigure.cache.CacheProperties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

@@ -20,7 +19,7 @@
    /**
     * æ˜¯å¦å¯ç”¨
     */
    private boolean enabled;
    private Boolean enabled;

    /**
     * æŽˆæƒç±»åž‹
@@ -30,11 +29,6 @@
    /**
     * æŽˆæƒè¿‡æœŸæ—¶é—´
     */
    private long timeout;

    /**
     * æŽˆæƒç¼“存配置
     */
    private CacheProperties cache = new CacheProperties();
    private Long timeout;

}

 ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java

@@ -7,6 +7,9 @@

import java.time.Duration;

/**
 * æŽˆæƒçŠ¶æ€ç¼“å­˜
 */
@AllArgsConstructor
public class AuthRedisStateCache implements AuthStateCache {


 ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java

@@ -17,6 +17,8 @@
 * @author thiszhc
 */
public class SocialUtils  {

    @SuppressWarnings("unchecked")
    public static AuthResponse<AuthUser> loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException {
        AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties);
        AuthCallback callback = new AuthCallback();
@@ -25,7 +27,7 @@
        return authRequest.login(callback);
    }

    public static AuthRequest getAuthRequest(String source,SocialProperties socialProperties) throws AuthException {
    public static AuthRequest getAuthRequest(String source, SocialProperties socialProperties) throws AuthException {
        SocialLoginConfigProperties obj = socialProperties.getType().get(source);
         if (ObjectUtil.isNull(obj)) {
            throw new AuthException("不支持的第三方登录类型");
@@ -33,106 +35,32 @@
        String clientId = obj.getClientId();
        String clientSecret = obj.getClientSecret();
        String redirectUri = obj.getRedirectUri();
        AuthRequest authRequest = null;
        switch (source.toLowerCase()) {
            case "dingtalk" ->
                authRequest = new AuthDingTalkRequest(AuthConfig.builder()
                    .clientId(clientId)
                    .clientSecret(clientSecret)
                    .redirectUri(redirectUri)
                    .build());
            case "baidu" ->
                authRequest = new AuthBaiduRequest(AuthConfig.builder()
                    .clientId(clientId)
                    .clientSecret(clientSecret)
                    .redirectUri(redirectUri)
                    .build());
            case "github" ->
                authRequest = new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "gitee" ->
                authRequest = new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "weibo" ->
                authRequest = new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "coding" ->
                authRequest = new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "oschina" ->
                authRequest = new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "alipay" ->
                // æ”¯ä»˜å®åœ¨åˆ›å»ºå›žè°ƒåœ°å€æ—¶ï¼Œä¸å…è®¸ä½¿ç”¨localhost或者127.0.0.1，所以这儿的回调地址使用的局域网内的ip
                authRequest = new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "qq" ->
                authRequest = new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "wechat_open" -> authRequest = new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId)
                .clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "csdn" ->
                //注意,经咨询CSDN官方客服得知，CSDN的授权开放平台已经下线。如果以前申请过的应用，可以继续使用，但是不再支持申请新的应用。
                // so, æœ¬é¡¹ç›®ä¸­çš„CSDN登录只能针对少部分用户使用了
                authRequest = new AuthCsdnRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "taobao" ->
                authRequest = new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "douyin" ->
                authRequest = new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "linkedin" ->
                authRequest = new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "microsoft" -> authRequest = new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId)
                .clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "mi" ->
                authRequest = new AuthMiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "toutiao" ->
                authRequest = new AuthToutiaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "teambition" -> authRequest = new AuthTeambitionRequest(AuthConfig.builder().clientId(clientId)
                .clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "pinterest" -> authRequest = new AuthPinterestRequest(AuthConfig.builder().clientId(clientId)
                .clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "renren" ->
                authRequest = new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "stack_overflow" -> authRequest = new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId)
                .clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
            case "huawei" ->
                authRequest = new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "wechat_enterprise" ->
                authRequest = new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId)
                    .clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
            case "kujiale" ->
                authRequest = new AuthKujialeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "gitlab" ->
                authRequest = new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "meituan" ->
                authRequest = new AuthMeituanRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "eleme" ->
                authRequest = new AuthElemeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "wechat_mp" ->
                authRequest = new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            case "aliyun" ->
                authRequest = new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret)
                    .redirectUri(redirectUri).build());
            default -> {
            }
        }
        if (null == authRequest) {
            throw new AuthException("未获取到有效的Auth配置");
        }
        return authRequest;
        return switch (source.toLowerCase()) {
            case "dingtalk" -> new AuthDingTalkRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "baidu" -> new AuthBaiduRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "github" -> new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "gitee" -> new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "weibo" -> new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "coding" -> new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "oschina" -> new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            // æ”¯ä»˜å®åœ¨åˆ›å»ºå›žè°ƒåœ°å€æ—¶ï¼Œä¸å…è®¸ä½¿ç”¨localhost或者127.0.0.1，所以这儿的回调地址使用的局域网内的ip
            // ä½¿ç”¨æ”¯ä»˜å®éœ€è¦æä¾›alipay公钥
            // case "alipay" -> new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), alipayPublicKey);
            case "qq" -> new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "wechat_open" -> new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "taobao" -> new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "douyin" -> new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "linkedin" -> new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "microsoft" -> new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "renren" -> new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "stack_overflow" -> new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
            case "huawei" -> new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
            case "gitlab" -> new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "wechat_mp" -> new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            case "aliyun" -> new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
            default -> throw new AuthException("未获取到有效的Auth配置");
        };
    }
}