From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java | 66 ++++++++++++++++++--------------
1 files changed, 37 insertions(+), 29 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java
index a31ec6d..9191fca 100644
--- a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java
+++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java
@@ -7,9 +7,11 @@
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.request.*;
-import org.dromara.common.core.domain.model.LoginBody;
+import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
import org.dromara.common.social.config.properties.SocialProperties;
+import org.dromara.common.social.maxkey.AuthMaxKeyRequest;
+import org.dromara.common.social.topiam.AuthTopIamRequest;
/**
* 璁よ瘉鎺堟潈宸ュ叿绫�
@@ -18,12 +20,14 @@
*/
public class SocialUtils {
+ private static final AuthRedisStateCache STATE_CACHE = SpringUtils.getBean(AuthRedisStateCache.class);
+
@SuppressWarnings("unchecked")
- public static AuthResponse<AuthUser> loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException {
- AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties);
+ public static AuthResponse<AuthUser> loginAuth(String source, String code, String state, SocialProperties socialProperties) throws AuthException {
+ AuthRequest authRequest = getAuthRequest(source, socialProperties);
AuthCallback callback = new AuthCallback();
- callback.setCode(loginBody.getSocialCode());
- callback.setState(loginBody.getSocialState());
+ callback.setCode(code);
+ callback.setState(state);
return authRequest.login(callback);
}
@@ -32,32 +36,36 @@
if (ObjectUtil.isNull(obj)) {
throw new AuthException("涓嶆敮鎸佺殑绗笁鏂圭櫥褰曠被鍨�");
}
- String clientId = obj.getClientId();
- String clientSecret = obj.getClientSecret();
- String redirectUri = obj.getRedirectUri();
+ AuthConfig.AuthConfigBuilder builder = AuthConfig.builder()
+ .clientId(obj.getClientId())
+ .clientSecret(obj.getClientSecret())
+ .redirectUri(obj.getRedirectUri())
+ .scopes(obj.getScopes());
return switch (source.toLowerCase()) {
- case "dingtalk" -> new AuthDingTalkRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "baidu" -> new AuthBaiduRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "github" -> new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "gitee" -> new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "weibo" -> new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "coding" -> new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "oschina" -> new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
+ case "dingtalk" -> new AuthDingTalkRequest(builder.build(), STATE_CACHE);
+ case "baidu" -> new AuthBaiduRequest(builder.build(), STATE_CACHE);
+ case "github" -> new AuthGithubRequest(builder.build(), STATE_CACHE);
+ case "gitee" -> new AuthGiteeRequest(builder.build(), STATE_CACHE);
+ case "weibo" -> new AuthWeiboRequest(builder.build(), STATE_CACHE);
+ case "coding" -> new AuthCodingRequest(builder.build(), STATE_CACHE);
+ case "oschina" -> new AuthOschinaRequest(builder.build(), STATE_CACHE);
// 鏀粯瀹濆湪鍒涘缓鍥炶皟鍦板潃鏃讹紝涓嶅厑璁镐娇鐢╨ocalhost鎴栬��127.0.0.1锛屾墍浠ヨ繖鍎跨殑鍥炶皟鍦板潃浣跨敤鐨勫眬鍩熺綉鍐呯殑ip
- case "alipay" -> new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), socialProperties.getType().get("alipay").getAlipayPublicKey());
- case "qq" -> new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "wechat_open" -> new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "taobao" -> new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "douyin" -> new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "linkedin" -> new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "microsoft" -> new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "renren" -> new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "stack_overflow" -> new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build());
- case "huawei" -> new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build());
- case "gitlab" -> new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "wechat_mp" -> new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
- case "aliyun" -> new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build());
+ case "alipay_wallet" -> new AuthAlipayRequest(builder.build(), socialProperties.getType().get("alipay_wallet").getAlipayPublicKey(), STATE_CACHE);
+ case "qq" -> new AuthQqRequest(builder.build(), STATE_CACHE);
+ case "wechat_open" -> new AuthWeChatOpenRequest(builder.build(), STATE_CACHE);
+ case "taobao" -> new AuthTaobaoRequest(builder.build(), STATE_CACHE);
+ case "douyin" -> new AuthDouyinRequest(builder.build(), STATE_CACHE);
+ case "linkedin" -> new AuthLinkedinRequest(builder.build(), STATE_CACHE);
+ case "microsoft" -> new AuthMicrosoftRequest(builder.build(), STATE_CACHE);
+ case "renren" -> new AuthRenrenRequest(builder.build(), STATE_CACHE);
+ case "stack_overflow" -> new AuthStackOverflowRequest(builder.build(), STATE_CACHE);
+ case "huawei" -> new AuthHuaweiRequest(builder.build(), STATE_CACHE);
+ case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(builder.build(), STATE_CACHE);
+ case "gitlab" -> new AuthGitlabRequest(builder.build(), STATE_CACHE);
+ case "wechat_mp" -> new AuthWeChatMpRequest(builder.build(), STATE_CACHE);
+ case "aliyun" -> new AuthAliyunRequest(builder.build(), STATE_CACHE);
+ case "maxkey" -> new AuthMaxKeyRequest(builder.build(), STATE_CACHE);
+ case "topiam" -> new AuthTopIamRequest(builder.build(), STATE_CACHE);
default -> throw new AuthException("鏈幏鍙栧埌鏈夋晥鐨凙uth閰嶇疆");
};
}
--
Gitblit v1.9.3