From e0cdc2cb51e8ad82d8e6e6cc56d8e70e70f7d114 Mon Sep 17 00:00:00 2001 From: bynt Date: Wed, 11 Jan 2023 17:26:04 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=A8=E6=88=B7=E7=99=BB?= =?UTF-8?q?=E5=BD=95token=E4=B8=8D=E4=B8=80=E8=87=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/baiye/config/AuthServerConfig.java | 21 ++---------- .../config/SingleLoginTokenServices.java | 34 ++++++++++++++++++- 2 files changed, 36 insertions(+), 19 deletions(-) diff --git a/ad-platform-auth/src/main/java/com/baiye/config/AuthServerConfig.java b/ad-platform-auth/src/main/java/com/baiye/config/AuthServerConfig.java index 9c758b3d..7b371082 100644 --- a/ad-platform-auth/src/main/java/com/baiye/config/AuthServerConfig.java +++ b/ad-platform-auth/src/main/java/com/baiye/config/AuthServerConfig.java @@ -180,23 +180,8 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter { public TokenEnhancer tokenEnhancer() { return (accessToken, authentication) -> { if (accessToken instanceof DefaultOAuth2AccessToken) { - LoginUser user = (LoginUser) authentication.getUserAuthentication().getPrincipal(); - // TODO: 2020/8/5 在token中后续添加权限信息 - /* - * 获取权限列表 - */ - String authorities = authentication.getAuthorities().stream() - .map(GrantedAuthority::getAuthority) - .collect(Collectors.joining(",")); - Map additionalInformation = new LinkedHashMap<>(16); - additionalInformation.put(SecurityConstants.DETAILS_USER_ID, user.getUser().getId()); - additionalInformation.put(SecurityConstants.USER_ROLE_LIST, user.getRoles()); - additionalInformation.put(SecurityConstants.DETAILS_USER, JSONUtil.toJsonStr(user.getUser())); - additionalInformation.put(SecurityConstants.DETAILS_USERNAME, user.getUser().getUsername()); - additionalInformation.put(SecurityConstants.DATA_SCOPES, user.getDataScopes()); - additionalInformation.put(SecurityConstants.AUTHORITIES_KEY, authorities); - ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation); - onlineUserService.saveOnlineUser(accessToken); + SingleLoginTokenServices.setUser(authentication, (DefaultOAuth2AccessToken) accessToken); + // onlineUserService.saveOnlineUser(accessToken); } return accessToken; }; @@ -216,7 +201,7 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter { } private DefaultTokenServices createDefaultTokenServices() { - DefaultTokenServices tokenServices = new SingleLoginTokenServices(isSingleLogin); + DefaultTokenServices tokenServices = new SingleLoginTokenServices(isSingleLogin, onlineUserService); tokenServices.setTokenStore(redisTokenStore()); // 支持刷新Token tokenServices.setSupportRefreshToken(Boolean.TRUE); diff --git a/ad-platform-auth/src/main/java/com/baiye/config/SingleLoginTokenServices.java b/ad-platform-auth/src/main/java/com/baiye/config/SingleLoginTokenServices.java index d0c6b075..f44e406e 100644 --- a/ad-platform-auth/src/main/java/com/baiye/config/SingleLoginTokenServices.java +++ b/ad-platform-auth/src/main/java/com/baiye/config/SingleLoginTokenServices.java @@ -1,6 +1,11 @@ package com.baiye.config; +import cn.hutool.json.JSONUtil; +import com.baiye.component.LoginUser; +import com.baiye.constant.SecurityConstants; +import com.baiye.service.IOnlineUserService; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.oauth2.common.*; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; @@ -9,7 +14,10 @@ import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.transaction.annotation.Transactional; import java.util.Date; +import java.util.LinkedHashMap; +import java.util.Map; import java.util.UUID; +import java.util.stream.Collectors; /** * 重写 DefaultTokenServices,实现登录同应用同账号互踢 @@ -23,13 +31,20 @@ public class SingleLoginTokenServices extends DefaultTokenServices { private TokenStore tokenStore; private TokenEnhancer accessTokenEnhancer; + /** * 是否登录同应用同账号互踢 */ private boolean isSingleLogin; - public SingleLoginTokenServices(boolean isSingleLogin) { + /** + * 是否登录同应用同账号互踢 + */ + private IOnlineUserService onlineUserService; + + public SingleLoginTokenServices(boolean isSingleLogin,IOnlineUserService onlineUserService) { this.isSingleLogin = isSingleLogin; + this.onlineUserService = onlineUserService; } @Override @@ -83,10 +98,27 @@ public class SingleLoginTokenServices extends DefaultTokenServices { if (refreshToken != null) { tokenStore.storeRefreshToken(refreshToken, authentication); } + setUser(authentication, (DefaultOAuth2AccessToken) accessToken); + onlineUserService.saveOnlineUser(accessToken); return accessToken; } + static void setUser(OAuth2Authentication authentication, DefaultOAuth2AccessToken accessToken) { + LoginUser user = (LoginUser) authentication.getUserAuthentication().getPrincipal(); + String authorities = authentication.getAuthorities().stream() + .map(GrantedAuthority::getAuthority) + .collect(Collectors.joining(",")); + Map additionalInformation = new LinkedHashMap<>(16); + additionalInformation.put(SecurityConstants.DETAILS_USER_ID, user.getUser().getId()); + additionalInformation.put(SecurityConstants.USER_ROLE_LIST, user.getRoles()); + additionalInformation.put(SecurityConstants.DETAILS_USER, JSONUtil.toJsonStr(user.getUser())); + additionalInformation.put(SecurityConstants.DETAILS_USERNAME, user.getUser().getUsername()); + additionalInformation.put(SecurityConstants.DATA_SCOPES, user.getDataScopes()); + additionalInformation.put(SecurityConstants.AUTHORITIES_KEY, authorities); + accessToken.setAdditionalInformation(additionalInformation); + } + private OAuth2RefreshToken createRefreshToken(OAuth2Authentication authentication) { if (!isSupportRefreshToken(authentication.getOAuth2Request())) { return null;