jczz_unified_auth.git

parent: 477c18f0 | patch | commit | ignore whitespace

zrj

2024-06-06 14f230da5da399baf31718b5cdaed765fa1ad5e9

用户客户端设置

14 files modified

2 files added

	blade-auth/src/main/java/org/springblade/auth/granter/SocialTokenGranter.java	2 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/auth/handle/TokenFilterHandle.java	1 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetails.java	7 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java	2 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java	2 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/auth/utils/AuthUtils.java	21 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/controller/AuthClientController.java	14 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/mapper/AuthClientMapper.java	9 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/mapper/AuthClientMapper.xml	9 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/service/IAuthClientService.java	8 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/service/impl/AuthClientServiceImpl.java	21 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/user/entity/User.java	2 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/user/entity/UserOauth.java	4 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/user/mapper/UserMapper.xml	3 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/user/service/impl/UserServiceImpl.java	6 ●●●●● patch \| view \| raw \| blame \| history
	blade-auth/src/main/java/org/springblade/system/vo/ClientVO.java	10 ●●●●● patch \| view \| raw \| blame \| history

 blade-auth/src/main/java/org/springblade/auth/granter/SocialTokenGranter.java

@@ -112,7 +112,7 @@
            }
            bladeUserDetails = new BladeUserDetails(user.getId(),
                tenantId, userInfo.getOauthId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(userOauth.getAvatar(), TokenUtil.DEFAULT_AVATAR),
                userOauth.getUsername(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
                userOauth.getClientIds(),userOauth.getUsername(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
                AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(userInfo.getRoles())));
        } else {
            throw new InvalidGrantException("social grant failure, feign client return error");

 blade-auth/src/main/java/org/springblade/auth/handle/TokenFilterHandle.java

@@ -32,7 +32,6 @@
            String token = JwtUtil.getToken(auth);
            Claims claims = JwtUtil.parseJWT(token);
            if (!StringUtils.isBlank(token) && null!=claims) {
                SecurityContext context = SecurityContextHolder.getContext();
                //判断 Token 状态
                String tenantId = String.valueOf(claims.get(TokenConstant.TENANT_ID));
                String userId = String.valueOf(claims.get(TokenConstant.USER_ID));

 blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetails.java

@@ -76,11 +76,15 @@
     */
    private final String avatar;
    /**
     * 客户端id
     */
    private final String clients;
    /**
     * 用户详情
     */
    private final Kv detail;

    public BladeUserDetails(Long userId, String tenantId, String oauthId, String name, String realName, String deptId, String postId, String roleId, String roleName, String avatar, String username, String password, Kv detail, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
    public BladeUserDetails(Long userId, String tenantId, String oauthId, String name, String realName, String deptId, String postId, String roleId, String roleName, String avatar,String clients,String username, String password, Kv detail, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
        super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
        this.userId = userId;
        this.tenantId = tenantId;
@@ -93,6 +97,7 @@
        this.roleId = roleId;
        this.roleName = roleName;
        this.avatar = avatar;
        this.clients = clients;
        this.detail = detail;
    }


 blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java

@@ -151,7 +151,7 @@
            delFailCount(tenantId, username);
            return new BladeUserDetails(user.getId(),
                user.getTenantId(), StringPool.EMPTY, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
                username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
                user.getClientIds(),username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
                AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(userInfo.getRoles())));
        } else {
            throw new UsernameNotFoundException("没有找到用户信息");

 blade-auth/src/main/java/org/springblade/auth/support/BladeJwtTokenEnhancer.java

@@ -64,6 +64,8 @@
        info.put(TokenUtil.AVATAR, principal.getAvatar());
        info.put(TokenUtil.DETAIL, principal.getDetail());
        info.put(TokenUtil.LICENSE, TokenUtil.LICENSE_NAME);
        // 用户绑定的client_id
        info.put("client_ids", principal.getClients());
        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(info);

        //token状态设置

 blade-auth/src/main/java/org/springblade/auth/utils/AuthUtils.java

New file
@@ -0,0 +1,21 @@
package org.springblade.auth.utils;

import io.jsonwebtoken.Claims;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.secure.utils.AuthUtil;

public class AuthUtils extends AuthUtil {

    /**
     * 查询用户客户端id
     * @return
     */
    public static String getClientIds(){
        String auth = AuthUtil.getHeader();
        String token = JwtUtil.getToken(auth);
        Claims claims = JwtUtil.parseJWT(token);
        String clientIds = String.valueOf(claims.get("client_ids"));
        // 返回
        return clientIds;
    }
}

 blade-auth/src/main/java/org/springblade/system/controller/AuthClientController.java

@@ -17,6 +17,7 @@
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
import javax.validation.Valid;
import java.util.List;

/**
 *  应用管理控制器
@@ -98,4 +99,17 @@
    }


    /**
     * 客户端列表树
     * @param authClient
     * @return
     */
    @GetMapping("/tree")
    @ApiOperationSupport(order = 7)
    @ApiOperation(value = "分页", notes = "传入client")
    public R tree(AuthClient authClient) {
        List<AuthClient> pages = clientService.tree(authClient);
        return R.data(pages);
    }

}

 blade-auth/src/main/java/org/springblade/system/mapper/AuthClientMapper.java

@@ -17,7 +17,10 @@
package org.springblade.system.mapper;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.springblade.system.entity.AuthClient;

import java.util.List;

/**
 * Mapper 接口
@@ -26,4 +29,10 @@
 */
public interface AuthClientMapper extends BaseMapper<AuthClient> {

    /**
     * 客户端列表树
     * @param authClient
     * @return
     */
    List<AuthClient> tree(@Param("authClient") AuthClient authClient);
}

 blade-auth/src/main/java/org/springblade/system/mapper/AuthClientMapper.xml

@@ -24,4 +24,13 @@
        <result column="autoapprove" property="autoapprove"/>
    </resultMap>

    <!--客户端列表树-->
    <select id="tree" resultType="org.springblade.system.entity.AuthClient">
        select id,client_id,client_name from blade_client
        where is_deleted = 0
        <if test="authClient.clientId!=null and authClient.clientId!='' and authClient.clientId!='sys'">
            and client_id = #{authClient.clientId}
        </if>
    </select>

</mapper>

 blade-auth/src/main/java/org/springblade/system/service/IAuthClientService.java

@@ -19,6 +19,8 @@
import org.springblade.core.mp.base.BaseService;
import org.springblade.system.entity.AuthClient;

import java.util.List;

/**
 *  服务类
 *
@@ -26,4 +28,10 @@
 */
public interface IAuthClientService extends BaseService<AuthClient> {

    /**
     * 客户端列表树
     * @param authClient
     * @return
     */
    List<AuthClient> tree(AuthClient authClient);
}

 blade-auth/src/main/java/org/springblade/system/service/impl/AuthClientServiceImpl.java

@@ -16,11 +16,22 @@
 */
package org.springblade.system.service.impl;

import io.jsonwebtoken.Claims;
import org.springblade.auth.service.BladeUserDetails;
import org.springblade.auth.utils.AuthUtils;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.launch.constant.TokenConstant;
import org.springblade.core.mp.base.BaseServiceImpl;
import org.springblade.core.secure.BladeUser;
import org.springblade.core.secure.utils.AuthUtil;
import org.springblade.system.entity.AuthClient;
import org.springblade.system.mapper.AuthClientMapper;
import org.springblade.system.service.IAuthClientService;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

import java.security.Principal;
import java.util.List;

/**
 *  服务实现类
@@ -30,4 +41,14 @@
@Service
public class AuthClientServiceImpl extends BaseServiceImpl<AuthClientMapper, AuthClient> implements IAuthClientService {

    /**
     * 客户端列表树
     * @param authClient
     * @return
     */
    @Override
    public List<AuthClient> tree(AuthClient authClient) {
        authClient.setClientId(AuthUtils.getClientId());
        return baseMapper.tree(authClient);
    }
}

 blade-auth/src/main/java/org/springblade/system/user/entity/User.java

@@ -95,7 +95,7 @@
    /**
     * 客户端id
     */
    private String clientId;
    private String clientIds;


}

 blade-auth/src/main/java/org/springblade/system/user/entity/UserOauth.java

@@ -75,6 +75,10 @@
     */
    private String avatar;
    /**
     * 客户端id
     */
    private String clientIds;
    /**
     * 用户网址
     */
    private String blog;

 blade-auth/src/main/java/org/springblade/system/user/mapper/UserMapper.xml

@@ -35,6 +35,9 @@
        <if test="user.tenantId!=null and user.tenantId != ''">
            and tenant_id = #{user.tenantId}
        </if>
        <if test="user.clientIds!=null and user.clientIds != ''">
            and client_ids = #{user.clientIds}
        </if>
        <if test="user.account!=null and user.account != ''">
            and account = #{user.account}
        </if>

 blade-auth/src/main/java/org/springblade/system/user/service/impl/UserServiceImpl.java

@@ -22,6 +22,8 @@
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import lombok.AllArgsConstructor;
import org.apache.logging.log4j.util.Strings;
import org.springblade.auth.utils.AuthUtils;
import org.springblade.common.cache.DictCache;
import org.springblade.common.constant.CommonConstant;
import org.springblade.common.constant.TenantConstant;
@@ -142,6 +144,10 @@
    @Override
    public IPage<User> selectUserPage(IPage<User> page, User user, Long deptId, String tenantId) {
        List<Long> deptIdList = SysCache.getDeptChildIds(deptId);
        String clientIds = AuthUtils.getClientIds();
        if (Strings.isBlank(user.getClientIds()) && !clientIds.equals("sys")){
            user.setClientIds(AuthUtils.getClientIds());
        }
        return page.setRecords(baseMapper.selectUserPage(page, user, deptIdList, tenantId));
    }


 blade-auth/src/main/java/org/springblade/system/vo/ClientVO.java

New file
@@ -0,0 +1,10 @@
package org.springblade.system.vo;

import lombok.Data;
import org.springblade.system.entity.AuthClient;

@Data
public class ClientVO extends AuthClient {

    private String client;
}

			@@ -112,7 +112,7 @@
			}
			bladeUserDetails = new BladeUserDetails(user.getId(),
			tenantId, userInfo.getOauthId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(userOauth.getAvatar(), TokenUtil.DEFAULT_AVATAR),
			userOauth.getUsername(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
			userOauth.getClientIds(),userOauth.getUsername(), AuthConstant.ENCRYPT + user.getPassword(), detail, true, true, true, true,
			AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(userInfo.getRoles())));
			} else {
			throw new InvalidGrantException("social grant failure, feign client return error");

			@@ -32,7 +32,6 @@
			String token = JwtUtil.getToken(auth);
			Claims claims = JwtUtil.parseJWT(token);
			if (!StringUtils.isBlank(token) && null!=claims) {
			SecurityContext context = SecurityContextHolder.getContext();
			//判断 Token 状态
			String tenantId = String.valueOf(claims.get(TokenConstant.TENANT_ID));
			String userId = String.valueOf(claims.get(TokenConstant.USER_ID));

			@@ -76,11 +76,15 @@
			*/
			private final String avatar;
			/**
			* 客户端id
			*/
			private final String clients;
			/**
			* 用户详情
			*/
			private final Kv detail;

			public BladeUserDetails(Long userId, String tenantId, String oauthId, String name, String realName, String deptId, String postId, String roleId, String roleName, String avatar, String username, String password, Kv detail, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
			public BladeUserDetails(Long userId, String tenantId, String oauthId, String name, String realName, String deptId, String postId, String roleId, String roleName, String avatar,String clients,String username, String password, Kv detail, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
			super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
			this.userId = userId;
			this.tenantId = tenantId;
			@@ -93,6 +97,7 @@
			this.roleId = roleId;
			this.roleName = roleName;
			this.avatar = avatar;
			this.clients = clients;
			this.detail = detail;
			}

			@@ -151,7 +151,7 @@
			delFailCount(tenantId, username);
			return new BladeUserDetails(user.getId(),
			user.getTenantId(), StringPool.EMPTY, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
			username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
			user.getClientIds(),username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
			AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(userInfo.getRoles())));
			} else {
			throw new UsernameNotFoundException("没有找到用户信息");

			@@ -64,6 +64,8 @@
			info.put(TokenUtil.AVATAR, principal.getAvatar());
			info.put(TokenUtil.DETAIL, principal.getDetail());
			info.put(TokenUtil.LICENSE, TokenUtil.LICENSE_NAME);
			// 用户绑定的client_id
			info.put("client_ids", principal.getClients());
			((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(info);

			//token状态设置

New file
			@@ -0,0 +1,21 @@
			package org.springblade.auth.utils;

			import io.jsonwebtoken.Claims;
			import org.springblade.core.jwt.JwtUtil;
			import org.springblade.core.secure.utils.AuthUtil;

			public class AuthUtils extends AuthUtil {

			/**
			* 查询用户客户端id
			* @return
			*/
			public static String getClientIds(){
			String auth = AuthUtil.getHeader();
			String token = JwtUtil.getToken(auth);
			Claims claims = JwtUtil.parseJWT(token);
			String clientIds = String.valueOf(claims.get("client_ids"));
			// 返回
			return clientIds;
			}
			}

			@@ -17,6 +17,7 @@
			import org.springframework.web.bind.annotation.*;
			import springfox.documentation.annotations.ApiIgnore;
			import javax.validation.Valid;
			import java.util.List;

			/**
			* 应用管理控制器
			@@ -98,4 +99,17 @@
			}


			/**
			* 客户端列表树
			* @param authClient
			* @return
			*/
			@GetMapping("/tree")
			@ApiOperationSupport(order = 7)
			@ApiOperation(value = "分页", notes = "传入client")
			public R tree(AuthClient authClient) {
			List<AuthClient> pages = clientService.tree(authClient);
			return R.data(pages);
			}

			}

			@@ -17,7 +17,10 @@
			package org.springblade.system.mapper;

			import com.baomidou.mybatisplus.core.mapper.BaseMapper;
			import org.apache.ibatis.annotations.Param;
			import org.springblade.system.entity.AuthClient;

			import java.util.List;

			/**
			* Mapper 接口
			@@ -26,4 +29,10 @@
			*/
			public interface AuthClientMapper extends BaseMapper<AuthClient> {

			/**
			* 客户端列表树
			* @param authClient
			* @return
			*/
			List<AuthClient> tree(@Param("authClient") AuthClient authClient);
			}

			@@ -24,4 +24,13 @@
			<result column="autoapprove" property="autoapprove"/>
			</resultMap>

			<!--客户端列表树-->
			<select id="tree" resultType="org.springblade.system.entity.AuthClient">
			select id,client_id,client_name from blade_client
			where is_deleted = 0
			<if test="authClient.clientId!=null and authClient.clientId!='' and authClient.clientId!='sys'">
			and client_id = #{authClient.clientId}
			</if>
			</select>

			</mapper>

			@@ -19,6 +19,8 @@
			import org.springblade.core.mp.base.BaseService;
			import org.springblade.system.entity.AuthClient;

			import java.util.List;

			/**
			* 服务类
			*
			@@ -26,4 +28,10 @@
			*/
			public interface IAuthClientService extends BaseService<AuthClient> {

			/**
			* 客户端列表树
			* @param authClient
			* @return
			*/
			List<AuthClient> tree(AuthClient authClient);
			}

			@@ -16,11 +16,22 @@
			*/
			package org.springblade.system.service.impl;

			import io.jsonwebtoken.Claims;
			import org.springblade.auth.service.BladeUserDetails;
			import org.springblade.auth.utils.AuthUtils;
			import org.springblade.core.jwt.JwtUtil;
			import org.springblade.core.launch.constant.TokenConstant;
			import org.springblade.core.mp.base.BaseServiceImpl;
			import org.springblade.core.secure.BladeUser;
			import org.springblade.core.secure.utils.AuthUtil;
			import org.springblade.system.entity.AuthClient;
			import org.springblade.system.mapper.AuthClientMapper;
			import org.springblade.system.service.IAuthClientService;
			import org.springframework.security.core.context.SecurityContextHolder;
			import org.springframework.stereotype.Service;

			import java.security.Principal;
			import java.util.List;

			/**
			* 服务实现类
			@@ -30,4 +41,14 @@
			@Service
			public class AuthClientServiceImpl extends BaseServiceImpl<AuthClientMapper, AuthClient> implements IAuthClientService {

			/**
			* 客户端列表树
			* @param authClient
			* @return
			*/
			@Override
			public List<AuthClient> tree(AuthClient authClient) {
			authClient.setClientId(AuthUtils.getClientId());
			return baseMapper.tree(authClient);
			}
			}

			@@ -95,7 +95,7 @@
			/**
			* 客户端id
			*/
			private String clientId;
			private String clientIds;


			}

			@@ -75,6 +75,10 @@
			*/
			private String avatar;
			/**
			* 客户端id
			*/
			private String clientIds;
			/**
			* 用户网址
			*/
			private String blog;

			@@ -35,6 +35,9 @@
			<if test="user.tenantId!=null and user.tenantId != ''">
			and tenant_id = #{user.tenantId}
			</if>
			<if test="user.clientIds!=null and user.clientIds != ''">
			and client_ids = #{user.clientIds}
			</if>
			<if test="user.account!=null and user.account != ''">
			and account = #{user.account}
			</if>

			@@ -22,6 +22,8 @@
			import com.baomidou.mybatisplus.core.metadata.IPage;
			import com.baomidou.mybatisplus.core.toolkit.Wrappers;
			import lombok.AllArgsConstructor;
			import org.apache.logging.log4j.util.Strings;
			import org.springblade.auth.utils.AuthUtils;
			import org.springblade.common.cache.DictCache;
			import org.springblade.common.constant.CommonConstant;
			import org.springblade.common.constant.TenantConstant;
			@@ -142,6 +144,10 @@
			@Override
			public IPage<User> selectUserPage(IPage<User> page, User user, Long deptId, String tenantId) {
			List<Long> deptIdList = SysCache.getDeptChildIds(deptId);
			String clientIds = AuthUtils.getClientIds();
			if (Strings.isBlank(user.getClientIds()) && !clientIds.equals("sys")){
			user.setClientIds(AuthUtils.getClientIds());
			}
			return page.setRecords(baseMapper.selectUserPage(page, user, deptIdList, tenantId));
			}

New file
			@@ -0,0 +1,10 @@
			package org.springblade.system.vo;

			import lombok.Data;
			import org.springblade.system.entity.AuthClient;

			@Data
			public class ClientVO extends AuthClient {

			private String client;
			}