springsecurity 企业微信登入
背景 后台系统需要接入 企业微信登入,满足企业员工快速登入系统
-
流程图
-
简单代码说明
自定义一套 springsecurity 认证逻辑
- 主要就是 根据code 获取绑定用户信息 然后返回登入 token ,和qq ,微信 等第 3方登入 一个套路
// 自定义 WeChatAuthenticationProvider public class WeChatAuthenticationProvider implements AuthenticationProvider { private UserDetailsService userDetailsService; public WeChatAuthenticationProvider(UserDetailsService userDetailsService){ this.userDetailsService = userDetailsService; } @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { WeChatAuthenticationToken authenticationToken = (WeChatAuthenticationToken) authentication; String userId = (String) authenticationToken.getPrincipal(); UserDetails userDetails = userDetailsService.loadUserByUsername(userId); // 此时鉴权成功后,应当重新 new 一个拥有鉴权的 authenticationResult 返回 BrowserAuthenticationToken authenticationResult = new BrowserAuthenticationToken(userDetails, userDetails.getAuthorities()); authenticationResult.setDetails(authenticationToken.getDetails()); return authenticationResult; } @Override public boolean supports(Class<?> authentication) { // 判断 authentication 是不是 SmsCodeAuthenticationToken 的子类或子接口 return WeChatAuthenticationToken.class.isAssignableFrom(authentication); } public UserDetailsService getUserDetailsService() { return userDetailsService; } public void setUserDetailsService(UserDetailsService userDetailsService) { this.userDetailsService = userDetailsService; } } // 重写 UserDetailsService @Override public UserDetails loadUserByUsername(String code) throws UsernameNotFoundException { String weChatUserId = weChatService.getWeChatUserId(code); LambdaQueryWrapper<SysUserWechat> lambda = new QueryWrapper<SysUserWechat>().lambda(); lambda.eq(SysUserWechat::getDeleted, DataStatusEnum.NORMAL.getCode()); lambda.eq(SysUserWechat::getWechatId,weChatUserId); List<SysUserWechat> sysUserWechats = sysUserWechatService.list(lambda); if(CollectionUtils.isEmpty(sysUserWechats)){ throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_601001.getCode()); } SysUserWechat sysUserWechat = sysUserWechats.get(0); Long sysUserId = sysUserWechat.getSysUserId(); SysUser sysUser = userService.selectUserById(sysUserId); if (StringUtils.isNull(sysUser)) { throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode()); } if (UserStatus.DELETED.getCode().equals(sysUser.getDelFlag())) { throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode()); } if (UserStatus.DISABLE.getCode().equals(sysUser.getStatus())) { throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode()); } return createLoginUser(sysUser); }