feat(oauth2): 对 OAuth2 Password 认证模式需要重写处理器添加强提醒
This commit is contained in:
click33
+3
@@ -104,6 +104,9 @@ public interface SaOAuth2ErrorCode {
|
||||
/** 无效的请求 Method */
|
||||
int CODE_30151 = 30151;
|
||||
|
||||
/** Password 模式认证失败 */
|
||||
int CODE_30161 = 30161;
|
||||
|
||||
/** 其它异常 */
|
||||
int CODE_30191 = 30191;
|
||||
|
||||
|
||||
+10
-5
@@ -21,7 +21,9 @@ import cn.dev33.satoken.oauth2.consts.GrantType;
|
||||
import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts;
|
||||
import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
|
||||
import cn.dev33.satoken.oauth2.data.model.request.RequestAuthModel;
|
||||
import cn.dev33.satoken.oauth2.error.SaOAuth2ErrorCode;
|
||||
import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception;
|
||||
import cn.dev33.satoken.oauth2.granttype.handler.model.PasswordAuthResult;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
|
||||
import java.util.List;
|
||||
@@ -47,10 +49,10 @@ public class PasswordGrantTypeHandler implements SaOAuth2GrantTypeHandlerInterfa
|
||||
String password = req.getParamNotNull(SaOAuth2Consts.Param.password);
|
||||
|
||||
// 3、调用API 开始登录,如果没能成功登录,则直接退出
|
||||
loginByUsernamePassword(username, password);
|
||||
Object loginId = StpUtil.getLoginIdDefaultNull();
|
||||
PasswordAuthResult passwordAuthResult = loginByUsernamePassword(username, password);
|
||||
Object loginId = passwordAuthResult.getLoginId();
|
||||
if(loginId == null) {
|
||||
throw new SaOAuth2Exception("登录失败");
|
||||
throw new SaOAuth2Exception("登录失败").setCode(SaOAuth2ErrorCode.CODE_30161);
|
||||
}
|
||||
|
||||
// 4、构建 ra 对象
|
||||
@@ -65,12 +67,15 @@ public class PasswordGrantTypeHandler implements SaOAuth2GrantTypeHandlerInterfa
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据 username、password 进行登录,如果登录失败请直接抛出异常
|
||||
* 根据 username、password 进行登录,如果登录失败请直接抛出异常或返回 loginId = null
|
||||
* @param username /
|
||||
* @param password /
|
||||
*/
|
||||
public void loginByUsernamePassword(String username, String password) {
|
||||
public PasswordAuthResult loginByUsernamePassword(String username, String password) {
|
||||
System.err.println("当前暂未重写 PasswordGrantTypeHandler 处理器,将使用默认实现,仅供开发测试");
|
||||
SaOAuth2Manager.getServerConfig().doLoginHandle.apply(username, password);
|
||||
Object loginId = StpUtil.getLoginIdDefaultNull();
|
||||
return new PasswordAuthResult(loginId);
|
||||
}
|
||||
|
||||
}
|
||||
+75
@@ -0,0 +1,75 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.oauth2.granttype.handler.model;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* Model: Password Grant_Type 认证结果
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public class PasswordAuthResult implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = -6541180061782004705L;
|
||||
|
||||
/**
|
||||
* 对应账号id
|
||||
*/
|
||||
public Object loginId;
|
||||
|
||||
/**
|
||||
* 构建一个
|
||||
*/
|
||||
public PasswordAuthResult() {
|
||||
|
||||
}
|
||||
/**
|
||||
* 构建一个
|
||||
* @param loginId 对应的账号id
|
||||
*/
|
||||
public PasswordAuthResult(Object loginId) {
|
||||
this();
|
||||
this.loginId = loginId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 对应账号id
|
||||
* @return /
|
||||
*/
|
||||
public Object getLoginId() {
|
||||
return loginId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 设置 对应账号id
|
||||
* @param loginId 对应账号id
|
||||
* @return 对象自身
|
||||
*/
|
||||
public PasswordAuthResult setLoginId(Object loginId) {
|
||||
this.loginId = loginId;
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "PasswordAuthResult{" +
|
||||
", loginId=" + loginId +
|
||||
'}';
|
||||
}
|
||||
|
||||
}
|
||||
+1
-1
@@ -173,7 +173,7 @@ public final class SaOAuth2Strategy {
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据 scope 信息对一个 AccessTokenModel 进行加工处理
|
||||
* 根据 grantType 构造一个 AccessTokenModel
|
||||
*/
|
||||
public SaOAuth2GrantTypeAuthFunction grantTypeAuth = (req) -> {
|
||||
String grantType = req.getParamNotNull(SaOAuth2Consts.Param.grant_type);
|
||||
|
||||
Reference in New Issue
Block a user