mirror of
https://gitee.com/hhyykk/ipms-sjy.git
synced 2025-07-10 09:05:07 +08:00
增加三方登陆的 redirect uri
This commit is contained in:
@ -24,9 +24,6 @@ import org.springframework.security.web.access.AccessDeniedHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
import top.dcenter.ums.security.core.oauth.config.Auth2AutoConfigurer;
|
||||
import top.dcenter.ums.security.core.oauth.properties.Auth2Properties;
|
||||
import top.dcenter.ums.security.core.oauth.properties.OneClickLoginProperties;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
|
||||
@ -80,15 +77,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
|
||||
@Resource
|
||||
private Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer;
|
||||
|
||||
@Autowired
|
||||
private Auth2AutoConfigurer auth2AutoConfigurer;
|
||||
@Autowired
|
||||
private Auth2Properties auth2Properties;
|
||||
@Autowired
|
||||
private OneClickLoginProperties oneClickLoginProperties;
|
||||
@Autowired
|
||||
private AbstractSignUpUrlAuthenticationSuccessHandler authenticationSuccessHandler;
|
||||
|
||||
/**
|
||||
* 由于 Spring Security 创建 AuthenticationManager 对象时,没声明 @Bean 注解,导致无法被注入
|
||||
* 通过覆写父类的该方法,添加 @Bean 注解,解决该问题
|
||||
@ -129,9 +117,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
|
||||
@Override
|
||||
protected void configure(HttpSecurity httpSecurity) throws Exception {
|
||||
httpSecurity
|
||||
// ========= start: 使用 justAuth-spring-security-starter 必须步骤 =========
|
||||
// 添加 Auth2AutoConfigurer 使 OAuth2(justAuth) login 生效.
|
||||
.apply(this.auth2AutoConfigurer).and()
|
||||
// 开启跨域
|
||||
.cors().and()
|
||||
// CSRF 禁用,因为不使用 Session
|
||||
@ -174,19 +159,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
|
||||
// 添加 JWT Filter
|
||||
httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
// // 放行第三方登录入口地址与第三方登录回调地址
|
||||
// // @formatter:off
|
||||
// httpSecurity.authorizeRequests()
|
||||
// .antMatchers(HttpMethod.GET,
|
||||
// auth2Properties.getRedirectUrlPrefix() + "/*",
|
||||
// auth2Properties.getAuthLoginUrlPrefix() + "/*")
|
||||
// .permitAll();
|
||||
// httpSecurity.authorizeRequests()
|
||||
// .antMatchers(HttpMethod.POST,
|
||||
// oneClickLoginProperties.getLoginProcessingUrl())
|
||||
// .permitAll();
|
||||
// // @formatter:on
|
||||
// // ========= end: 使用 justAuth-spring-security-starter 必须步骤 =========
|
||||
}
|
||||
|
||||
private String api(String url) {
|
||||
|
@ -1,66 +0,0 @@
|
||||
package cn.iocoder.yudao.framework.security.core;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Data;
|
||||
import me.zhyd.oauth.enums.AuthUserGender;
|
||||
import me.zhyd.oauth.model.AuthToken;
|
||||
|
||||
/**
|
||||
* @author weir
|
||||
*/
|
||||
@Data
|
||||
public class Auth2LoginUser extends LoginUser {
|
||||
/**
|
||||
* 是否为临时注册的临时用户
|
||||
*/
|
||||
private boolean isTempUser;
|
||||
/**
|
||||
* 用户第三方系统的唯一id。在调用方集成该组件时,可以用uuid + source唯一确定一个用户
|
||||
*/
|
||||
private String thirdPartyUserId;
|
||||
/**
|
||||
* 用户昵称
|
||||
*/
|
||||
private String nickname;
|
||||
/**
|
||||
* 用户头像
|
||||
*/
|
||||
private String avatar;
|
||||
/**
|
||||
* 用户网址
|
||||
*/
|
||||
private String blog;
|
||||
/**
|
||||
* 所在公司
|
||||
*/
|
||||
private String company;
|
||||
/**
|
||||
* 位置
|
||||
*/
|
||||
private String location;
|
||||
/**
|
||||
* 用户邮箱
|
||||
*/
|
||||
private String email;
|
||||
/**
|
||||
* 用户备注(各平台中的用户个人介绍)
|
||||
*/
|
||||
private String remark;
|
||||
/**
|
||||
* 性别
|
||||
*/
|
||||
private AuthUserGender gender;
|
||||
/**
|
||||
* 用户来源
|
||||
*/
|
||||
private String source;
|
||||
/**
|
||||
* 用户授权的token信息
|
||||
*/
|
||||
private AuthToken token;
|
||||
/**
|
||||
* 第三方平台返回的原始用户信息
|
||||
*/
|
||||
private JSONObject rawUserInfo;
|
||||
}
|
@ -22,24 +22,16 @@
|
||||
*/
|
||||
package cn.iocoder.yudao.framework.security.core.handler;
|
||||
|
||||
import cn.iocoder.yudao.framework.security.core.LoginUser;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
|
||||
import org.springframework.security.web.savedrequest.RequestCache;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import top.dcenter.ums.security.core.oauth.userdetails.TemporaryUser;
|
||||
import top.dcenter.ums.security.core.vo.ResponseResult;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
import static org.springframework.util.StringUtils.hasText;
|
||||
import static top.dcenter.ums.security.core.oauth.util.MvcUtil.*;
|
||||
|
||||
/**
|
||||
* @author weir
|
||||
*/
|
||||
|
Reference in New Issue
Block a user