增加三方登陆的 redirect uri

2025-07-10 17:15:07 +08:00 · 2021-10-02 00:06:54 +08:00
parent 23888c5a49
commit a56b4a7c9c
22 changed files with 258 additions and 840 deletions
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
@ -24,9 +24,6 @@ import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
-import top.dcenter.ums.security.core.oauth.config.Auth2AutoConfigurer;
-import top.dcenter.ums.security.core.oauth.properties.Auth2Properties;
-import top.dcenter.ums.security.core.oauth.properties.OneClickLoginProperties;

 import javax.annotation.Resource;

@ -80,15 +77,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
    @Resource
    private Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer;

-    @Autowired
-    private Auth2AutoConfigurer auth2AutoConfigurer;
-    @Autowired
-    private Auth2Properties auth2Properties;
-    @Autowired
-    private OneClickLoginProperties oneClickLoginProperties;
-    @Autowired
-    private AbstractSignUpUrlAuthenticationSuccessHandler authenticationSuccessHandler;
-
    /**
     * 由于 Spring Security 创建 AuthenticationManager 对象时，没声明 @Bean 注解，导致无法被注入
     * 通过覆写父类的该方法，添加 @Bean 注解，解决该问题
@ -129,9 +117,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
-                // ========= start: 使用 justAuth-spring-security-starter 必须步骤 =========
-                // 添加 Auth2AutoConfigurer 使 OAuth2(justAuth) login 生效.
-                .apply(this.auth2AutoConfigurer).and()
                // 开启跨域
                .cors().and()
                // CSRF 禁用，因为不使用 Session
@ -174,19 +159,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
        // 添加 JWT Filter
        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);

-//        // 放行第三方登录入口地址与第三方登录回调地址
-//        // @formatter:off
-//        httpSecurity.authorizeRequests()
-//                .antMatchers(HttpMethod.GET,
-//                        auth2Properties.getRedirectUrlPrefix() + "/*",
-//                        auth2Properties.getAuthLoginUrlPrefix() + "/*")
-//                .permitAll();
-//        httpSecurity.authorizeRequests()
-//                .antMatchers(HttpMethod.POST,
-//                        oneClickLoginProperties.getLoginProcessingUrl())
-//                .permitAll();
-//        // @formatter:on
-//        // ========= end: 使用 justAuth-spring-security-starter 必须步骤 =========
    }

    private String api(String url) {
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/Auth2LoginUser.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/Auth2LoginUser.java
@ -1,66 +0,0 @@
-package cn.iocoder.yudao.framework.security.core;
-
-import com.alibaba.fastjson.JSONObject;
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import me.zhyd.oauth.enums.AuthUserGender;
-import me.zhyd.oauth.model.AuthToken;
-
-/**
- * @author weir
- */
-@Data
-public class Auth2LoginUser extends LoginUser {
-    /**
-     * 是否为临时注册的临时用户
-     */
-    private boolean isTempUser;
-    /**
-     * 用户第三方系统的唯一id。在调用方集成该组件时，可以用uuid + source唯一确定一个用户
-     */
-    private String thirdPartyUserId;
-    /**
-     * 用户昵称
-     */
-    private String nickname;
-    /**
-     * 用户头像
-     */
-    private String avatar;
-    /**
-     * 用户网址
-     */
-    private String blog;
-    /**
-     * 所在公司
-     */
-    private String company;
-    /**
-     * 位置
-     */
-    private String location;
-    /**
-     * 用户邮箱
-     */
-    private String email;
-    /**
-     * 用户备注（各平台中的用户个人介绍）
-     */
-    private String remark;
-    /**
-     * 性别
-     */
-    private AuthUserGender gender;
-    /**
-     * 用户来源
-     */
-    private String source;
-    /**
-     * 用户授权的token信息
-     */
-    private AuthToken token;
-    /**
-     * 第三方平台返回的原始用户信息
-     */
-    private JSONObject rawUserInfo;
-}
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/handler/AbstractSignUpUrlAuthenticationSuccessHandler.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/handler/AbstractSignUpUrlAuthenticationSuccessHandler.java
@ -22,24 +22,16 @@
 */
 package cn.iocoder.yudao.framework.security.core.handler;

-import cn.iocoder.yudao.framework.security.core.LoginUser;
-import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
 import org.springframework.security.web.savedrequest.RequestCache;
-import org.springframework.security.web.savedrequest.SavedRequest;
-import top.dcenter.ums.security.core.oauth.userdetails.TemporaryUser;
-import top.dcenter.ums.security.core.vo.ResponseResult;

 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;

-import static org.springframework.util.StringUtils.hasText;
-import static top.dcenter.ums.security.core.oauth.util.MvcUtil.*;
-
 /**
 * @author weir
 */