use of com.diboot.iam.auth.AuthService in project diboot by dibo-software.
the class BaseJwtRealm method doGetAuthenticationInfo.
/**
* 获取认证信息
* @param token
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
BaseJwtAuthToken jwtToken = (BaseJwtAuthToken) token;
String authAccount = (String) jwtToken.getPrincipal();
if (V.isEmpty(authAccount)) {
throw new AuthenticationException("无效的用户标识");
} else {
// 获取认证方式
AuthService authService = AuthServiceFactory.getAuthService(jwtToken.getAuthType());
if (authService == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("认证类型: " + jwtToken.getAuthType() + " 的AccountAuthService未实现!");
}
IamAccount account = authService.getAccount(jwtToken);
// 登录失败则抛出相关异常
if (account == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("用户账号或密码错误!");
}
// 获取当前user对象并缓存
BaseLoginUser loginUser = null;
BaseService userService = ContextHelper.getBaseServiceByEntity(jwtToken.getUserTypeClass());
if (userService != null) {
loginUser = (BaseLoginUser) userService.getEntity(account.getUserId());
} else {
throw new AuthenticationException("用户 " + jwtToken.getUserTypeClass().getName() + " 相关的Service未定义!");
}
if (loginUser == null) {
throw new AuthenticationException("用户不存在");
}
loginUser.setAuthToken(jwtToken.getAuthtoken());
IamExtensible iamExtensible = getIamUserRoleService().getIamExtensible();
if (iamExtensible != null) {
LabelValue extentionObj = iamExtensible.getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId(), jwtToken.getExtObj());
if (extentionObj != null) {
loginUser.setExtentionObj(extentionObj);
}
}
// 清空当前用户缓存
this.clearCachedAuthorizationInfo(IamSecurityUtils.getSubject().getPrincipals());
return new SimpleAuthenticationInfo(loginUser, jwtToken.getCredentials(), this.getName());
}
}
Aggregations