Search in sources :

Example 1 with AuthCallback

use of me.zhyd.oauth.model.AuthCallback in project matecloud by matevip.

the class SocialTokenGranter method getOAuth2Authentication.

@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
    Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());
    String code = parameters.get("code");
    String state = parameters.get("state");
    String codeFromRedis = redisService.get(PREFIX + state).toString();
    if (StrUtil.isBlank(code)) {
        throw new UserDeniedAuthorizationException("未传入请求参数");
    }
    if (codeFromRedis == null) {
        throw new UserDeniedAuthorizationException("openId已过期,请重新发起授权请求");
    }
    String oauthType = code.split("-")[0];
    code = code.split("-")[1];
    AuthRequest authRequest = factory.get(oauthType);
    AuthCallback authCallback = AuthCallback.builder().code(code).state(state).build();
    AuthResponse response = authRequest.login(authCallback);
    log.info("【response】= {}", JSON.toJSON(response));
    AuthUser authUser = null;
    // 第三方登录成功
    if (response.getCode() == AuthResponseStatus.SUCCESS.getCode()) {
        authUser = (AuthUser) response.getData();
    }
    log.error("authUser:{}", JSON.toJSON(authUser));
    Authentication userAuth = new SocialAuthenticationToken(authUser);
    ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
    try {
        userAuth = authenticationManager.authenticate(userAuth);
    } catch (AccountStatusException | BadCredentialsException ase) {
        // covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
        throw new InvalidGrantException(ase.getMessage());
    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
        throw new InvalidGrantException("Could not authenticate user: " + authUser);
    }
    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
}
Also used : AuthRequest(me.zhyd.oauth.request.AuthRequest) AuthCallback(me.zhyd.oauth.model.AuthCallback) AuthUser(me.zhyd.oauth.model.AuthUser) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) InvalidGrantException(org.springframework.security.oauth2.common.exceptions.InvalidGrantException) LinkedHashMap(java.util.LinkedHashMap) AuthResponse(me.zhyd.oauth.model.AuthResponse) SocialAuthenticationToken(vip.mate.uaa.social.SocialAuthenticationToken) AccountStatusException(org.springframework.security.authentication.AccountStatusException) UserDeniedAuthorizationException(org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException) AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) Authentication(org.springframework.security.core.Authentication)

Example 2 with AuthCallback

use of me.zhyd.oauth.model.AuthCallback in project MaxKey by dromara.

the class AbstractSocialSignOnEndpoint method authCallback.

protected String authCallback() throws Exception {
    AuthCallback authCallback = new AuthCallback();
    authCallback.setCode(WebContext.getRequest().getParameter("code"));
    authCallback.setAuth_code(WebContext.getRequest().getParameter("auth_code"));
    authCallback.setOauth_token(WebContext.getRequest().getParameter("oauthToken"));
    authCallback.setAuthorization_code(WebContext.getRequest().getParameter("authorization_code"));
    authCallback.setOauth_verifier(WebContext.getRequest().getParameter("oauthVerifier"));
    authCallback.setState(WebContext.getRequest().getParameter("state"));
    _logger.debug("Callback OAuth code {}, auth_code {}, oauthToken {}, authorization_code {}, oauthVerifier {}", authCallback.getCode(), authCallback.getAuth_code(), authCallback.getOauth_token(), authCallback.getAuthorization_code(), authCallback.getOauth_verifier());
    _logger.debug("Callback state {} , sessionId {}", authCallback.getState(), WebContext.getRequest().getSession().getId());
    authRequest = (AuthRequest) WebContext.getAttribute(SOCIALSIGNON_OAUTH_SERVICE_SESSION);
    socialSignOnProvider = (SocialsProvider) WebContext.getAttribute(SOCIALSIGNON_PROVIDER_SESSION);
    // clear session
    WebContext.removeAttribute(SOCIALSIGNON_OAUTH_SERVICE_SESSION);
    WebContext.removeAttribute(SOCIALSIGNON_PROVIDER_SESSION);
    if (authRequest == null) {
        // if authRequest is null renew one
        authRequest = socialSignOnProviderService.getAuthRequest(provider, applicationConfig);
        _logger.debug("session authRequest is null , renew one");
    }
    // State time out, re set
    if (authCallback.getState() != null) {
        authRequest.authorize(WebContext.getRequest().getSession().getId());
    }
    AuthResponse<?> authResponse = authRequest.login(authCallback);
    _logger.debug("Response  : " + authResponse.getData());
    accountId = socialSignOnProviderService.getAccountId(provider, authResponse);
    _logger.debug("getAccountId : " + accountId);
    return accountId;
}
Also used : AuthCallback(me.zhyd.oauth.model.AuthCallback)

Example 3 with AuthCallback

use of me.zhyd.oauth.model.AuthCallback in project ruoyi-vue-pro by YunaiV.

the class SocialUserServiceImpl method getAuthUser.

@Override
public AuthUser getAuthUser(Integer type, String code, String state) {
    AuthCallback authCallback = buildAuthCallback(code, state);
    // 从缓存中获取
    AuthUser authUser = authSocialUserRedisDAO.get(type, authCallback);
    if (authUser != null) {
        return authUser;
    }
    // 请求获取
    authUser = this.getAuthUser0(type, authCallback);
    // 缓存。原因是 code 有且可以使用一次。在社交登录时,当未绑定 User 时,需要绑定登录,此时需要 code 使用两次
    authSocialUserRedisDAO.set(type, authCallback, authUser);
    return authUser;
}
Also used : AuthCallback(me.zhyd.oauth.model.AuthCallback) AuthUser(me.zhyd.oauth.model.AuthUser)

Example 4 with AuthCallback

use of me.zhyd.oauth.model.AuthCallback in project solon by noear.

the class FixedSocialStrategy method authenticate.

@Override
public JapResponse authenticate(AuthenticateConfig config, JapHttpRequest request, JapHttpResponse response) {
    SocialConfig socialConfig = null;
    try {
        this.checkAuthenticateConfig(config, SocialConfig.class);
        socialConfig = (SocialConfig) config;
    } catch (JapException e) {
        return JapResponse.error(e.getErrorCode(), e.getErrorMessage());
    }
    if (socialConfig.isBindUser()) {
        return this.bind(config, request, response);
    }
    // !!! 取消 Session 校验 !!!
    // JapUser sessionUser = this.checkSession(request, response);
    // if (null != sessionUser) {
    // return JapResponse.success(sessionUser);
    // }
    AuthRequest authRequest = null;
    try {
        authRequest = Reflect.on(this).call("getAuthRequest", config).get();
    } catch (JapException e) {
        return JapResponse.error(e.getErrorCode(), e.getErrorMessage());
    }
    String source = socialConfig.getPlatform();
    AuthCallback authCallback = Reflect.on(this).call("parseRequest", request).get();
    if (Reflect.on(this).call("isCallback", source, authCallback).get()) {
        try {
            return Reflect.on(this).call("login", request, response, source, authRequest, authCallback, (SocialFunc) this::loginSuccess).get();
        } catch (JapUserException e) {
            return JapResponse.error(e.getErrorCode(), e.getErrorMessage());
        }
    }
    // If it is not a callback request, it must be a request to jump to the authorization link
    String url = authRequest.authorize(socialConfig.getState());
    return JapResponse.success(url);
}
Also used : AuthRequest(me.zhyd.oauth.request.AuthRequest) JapException(com.fujieid.jap.core.exception.JapException) AuthCallback(me.zhyd.oauth.model.AuthCallback) SocialConfig(com.fujieid.jap.social.SocialConfig) JapUserException(com.fujieid.jap.core.exception.JapUserException)

Aggregations

AuthCallback (me.zhyd.oauth.model.AuthCallback)4 AuthUser (me.zhyd.oauth.model.AuthUser)2 AuthRequest (me.zhyd.oauth.request.AuthRequest)2 JapException (com.fujieid.jap.core.exception.JapException)1 JapUserException (com.fujieid.jap.core.exception.JapUserException)1 SocialConfig (com.fujieid.jap.social.SocialConfig)1 LinkedHashMap (java.util.LinkedHashMap)1 AuthResponse (me.zhyd.oauth.model.AuthResponse)1 AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)1 AccountStatusException (org.springframework.security.authentication.AccountStatusException)1 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1 Authentication (org.springframework.security.core.Authentication)1 InvalidGrantException (org.springframework.security.oauth2.common.exceptions.InvalidGrantException)1 UserDeniedAuthorizationException (org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException)1 SocialAuthenticationToken (vip.mate.uaa.social.SocialAuthenticationToken)1