|
|
|
@ -1,6 +1,11 @@
|
|
|
|
|
package com.baiye.config;
|
|
|
|
|
|
|
|
|
|
import cn.hutool.json.JSONUtil;
|
|
|
|
|
import com.baiye.component.LoginUser;
|
|
|
|
|
import com.baiye.constant.SecurityConstants;
|
|
|
|
|
import com.baiye.service.IOnlineUserService;
|
|
|
|
|
import org.springframework.security.core.AuthenticationException;
|
|
|
|
|
import org.springframework.security.core.GrantedAuthority;
|
|
|
|
|
import org.springframework.security.oauth2.common.*;
|
|
|
|
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
|
|
|
|
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
|
|
|
@ -9,7 +14,10 @@ import org.springframework.security.oauth2.provider.token.TokenStore;
|
|
|
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
|
|
|
|
|
|
import java.util.Date;
|
|
|
|
|
import java.util.LinkedHashMap;
|
|
|
|
|
import java.util.Map;
|
|
|
|
|
import java.util.UUID;
|
|
|
|
|
import java.util.stream.Collectors;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 重写 DefaultTokenServices,实现登录同应用同账号互踢
|
|
|
|
@ -23,13 +31,20 @@ public class SingleLoginTokenServices extends DefaultTokenServices {
|
|
|
|
|
private TokenStore tokenStore;
|
|
|
|
|
private TokenEnhancer accessTokenEnhancer;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 是否登录同应用同账号互踢
|
|
|
|
|
*/
|
|
|
|
|
private boolean isSingleLogin;
|
|
|
|
|
|
|
|
|
|
public SingleLoginTokenServices(boolean isSingleLogin) {
|
|
|
|
|
/**
|
|
|
|
|
* 是否登录同应用同账号互踢
|
|
|
|
|
*/
|
|
|
|
|
private IOnlineUserService onlineUserService;
|
|
|
|
|
|
|
|
|
|
public SingleLoginTokenServices(boolean isSingleLogin,IOnlineUserService onlineUserService) {
|
|
|
|
|
this.isSingleLogin = isSingleLogin;
|
|
|
|
|
this.onlineUserService = onlineUserService;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@ -83,10 +98,27 @@ public class SingleLoginTokenServices extends DefaultTokenServices {
|
|
|
|
|
if (refreshToken != null) {
|
|
|
|
|
tokenStore.storeRefreshToken(refreshToken, authentication);
|
|
|
|
|
}
|
|
|
|
|
setUser(authentication, (DefaultOAuth2AccessToken) accessToken);
|
|
|
|
|
onlineUserService.saveOnlineUser(accessToken);
|
|
|
|
|
return accessToken;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void setUser(OAuth2Authentication authentication, DefaultOAuth2AccessToken accessToken) {
|
|
|
|
|
LoginUser user = (LoginUser) authentication.getUserAuthentication().getPrincipal();
|
|
|
|
|
String authorities = authentication.getAuthorities().stream()
|
|
|
|
|
.map(GrantedAuthority::getAuthority)
|
|
|
|
|
.collect(Collectors.joining(","));
|
|
|
|
|
Map<String, Object> additionalInformation = new LinkedHashMap<>(16);
|
|
|
|
|
additionalInformation.put(SecurityConstants.DETAILS_USER_ID, user.getUser().getId());
|
|
|
|
|
additionalInformation.put(SecurityConstants.USER_ROLE_LIST, user.getRoles());
|
|
|
|
|
additionalInformation.put(SecurityConstants.DETAILS_USER, JSONUtil.toJsonStr(user.getUser()));
|
|
|
|
|
additionalInformation.put(SecurityConstants.DETAILS_USERNAME, user.getUser().getUsername());
|
|
|
|
|
additionalInformation.put(SecurityConstants.DATA_SCOPES, user.getDataScopes());
|
|
|
|
|
additionalInformation.put(SecurityConstants.AUTHORITIES_KEY, authorities);
|
|
|
|
|
accessToken.setAdditionalInformation(additionalInformation);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private OAuth2RefreshToken createRefreshToken(OAuth2Authentication authentication) {
|
|
|
|
|
if (!isSupportRefreshToken(authentication.getOAuth2Request())) {
|
|
|
|
|
return null;
|
|
|
|
|