fix(系统设置): OAuth2登录认证

Closes #20439
This commit is contained in:
shiziyuan9527 2022-12-06 15:28:34 +08:00 committed by 刘瑞斌
parent a5fd23503a
commit 708cc1f77b
3 changed files with 15 additions and 8 deletions

View File

@ -43,7 +43,10 @@ import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException; import java.security.KeyManagementException;
import java.security.KeyStoreException; import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.*; import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
@ -243,6 +246,8 @@ public class SSOService {
RestTemplate restTemplate = getRestTemplateIgnoreSSL(); RestTemplate restTemplate = getRestTemplateIgnoreSSL();
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE); headers.add(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE);
String credentials = EncryptUtils.base64Encoding(config.get("clientId") + ":" + config.get("secret"));
headers.add(HttpHeaders.AUTHORIZATION, "Basic " + credentials);
HttpEntity<String> param = new HttpEntity<>(headers); HttpEntity<String> param = new HttpEntity<>(headers);
ResponseEntity<String> response = restTemplate.postForEntity(url, param, String.class); ResponseEntity<String> response = restTemplate.postForEntity(url, param, String.class);
String content = response.getBody(); String content = response.getBody();
@ -263,7 +268,7 @@ public class SSOService {
private Optional<SessionUser> doOauth2Login(AuthSource authSource, String accessToken, WebSession session, Locale locale) throws Exception { private Optional<SessionUser> doOauth2Login(AuthSource authSource, String accessToken, WebSession session, Locale locale) throws Exception {
Map<String, String> oauth2Config = null; Map<String, String> oauth2Config = null;
Map<String, String> resultObj = null; Map<String, Object> resultObj = null;
try { try {
oauth2Config = JSON.parseObject(authSource.getConfiguration(), new TypeReference<HashMap<String, String>>() {}); oauth2Config = JSON.parseObject(authSource.getConfiguration(), new TypeReference<HashMap<String, String>>() {});
String userInfoUrl = oauth2Config.get("userInfoUrl"); String userInfoUrl = oauth2Config.get("userInfoUrl");
@ -272,7 +277,7 @@ public class SSOService {
RestTemplate restTemplate = getRestTemplateIgnoreSSL(); RestTemplate restTemplate = getRestTemplateIgnoreSSL();
HttpEntity<MultiValueMap<String, String>> httpEntity = new HttpEntity<>(headers); HttpEntity<MultiValueMap<String, String>> httpEntity = new HttpEntity<>(headers);
ResponseEntity<String> response = restTemplate.exchange(userInfoUrl, HttpMethod.GET, httpEntity, String.class); ResponseEntity<String> response = restTemplate.exchange(userInfoUrl, HttpMethod.GET, httpEntity, String.class);
resultObj = JSON.parseObject(response.getBody(), new TypeReference<HashMap<String, String>>() {}); resultObj = JSON.parseObject(response.getBody(), new TypeReference<HashMap<String, Object>>() {});
} catch (Exception e) { } catch (Exception e) {
LogUtil.error("fail to get user info", e); LogUtil.error("fail to get user info", e);
MSException.throwException("fail to get user info!"); MSException.throwException("fail to get user info!");
@ -281,9 +286,9 @@ public class SSOService {
String attrMapping = oauth2Config.get("mapping"); String attrMapping = oauth2Config.get("mapping");
Map<String, String> mapping = this.getOauth2AttrMapping(attrMapping); Map<String, String> mapping = this.getOauth2AttrMapping(attrMapping);
String userid = resultObj.get(mapping.get("userid")); String userid = (String) resultObj.get(mapping.get("userid"));
String username = resultObj.get(mapping.get("username")); String username = (String) resultObj.get(mapping.get("username"));
String email = resultObj.get(mapping.get("email")); String email = (String) resultObj.get(mapping.get("email"));
if (StringUtils.isBlank(userid)) { if (StringUtils.isBlank(userid)) {
MSException.throwException("userid is empty!"); MSException.throwException("userid is empty!");

View File

@ -329,10 +329,12 @@ export default {
if (source.type === 'OAuth2') { if (source.type === 'OAuth2') {
url = config.authUrl url = config.authUrl
+ "?client_id=" + config.clientId + "?client_id=" + config.clientId
+ "&scope=" + config.scope
+ "&response_type=code" + "&response_type=code"
+ "&redirect_uri=" + redirectUrl + "&redirect_uri=" + redirectUrl
+ "&state=" + authId; + "&state=" + authId;
if (config.scope) {
url += "&scope=" + config.scope;
}
} }
if (url) { if (url) {
window.location.href = url; window.location.href = url;

View File

@ -233,7 +233,7 @@
</el-row> </el-row>
<el-row> <el-row>
<el-col> <el-col>
<el-form-item label="Scope" :rules="requiredRules" prop="configuration.scope"> <el-form-item label="Scope" prop="configuration.scope">
<el-input v-model="form.configuration.scope"/> <el-input v-model="form.configuration.scope"/>
</el-form-item> </el-form-item>
</el-col> </el-col>