提交 5f927fc5 编写于 作者: nancy's avatar nancy

Ldap相关代码迁移

上级 3e997c64
......@@ -10,7 +10,9 @@ import cn.ibizlab.util.service.AuthenticationUserService;
import cn.ibizlab.util.service.IBZUSERService;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
......@@ -24,19 +26,18 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.*;
/**
* 实体[IBZUSER] 服务对象接口实现
*/
@Primary
@Slf4j
@Service("LdapUserService")
@ConditionalOnExpression("'${ibiz.auth.service:SimpleUserService}'.equals('LdapUserService')")
public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> implements IBZUSERService, AuthenticationUserService {
......@@ -48,14 +49,60 @@ public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> impleme
@Override
public AuthenticationUser loadUserByUsername(String username) {
AuthenticationUser user = new AuthenticationUser();
if (StringUtils.isEmpty(username))
throw new UsernameNotFoundException("用户名为空");
QueryWrapper<IBZUSER> conds = new QueryWrapper<IBZUSER>();
String[] data = username.split("[|]");
String loginname = "";
String domains = "";
if (data.length > 0)
loginname = data[0].trim();
if (data.length > 1)
domains = data[1].trim();
if (!StringUtils.isEmpty(loginname))
conds.eq("loginname", loginname);
if (!StringUtils.isEmpty(domains))
conds.eq("domains", domains);
IBZUSER user = this.getOne(conds);
if (user == null) {
throw new UsernameNotFoundException("用户" + username + "未找到");
} else {
user.setUsername(username);
return user;
AuthenticationUser curUser = createUserDetails(user);
if (curUser.getPermissionList() == null) {
setUserPermission(curUser);
setUserOrgInfo(curUser);
}
return curUser;
}
}
@Override
public AuthenticationUser loadUserByLogin(String username, String password){
AuthenticationUser user = new AuthenticationUser();
public AuthenticationUser loadUserByLogin(String username, String password) {
//获取用户
AuthenticationUser user = loadUserByUsername(username);
if (1 == user.getSuperuser()) {
if (pwencrymode == 1)
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if (pwencrymode == 2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
if (!user.getPassword().equals(password)) {
throw new BadRequestAlertException("用户名密码错误", "IBZUSER", username);
}
} else {
//Ldap 认证。
authenticateByLdap(username, password);
}
return user;
}
private void authenticateByLdap(String username, String password) {
String[] data = username.split("[|]");
String loginname = username;
String devslnsysid = "";
......@@ -81,32 +128,18 @@ public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> impleme
}
if (!bAuthenticate) {
throw new BadRequestAlertException("用户名密码错误", "IBZUSER", username);
throw new BadRequestAlertException("用户名或密码错误。", "IBZUSER", username);
}
user.setUsercode(loginname);
user.setUsername(loginname);
user.setLoginname(loginname);
user.setPersonname(loginname);
// user.setDomain(devslnsysid);
// user.setDevslnsysid(devslnsysid);
// user.setPassword(password);
// user.setOrgid(devslnsysid);
// user.setOrgcode(devslnsysid);
// user.setOrgname(devslnsysid);
return user;
}
public void resetByUsername(String username) {
}
public AuthenticationUser createUserDetails(IBZUSER user) {
AuthenticationUser userdatail = new AuthenticationUser();
CachedBeanCopier.copy(user,userdatail);
if(userdatail.getSuperuser()==1){
CachedBeanCopier.copy(user, userdatail);
if (userdatail.getSuperuser() == 1) {
userdatail.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN"));
}
return userdatail;
......@@ -121,17 +154,18 @@ public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> impleme
/**
* 设置用户权限
* 由于GrantedAuthority缺少无参构造,导致无法序列化,暂时通过PermissionList中转
*
* @param user
* @return
*/
public void setUserPermission(AuthenticationUser user) {
Collection<GrantedAuthority> userAuthorities=uaaCoreService.getAuthoritiesByUserId(user.getUserid());
Collection<GrantedAuthority> userAuthorities = uaaCoreService.getAuthoritiesByUserId(user.getUserid());
Set<String> authorities = AuthorityUtils.authorityListToSet(userAuthorities);
if(user.getSuperuser()==1){
if (user.getSuperuser() == 1) {
authorities.add("ROLE_SUPERADMIN");
}
JSONObject permission =new JSONObject();
permission.put("authorities",authorities);
JSONObject permission = new JSONObject();
permission.put("authorities", authorities);
user.setPermissionList(permission);
}
......@@ -141,13 +175,14 @@ public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> impleme
/**
* 设置用户组织相关信息
*
* @param user
*/
private void setUserOrgInfo(AuthenticationUser user) {
Map<String, Set<String>> orgInfo=ouFeignClient.getOUMapsByUserId(user.getUserid());
if(orgInfo==null)
orgInfo=new HashMap<>();
Map<String, Set<String>> orgInfo = ouFeignClient.getOUMapsByUserId(user.getUserid());
if (orgInfo == null)
orgInfo = new HashMap<>();
//throw new RuntimeException(String.format("获取用户信息失败,请检查用户中心[IBZOU]中是否存在[%s]用户!",user.getLoginname()));
user.setOrgInfo(orgInfo);
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册