提交 63f97340 编写于 作者: nancy's avatar nancy

UserDingtalkResourse还原

上级 84dff5de
...@@ -10,7 +10,9 @@ import cn.ibizlab.util.service.AuthenticationUserService; ...@@ -10,7 +10,9 @@ import cn.ibizlab.util.service.AuthenticationUserService;
import cn.ibizlab.util.service.IBZUSERService; import cn.ibizlab.util.service.IBZUSERService;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
...@@ -24,132 +26,165 @@ import org.springframework.security.core.GrantedAuthority; ...@@ -24,132 +26,165 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import org.springframework.util.DigestUtils; import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import java.util.Collection; import java.util.*;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/** /**
* 实体[IBZUSER] 服务对象接口实现 * 实体[IBZUSER] 服务对象接口实现
*/ */
@Primary @Primary
@Slf4j
@Service("LdapUserService") @Service("LdapUserService")
@ConditionalOnExpression("'${ibiz.auth.service:SimpleUserService}'.equals('LdapUserService')") @ConditionalOnExpression("'${ibiz.auth.service:SimpleUserService}'.equals('LdapUserService')")
public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> implements IBZUSERService, AuthenticationUserService { public class LdapUserService extends ServiceImpl<IBZUSERMapper, IBZUSER> implements IBZUSERService, AuthenticationUserService {
@Value("${ibiz.auth.pwencrymode:0}") @Value("${ibiz.auth.pwencrymode:0}")
private int pwencrymode; private int pwencrymode;
@Autowired @Autowired
private LdapTemplate ldapTemplate; private LdapTemplate ldapTemplate;
@Override @Override
public AuthenticationUser loadUserByUsername(String username) { public AuthenticationUser loadUserByUsername(String username) {
AuthenticationUser user = new AuthenticationUser(); if (StringUtils.isEmpty(username))
user.setUsername(username); throw new UsernameNotFoundException("用户名为空");
return user; QueryWrapper<IBZUSER> conds = new QueryWrapper<IBZUSER>();
} String[] data = username.split("[|]");
String loginname = "";
@Override String domains = "";
public AuthenticationUser loadUserByLogin(String username, String password){ if (data.length > 0)
AuthenticationUser user = new AuthenticationUser(); loginname = data[0].trim();
String[] data = username.split("[|]"); if (data.length > 1)
String loginname = username; domains = data[1].trim();
String devslnsysid = ""; if (!StringUtils.isEmpty(loginname))
conds.eq("loginname", loginname);
if (data.length == 2) { if (!StringUtils.isEmpty(domains))
loginname = data[0].trim(); conds.eq("domains", domains);
IBZUSER user = this.getOne(conds);
if (user == null) {
throw new UsernameNotFoundException("用户" + username + "未找到");
} else {
user.setUsername(username);
AuthenticationUser curUser = createUserDetails(user);
if (curUser.getPermissionList() == null) {
setUserPermission(curUser);
setUserOrgInfo(curUser);
}
return curUser;
}
}
@Override
public AuthenticationUser loadUserByLogin(String username, String password) {
//获取用户
AuthenticationUser user = loadUserByUsername(username);
if (1 == user.getSuperuser()) {
if (pwencrymode == 1)
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if (pwencrymode == 2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
if (!user.getPassword().equals(password)) {
throw new BadRequestAlertException("用户名密码错误", "IBZUSER", username);
}
} else {
//Ldap 认证。
authenticateByLdap(username, password);
}
return user;
}
private void authenticateByLdap(String username, String password) {
String[] data = username.split("[|]");
String loginname = username;
String devslnsysid = "";
if (data.length == 2) {
loginname = data[0].trim();
// devslnsysid=data[1].trim(); // devslnsysid=data[1].trim();
} }
// 查询Ldap人员 // 查询Ldap人员
AndFilter filter = new AndFilter(); AndFilter filter = new AndFilter();
if (!StringUtils.isEmpty(loginname)) { if (!StringUtils.isEmpty(loginname)) {
filter.and(new EqualsFilter("uid", loginname)); filter.and(new EqualsFilter("uid", loginname));
} }
Boolean bAuthenticate = false; Boolean bAuthenticate = false;
try { try {
// 这个方法可以查询出该用户 // 这个方法可以查询出该用户
bAuthenticate = ldapTemplate.authenticate("ou=people", filter.encode(), password); bAuthenticate = ldapTemplate.authenticate("ou=people", filter.encode(), password);
System.out.println(bAuthenticate); System.out.println(bAuthenticate);
} catch (RuntimeException e) { } catch (RuntimeException e) {
bAuthenticate = false; bAuthenticate = false;
} }
if (!bAuthenticate) { if (!bAuthenticate) {
throw new BadRequestAlertException("用户名密码错误", "IBZUSER", username); throw new BadRequestAlertException("用户名或密码错误。", "IBZUSER", username);
} }
}
user.setUsercode(loginname);
user.setUsername(loginname); public void resetByUsername(String username) {
user.setLoginname(loginname);
user.setPersonname(loginname); }
// user.setDomain(devslnsysid);
// user.setDevslnsysid(devslnsysid); public AuthenticationUser createUserDetails(IBZUSER user) {
// user.setPassword(password); AuthenticationUser userdatail = new AuthenticationUser();
// user.setOrgid(devslnsysid); CachedBeanCopier.copy(user, userdatail);
// user.setOrgcode(devslnsysid); if (userdatail.getSuperuser() == 1) {
// user.setOrgname(devslnsysid); userdatail.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN"));
}
return user; return userdatail;
} }
public void resetByUsername(String username) { @Autowired
@Lazy
} private UAACoreService uaaCoreService;
public AuthenticationUser createUserDetails(IBZUSER user) {
AuthenticationUser userdatail = new AuthenticationUser(); /**
CachedBeanCopier.copy(user,userdatail); * 设置用户权限
if(userdatail.getSuperuser()==1){ * 由于GrantedAuthority缺少无参构造,导致无法序列化,暂时通过PermissionList中转
userdatail.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN")); *
} * @param user
return userdatail; * @return
} */
public void setUserPermission(AuthenticationUser user) {
Collection<GrantedAuthority> userAuthorities = uaaCoreService.getAuthoritiesByUserId(user.getUserid());
@Autowired Set<String> authorities = AuthorityUtils.authorityListToSet(userAuthorities);
@Lazy if (user.getSuperuser() == 1) {
private UAACoreService uaaCoreService; authorities.add("ROLE_SUPERADMIN");
}
JSONObject permission = new JSONObject();
/** permission.put("authorities", authorities);
* 设置用户权限 user.setPermissionList(permission);
* 由于GrantedAuthority缺少无参构造,导致无法序列化,暂时通过PermissionList中转 }
* @param user
* @return @Autowired
*/ @Lazy
public void setUserPermission(AuthenticationUser user) { private IBZOUFeignClient ouFeignClient;
Collection<GrantedAuthority> userAuthorities=uaaCoreService.getAuthoritiesByUserId(user.getUserid());
Set<String> authorities = AuthorityUtils.authorityListToSet(userAuthorities); /**
if(user.getSuperuser()==1){ * 设置用户组织相关信息
authorities.add("ROLE_SUPERADMIN"); *
} * @param user
JSONObject permission =new JSONObject(); */
permission.put("authorities",authorities); private void setUserOrgInfo(AuthenticationUser user) {
user.setPermissionList(permission);
} Map<String, Set<String>> orgInfo = ouFeignClient.getOUMapsByUserId(user.getUserid());
if (orgInfo == null)
@Autowired orgInfo = new HashMap<>();
@Lazy //throw new RuntimeException(String.format("获取用户信息失败,请检查用户中心[IBZOU]中是否存在[%s]用户!",user.getLoginname()));
private IBZOUFeignClient ouFeignClient;
user.setOrgInfo(orgInfo);
/** }
* 设置用户组织相关信息
* @param user
*/
private void setUserOrgInfo(AuthenticationUser user) {
Map<String, Set<String>> orgInfo=ouFeignClient.getOUMapsByUserId(user.getUserid());
if(orgInfo==null)
orgInfo=new HashMap<>();
//throw new RuntimeException(String.format("获取用户信息失败,请检查用户中心[IBZOU]中是否存在[%s]用户!",user.getLoginname()));
user.setOrgInfo(orgInfo);
}
} }
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册