SaaS 标准构型4 登陆模式

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFallback.java.ftl

@@ -33,10 +33,17 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
         return null;
     }
 
+<#if sys.getSaaSMode()==4>
+    @Override
+    public AuthenticationUser loginByUsername(String system,String orgId,String username) {
+        return null;
+    }
+<#else>    
 	@Override
     public AuthenticationUser loginByUsername(String username) {
         return null;
     }
+</#if>    
 
     <#if oauth2Enable>
     @Override

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFeignClient.java.ftl

@@ -51,8 +51,13 @@ public interface IBZUAAFeignClient
 	Object getToken(@RequestBody MultiValueMap<String,String> map);
     </#if>
 
+<#if sys.getSaaSMode()==4>
+	@PostMapping(value = "/uaa/loginbyusername")
+	AuthenticationUser loginByUsername(@RequestHeader(name = "srfsystem") String system,@RequestHeader(name = "srforgid") String orgid ,@RequestBody String username);
+<#else>
 	@PostMapping(value = "/uaa/loginbyusername")
 	AuthenticationUser loginByUsername(@RequestBody String username);
+</#if>	
 
     @Cacheable(value="ibzuaa_publickey")
 	@GetMapping(value = "/uaa/publickey")

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthenticationUser.java.ftl

@@ -52,6 +52,14 @@ public class AuthenticationUser implements UserDetails
 	 */
 	private String domain;
 	/**
+     * 租户
+     */
+    private String srfdcid;
+    /**
+     * 动态实例标识
+     */
+    private String srfdynainstid;
+	/**
 	 * 部门标识
 	 */
 	private String mdeptid;

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthorizationTokenFilter.java.ftl

@@ -45,7 +45,7 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
     @Value(${r'"${ibiz.jwt.expiration:7200000}"'})
     private Long expiration;
 </#if>
-    private final UserDetailsService userDetailsService;
+    private final AuthenticationUserService userDetailsService;
     private final AuthTokenUtil authTokenUtil;
     private final String tokenHeader;
     private Set<String> excludesPattern = new HashSet<String>();
@@ -78,8 +78,15 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
         }
 
         if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+            <#if sys.getSaaSMode()==4>
+            final String requestOrgId = request.getHeader("srforgid");
+            if(StringUtils.isBlank(requestOrgId)){
+                throw new RuntimeException("无效系统标识");
+            }
+            UserDetails userDetails = this.userDetailsService.loadUserByUsername("${sys.getCodeName()}",requestOrgId,username);
+            <#else>
             UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
-
+            </#if>
             if (authTokenUtil.validateToken(authToken, userDetails)) {
                 UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                 authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/AuthenticationUserService.java.ftl

@@ -24,11 +24,28 @@ public interface AuthenticationUserService extends UserDetailsService {
 
     @Override
     @Cacheable( value="${cachename}", key = "'getByUsername:'+#p0")
-    AuthenticationUser loadUserByUsername(String username);
+    default AuthenticationUser loadUserByUsername(String username){
+        return null ;
+    }
+
+<#if sys.getSaaSMode()==4>
+    @Cacheable(value = "ibzuaa_users", key = "#p0+':'+#p1+':getByUsername:'+#p2")
+    default AuthenticationUser loadUserByUsername(String srfsystem,String srforgid, String username){
+        return null ;
+    }
+</#if>    
 
     @Cacheable( value="${cachename}", key = "'getByUsername:'+#p0")
     AuthenticationUser loadUserByLogin(String username,String password);
 
     @CacheEvict( value="${cachename}", key = "'getByUsername:'+#p0")
-    void resetByUsername(String username);
+    default void resetByUsername(String username){}
+
+<#if sys.getSaaSMode()==4>
+    @Cacheable(value = "ibzuaa_users", key = "#p0+':'+#p1+':getByUsername:'+#p2")
+    default void resetByUsername(String srfsystem,String srforgid, String username){
+
+    }
+</#if>    
+
 }

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/IBZUAAUserService.java.ftl

@@ -27,6 +27,16 @@ public class IBZUAAUserService implements AuthenticationUserService{
 	@Autowired
 	private IBZUAAFeignClient uaaFeignClient;
 
+<#if sys.getSaaSMode()==4>
+	@Override
+	public AuthenticationUser loadUserByUsername(String system, String orgId, String username) {
+		AuthenticationUser user = uaaFeignClient.loginByUsername(system, orgId, username);
+		if (user == null) {
+			throw new BadRequestAlertException("登录失败", "IBZUAAUser", username);
+		}
+		return user;
+	}
+<#else>
 	@Override
 	public AuthenticationUser loadUserByUsername(String username) {
 		AuthenticationUser user = uaaFeignClient.loginByUsername(username);
@@ -35,6 +45,7 @@ public class IBZUAAUserService implements AuthenticationUserService{
 		}
 		return user;
 	}
+</#if>	
 
 	@Override
 	public AuthenticationUser loadUserByLogin(String username, String password) {
@@ -57,10 +68,4 @@ public class IBZUAAUserService implements AuthenticationUserService{
 		return user;
 	}
 
-
-	@Override
-	public void resetByUsername(String username) {
-
-	}
-
 }