SaaS 标准构型4 登陆模式

d930359b · misaka · 93edd4e1 · d930359b · d930359b · d930359b
--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFallback.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFallback.java.ftl
@@ -33,10 +33,17 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
        return null;
    }
+<#if sys.getSaaSMode()==4>
+    @Override
+    public AuthenticationUser loginByUsername(String system,String orgId,String username) {
+        return null;
+    }
+<#else>    
 	@Override
    public AuthenticationUser loginByUsername(String username) {
        return null;
    }
+</#if>    
    <#if oauth2Enable>
    @Override

--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFeignClient.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/client/IBZUAAFeignClient.java.ftl
@@ -51,8 +51,13 @@ public interface IBZUAAFeignClient
 	Object getToken(@RequestBody MultiValueMap<String,String> map);
    </#if>
+<#if sys.getSaaSMode()==4>
+	@PostMapping(value = "/uaa/loginbyusername")
+	AuthenticationUser loginByUsername(@RequestHeader(name = "srfsystem") String system,@RequestHeader(name = "srforgid") String orgid ,@RequestBody String username);
+<#else>
 	@PostMapping(value = "/uaa/loginbyusername")
 	AuthenticationUser loginByUsername(@RequestBody String username);
+</#if>	
    @Cacheable(value="ibzuaa_publickey")
 	@GetMapping(value = "/uaa/publickey")

--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthenticationUser.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthenticationUser.java.ftl
@@ -52,6 +52,14 @@ public class AuthenticationUser implements UserDetails
 	 */
 	private String domain;
 	/**
+     * 租户
+     */
+    private String srfdcid;
+    /**
+     * 动态实例标识
+     */
+    private String srfdynainstid;
+	/**
 	 * 部门标识
 	 */
 	private String mdeptid;

--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthorizationTokenFilter.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthorizationTokenFilter.java.ftl
@@ -45,7 +45,7 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
    @Value(${r'"${ibiz.jwt.expiration:7200000}"'})
    private Long expiration;
 </#if>
-    private final UserDetailsService userDetailsService;
+    private final AuthenticationUserService userDetailsService;
    private final AuthTokenUtil authTokenUtil;
    private final String tokenHeader;
    private Set<String> excludesPattern = new HashSet<String>();
@@ -78,8 +78,15 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
        }
        if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+            <#if sys.getSaaSMode()==4>
+            final String requestOrgId = request.getHeader("srforgid");
+            if(StringUtils.isBlank(requestOrgId)){
+                throw new RuntimeException("无效系统标识");
+            }
+            UserDetails userDetails = this.userDetailsService.loadUserByUsername("${sys.getCodeName()}",requestOrgId,username);
+            <#else>
            UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
+            </#if>
            if (authTokenUtil.validateToken(authToken, userDetails)) {
                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/AuthenticationUserService.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/AuthenticationUserService.java.ftl
@@ -24,11 +24,28 @@ public interface AuthenticationUserService extends UserDetailsService {
    @Override
    @Cacheable( value="${cachename}", key = "'getByUsername:'+#p0")
-    AuthenticationUser loadUserByUsername(String username);
+    default AuthenticationUser loadUserByUsername(String username){
+        return null ;
+    }
+<#if sys.getSaaSMode()==4>
+    @Cacheable(value = "ibzuaa_users", key = "#p0+':'+#p1+':getByUsername:'+#p2")
+    default AuthenticationUser loadUserByUsername(String srfsystem,String srforgid, String username){
+        return null ;
+    }
+</#if>    
    @Cacheable( value="${cachename}", key = "'getByUsername:'+#p0")
    AuthenticationUser loadUserByLogin(String username,String password);
    @CacheEvict( value="${cachename}", key = "'getByUsername:'+#p0")
-    void resetByUsername(String username);
+    default void resetByUsername(String username){}
+<#if sys.getSaaSMode()==4>
+    @Cacheable(value = "ibzuaa_users", key = "#p0+':'+#p1+':getByUsername:'+#p2")
+    default void resetByUsername(String srfsystem,String srforgid, String username){
+    }
+</#if>    
 }
--- a/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/IBZUAAUserService.java.ftl
+++ b/SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/service/IBZUAAUserService.java.ftl
@@ -27,6 +27,16 @@ public class IBZUAAUserService implements AuthenticationUserService{
 	@Autowired
 	private IBZUAAFeignClient uaaFeignClient;
+<#if sys.getSaaSMode()==4>
+	@Override
+	public AuthenticationUser loadUserByUsername(String system, String orgId, String username) {
+		AuthenticationUser user = uaaFeignClient.loginByUsername(system, orgId, username);
+		if (user == null) {
+			throw new BadRequestAlertException("登录失败", "IBZUAAUser", username);
+		}
+		return user;
+	}
+<#else>
 	@Override
 	public AuthenticationUser loadUserByUsername(String username) {
 		AuthenticationUser user = uaaFeignClient.loginByUsername(username);
@@ -35,6 +45,7 @@ public class IBZUAAUserService implements AuthenticationUserService{
 		}
 		return user;
 	}
+</#if>	
 	@Override
 	public AuthenticationUser loadUserByLogin(String username, String password) {
@@ -57,10 +68,4 @@ public class IBZUAAUserService implements AuthenticationUserService{
 		return user;
 	}
-	@Override
-	public void resetByUsername(String username) {
-	}
 }