springsecurity 企业微信登入

springsecurity 企业微信登入

背景 后台系统需要接入 企业微信登入，满足企业员工快速登入系统

1. 流程图

   

2. 简单代码说明

   自定义一套 springsecurity 认证逻辑

   • 主要就是 根据code 获取绑定用户信息 然后返回登入 token ，和qq ,微信 等第 3方登入 一个套路

   
   // 自定义 WeChatAuthenticationProvider
   public class WeChatAuthenticationProvider  implements AuthenticationProvider {
   
       private UserDetailsService userDetailsService;
   
       public WeChatAuthenticationProvider(UserDetailsService userDetailsService){
           this.userDetailsService = userDetailsService;
       }
   
       @Override
       public Authentication authenticate(Authentication authentication) throws AuthenticationException {
           WeChatAuthenticationToken authenticationToken = (WeChatAuthenticationToken) authentication;
   
           String userId = (String) authenticationToken.getPrincipal();
   
           UserDetails userDetails = userDetailsService.loadUserByUsername(userId);
   
           // 此时鉴权成功后，应当重新 new 一个拥有鉴权的 authenticationResult 返回
           BrowserAuthenticationToken authenticationResult = new BrowserAuthenticationToken(userDetails, userDetails.getAuthorities());
   
           authenticationResult.setDetails(authenticationToken.getDetails());
   
           return authenticationResult;
       }
   
   
       @Override
       public boolean supports(Class<?> authentication) {
           // 判断 authentication 是不是 SmsCodeAuthenticationToken 的子类或子接口
           return WeChatAuthenticationToken.class.isAssignableFrom(authentication);
       }
   
       public UserDetailsService getUserDetailsService() {
           return userDetailsService;
       }
   
       public void setUserDetailsService(UserDetailsService userDetailsService) {
           this.userDetailsService = userDetailsService;
       }
   }
   
   // 重写 UserDetailsService
       @Override
       public UserDetails loadUserByUsername(String code) throws UsernameNotFoundException {
           String weChatUserId = weChatService.getWeChatUserId(code);
           LambdaQueryWrapper<SysUserWechat> lambda = new QueryWrapper<SysUserWechat>().lambda();
           lambda.eq(SysUserWechat::getDeleted, DataStatusEnum.NORMAL.getCode());
           lambda.eq(SysUserWechat::getWechatId,weChatUserId);
           List<SysUserWechat> sysUserWechats = sysUserWechatService.list(lambda);
   
           if(CollectionUtils.isEmpty(sysUserWechats)){
               throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_601001.getCode());
           }
           SysUserWechat sysUserWechat = sysUserWechats.get(0);
           Long sysUserId = sysUserWechat.getSysUserId();
           SysUser sysUser = userService.selectUserById(sysUserId);
           if (StringUtils.isNull(sysUser)) {
               throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
           }
           if (UserStatus.DELETED.getCode().equals(sysUser.getDelFlag())) {
               throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
           }
           if (UserStatus.DISABLE.getCode().equals(sysUser.getStatus())) {
               throw new ServiceException(GOOGLE_AUTHENTICATOR_601001.getMsg(),GOOGLE_AUTHENTICATOR_501001.getCode());
           }
   
           return createLoginUser(sysUser);
       }