Java教程

Spring Security oauth2.0微信小程序登录

本文主要是介绍Spring Security oauth2.0微信小程序登录,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!

微信小程序前期开发准备,可以参考这篇文章微信小程序前期准备
1、学习过Spring Secrity oauth2.0的都知道,他有四种登录模式可以选择
authorization code(授权码模式)
implicit(简化模式)
resource owner password credentials(密码模式)
client credentials(客户端模式)后台管理页面
前三种模式都需要用户的密码才能认证成功,客户端模式虽然不需要密码,但是也不会跟用户绑定。所以也是不符合的。我们去微信拿到用户的认证之后,需要自己的系统认证通过,然后返回token给前端。如果系统采用oauth2.0来做认证,这时候我们是没办法拿到用户的明文密码的。并且一般密码都是用BCryptPasswordEncoder加密处理,是不可逆的。这个时候,我们虽然通过了微信的认证,但是如何通过自身系统的认证就是个问题了。那么这时候就需要自定义oauth2.0的授权模式了,通过微信返回的用户唯一标识来完成认证。
这里的方法,适用用于任何的第三方登录:
首先,我们需要一个拦截器:
登录接口如下

9999端口是gateway网关端口。auth是网关路由
http://192.168.2.171:9999/auth/custom/token/social?grant_type=custom&custom=WXCUSTOM@{这后面是微信获取的code}
头信息:Basic d3hNaW5pQXBwQ3VzdG9tOnd4TWluaUFwcEN1c3RvbQ==(这后面是BASE64加密信息)

登录URL拦截器

注意这里是 filter 来接管这个请求,而不是到 Controller)

import lombok.Getter;
import lombok.Setter;
import lombok.SneakyThrows;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author Mylucy
 * @Date 2022-01-18 10:15
 * 客户微信小程序登录
 */
public class SocialAuthenticationFilter extends AbstractAuthenticationProcessingFilter {


	private static final String SPRING_SECURITY_FORM_CUSTOM_KEY = "custom";

	@Getter
	@Setter
	private String customWxLogin = SPRING_SECURITY_FORM_CUSTOM_KEY;

	@Getter
	@Setter
	private AuthenticationEventPublisher eventPublisher;
	@Getter
	@Setter
	private boolean postOnly = true;

//	@Getter
//	@Setter
//	private AuthenticationEventPublisher eventPublisher;

	@Getter
	@Setter
	private AuthenticationEntryPoint authenticationEntryPoint;

	public SocialAuthenticationFilter() {
		super(new AntPathRequestMatcher(SecurityConstants.CUSTOM_TOKE_URL, "POST"));
	}

	/**
	 * Performs actual authentication.
	 * <p>
	 * The implementation should do one of the following:
	 * <ol>
	 * <li>Return a populated authentication token for the authenticated user, indicating
	 * successful authentication</li>
	 * <li>Return null, indicating that the authentication process is still in progress.
	 * Before returning, the implementation should perform any additional work required to
	 * complete the process.</li>
	 * <li>Throw an <tt>AuthenticationException</tt> if the authentication process
	 * fails</li>
	 * </ol>
	 *
	 * @param request  from which to extract parameters and perform the authentication
	 * @param response the response, which may be needed if the implementation has to do a
	 *                 redirect as part of a multi-stage authentication process (such as OpenID).
	 * @return the authenticated user token, or null if authentication is incomplete.
	 * @throws AuthenticationException if authentication fails.
	 */
	@Override
	@SneakyThrows
	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)  {
		if (postOnly && !request.getMethod().equals(HttpMethod.POST.name())) {
			throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
		}

		String mobile = obtainMobile(request);

		if (mobile == null) {
			mobile = "";
		}

		mobile = mobile.trim();

		SocialAuthenticationToken socialAuthenticationToken = new SocialAuthenticationToken(mobile);

		setDetails(request, socialAuthenticationToken);

		Authentication authResult = null;
		try {
			authResult = this.getAuthenticationManager().authenticate(socialAuthenticationToken);

			logger.debug("Authentication success: " + authResult);
			SecurityContextHolder.getContext().setAuthentication(authResult);

		} catch (Exception failed) {
			SecurityContextHolder.clearContext();
			logger.debug("Authentication request failed: " + failed);

			eventPublisher.publishAuthenticationFailure(new BadCredentialsException(failed.getMessage(), failed),
					new PreAuthenticatedAuthenticationToken("access-token", "N/A"));

			try {
				authenticationEntryPoint.commence(request, response,
						new UsernameNotFoundException(failed.getMessage(), failed));
			} catch (Exception e) {
				logger.error("authenticationEntryPoint handle error:{}", failed);
			}
		}

		return authResult;
	}

	private String obtainMobile(HttpServletRequest request) {
		return request.getParameter(customWxLogin);
	}

	private void setDetails(HttpServletRequest request, SocialAuthenticationToken authRequest) {
		authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
	}

}

注:里面有一些常量,我这里也给出方法代码

public interface SecurityConstants {

	/**
	 * 启动时是否检查Inner注解安全性
	 */
	boolean INNER_CHECK = true;

	/**
	 * 刷新
	 */
	String REFRESH_TOKEN = "refresh_token";

	/**
	 * 验证码有效期
	 */
	int CODE_TIME = 60;

	/**
	 * 验证码长度
	 */
	String CODE_SIZE = "4";

	/**
	 * 角色前缀
	 */
	String ROLE = "ROLE_";

	/**
	 * 前缀
	 */
	String PIGX_PREFIX = "pigx_";

	/**
	 * token 相关前缀
	 */
	String TOKEN_PREFIX = "token:";

	/**
	 * oauth 相关前缀
	 */
	String OAUTH_PREFIX = "oauth:";

	/**
	 * 授权码模式code key 前缀
	 */
	String OAUTH_CODE_PREFIX = "oauth:code:";

	/**
	 * 项目的license
	 */
	String PIGX_LICENSE = "made by HuaBing";

	/**
	 * 内部
	 */
	String FROM_IN = "Y";

	/**
	 * 标志
	 */
	String FROM = "from";

	/**
	 * OAUTH URL
	 */
	String OAUTH_TOKEN_URL = "/oauth/token";

	/**
	 * 手机号登录URL
	 */
	String SMS_TOKEN_URL = "/mobile/token/sms";

	/**
	 * 社交登录URL
	 */
	String SOCIAL_TOKEN_URL = "/mobile/token/social";

	/**
	 * 自定义登录URL
	 */
	String MOBILE_TOKEN_URL = "/mobile/token/*";

	/**
	 * 客户社交登录
	 */
	String CUSTOM_TOKEN = "/custom/token/social";
	/**
	 * 客户微信登录
	 */
	String CUSTOM_TOKE_URL = "/custom/token/*";

	/**
	 * 微信获取OPENID
	 */
	String WX_AUTHORIZATION_CODE_URL = "https://api.weixin.qq.com/sns/oauth2/access_token"
			+ "?appid=%s&secret=%s&code=%s&grant_type=authorization_code";

	/**
	 * 微信小程序OPENID
	 */
	String MINI_APP_AUTHORIZATION_CODE_URL = "https://api.weixin.qq.com/sns/jscode2session"
			+ "?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code";

	/**
	 * 客户微信小程序登录
	 */
	String CUSTOM_WX_MINI_LOGIN_URL = "https://api.weixin.qq.com/sns/jscode2session";
	/**
	 *  客户微信小程序登录
	 */
	String CUSTOM_WX_MINI_LOGIN_TYPE = "authorization_code";

	String CUSTOM_APPID = "wx94e1329ed5419b55";
	String CUSTOM_SECRET="6d09e94f564d263340da3a3ede4ca6ab";

	/**
	 * 码云获取token
	 */
	String GITEE_AUTHORIZATION_CODE_URL = "https://gitee.com/oauth/token?grant_type="
			+ "authorization_code&code=%S&client_id=%s&redirect_uri=" + "%s&client_secret=%s";

	/**
	 * 开源中国获取token
	 */
	String OSC_AUTHORIZATION_CODE_URL = "https://www.oschina.net/action/openapi/token";

	/**
	 * 码云获取用户信息
	 */
	String GITEE_USER_INFO_URL = "https://gitee.com/api/v5/user?access_token=%s";

	/**
	 * 开源中国用户信息
	 */
	String OSC_USER_INFO_URL = "https://www.oschina.net/action/openapi/user?access_token=%s&dataType=json";

	/**
	 * {bcrypt} 加密的特征码
	 */
	String BCRYPT = "{bcrypt}";

	/**
	 * sys_oauth_client_details 表的字段,不包括client_id、client_secret
	 */
	String CLIENT_FIELDS = "client_id, CONCAT('{noop}',client_secret) as client_secret, resource_ids, scope, "
			+ "authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, "
			+ "refresh_token_validity, additional_information, autoapprove";

	/**
	 * JdbcClientDetailsService 查询语句
	 */
	String BASE_FIND_STATEMENT = "select " + CLIENT_FIELDS + " from sys_oauth_client_details";

	/**
	 * 按条件client_id 查询
	 */
	String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ? and del_flag = 0 and tenant_id = %s";

	/**
	 * 资源服务器默认bean名称
	 */
	String RESOURCE_SERVER_CONFIGURER = "resourceServerConfigurerAdapter";

	/**
	 * 客户端模式
	 */
	String CLIENT_CREDENTIALS = "client_credentials";

	/**
	 * 客户端编号
	 */
	String CLIENT_ID = "client_id";

	/**
	 * 用户ID字段
	 */
	String DETAILS_USER_ID = "id";

	/**
	 * 用户名
	 */
	String DETAILS_USERNAME = "username";

	/**
	 * 用户基本信息
	 */
	String DETAILS_USER = "user_info";

	/**
	 * 用户名phone
	 */
	String DETAILS_PHONE = "phone";

	/**
	 * 头像
	 */
	String DETAILS_AVATAR = "avatar";

	/**
	 * 用户部门字段
	 */
	String DETAILS_DEPT_ID = "deptId";

	/**
	 * 租户ID 字段
	 */
	String DETAILS_TENANT_ID = "tenantId";

	/**
	 * 协议字段
	 */
	String DETAILS_LICENSE = "license";

	/**
	 * 激活字段 兼容外围系统接入
	 */
	String ACTIVE = "active";

	/**
	 * AES 加密
	 */
	String AES = "aes";

}

获取客户登录的信息

注:我这里分后台用户登录,前台客户登录,不同用户查询两张不同的表

package com.pig4cloud.pigx.common.security.custom;

/**
 * @author Mylucy
 * @Date 2022-01-18 10:24
 */

import com.pig4cloud.pigx.common.security.component.PigxPreAuthenticationChecks;
import com.pig4cloud.pigx.common.security.service.PigxUserDetailsService;
import com.pig4cloud.pigx.common.security.util.PigxSecurityMessageSourceUtil;
import lombok.Getter;
import lombok.Setter;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;

/**
 * 社交登录
 */
@Slf4j
public class SocialAuthenticationProvider implements AuthenticationProvider {

	private MessageSourceAccessor messages = PigxSecurityMessageSourceUtil.getAccessor();

	private UserDetailsChecker detailsChecker = new PigxPreAuthenticationChecks();

	@Getter
	@Setter
	private PigxUserDetailsService userDetailsService;

	@Override
	@SneakyThrows
	public Authentication authenticate(Authentication authentication) {
		SocialAuthenticationToken socialAuthenticationToken = (SocialAuthenticationToken) authentication;

		String principal = socialAuthenticationToken.getPrincipal().toString();
		//这里就是获取客户信息的方法
		UserDetails userDetails = userDetailsService.customLoadBySocial(principal);
		if (userDetails == null) {
			log.debug("Authentication failed: no credentials provided");

			throw new BadCredentialsException(messages
					.getMessage("AbstractUserDetailsAuthenticationProvider.noopBindAccount", "Noop Bind Account"));
		}

		// 检查账号状态
		detailsChecker.check(userDetails);

		SocialAuthenticationToken authenticationToken = new SocialAuthenticationToken(userDetails,
				userDetails.getAuthorities());
		authenticationToken.setDetails(socialAuthenticationToken.getDetails());
		return authenticationToken;
	}

	@Override
	public boolean supports(Class<?> authentication) {
		return SocialAuthenticationToken.class.isAssignableFrom(authentication);
	}

}

获取用户信息的方法

/**
这里可以扩展你自己的用户查询方法
 * @author lengleng
 * @date 2018/8/15
 */
public interface PigxUserDetailsService extends UserDetailsService {

	/**
	 * 客户社交登录
	 *
	 * @param code 前端向微信获取的唯一标识
	 * @return
	 * @throws UsernameNotFoundException
	 */
	UserDetails customLoadBySocial(String code) throws UsernameNotFoundException;

}
==============================================分割================================================

/**
 * 用户详细信息
 *
 * @author lengleng
 */
@Slf4j
@Primary
@RequiredArgsConstructor
public class PigxUserDetailsServiceImpl implements PigxUserDetailsService {
	private final RemoteUserService remoteUserService;

	private final RemoteCustomService remoteCustomService;

	private final CacheManager cacheManager;

	private final TokenStore tokenStore;

	/**
	 * 客户社交登录
	 *
	 * @param code
	 * @return
	 * @throws UsernameNotFoundException
	 */
	@Override
	@SneakyThrows
	public UserDetails customLoadBySocial(String code) {
	//这里时远程调用查询客户表信息
		FoodMacCustom customSocialInfo = remoteCustomService.getCustomSocialInfo(code, SecurityConstants.FROM_IN).getData();
		UserDetails customDetails = getCustomDetails(customSocialInfo);
		return customDetails;
	}

	/**
	 * 构建客户信息 customDetails
	 *
	 * @param foodMacCustom
	 */
	private UserDetails getCustomDetails(FoodMacCustom foodMacCustom) {
		if (foodMacCustom == null) {
			throw new UsernameNotFoundException("客户未注册");
		}
		boolean is_lock = false;
		if (CommonConstants.CUSTOM_LOCK.equals(foodMacCustom.getStatus())) {
			is_lock = true;
		}
		if (is_lock == false) {
			throw new PigxAuth2Exception("账号已被锁定");
		}
		log.debug("用户信息::{}", foodMacCustom.getUsername());
		PigxCustomUser pigxCustomUser = new PigxCustomUser(foodMacCustom.getId(), 1, foodMacCustom.getMobile(), foodMacCustom.getAvatar(), foodMacCustom.getTenantId(),
				foodMacCustom.getUsername(), "{noop}" + foodMacCustom.getPassword(), true, true,
				true, is_lock, AuthorityUtils.NO_AUTHORITIES);
		return pigxCustomUser;

	}
}
===================================================分割==============================================================
/**
 * 系统社交登录账号表
 *
 * @author Mylucy
 * @date 2021-08-16 21:30:41
 */
public interface SysSocialDetailsService extends IService<SysSocialDetails> {
	/**
	 * 根据入参查询客户信息
	 *
	 * @param code
	 * @return
	 */
	FoodMacCustom getCustomSocialInfo(String code);
}
===================================================分割==============================================================

/**
 * @author Mylucy
 * @date 2021年08月16日
 */
@Slf4j
@AllArgsConstructor
@Service("sysSocialDetailsService")
public class SysSocialDetailsServiceImpl extends ServiceImpl<SysSocialDetailsMapper, SysSocialDetails>
		implements SysSocialDetailsService {

//注意这个方法。这个做了很多惭怍
	private final Map<String, CustomLoginHandle> customLoginHandlerMap;

	private final CacheManager cacheManager;

	private final SysUserMapper sysUserMapper;

	/**
	 * 根据入参查询客户信息
	 *
	 * @param code
	 * @return
	 */
	@Override
	public FoodMacCustom getCustomSocialInfo(String code) {
		String[] inStrs = code.split(StringPool.AT);
		String type = inStrs[0];
		String loginStr = inStrs[1];
		FoodMacCustom foodMacCustom = customLoginHandlerMap.get(type).handle(loginStr);
		return foodMacCustom;
	}
}
===================================================分割==============================================================

/**
 * @author Mylucy
 * @Date 2022-01-18 11:02
 */
public interface CustomLoginHandle {

	/***
	 * 数据合法性校验
	 * @param loginStr 通过用户传入获取微信唯一标识
	 * @return
	 */
	Boolean check(String loginStr);

	/**
	 * 通过用户传入获取微信唯一标识
	 * @param loginStr
	 * @return
	 */
	String identify(String loginStr);

	/**
	 * 通过微信openId 获取用户信息
	 * @param identify
	 * @return
	 */
	FoodMacCustom customInfo(String identify);

	/**
	 * 处理方法
	 * @param loginStr 登录参数
	 * @return
	 */
	FoodMacCustom handle(String loginStr);
}
===================================================分割==============================================================
/**
 * @author Mylucy
 * @Date 2022-01-18 11:04
 */
public abstract class AbstractCustomLoginHandler implements CustomLoginHandle {

	/***
	 * 数据合法性校验
	 * @param loginStr 通过用户传入获取唯一标识
	 * @return 默认不校验
	 */
	@Override
	public Boolean check(String loginStr) {
		return true;
	}

	/**
	 * 处理方法
	 *
	 * @param loginStr 登录参数
	 * @return
	 */
	@Override
	public FoodMacCustom handle(String loginStr) {
		if (!check(loginStr)) {
			return null;
		}

		String identify = identify(loginStr);
		FoodMacCustom foodMacCustom = customInfo(identify);
		return foodMacCustom;
	}
}
===================================================分割==============================================================

/**
 * @author Mylucy
 * @Date 2022-01-18 11:03
 */
@Slf4j
@Component("WXCUSTOM")
@AllArgsConstructor
public class CustomWeChatLoginHandler extends AbstractCustomLoginHandler {

	private final IFoodMacCustomService foodMacCustomService;

	private final SysSocialDetailsMapper sysSocialDetailsMapper;

	private final StringRedisTemplate stringRedisTemplate;

	private static final String REDIS_KEY = "WX:CUSTOM:LOGIN:";

	private final Sequence sequence;

	/**
	 * 两个小时过期
	 */
	private static final long EXPIRE_TIME = 7200000;


	/**
	 * 微信登录传入code
	 * <p>
	 * 通过code 调用qq 获取唯一标识
	 *
	 * @param code
	 * @return
	 */
	@Override
	public String identify(String code) {
		String sessionKeyOpenId = (String) stringRedisTemplate.opsForValue().get(REDIS_KEY + code);
		if (StrUtil.isEmpty(sessionKeyOpenId)) {
			SysSocialDetails condition = new SysSocialDetails();
			condition.setType(LoginTypeEnum.WECHAT.getType());
			SysSocialDetails socialDetails = sysSocialDetailsMapper.selectOne(new QueryWrapper<>(condition));
/**String url = String.format(SecurityConstants.MINI_APP_AUTHORIZATION_CODE_URL, socialDetails.getAppId(),socialDetails.getAppSecret(), code);
 String result = HttpUtil.get(sendUrl);**/
			log.debug("客户--->{}", code);

			String result = sendGet(SecurityConstants.CUSTOM_WX_MINI_LOGIN_URL,
					"appid=" + socialDetails.getAppId() + "&" +
							"secret=" + socialDetails.getAppSecret() + "&" +
							"js_code=" + code + "&" +
							"grant_type=" + SecurityConstants.CUSTOM_WX_MINI_LOGIN_TYPE);
			log.info("微信响应报文:{}", result);
			JSONObject jsonObject = JSON.parseObject(result);
			String openId = jsonObject.getString("openid");
			String sessionKey = jsonObject.getString("session_key");
			log.info("微信openId::{}", openId);
			log.info("微信sessionKey::{}", sessionKey);
			if (openId != null && !"".equals(openId)) {
				//将信息保存在redis中

				log.info("+++++++++++++微信key+++++++++++{}", sessionKey);
				String redisKey = REDIS_KEY + code;
				StringBuilder stringBuilder = new StringBuilder();
				String openIdSessionKey = stringBuilder.append(sessionKey).append("@").append(openId).toString();
//				String  openIdSessionKey= sessionKey + "#" + openId;
				stringRedisTemplate.opsForValue().set(redisKey,openIdSessionKey,EXPIRE_TIME, TimeUnit.SECONDS);
			}
			return openId;
		} else if (StrUtil.isNotEmpty(sessionKeyOpenId)) {
			String[] split = sessionKeyOpenId.split("@");
			String session = split[0];
			String openId = split[1];
			return openId;
		}
		return null;
	}

	/**
	 * openId 获取用户信息
	 *
	 * @param openId
	 * @return
	 */
	@Override
	public FoodMacCustom customInfo(String openId) {
		FoodMacCustom custom = foodMacCustomService.getOne(Wrappers.<FoodMacCustom>query().lambda()
				.eq(FoodMacCustom::getWechatopenid, openId));

		if (custom == null) {
			log.info("微信未绑定:{}", openId);
			return null;
		}
		return custom;
	}

	/**
	 * 向指定URL发送GET方法的请求
	 *
	 * @param url   发送请求的URL
	 * @param param 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。
	 * @return URL 所代表远程资源的响应结果
	 */
	public static String sendGet(String url, String param) {
		String result = "";
		BufferedReader in = null;
		try {
			String urlNameString = url + "?" + param;
			URL realUrl = new URL(urlNameString);
			// 打开和URL之间的连接
			URLConnection connection = realUrl.openConnection();
			// 设置通用的请求属性
			connection.setRequestProperty("accept", "*/*");
			connection.setRequestProperty("connection", "Keep-Alive");
			connection.setRequestProperty("user-agent",
					"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
			// 建立实际的连接
			connection.connect();
			// 获取所有响应头字段
			Map<String, List<String>> map = connection.getHeaderFields();
			// 遍历所有的响应头字段
			for (String key : map.keySet()) {
				System.out.println(key + "--->" + map.get(key));
			}
			// 定义 BufferedReader输入流来读取URL的响应
			in = new BufferedReader(new InputStreamReader(
					connection.getInputStream()));
			String line;
			while ((line = in.readLine()) != null) {
				result += line;
			}
		} catch (Exception e) {
			System.out.println("发送GET请求出现异常!" + e);
			e.printStackTrace();
		}
		// 使用finally块来关闭输入流
		finally {
			try {
				if (in != null) {
					in.close();
				}
			} catch (Exception e2) {
				e2.printStackTrace();
			}
		}
		return result;
	}
}

远程调用的controller和fegin调用方法截图
在这里插入图片描述
在这里插入图片描述

生成token令牌:

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.SneakyThrows;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;

import java.util.Collection;

/**
 * 第三方登录令牌
 *
 * @author Mylucy
 * @Date 2022-01-18 10:23
 */
public class SocialAuthenticationToken extends AbstractAuthenticationToken {

	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

	private final Object principal;

	public SocialAuthenticationToken(String mobile) {
		super(null);
		this.principal = mobile;
		setAuthenticated(false);
	}
	@JsonCreator
	public SocialAuthenticationToken(@JsonProperty("principal") Object principal,
									 @JsonProperty("authorities") Collection<? extends GrantedAuthority> authorities) {
		super(authorities);
		this.principal = principal;
		super.setAuthenticated(true);
	}

	@Override
	public Object getPrincipal() {
		return this.principal;
	}

	@Override
	public Object getCredentials() {
		return null;
	}

	@Override
	@SneakyThrows
	public void setAuthenticated(boolean isAuthenticated) {
		if (isAuthenticated) {
			throw new IllegalArgumentException(
					"Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
		}

		super.setAuthenticated(false);
	}

	@Override
	public void eraseCredentials() {
		super.eraseCredentials();
	}

}

第三方资源配置入口:

```java
package com.pig4cloud.pigx.common.security.custom;

/**
 * @author Mylucy
 * @Date 2022-01-18 10:27
 */

import com.fasterxml.jackson.databind.ObjectMapper;
import com.pig4cloud.pigx.common.security.component.PigxCommenceAuthExceptionEntryPoint;
import com.pig4cloud.pigx.common.security.handler.CustomLoginSuccessHandler;
import com.pig4cloud.pigx.common.security.service.PigxUserDetailsService;
import lombok.Getter;
import lombok.Setter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 *
 * 第三方登录配置入口
 * @author Mylucy
 */
@Getter
@Setter
public class SocialSecurityConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {

	@Autowired
	private ObjectMapper objectMapper;

	@Autowired
	private AuthenticationEventPublisher defaultAuthenticationEventPublisher;

	/**
	 * @Qualifier("socialLoginSuccessHandler")
	 */
	@Autowired
	private CustomLoginSuccessHandler socialLoginSuccessHandler;

	@Autowired
	private PigxUserDetailsService userDetailsService;

	@Override
	public void configure(HttpSecurity http) {
		SocialAuthenticationFilter socialAuthenticationFilter = new SocialAuthenticationFilter();
		socialAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
		socialAuthenticationFilter.setAuthenticationSuccessHandler(socialLoginSuccessHandler);
		socialAuthenticationFilter.setEventPublisher(defaultAuthenticationEventPublisher);
		socialAuthenticationFilter.setAuthenticationEntryPoint(new PigxCommenceAuthExceptionEntryPoint(objectMapper));

		SocialAuthenticationProvider socialAuthenticationProvider = new SocialAuthenticationProvider();
		socialAuthenticationProvider.setUserDetailsService(userDetailsService);
		http.authenticationProvider(socialAuthenticationProvider).addFilterAfter(socialAuthenticationFilter,
				UsernamePasswordAuthenticationFilter.class);
	}

}



                    
这篇关于Spring Security oauth2.0微信小程序登录的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!