优化网关认证信息传递逻辑，适配oauth2的客户端模式

f05bb874 · zlt2000 · 0ed68b9f · f05bb874 · f05bb874
2 changed file
--- a/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java
+++ b/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java
@@ -8,6 +8,8 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.web.server.WebFilterExchange;
 import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;
@@ -23,19 +25,23 @@ import reactor.core.publisher.Mono;
 public class Oauth2AuthSuccessHandler implements ServerAuthenticationSuccessHandler {
    @Override
    public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) {
-        SysUser user = (SysUser)authentication.getPrincipal();
+        MultiValueMap<String, String> headerValues = new LinkedMultiValueMap(4);
-        Long userId = user.getId();
+        Object principal = authentication.getPrincipal();
-        String username = user.getUsername();
+        //客户端模式只返回一个clientId
+        if (principal instanceof SysUser) {
+            SysUser user = (SysUser)authentication.getPrincipal();
+            headerValues.add(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId()));
+            headerValues.add(SecurityConstants.USER_HEADER, user.getUsername());
+        }
        OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
        String clientId = oauth2Authentication.getOAuth2Request().getClientId();
+        headerValues.add(SecurityConstants.TENANT_HEADER, clientId);
+        headerValues.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
        ServerWebExchange exchange = webFilterExchange.getExchange();
        ServerHttpRequest serverHttpRequest = exchange.getRequest().mutate()
                .headers(h -> {
-                    h.add(SecurityConstants.USER_ID_HEADER, String.valueOf(userId));
+                    h.addAll(headerValues);
-                    h.add(SecurityConstants.USER_HEADER, username);
-                    h.add(SecurityConstants.TENANT_HEADER, clientId);
-                    h.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
                })
                .build();

--- a/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java
+++ b/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java
@@ -41,16 +41,16 @@ public class UserInfoHeaderFilter extends ZuulFilter {
    public Object run() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
-            SysUser user = (SysUser)authentication.getPrincipal();
+            Object principal = authentication.getPrincipal();
-            Long userId = user.getId();
+            RequestContext ctx = RequestContext.getCurrentContext();
-            String username = user.getUsername();
+            //客户端模式只返回一个clientId
+            if (principal instanceof SysUser) {
+                SysUser user = (SysUser)authentication.getPrincipal();
+                ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId()));
+                ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, user.getUsername());
+            }
            OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
            String clientId = oauth2Authentication.getOAuth2Request().getClientId();
-            RequestContext ctx = RequestContext.getCurrentContext();
-            ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(userId));
-            ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, username);
            ctx.addZuulRequestHeader(SecurityConstants.TENANT_HEADER, clientId);
            ctx.addZuulRequestHeader(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
        }