From f05bb8741d74aec9d17e151d7591f2d9039a4c49 Mon Sep 17 00:00:00 2001 From: zlt Date: Tue, 19 Nov 2019 20:58:30 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E7=BD=91=E5=85=B3=E8=AE=A4?= =?UTF-8?q?=E8=AF=81=E4=BF=A1=E6=81=AF=E4=BC=A0=E9=80=92=E9=80=BB=E8=BE=91?= =?UTF-8?q?=EF=BC=8C=E9=80=82=E9=85=8Doauth2=E7=9A=84=E5=AE=A2=E6=88=B7?= =?UTF-8?q?=E7=AB=AF=E6=A8=A1=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/Oauth2AuthSuccessHandler.java | 20 ++++++++++++------- .../filter/pre/UserInfoHeaderFilter.java | 16 +++++++-------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java b/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java index 162829b..11e57ec 100644 --- a/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java +++ b/zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java @@ -8,6 +8,8 @@ import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.web.server.WebFilterExchange; import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; @@ -23,19 +25,23 @@ import reactor.core.publisher.Mono; public class Oauth2AuthSuccessHandler implements ServerAuthenticationSuccessHandler { @Override public Mono onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) { - SysUser user = (SysUser)authentication.getPrincipal(); - Long userId = user.getId(); - String username = user.getUsername(); + MultiValueMap headerValues = new LinkedMultiValueMap(4); + Object principal = authentication.getPrincipal(); + //客户端模式只返回一个clientId + if (principal instanceof SysUser) { + SysUser user = (SysUser)authentication.getPrincipal(); + headerValues.add(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId())); + headerValues.add(SecurityConstants.USER_HEADER, user.getUsername()); + } OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication; String clientId = oauth2Authentication.getOAuth2Request().getClientId(); + headerValues.add(SecurityConstants.TENANT_HEADER, clientId); + headerValues.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ",")); ServerWebExchange exchange = webFilterExchange.getExchange(); ServerHttpRequest serverHttpRequest = exchange.getRequest().mutate() .headers(h -> { - h.add(SecurityConstants.USER_ID_HEADER, String.valueOf(userId)); - h.add(SecurityConstants.USER_HEADER, username); - h.add(SecurityConstants.TENANT_HEADER, clientId); - h.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ",")); + h.addAll(headerValues); }) .build(); diff --git a/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java b/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java index 301d92f..731a907 100644 --- a/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java +++ b/zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java @@ -41,16 +41,16 @@ public class UserInfoHeaderFilter extends ZuulFilter { public Object run() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) { - SysUser user = (SysUser)authentication.getPrincipal(); - Long userId = user.getId(); - String username = user.getUsername(); - + Object principal = authentication.getPrincipal(); + RequestContext ctx = RequestContext.getCurrentContext(); + //客户端模式只返回一个clientId + if (principal instanceof SysUser) { + SysUser user = (SysUser)authentication.getPrincipal(); + ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId())); + ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, user.getUsername()); + } OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication; String clientId = oauth2Authentication.getOAuth2Request().getClientId(); - - RequestContext ctx = RequestContext.getCurrentContext(); - ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(userId)); - ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, username); ctx.addZuulRequestHeader(SecurityConstants.TENANT_HEADER, clientId); ctx.addZuulRequestHeader(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ",")); } -- GitLab