集成Authing登录组件

.gitignore

@@ -49,3 +49,4 @@ local.env
 /codegen/
 /qing-config-git/src/main/resources/config/zhangli-service-provider/
 /charts/node_modules
+!qing-third/

qing-domain/src/main/java/cn/chenyunlong/qing/domain/auth/user/domainservice/UmsUserDetailsServiceImpl.java

@@ -1,22 +1,30 @@
 package cn.chenyunlong.qing.domain.auth.user.domainservice;
 
 import cn.chenyunlong.qing.domain.auth.user.User;
+import cn.chenyunlong.qing.domain.auth.user.dto.creator.UserCreator;
 import cn.chenyunlong.qing.domain.auth.user.service.IUserService;
+import cn.chenyunlong.security.entity.AuthUser;
+import cn.chenyunlong.security.exception.RegisterUserFailureException;
 import cn.chenyunlong.security.service.UmsUserDetailsService;
+import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 import java.util.stream.Collectors;
 
 import static java.util.Collections.emptyList;
 
 @Service
+@RequiredArgsConstructor
 public class UmsUserDetailsServiceImpl implements UmsUserDetailsService {
-    private IUserService userService;
+    private final IUserService userService;
+    private final PasswordEncoder passwordEncoder;
 
     @Override
     public UserDetails loadUserByUserId(String userId) throws UsernameNotFoundException {
@@ -37,4 +45,24 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
         User user = userOptional.get();
         return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), emptyList());
     }
+
+    @Override
+    public UserDetails registerUser(AuthUser authUser, String username, String defaultAuthority, String decodeState) throws RegisterUserFailureException {
+        UserCreator creator = new UserCreator();
+        creator.setUsername(username);
+        creator.setPassword("test");
+        creator.setEmail(authUser.getEmail());
+        creator.setDescription(authUser.getRemark());
+        Long user = userService.createUser(creator);
+        String encodedPassword = passwordEncoder.encode("12312");
+        return org.springframework.security.core.userdetails.User.builder()
+                .username(username)
+                .password(encodedPassword)
+                .disabled(false)
+                .accountExpired(false)
+                .accountLocked(false)
+                .credentialsExpired(false)
+                .authorities(Collections.emptyList())
+                .build();
+    }
 }

qing-domain/src/main/resources/application-dev.yml

@@ -39,6 +39,7 @@ qing:
       appSecret: a599ddfc87b4478596b31a17e46d2360
       appHost: https://stanic.authing.cn/6432d5c9e0502f0bb45319bf
       redirectUrl: http://localhost:8080/auth2/authorization
+      authLoginUrlPrefix: /api/auth2/authorization
   mp:
     # 测试账号
     appId: wx9e955703886af7c9

qing-starters/qing-security-spring-boot-starter/src/main/java/cn/chenyunlong/security/config/SecurityConfig.java

@@ -0,0 +1,17 @@
+package cn.chenyunlong.security.config;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    @ConditionalOnMissingBean(PasswordEncoder.class)
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

qing-starters/qing-security-spring-boot-starter/src/main/java/cn/chenyunlong/security/configures/authing/AuthingLoginConfigurer.java

@@ -44,7 +44,13 @@ public void configure(HttpSecurity httpSecurity) throws Exception {
         super.configure(httpSecurity);
         AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class);
         AuthingLoginFilter authingLoginFilter = new AuthingLoginFilter(authenticationManager, authingProperty);
-        authingLoginFilter.setAuthenticationFailureHandler((request, response, exception) -> System.out.println("AuthingLoginConfigurer.onAuthenticationFailure"));
+        authingLoginFilter.setAuthenticationFailureHandler((request, response, exception) -> {
+            ObjectMapper objectMapper = new ObjectMapper();
+            //构建一个Token
+            ApiResult<Void> success = ApiResult.fail("登录失败");
+            response.setContentType("application/json;charset=UTF-8");
+            response.getWriter().write(objectMapper.writeValueAsString(success));
+        });
         authingLoginFilter.setAuthenticationSuccessHandler((request, response, authentication) -> {
             ObjectMapper objectMapper = new ObjectMapper();
             AuthingLoginToken authingLoginToken = (AuthingLoginToken) authentication;

qing-starters/qing-security-spring-boot-starter/src/main/java/cn/chenyunlong/security/configures/authing/AuthingProvider.java

@@ -79,7 +79,12 @@ public Authentication authenticate(Authentication authentication) throws Authent
             List<ConnectionData> connectionDataList = connectionService.findConnectionByProviderIdAndProviderUserId(providerId, userInfo.getSub());
             if (CollectionUtil.isEmpty(connectionDataList)) {
                 // 自动注册// 自动注册
-                userDetails = connectionService.signUp(AuthUser.builder().build(), providerId, loginRequest.getState());
+                userDetails = connectionService.signUp(AuthUser.builder()
+                        .username(userInfo.getName())
+                        .uuid(userInfo.getSub())
+                        .avatar(userInfo.getPicture())
+                        .source(providerId)
+                        .build(), providerId, loginRequest.getState());
             }
             //4.2 第三方登录用户已存在, 直接登录
             if (userDetails == null) {

qing-starters/qing-security-spring-boot-starter/src/main/java/cn/chenyunlong/security/configures/authing/properties/AuthingProperties.java

@@ -10,12 +10,12 @@ public class AuthingProperties {
     /**
      * 第三方登录回调处理 url 前缀 ，也就是 RedirectUrl 的前缀, 不包含 ServletContextPath，默认为 /auth2/login.<br><br>
      */
-    private String redirectUrlPrefix = "/auth2/login";
+    private String redirectUrlPrefix = "api/auth2/login";
 
     /**
      * 第三方登录授权登录 url 前缀, 不包含 ServletContextPath，默认为 /auth2/authorization.<br><br>
      */
-    private String authLoginUrlPrefix = "/auth2/authorization";
+    private String authLoginUrlPrefix = "api/auth2/authorization";
 
     /**
      * 第三方授权登录成功后的默认权限, 多个权限用逗号分开, 默认为: "ROLE_USER"

qing-starters/qing-security-spring-boot-starter/src/main/resources/META-INF/spring.factories

@@ -1,3 +1,3 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-  cn.chenyunlong.qing.config.security.SecurityConfig\
+  cn.chenyunlong.security.config.SecurityConfig\
   cn.chenyunlong.security.configures.authing.AuthingLoginConfigurer

qing-starters/qing-security-spring-boot-starter/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -1,2 +1,2 @@
-cn.chenyunlong.qing.config.security.SecurityConfig
-cn.chenyunlong.security.configures.authing.AuthingLoginConfigurer
+cn.chenyunlong.security.configures.authing.AuthingLoginConfigurer
+cn.chenyunlong.security.config.SecurityConfig