package com.kidgrow.zuul.auth;
|
|
import cn.hutool.core.collection.CollectionUtil;
|
import com.kidgrow.common.constant.SecurityConstants;
|
import com.kidgrow.common.model.SysOrganization;
|
import com.kidgrow.common.model.SysUser;
|
import lombok.SneakyThrows;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.web.server.WebFilterExchange;
|
import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
|
import org.springframework.util.LinkedMultiValueMap;
|
import org.springframework.util.MultiValueMap;
|
import org.springframework.web.server.ServerWebExchange;
|
import reactor.core.publisher.Mono;
|
|
import java.net.URLEncoder;
|
import java.util.List;
|
|
/**
|
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>
|
*
|
* @Description: 认证成功处理类<br>
|
* @Project: <br>
|
* @CreateDate: Created in 2020/2/22 22:44 <br>
|
* @Author: <a href="4345453@kidgrow.com">liuke</a>
|
*/
|
public class Oauth2AuthSuccessHandler implements ServerAuthenticationSuccessHandler {
|
@SneakyThrows
|
@Override
|
public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) {
|
MultiValueMap<String, String> headerValues = new LinkedMultiValueMap(4);
|
Object principal = authentication.getPrincipal();
|
String tenantId="";
|
//客户端模式只返回一个clientId
|
if (principal instanceof SysUser) {
|
SysUser user = (SysUser)authentication.getPrincipal();
|
headerValues.add(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId()));
|
headerValues.add(SecurityConstants.USER_HEADER, user.getUsername());
|
|
List<SysOrganization> organizations = (List<SysOrganization>)user.getOrganizations();
|
//如果有组织架构
|
if(organizations!=null && organizations.size()==2){
|
headerValues.add(SecurityConstants.USER_ORG_ID_HEADER,String.valueOf(organizations.get(0).getId()));
|
headerValues.add(SecurityConstants.USER_ORG_NAME_HEADER, URLEncoder.encode(organizations.get(0).getOrgName(),"UTF-8"));
|
headerValues.add(SecurityConstants.USER_DEP_ID_HEADER,String.valueOf(organizations.get(1).getId()));
|
headerValues.add(SecurityConstants.USER_DEP_NAME_HEADER,URLEncoder.encode(organizations.get(1).getOrgName(),"UTF-8"));
|
tenantId=String.valueOf(organizations.get(0).getId());
|
}
|
}
|
OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
|
String clientId = oauth2Authentication.getOAuth2Request().getClientId();
|
//保存租户id,租户id根据业务尽进行替换
|
switch (clientId){
|
case "hospital":
|
tenantId=tenantId;
|
break;
|
case "webApp":
|
tenantId="webApp";
|
break;
|
default:
|
tenantId=clientId;
|
break;
|
}
|
headerValues.add(SecurityConstants.TENANT_HEADER, tenantId);
|
headerValues.add(SecurityConstants.CLIENT_HEADER, clientId);
|
headerValues.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
|
|
ServerWebExchange exchange = webFilterExchange.getExchange();
|
ServerHttpRequest serverHttpRequest = exchange.getRequest().mutate()
|
.headers(h -> {
|
h.addAll(headerValues);
|
})
|
.build();
|
|
ServerWebExchange build = exchange.mutate().request(serverHttpRequest).build();
|
return webFilterExchange.getChain().filter(build);
|
}
|
}
|
