com.healthy.security.app.authentication.openid.OpenIdAuthenticationProvider Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of healthy-app Show documentation
App模块
There is a newer version: 1.3.7
package com.healthy.security.app.authentication.openid;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import org.springframework.security.authentication.AccountStatusUserDetailsChecker;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;
import org.springframework.social.connect.UsersConnectionRepository;
import org.springframework.social.security.SocialUserDetailsService;

import java.util.HashSet;
import java.util.Set;

/**
 * An {@link AuthenticationProvider} implementation that validates
 * {@link OpenIdAuthenticationToken}s.
 *
 * @author xiaomingzhang
 */
public class OpenIdAuthenticationProvider implements AuthenticationProvider {

	private SocialUserDetailsService userDetailsService;

	private UsersConnectionRepository usersConnectionRepository;

	private UserDetailsChecker preAuthenticationChecks = new AccountStatusUserDetailsChecker();

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {

		OpenIdAuthenticationToken authenticationToken = (OpenIdAuthenticationToken) authentication;

		Set providerUserIds = new HashSet<>();
		providerUserIds.add((String) authenticationToken.getPrincipal());

		Set userIds = usersConnectionRepository.findUserIdsConnectedTo(authenticationToken.getProviderId(),
				providerUserIds);

		if (CollUtil.isEmpty(userIds)) {
			throw new InternalAuthenticationServiceException("无法获取用户信息");
		}

		String userId = userIds.iterator().next();

		if (StrUtil.isBlank(userId)) {
			throw new InternalAuthenticationServiceException("当前社交用户未绑定平台账号");
		}

		UserDetails userDetails = userDetailsService.loadUserByUserId(userId);

		if (userDetails == null) {
			throw new InternalAuthenticationServiceException("无法获取用户信息");
		}

		preAuthenticationChecks.check(userDetails);

		OpenIdAuthenticationToken authenticationResult = new OpenIdAuthenticationToken(userDetails,
				authenticationToken.getProviderId(), userDetails.getAuthorities());

		authenticationResult.setDetails(authenticationToken.getDetails());

		return authenticationResult;
	}

	@Override
	public boolean supports(Class authentication) {
		return OpenIdAuthenticationToken.class.isAssignableFrom(authentication);
	}

	public void setUserDetailsService(SocialUserDetailsService userDetailsService) {
		this.userDetailsService = userDetailsService;
	}

	public void setUsersConnectionRepository(UsersConnectionRepository usersConnectionRepository) {
		this.usersConnectionRepository = usersConnectionRepository;
	}

	public void setPreAuthenticationChecks(UserDetailsChecker preAuthenticationChecks) {
		this.preAuthenticationChecks = preAuthenticationChecks;
	}

}