完成 SSO 登录的功能

This commit is contained in:
YunaiV 2022-05-24 00:48:35 +08:00
parent d18463866e
commit 668551350f
3 changed files with 52 additions and 35 deletions

View File

@ -14,7 +14,8 @@ public interface OAuth2ApproveMapper extends BaseMapperX<OAuth2ApproveDO> {
return update(updateObj, new LambdaQueryWrapperX<OAuth2ApproveDO>() return update(updateObj, new LambdaQueryWrapperX<OAuth2ApproveDO>()
.eq(OAuth2ApproveDO::getUserId, updateObj.getUserId()) .eq(OAuth2ApproveDO::getUserId, updateObj.getUserId())
.eq(OAuth2ApproveDO::getUserType, updateObj.getUserType()) .eq(OAuth2ApproveDO::getUserType, updateObj.getUserType())
.eq(OAuth2ApproveDO::getClientId, updateObj.getClientId())); .eq(OAuth2ApproveDO::getClientId, updateObj.getClientId())
.eq(OAuth2ApproveDO::getScope, updateObj.getScope()));
} }
default List<OAuth2ApproveDO> selectListByUserIdAndUserTypeAndClientId(Long userId, Integer userType, String clientId) { default List<OAuth2ApproveDO> selectListByUserIdAndUserTypeAndClientId(Long userId, Integer userType, String clientId) {

View File

@ -26,7 +26,7 @@ public class OAuth2ApproveServiceImpl implements OAuth2ApproveService {
/** /**
* 批准的过期时间默认 30 * 批准的过期时间默认 30
*/ */
private static final Integer TIMEOUT = 30 * 24 * 60; // 单位 private static final Integer TIMEOUT = 30 * 24 * 60 * 60; // 单位
@Resource @Resource
private OAuth2ClientService oauth2ClientService; private OAuth2ClientService oauth2ClientService;

View File

@ -15,7 +15,7 @@
<!-- 表单 --> <!-- 表单 -->
<div class="form-cont"> <div class="form-cont">
<el-tabs class="form" style=" float:none;" value="uname"> <el-tabs class="form" style=" float:none;" value="uname">
<el-tab-pane label="三方授权" name="uname"> <el-tab-pane :label="'三方授权' + client.name + ')'" name="uname">
</el-tab-pane> </el-tab-pane>
</el-tabs> </el-tabs>
<div> <div>
@ -25,35 +25,23 @@
<svg-icon slot="prefix" icon-class="tree" class="el-input__icon input-icon"/> <svg-icon slot="prefix" icon-class="tree" class="el-input__icon input-icon"/>
</el-input> </el-input>
</el-form-item> </el-form-item>
<!-- 账号密码登录 --> <!-- 授权范围的选择 -->
<div v-if="loginForm.loginType === 'uname'"> 此第三方应用请求获得以下权限
<el-form-item prop="username"> <el-form-item prop="scopes">
<el-input v-model="loginForm.username" type="text" auto-complete="off" placeholder="账号"> <el-checkbox-group v-model="loginForm.scopes">
<svg-icon slot="prefix" icon-class="user" class="el-input__icon input-icon"/> <el-checkbox v-for="scope in params.scopes" :label="scope" :key="scope"
</el-input> style="display: block; margin-bottom: -10px;">{{formatScope(scope)}}</el-checkbox>
</el-form-item> </el-checkbox-group>
<el-form-item prop="password"> </el-form-item>
<el-input v-model="loginForm.password" type="password" auto-complete="off" placeholder="密码"
@keyup.enter.native="handleLogin">
<svg-icon slot="prefix" icon-class="password" class="el-input__icon input-icon"/>
</el-input>
</el-form-item>
<el-form-item prop="code" v-if="captchaEnable">
<el-input v-model="loginForm.code" auto-complete="off" placeholder="验证码" style="width: 63%"
@keyup.enter.native="handleLogin">
<svg-icon slot="prefix" icon-class="validCode" class="el-input__icon input-icon"/>
</el-input>
</el-form-item>
</div>
<!-- 下方的登录按钮 --> <!-- 下方的登录按钮 -->
<el-form-item style="width:100%;"> <el-form-item style="width:100%;">
<el-button :loading="loading" size="medium" type="primary" style="width:60%;" <el-button :loading="loading" size="medium" type="primary" style="width:60%;"
@click.native.prevent="handleLogin"> @click.native.prevent="handleAuthorize(true)">
<span v-if="!loading">同意授权</span> <span v-if="!loading">统一授权</span>
<span v-else> 中...</span> <span v-else> 中...</span>
</el-button> </el-button>
<el-button size="medium" style="width:36%">拒绝</el-button> <el-button size="medium" style="width:36%"
@click.native.prevent="handleAuthorize(false)">拒绝</el-button>
</el-form-item> </el-form-item>
</el-form> </el-form>
</div> </div>
@ -80,6 +68,7 @@ export default {
tenantEnable: true, tenantEnable: true,
loginForm: { loginForm: {
tenantName: "芋道源码", tenantName: "芋道源码",
scopes: [], // scope
}, },
params: { // URL client_idscope params: { // URL client_idscope
responseType: undefined, responseType: undefined,
@ -92,7 +81,6 @@ export default {
name: '', name: '',
logo: '', logo: '',
}, },
checkedScopes: [], // scope
LoginRules: { LoginRules: {
tenantName: [ tenantName: [
{required: true, trigger: "blur", message: "租户不能为空"}, {required: true, trigger: "blur", message: "租户不能为空"},
@ -114,8 +102,7 @@ export default {
} }
] ]
}, },
loading: false, loading: false
//
}; };
}, },
created() { created() {
@ -169,7 +156,7 @@ export default {
// checkedScopes // checkedScopes
for (const scope of scopes) { for (const scope of scopes) {
if (scope.value) { if (scope.value) {
this.checkedScopes.push(scope.key) this.loginForm.scopes.push(scope.key)
} }
} }
}) })
@ -178,21 +165,50 @@ export default {
getCookie() { getCookie() {
const tenantName = getTenantName(); const tenantName = getTenantName();
this.loginForm = { this.loginForm = {
...this.loginForm,
tenantName: tenantName ? tenantName : this.loginForm.tenantName, tenantName: tenantName ? tenantName : this.loginForm.tenantName,
}; };
}, },
handleLogin() { handleAuthorize(approved) {
this.$refs.loginForm.validate(valid => { this.$refs.loginForm.validate(valid => {
if (!valid) { if (!valid) {
return return
} }
this.loading = true
// checkedScopes + uncheckedScopes
let checkedScopes;
let uncheckedScopes;
if (approved) { //
checkedScopes = this.loginForm.scopes
uncheckedScopes = this.params.scopes.filter(item => checkedScopes.indexOf(item) === -1)
} else { //
checkedScopes = []
uncheckedScopes = this.params.scopes
}
//
this.doAuthorize(false, checkedScopes, uncheckedScopes).then(res => {
const href = res.data
if (!href) {
return;
}
location.href = href
}).finally(() => {
this.loading = false
})
}) })
}, },
doAuthorize(autoApprove, checkedScopes, uncheckedScopes) { doAuthorize(autoApprove, checkedScopes, uncheckedScopes) {
return authorize(this.params.responseType, this.params.clientId, this.params.redirectUri, this.params.state, return authorize(this.params.responseType, this.params.clientId, this.params.redirectUri, this.params.state,
autoApprove, checkedScopes, uncheckedScopes) autoApprove, checkedScopes, uncheckedScopes)
},
formatScope(scope) {
// scope 便
// demo "system_oauth2_scope" scope
switch (scope) {
case 'user.read': return '访问你的个人信息'
case 'user.write': return '修改你的个人信息'
default: return scope
}
} }
} }
}; };