新增BaseLoginUser以便于扩展

2020-06-28 22:41:43 +08:00 · 2020-06-28 22:41:43 +08:00 · d39cb307a9
parent 51f1b7e283
commit d39cb307a9
7 changed files with 79 additions and 36 deletions
--- a/iam-base-starter/src/main/java/com/diboot/iam/auth/IamExtensible.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/auth/IamExtensible.java
@ -15,6 +15,7 @@
 */
 package com.diboot.iam.auth;

+import com.diboot.core.vo.KeyValue;
 import com.diboot.iam.entity.IamRole;

 import java.util.List;
@ -33,7 +34,7 @@ public interface IamExtensible {
     * @param userId
     * @return
     */
-    Object getUserExtentionObj(String userType, Long userId);
+    KeyValue getUserExtentionObj(String userType, Long userId);

    /**
     * 获取可扩展的角色
--- a/iam-base-starter/src/main/java/com/diboot/iam/auth/impl/PwdAuthServiceImpl.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/auth/impl/PwdAuthServiceImpl.java
@ -22,12 +22,12 @@ import com.diboot.core.vo.Status;
 import com.diboot.iam.auth.AuthService;
 import com.diboot.iam.config.Cons;
 import com.diboot.iam.dto.AuthCredential;
+import com.diboot.iam.entity.BaseLoginUser;
 import com.diboot.iam.entity.IamAccount;
 import com.diboot.iam.entity.IamLoginTrace;
 import com.diboot.iam.jwt.BaseJwtAuthToken;
 import com.diboot.iam.service.IamAccountService;
 import com.diboot.iam.service.IamLoginTraceService;
-import com.diboot.iam.util.BeanUtils;
 import com.diboot.iam.util.IamSecurityUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.SecurityUtils;
@ -144,10 +144,9 @@ public class PwdAuthServiceImpl implements AuthService {
    protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess){
        IamLoginTrace loginTrace = new IamLoginTrace();
        loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
-        Object currentUser = IamSecurityUtils.getCurrentUser();
+        BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
        if(currentUser != null){
-            Long userId = (Long) BeanUtils.getProperty(currentUser, Cons.FieldName.id.name());
-            loginTrace.setUserId(userId);
+            loginTrace.setUserId(currentUser.getId());
        }
        // 记录客户端信息
        String userAgent = request.getHeader("user-agent");
--- a/iam-base-starter/src/main/java/com/diboot/iam/auth/impl/SSOAuthServiceImpl.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/auth/impl/SSOAuthServiceImpl.java
@ -25,12 +25,12 @@ import com.diboot.iam.auth.AuthService;
 import com.diboot.iam.config.Cons;
 import com.diboot.iam.dto.AuthCredential;
 import com.diboot.iam.dto.SSOCredential;
+import com.diboot.iam.entity.BaseLoginUser;
 import com.diboot.iam.entity.IamAccount;
 import com.diboot.iam.entity.IamLoginTrace;
 import com.diboot.iam.jwt.BaseJwtAuthToken;
 import com.diboot.iam.service.IamAccountService;
 import com.diboot.iam.service.IamLoginTraceService;
-import com.diboot.iam.util.BeanUtils;
 import com.diboot.iam.util.HttpHelper;
 import com.diboot.iam.util.IamSecurityUtils;
 import lombok.extern.slf4j.Slf4j;
@ -149,9 +149,9 @@ public class SSOAuthServiceImpl implements AuthService {
    protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess){
        IamLoginTrace loginTrace = new IamLoginTrace();
        loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
-        Object currentUser = IamSecurityUtils.getCurrentUser();
+        BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
        if(currentUser != null){
-            Long userId = (Long) BeanUtils.getProperty(currentUser, Cons.FieldName.id.name());
+            Long userId = currentUser.getId();
            loginTrace.setUserId(userId);
        }
        // 记录客户端信息
--- a/iam-base-starter/src/main/java/com/diboot/iam/dto/AuthCredential.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/dto/AuthCredential.java
@ -39,6 +39,10 @@ public abstract class AuthCredential implements Serializable {
     * 用户类型的Class
     */
    private Class userTypeClass = IamUser.class;
+    /**
+     * 用户类型
+     */
+    private String userType;

    @NotNull(message = "认证方式不能为空")
    private String authType;
@ -62,6 +66,21 @@ public abstract class AuthCredential implements Serializable {
     * @return
     */
    public String getUserType(){
+        if(userType != null){
+            return userType;
+        }
        return userTypeClass.getSimpleName();
    }
+
+    /**
+     * 指定用户类型class
+     * @param userTypeClass
+     */
+    public void setUserTypeClass(Class userTypeClass){
+       this.userTypeClass = userTypeClass;
+       if(this.userType == null){
+           this.userType = userTypeClass.getSimpleName();
+       }
+    }
+
 }
--- a/iam-base-starter/src/main/java/com/diboot/iam/entity/BaseLoginUser.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/entity/BaseLoginUser.java
@ -0,0 +1,34 @@
+package com.diboot.iam.entity;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.diboot.core.entity.BaseEntity;
+import com.diboot.core.vo.KeyValue;
+
+/**
+ * 可登录用户Base类定义
+ * @author mazc@dibo.ltd
+ * @version v2.1.0
+ * @date 2020/06/28
+ */
+public abstract class BaseLoginUser extends BaseEntity {
+
+    /**
+     * 获取显示名称
+     * @return
+     */
+    public abstract String getDisplayName();
+
+    /**
+     * 附加对象，用于岗位等扩展
+      */
+    @TableField(exist = false)
+    private KeyValue extentionObj;
+
+    public KeyValue getExtentionObj(){
+        return this.extentionObj;
+    }
+    public void setExtentionObj(KeyValue extentionObj){
+        this.extentionObj = extentionObj;
+    }
+
+}
--- a/iam-base-starter/src/main/java/com/diboot/iam/entity/IamUser.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/entity/IamUser.java
@ -16,7 +16,6 @@
 package com.diboot.iam.entity;

 import com.baomidou.mybatisplus.annotation.TableField;
-import com.diboot.core.entity.BaseEntity;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;
@ -31,7 +30,7 @@ import javax.validation.constraints.NotNull;
 * @date 2019-12-17
 */
@Getter @Setter @Accessors(chain = true)
-public class IamUser extends BaseEntity {
+public class IamUser extends BaseLoginUser {
    private static final long serialVersionUID = -8462352695775599715L;

    // 组织ID
@ -76,8 +75,9 @@ public class IamUser extends BaseEntity {
    @TableField()
    private String avatarUrl;

-    // 附加对象，用于岗位等身份切换
-    @TableField(exist = false)
-    private Object extentionObj;
+    @Override
+    public String getDisplayName() {
+        return this.realname;
+    }

 }
--- a/iam-base-starter/src/main/java/com/diboot/iam/jwt/BaseJwtRealm.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/jwt/BaseJwtRealm.java
@ -18,15 +18,16 @@ package com.diboot.iam.jwt;
 import com.diboot.core.service.BaseService;
 import com.diboot.core.util.ContextHelper;
 import com.diboot.core.util.V;
+import com.diboot.core.vo.KeyValue;
 import com.diboot.iam.annotation.process.ApiPermissionCache;
 import com.diboot.iam.auth.AuthService;
 import com.diboot.iam.auth.AuthServiceFactory;
 import com.diboot.iam.config.Cons;
+import com.diboot.iam.entity.BaseLoginUser;
 import com.diboot.iam.entity.IamAccount;
 import com.diboot.iam.entity.IamRole;
 import com.diboot.iam.service.IamRolePermissionService;
 import com.diboot.iam.service.IamUserRoleService;
-import com.diboot.iam.util.BeanUtils;
 import com.diboot.iam.util.IamSecurityUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
@ -94,31 +95,26 @@ public class BaseJwtRealm extends AuthorizingRealm {
                throw new AuthenticationException("用户账号或密码错误！");
            }
            // 获取当前user对象并缓存
-            Object userObject = null;
+            BaseLoginUser loginUser = null;
            BaseService userService = ContextHelper.getBaseServiceByEntity(jwtToken.getUserTypeClass());
            if(userService != null){
-                userObject = userService.getEntity(account.getUserId());
+                loginUser = (BaseLoginUser)userService.getEntity(account.getUserId());
            }
            else{
                throw new AuthenticationException("用户 "+jwtToken.getUserTypeClass().getName()+" 相关的Service未定义！");
            }
-            if(userObject == null){
+            if(loginUser == null){
                throw new AuthenticationException("用户不存在");
            }
            if(iamUserRoleService.getIamExtensible() != null){
-                Object extentionObj = iamUserRoleService.getIamExtensible().getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId());
+                KeyValue extentionObj = iamUserRoleService.getIamExtensible().getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId());
                if(extentionObj != null){
-                    try{
-                        BeanUtils.setProperty(userObject, "extentionObj", extentionObj);
-                    }
-                    catch (Exception e){
-                        log.warn("设置{}.extentionObj异常，属性不存在? {}", jwtToken.getUserTypeClass().getSimpleName(), e.getMessage());
-                    }
+                    loginUser.setExtentionObj(extentionObj);
                }
            }
            // 清空当前用户缓存
            this.clearCachedAuthorizationInfo(IamSecurityUtils.getSubject().getPrincipals());
-            return new SimpleAuthenticationInfo(userObject, jwtToken.getCredentials(), this.getName());
+            return new SimpleAuthenticationInfo(loginUser, jwtToken.getCredentials(), this.getName());
        }
    }

@ -130,21 +126,15 @@ public class BaseJwtRealm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
-        Object currentUser = principals.getPrimaryPrincipal();
+        BaseLoginUser currentUser = (BaseLoginUser) principals.getPrimaryPrincipal();
        // 根据用户类型与用户id获取roleList
-        Long userId = (Long) BeanUtils.getProperty(currentUser, Cons.FieldName.id.name());
        Long extentionObjId = null;
-        try{
-            Object extentionObj = BeanUtils.getProperty(currentUser, "extentionObj");
+        KeyValue extentionObj = currentUser.getExtentionObj();
        if(extentionObj != null){
-                extentionObjId = (Long)BeanUtils.getProperty(extentionObj, Cons.FieldName.id.name());
-            }
-        }
-        catch (Exception e){
-            log.warn("解析user.extentionObj异常: {}", e.getMessage());
+            extentionObjId = (Long)extentionObj.getV();
        }
        // 获取角色列表
-        List<IamRole> roleList = iamUserRoleService.getUserRoleList(currentUser.getClass().getSimpleName(), userId, extentionObjId);
+        List<IamRole> roleList = iamUserRoleService.getUserRoleList(currentUser.getClass().getSimpleName(), currentUser.getId(), extentionObjId);
        // 如果没有任何角色，返回
        if (V.isEmpty(roleList)){
            return authorizationInfo;