SSO模式三新增账号资料同步示例

2025-09-19 18:22:15 +08:00 · 2021-08-01 10:52:36 +08:00
parent 8651ddad1e
commit 2aad6d4413
13 changed files with 224 additions and 93 deletions
--- a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaSsoConfig.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaSsoConfig.java
@@ -46,13 +46,19 @@ public class SaSsoConfig implements Serializable {
 	/**
 	 * SSO-Server端 单点注销地址 
 	 */
-	public String sloUrl;
+//	public String sloUrl;

 	/**
 	 * SSO-Client端 当前Client端的单点注销回调URL （为空时自动获取） 
 	 */
 	public String ssoLogoutCall;

+	/**
+	 * SSO-Server端 账号资料查询地址 
+	 */
+	public String userinfoUrl;
+
+

 	/**
 	 * @return Ticket有效期 (单位: 秒) 
@@ -132,22 +138,22 @@ public class SaSsoConfig implements Serializable {
 		this.checkTicketUrl = checkTicketUrl;
 		return this;
 	}
-
-	/**
-	 * @return SSO-Server端单点注销地址
-	 */
-	public String getSloUrl() {
-		return sloUrl;
-	}
-
-	/**
-	 * @param sloUrl SSO-Server端单点注销地址
-	 * @return 对象自身
-	 */
-	public SaSsoConfig setSloUrl(String sloUrl) {
-		this.sloUrl = sloUrl;
-		return this;
-	}
+//
+//	/**
+//	 * @return SSO-Server端单点注销地址
+//	 */
+//	public String getSloUrl() {
+//		return sloUrl;
+//	}
+//
+//	/**
+//	 * @param sloUrl SSO-Server端单点注销地址
+//	 * @return 对象自身
+//	 */
+//	public SaSsoConfig setSloUrl(String sloUrl) {
+//		this.sloUrl = sloUrl;
+//		return this;
+//	}

 	/**
 	 * @return SSO-Client端 当前Client端的单点注销回调URL （为空时自动获取） 
@@ -165,11 +171,27 @@ public class SaSsoConfig implements Serializable {
 		return this;
 	}

+	/**
+	 * @return SSO-Server端 账号资料查询地址 
+	 */
+	public String getUserinfoUrl() {
+		return userinfoUrl;
+	}
+
+	/**
+	 * @param userinfoUrl SSO-Server端 账号资料查询地址 
+	 * @return 对象自身 
+	 */
+	public SaSsoConfig setUserinfoUrl(String userinfoUrl) {
+		this.userinfoUrl = userinfoUrl;
+		return this;
+	}
+	
 	@Override
 	public String toString() {
 		return "SaSsoConfig [ticketTimeout=" + ticketTimeout + ", allowUrl=" + allowUrl + ", secretkey=" + secretkey
 				+ ", authUrl=" + authUrl + ", checkTicketUrl=" + checkTicketUrl + ", sloUrl=" + sloUrl
-				+ ", ssoLogoutCall=" + ssoLogoutCall + ", isHttp=" + isHttp + ", isSlo=" + isSlo + "]";
+				+ ", ssoLogoutCall=" + ssoLogoutCall + ", userinfoUrl=" + userinfoUrl + ", isHttp=" + isHttp + ", isSlo=" + isSlo + "]";
 	}
 	

@@ -232,7 +254,6 @@ public class SaSsoConfig implements Serializable {
 	// -------------------- SaSsoHandle 所有回调函数 -------------------- 
 	

-
 	/**
 	 * SSO-Server端：未登录时返回的View 
 	 */
@@ -244,12 +265,9 @@ public class SaSsoConfig implements Serializable {
 	public BiFunction<String, String, Object> doLoginHandle = (name, pwd) -> SaResult.error();

 	/**
-	 * SSO-Client端：Ticket无效时返回的View 
+	 * SSO-Client端：自定义校验Ticket返回值的处理逻辑 （每次从认证中心获取校验Ticket的结果后调用）
 	 */
-	public Function<String, Object> ticketInvalidView = (ticket) -> {
-		// 此处向客户端提示ticket无效即可，不要重定向到SSO认证中心，否则容易引起无限重定向 
-		return "ticket无效: " + ticket;
-	};
+	public BiFunction<Object, String, Object> ticketResultHandle = null;

 	/**
 	 * SSO-Client端：发送Http请求的处理函数 
@@ -276,11 +294,11 @@ public class SaSsoConfig implements Serializable {
 	}

 	/**
-	 * @param ticketInvalidView SSO-Client端：Ticket无效时返回的View 
+	 * @param SSO-Client端：自定义校验Ticket返回值的处理逻辑 （每次从认证中心获取校验Ticket的结果后调用）
 	 * @return 对象自身
 	 */
-	public SaSsoConfig setTicketInvalidView(Function<String, Object> ticketInvalidView) {
-		this.ticketInvalidView = ticketInvalidView;
+	public SaSsoConfig setTicketResultHandle(BiFunction<Object, String, Object> ticketResultHandle) {
+		this.ticketResultHandle = ticketResultHandle;
 		return this;
 	}
 	
--- a/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoHandle.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoHandle.java
@@ -5,6 +5,7 @@ import cn.dev33.satoken.config.SaSsoConfig;
 import cn.dev33.satoken.context.SaHolder;
 import cn.dev33.satoken.context.model.SaRequest;
 import cn.dev33.satoken.context.model.SaResponse;
+import cn.dev33.satoken.exception.SaTokenException;
 import cn.dev33.satoken.sso.SaSsoConsts.Api;
 import cn.dev33.satoken.sso.SaSsoConsts.ParamName;
 import cn.dev33.satoken.stp.StpLogic;
@@ -24,7 +25,7 @@ public class SaSsoHandle {
 	 */
 	public static Object serverRequest() {
 		
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();

@@ -59,7 +60,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoAuth() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaResponse res = SaHolder.getResponse();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();
@@ -80,7 +81,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoDoLogin() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();
 		
@@ -93,7 +94,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoCheckTicket() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		
 		// 获取参数 
@@ -115,7 +116,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoServerLogout() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();
 		StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
@@ -146,7 +147,7 @@ public class SaSsoHandle {
 	 */
 	public static Object clientRequest() {

-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();

@@ -181,7 +182,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoLogin() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaResponse res = SaHolder.getResponse();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();
@@ -219,13 +220,17 @@ public class SaSsoHandle {
 				// 方式2：直连Redis校验ticket 
 				loginId = SaSsoUtil.checkTicket(ticket);
 			}
+			// Be: 如果开发者自定义了处理逻辑 
+			if(cfg.ticketResultHandle != null) {
+				return cfg.ticketResultHandle.apply(loginId, back);
+			}
 			// ------- 2、如果loginId有值，说明ticket有效，进行登录并重定向至back地址 
 			if(loginId != null ) {
 				stpLogic.login(loginId); 
 				return res.redirect(back);
 			} else {
 				// 如果ticket无效: 
-				return cfg.ticketInvalidView.apply(ticket);
+				throw new SaTokenException("无效ticket：" + ticket);
 			}
 		}
 	}
@@ -235,7 +240,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoLogoutType2() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaResponse res = SaHolder.getResponse();
 		StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
@@ -254,7 +259,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoLogoutType3() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		SaResponse res = SaHolder.getResponse();
 		SaSsoConfig cfg = SaManager.getConfig().getSso();
@@ -283,7 +288,7 @@ public class SaSsoHandle {
 	 * @return 处理结果 
 	 */
 	public static Object ssoLogoutCall() {
-		// 获取变量 
+		// 获取对象 
 		SaRequest req = SaHolder.getRequest();
 		StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
 		
--- a/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java
@@ -248,6 +248,20 @@ public class SaSsoTemplate {
 		return url;
 	}

+	/**
+	 * 构建URL：Server端 账号资料查询地址 
+	 * @param loginId 账号id
+	 * @return Server端 账号资料查询地址 
+	 */
+	public String buildUserinfoUrl(Object loginId) {
+		// 拼接 
+		String userinfoUrl = SaManager.getConfig().getSso().getUserinfoUrl();
+		userinfoUrl = SaFoxUtil.joinParam(userinfoUrl, ParamName.loginId, loginId);
+		userinfoUrl = SaFoxUtil.joinParam(userinfoUrl, ParamName.secretkey, SaManager.getConfig().getSso().getSecretkey());
+		// 返回 
+		return userinfoUrl;
+	}
+

 	// ------------------- SSO 模式三相关 ------------------- 

@@ -349,6 +363,16 @@ public class SaSsoTemplate {
 		stpLogic.logoutByTokenValue(stpLogic.getTokenValueByLoginId(loginId));
 	}

+	/**
+	 * 获取：账号资料 
+	 * @param loginId 账号id
+	 * @return 账号资料  
+	 */
+	public Object getUserinfo(Object loginId) {
+		String url = buildUserinfoUrl(loginId);
+		return SaManager.getConfig().getSso().sendHttp.apply(url);
+	}
+	
 	
 	
 	// ------------------- 返回相应key ------------------- 
--- a/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoUtil.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/sso/SaSsoUtil.java
@@ -103,6 +103,14 @@ public class SaSsoUtil {
 		saSsoTemplate.checkRedirectUrl(url);
 	}

+	/**
+	 * 构建URL：Server端 账号资料查询地址 
+	 * @param loginId 账号id
+	 * @return Server端 账号资料查询地址 
+	 */
+	public static String buildUserinfoUrl(Object loginId) {
+		return saSsoTemplate.buildUserinfoUrl(loginId);
+	}
 	
 	// ------------------- SSO 模式三 ------------------- 
 	
@@ -161,4 +169,13 @@ public class SaSsoUtil {
 		saSsoTemplate.singleLogout(secretkey, loginId, fun); 
 	}

+	/**
+	 * 获取：账号资料 
+	 * @param loginId 账号id
+	 * @return 账号资料 
+	 */
+	public static Object getUserinfo(Object loginId) {
+		return saSsoTemplate.getUserinfo(loginId);
+	}
+	
 }