新增 checkTicketAppendData 策略函数，用于在校验 ticket 后，给 sso-client 端追加返回信息

2025-10-21 19:17:25 +08:00 · 2024-05-08 17:21:41 +08:00
parent e781664840
commit b23aa55ffa
7 changed files with 110 additions and 29 deletions
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java
@@ -345,7 +345,7 @@ public class SaSsoClientConfig implements Serializable {
    // -------------------- 所有回调函数 --------------------

    /**
-     * SSO-Client端：自定义校验Ticket返回值的处理逻辑 （每次从认证中心获取校验Ticket的结果后调用）
+     * SSO-Client端：自定义校验 ticket 返回值的处理逻辑 （每次从认证中心获取校验 ticket 的结果后调用）
     * <p> 参数：loginId, back
     * <p> 返回值：返回给前端的值
     */
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java
@@ -18,6 +18,7 @@ package cn.dev33.satoken.sso.config;

 import cn.dev33.satoken.sso.error.SaSsoErrorCode;
 import cn.dev33.satoken.sso.exception.SaSsoException;
+import cn.dev33.satoken.sso.function.CheckTicketAppendDataFunction;
 import cn.dev33.satoken.sso.function.DoLoginHandleFunction;
 import cn.dev33.satoken.sso.function.NotLoginViewFunction;
 import cn.dev33.satoken.sso.function.SendHttpFunction;
@@ -279,6 +280,13 @@ public class SaSsoServerConfig implements Serializable {
        return SaResult.error();
    };

+    /**
+     * SSO-Server端：在校验 ticket 后，给 sso-client 端追加返回信息的函数
+     */
+    public CheckTicketAppendDataFunction checkTicketAppendData = (loginId, result) -> {
+        return result;
+    };
+
    /**
     * SSO-Server端：发送Http请求的处理函数
     */
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.sso.function;
+
+import cn.dev33.satoken.util.SaResult;
+
+import java.util.function.BiFunction;
+
+/**
+ * 函数式接口：SSO-Server端：在校验 ticket 后，给 sso-client 端追加返回信息的函数
+ *
+ * <p>  参数：loginId, SaResult 响应参数对象  </p>
+ * <p>  返回：SaResult 响应参数对象  </p>
+ *
+ * @author click33
+ * @since 1.38.0
+ */
+@FunctionalInterface
+public interface CheckTicketAppendDataFunction extends BiFunction<Object, SaResult, SaResult> {
+
+}
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java
@@ -15,12 +15,10 @@
 */
 package cn.dev33.satoken.sso.function;

-import cn.dev33.satoken.sso.processor.SaSsoClientProcessor;
-
-import java.util.function.BiFunction;
+import cn.dev33.satoken.sso.model.SaCheckTicketResult;

 /**
- * 函数式接口：SSO-Client端：自定义校验Ticket返回值的处理逻辑 （每次从认证中心获取校验Ticket的结果后调用）
+ * 函数式接口：SSO-Client端：自定义校验 ticket 返回值的处理逻辑 （每次从认证中心获取校验 ticket 的结果后调用）
 *
 * <p>  参数：loginId, back  </p>
 * <p>  返回：返回给前端的值  </p>
@@ -29,6 +27,8 @@ import java.util.function.BiFunction;
 * @since 1.38.0
 */
@FunctionalInterface
-public interface TicketResultHandleFunction extends BiFunction<SaSsoClientProcessor.CheckTicketResult, String, Object> {
+public interface TicketResultHandleFunction {
+
+    Object run(SaCheckTicketResult ctr, String back);

 }
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.sso.model;
+
+import cn.dev33.satoken.util.SaResult;
+
+/**
+ * 校验 ticket 返回 loginId 等结果的参数封装
+ *
+ * @author click33
+ * @since 1.38.0
+ */
+public class SaCheckTicketResult {
+
+    /** 账号id */
+    public Object loginId;
+
+    /** 此账号会话剩余有效期 */
+    public long remainSessionTimeout;
+
+    /** 从 sso-server 返回的所有参数 */
+    public SaResult result;
+
+    public SaCheckTicketResult(Object loginId, long remainSessionTimeout, SaResult result) {
+        this.loginId = loginId;
+        this.remainSessionTimeout = remainSessionTimeout;
+        this.result = result;
+    }
+    @Override
+    public String toString() {
+        return "CheckTicketResult{" +
+                "loginId=" + loginId +
+                ", remainSessionTimeout=" + remainSessionTimeout +
+                ", result=" + result +
+                '}';
+    }
+
+}
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java
@@ -22,6 +22,7 @@ import cn.dev33.satoken.sso.SaSsoManager;
 import cn.dev33.satoken.sso.config.SaSsoClientConfig;
 import cn.dev33.satoken.sso.error.SaSsoErrorCode;
 import cn.dev33.satoken.sso.exception.SaSsoException;
+import cn.dev33.satoken.sso.model.SaCheckTicketResult;
 import cn.dev33.satoken.sso.name.ApiName;
 import cn.dev33.satoken.sso.name.ParamName;
 import cn.dev33.satoken.sso.template.SaSsoClientTemplate;
@@ -122,11 +123,11 @@ public class SaSsoClientProcessor {
 			return res.redirect(serverAuthUrl);
 		} else {
 			// 1、校验ticket，获取 loginId
-			CheckTicketResult ctr = checkTicketByMode2Or3(ticket, apiName.ssoLogin);
+			SaCheckTicketResult ctr = checkTicketByMode2Or3(ticket, apiName.ssoLogin);

 			// 2、如果开发者自定义了ticket结果值处理函数，则使用自定义的函数
 			if(cfg.ticketResultHandle != null) {
-				return cfg.ticketResultHandle.apply(ctr, back);
+				return cfg.ticketResultHandle.run(ctr, back);
 			}

 			// 3、登录并重定向至back地址
@@ -244,7 +245,7 @@ public class SaSsoClientProcessor {
 	 * @param currUri 当前路由的uri，用于计算单点注销回调地址
 	 * @return loginId
 	 */
-	public CheckTicketResult checkTicketByMode2Or3(String ticket, String currUri) {
+	public SaCheckTicketResult checkTicketByMode2Or3(String ticket, String currUri) {
 		SaSsoClientConfig cfg = ssoClientTemplate.getClientConfig();
 		ApiName apiName = ssoClientTemplate.apiName;
 		ParamName paramName = ssoClientTemplate.paramName;
@@ -288,7 +289,7 @@ public class SaSsoClientProcessor {
 					remainSessionTimeout = ssoClientTemplate.getStpLogic().getConfigOrGlobal().getTimeout();
 				}
 				// 构建返回
-				return new CheckTicketResult(loginId, remainSessionTimeout);
+				return new SaCheckTicketResult(loginId, remainSessionTimeout, result);
 			} else {
 				// 将 sso-server 回应的消息作为异常抛出
 				throw new SaSsoException(result.getMsg()).setCode(SaSsoErrorCode.CODE_30005);
@@ -309,7 +310,7 @@ public class SaSsoClientProcessor {
 			// 取出 Session 剩余有效期
 			long remainSessionTimeout = ssoClientTemplate.getStpLogic().getSessionTimeoutByLoginId(loginId);
 			// 构建返回
-			return new CheckTicketResult(loginId, remainSessionTimeout);
+			return new SaCheckTicketResult(loginId, remainSessionTimeout, null);
 		}
 	}

@@ -324,20 +325,5 @@ public class SaSsoClientProcessor {
 	}


-	public static class CheckTicketResult {
-		public Object loginId;
-		public long remainSessionTimeout;
-		public CheckTicketResult(Object loginId, long remainSessionTimeout) {
-			this.loginId = loginId;
-			this.remainSessionTimeout = remainSessionTimeout;
-		}
-		@Override
-		public String toString() {
-			return "CheckTicketResult{" +
-					"loginId=" + loginId +
-					", remainSessionTimeout=" + remainSessionTimeout +
-					'}';
-		}
-	}

 }
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java
@@ -171,6 +171,7 @@ public class SaSsoServerProcessor {

 		// 1、获取参数
 		SaRequest req = SaHolder.getRequest();
+		SaSsoServerConfig ssoServerConfig = ssoServerTemplate.getServerConfig();
 		String client = req.getParam(paramName.client);
 		String ticket = req.getParamNotNull(paramName.ticket);
 		String sloCallback = req.getParam(paramName.ssoLogoutCall);
@@ -181,7 +182,7 @@ public class SaSsoServerProcessor {
 		}

 		// 3、校验签名
-		if(ssoServerTemplate.getServerConfig().getIsCheckSign()) {
+		if(ssoServerConfig.getIsCheckSign()) {
 			ssoServerTemplate.getSignTemplate(client).checkRequest(req,
 					paramName.client, paramName.ticket, paramName.ssoLogoutCall);
 		} else {
@@ -199,8 +200,9 @@ public class SaSsoServerProcessor {

 		// 6、给 client 端响应结果
 		long remainSessionTimeout = ssoServerTemplate.getStpLogic().getSessionTimeoutByLoginId(loginId);
-		return SaResult.data(loginId)
-				.set(paramName.remainSessionTimeout, remainSessionTimeout);
+		SaResult result = SaResult.data(loginId).set(paramName.remainSessionTimeout, remainSessionTimeout);
+		result = ssoServerConfig.checkTicketAppendData.apply(loginId, result);
+		return result;
 	}

 	/**