From b23aa55ffaba08ddd52d1d47109f157da0b73413 Mon Sep 17 00:00:00 2001
From: click33 <2393584716@qq.com>
Date: Wed, 8 May 2024 17:21:41 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=20checkTicketAppendData=20?=
=?UTF-8?q?=E7=AD=96=E7=95=A5=E5=87=BD=E6=95=B0=EF=BC=8C=E7=94=A8=E4=BA=8E?=
=?UTF-8?q?=E5=9C=A8=E6=A0=A1=E9=AA=8C=20ticket=20=E5=90=8E=EF=BC=8C?=
=?UTF-8?q?=E7=BB=99=20sso-client=20=E7=AB=AF=E8=BF=BD=E5=8A=A0=E8=BF=94?=
=?UTF-8?q?=E5=9B=9E=E4=BF=A1=E6=81=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../satoken/sso/config/SaSsoClientConfig.java | 2 +-
.../satoken/sso/config/SaSsoServerConfig.java | 8 +++
.../CheckTicketAppendDataFunction.java | 34 +++++++++++++
.../function/TicketResultHandleFunction.java | 10 ++--
.../sso/model/SaCheckTicketResult.java | 51 +++++++++++++++++++
.../sso/processor/SaSsoClientProcessor.java | 26 +++-------
.../sso/processor/SaSsoServerProcessor.java | 8 +--
7 files changed, 110 insertions(+), 29 deletions(-)
create mode 100644 sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java
create mode 100644 sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java
index ccdf9c73..dd7d4a3d 100644
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoClientConfig.java
@@ -345,7 +345,7 @@ public class SaSsoClientConfig implements Serializable {
// -------------------- 所有回调函数 --------------------
/**
- * SSO-Client端:自定义校验Ticket返回值的处理逻辑 (每次从认证中心获取校验Ticket的结果后调用)
+ * SSO-Client端:自定义校验 ticket 返回值的处理逻辑 (每次从认证中心获取校验 ticket 的结果后调用)
* 参数:loginId, back
*
返回值:返回给前端的值
*/
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java
index 1830962f..47aa280f 100644
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/config/SaSsoServerConfig.java
@@ -18,6 +18,7 @@ package cn.dev33.satoken.sso.config;
import cn.dev33.satoken.sso.error.SaSsoErrorCode;
import cn.dev33.satoken.sso.exception.SaSsoException;
+import cn.dev33.satoken.sso.function.CheckTicketAppendDataFunction;
import cn.dev33.satoken.sso.function.DoLoginHandleFunction;
import cn.dev33.satoken.sso.function.NotLoginViewFunction;
import cn.dev33.satoken.sso.function.SendHttpFunction;
@@ -279,6 +280,13 @@ public class SaSsoServerConfig implements Serializable {
return SaResult.error();
};
+ /**
+ * SSO-Server端:在校验 ticket 后,给 sso-client 端追加返回信息的函数
+ */
+ public CheckTicketAppendDataFunction checkTicketAppendData = (loginId, result) -> {
+ return result;
+ };
+
/**
* SSO-Server端:发送Http请求的处理函数
*/
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java
new file mode 100644
index 00000000..b99bb802
--- /dev/null
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/CheckTicketAppendDataFunction.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.sso.function;
+
+import cn.dev33.satoken.util.SaResult;
+
+import java.util.function.BiFunction;
+
+/**
+ * 函数式接口:SSO-Server端:在校验 ticket 后,给 sso-client 端追加返回信息的函数
+ *
+ *
参数:loginId, SaResult 响应参数对象
+ * 返回:SaResult 响应参数对象
+ *
+ * @author click33
+ * @since 1.38.0
+ */
+@FunctionalInterface
+public interface CheckTicketAppendDataFunction extends BiFunction {
+
+}
\ No newline at end of file
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java
index f1100000..739d4658 100644
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/function/TicketResultHandleFunction.java
@@ -15,12 +15,10 @@
*/
package cn.dev33.satoken.sso.function;
-import cn.dev33.satoken.sso.processor.SaSsoClientProcessor;
-
-import java.util.function.BiFunction;
+import cn.dev33.satoken.sso.model.SaCheckTicketResult;
/**
- * 函数式接口:SSO-Client端:自定义校验Ticket返回值的处理逻辑 (每次从认证中心获取校验Ticket的结果后调用)
+ * 函数式接口:SSO-Client端:自定义校验 ticket 返回值的处理逻辑 (每次从认证中心获取校验 ticket 的结果后调用)
*
* 参数:loginId, back
* 返回:返回给前端的值
@@ -29,6 +27,8 @@ import java.util.function.BiFunction;
* @since 1.38.0
*/
@FunctionalInterface
-public interface TicketResultHandleFunction extends BiFunction {
+public interface TicketResultHandleFunction {
+
+ Object run(SaCheckTicketResult ctr, String back);
}
\ No newline at end of file
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java
new file mode 100644
index 00000000..890d203d
--- /dev/null
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/model/SaCheckTicketResult.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.sso.model;
+
+import cn.dev33.satoken.util.SaResult;
+
+/**
+ * 校验 ticket 返回 loginId 等结果的参数封装
+ *
+ * @author click33
+ * @since 1.38.0
+ */
+public class SaCheckTicketResult {
+
+ /** 账号id */
+ public Object loginId;
+
+ /** 此账号会话剩余有效期 */
+ public long remainSessionTimeout;
+
+ /** 从 sso-server 返回的所有参数 */
+ public SaResult result;
+
+ public SaCheckTicketResult(Object loginId, long remainSessionTimeout, SaResult result) {
+ this.loginId = loginId;
+ this.remainSessionTimeout = remainSessionTimeout;
+ this.result = result;
+ }
+ @Override
+ public String toString() {
+ return "CheckTicketResult{" +
+ "loginId=" + loginId +
+ ", remainSessionTimeout=" + remainSessionTimeout +
+ ", result=" + result +
+ '}';
+ }
+
+}
\ No newline at end of file
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java
index 9c8dc651..aef2e26e 100644
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoClientProcessor.java
@@ -22,6 +22,7 @@ import cn.dev33.satoken.sso.SaSsoManager;
import cn.dev33.satoken.sso.config.SaSsoClientConfig;
import cn.dev33.satoken.sso.error.SaSsoErrorCode;
import cn.dev33.satoken.sso.exception.SaSsoException;
+import cn.dev33.satoken.sso.model.SaCheckTicketResult;
import cn.dev33.satoken.sso.name.ApiName;
import cn.dev33.satoken.sso.name.ParamName;
import cn.dev33.satoken.sso.template.SaSsoClientTemplate;
@@ -122,11 +123,11 @@ public class SaSsoClientProcessor {
return res.redirect(serverAuthUrl);
} else {
// 1、校验ticket,获取 loginId
- CheckTicketResult ctr = checkTicketByMode2Or3(ticket, apiName.ssoLogin);
+ SaCheckTicketResult ctr = checkTicketByMode2Or3(ticket, apiName.ssoLogin);
// 2、如果开发者自定义了ticket结果值处理函数,则使用自定义的函数
if(cfg.ticketResultHandle != null) {
- return cfg.ticketResultHandle.apply(ctr, back);
+ return cfg.ticketResultHandle.run(ctr, back);
}
// 3、登录并重定向至back地址
@@ -244,7 +245,7 @@ public class SaSsoClientProcessor {
* @param currUri 当前路由的uri,用于计算单点注销回调地址
* @return loginId
*/
- public CheckTicketResult checkTicketByMode2Or3(String ticket, String currUri) {
+ public SaCheckTicketResult checkTicketByMode2Or3(String ticket, String currUri) {
SaSsoClientConfig cfg = ssoClientTemplate.getClientConfig();
ApiName apiName = ssoClientTemplate.apiName;
ParamName paramName = ssoClientTemplate.paramName;
@@ -288,7 +289,7 @@ public class SaSsoClientProcessor {
remainSessionTimeout = ssoClientTemplate.getStpLogic().getConfigOrGlobal().getTimeout();
}
// 构建返回
- return new CheckTicketResult(loginId, remainSessionTimeout);
+ return new SaCheckTicketResult(loginId, remainSessionTimeout, result);
} else {
// 将 sso-server 回应的消息作为异常抛出
throw new SaSsoException(result.getMsg()).setCode(SaSsoErrorCode.CODE_30005);
@@ -309,7 +310,7 @@ public class SaSsoClientProcessor {
// 取出 Session 剩余有效期
long remainSessionTimeout = ssoClientTemplate.getStpLogic().getSessionTimeoutByLoginId(loginId);
// 构建返回
- return new CheckTicketResult(loginId, remainSessionTimeout);
+ return new SaCheckTicketResult(loginId, remainSessionTimeout, null);
}
}
@@ -324,20 +325,5 @@ public class SaSsoClientProcessor {
}
- public static class CheckTicketResult {
- public Object loginId;
- public long remainSessionTimeout;
- public CheckTicketResult(Object loginId, long remainSessionTimeout) {
- this.loginId = loginId;
- this.remainSessionTimeout = remainSessionTimeout;
- }
- @Override
- public String toString() {
- return "CheckTicketResult{" +
- "loginId=" + loginId +
- ", remainSessionTimeout=" + remainSessionTimeout +
- '}';
- }
- }
}
diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java
index ec9e00c2..a17ff711 100644
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/processor/SaSsoServerProcessor.java
@@ -171,6 +171,7 @@ public class SaSsoServerProcessor {
// 1、获取参数
SaRequest req = SaHolder.getRequest();
+ SaSsoServerConfig ssoServerConfig = ssoServerTemplate.getServerConfig();
String client = req.getParam(paramName.client);
String ticket = req.getParamNotNull(paramName.ticket);
String sloCallback = req.getParam(paramName.ssoLogoutCall);
@@ -181,7 +182,7 @@ public class SaSsoServerProcessor {
}
// 3、校验签名
- if(ssoServerTemplate.getServerConfig().getIsCheckSign()) {
+ if(ssoServerConfig.getIsCheckSign()) {
ssoServerTemplate.getSignTemplate(client).checkRequest(req,
paramName.client, paramName.ticket, paramName.ssoLogoutCall);
} else {
@@ -199,8 +200,9 @@ public class SaSsoServerProcessor {
// 6、给 client 端响应结果
long remainSessionTimeout = ssoServerTemplate.getStpLogic().getSessionTimeoutByLoginId(loginId);
- return SaResult.data(loginId)
- .set(paramName.remainSessionTimeout, remainSessionTimeout);
+ SaResult result = SaResult.data(loginId).set(paramName.remainSessionTimeout, remainSessionTimeout);
+ result = ssoServerConfig.checkTicketAppendData.apply(loginId, result);
+ return result;
}
/**