Sfoglia il codice sorgente

!677 add 新增 对接 gitea 三方单点登录
* add 新增 对接 gitea 三方单点登录

lcry 1 anno fa
parent
commit
5a1523564b

+ 6 - 0
ruoyi-admin/src/main/resources/application-dev.yml

@@ -263,3 +263,9 @@ justauth:
       client-id: 10**********6
       client-secret: 1f7d08**********5b7**********29e
       redirect-uri: ${justauth.address}/social-callback?source=gitlab
+    gitea:
+      # gitea 服务器地址
+      server-url: https://demo.gitea.com
+      client-id: 10**********6
+      client-secret: 1f7d08**********5b7**********29e
+      redirect-uri: ${justauth.address}/social-callback?source=gitea

+ 6 - 0
ruoyi-admin/src/main/resources/application-prod.yml

@@ -265,3 +265,9 @@ justauth:
       client-id: 10**********6
       client-secret: 1f7d08**********5b7**********29e
       redirect-uri: ${justauth.address}/social-callback?source=gitlab
+    gitea:
+      # gitea 服务器地址
+      server-url: https://demo.gitea.com
+      client-id: 10**********6
+      client-secret: 1f7d08**********5b7**********29e
+      redirect-uri: ${justauth.address}/social-callback?source=gitea

+ 92 - 0
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/gitea/AuthGiteaRequest.java

@@ -0,0 +1,92 @@
+package org.dromara.common.social.gitea;
+
+import cn.hutool.core.lang.Dict;
+import cn.hutool.http.HttpRequest;
+import cn.hutool.http.HttpResponse;
+import lombok.extern.slf4j.Slf4j;
+import me.zhyd.oauth.cache.AuthStateCache;
+import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.exception.AuthException;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.request.AuthDefaultRequest;
+import org.dromara.common.core.utils.SpringUtils;
+import org.dromara.common.json.utils.JsonUtils;
+
+/**
+ * @author lcry
+ */
+@Slf4j
+public class AuthGiteaRequest extends AuthDefaultRequest {
+
+    public static final String SERVER_URL = SpringUtils.getProperty("justauth.type.gitea.server-url");
+
+    /**
+     * 设定归属域
+     */
+    public AuthGiteaRequest(AuthConfig config) {
+        super(config, AuthGiteaSource.GITEA);
+    }
+
+    public AuthGiteaRequest(AuthConfig config, AuthStateCache authStateCache) {
+        super(config, AuthGiteaSource.GITEA, authStateCache);
+    }
+
+    @Override
+    public AuthToken getAccessToken(AuthCallback authCallback) {
+        String body = doPostAuthorizationCode(authCallback.getCode());
+        Dict object = JsonUtils.parseMap(body);
+        // oauth/token 验证异常
+        if (object.containsKey("error")) {
+            throw new AuthException(object.getStr("error_description"));
+        }
+        // user 验证异常
+        if (object.containsKey("message")) {
+            throw new AuthException(object.getStr("message"));
+        }
+        return AuthToken.builder()
+                .accessToken(object.getStr("access_token"))
+                .refreshToken(object.getStr("refresh_token"))
+                .idToken(object.getStr("id_token"))
+                .tokenType(object.getStr("token_type"))
+                .scope(object.getStr("scope"))
+                .build();
+    }
+
+    @Override
+    protected String doPostAuthorizationCode(String code) {
+        HttpRequest request = HttpRequest.post(source.accessToken())
+                .form("client_id", config.getClientId())
+                .form("client_secret", config.getClientSecret())
+                .form("grant_type", "authorization_code")
+                .form("code", code)
+                .form("redirect_uri", config.getRedirectUri());
+        HttpResponse response = request.execute();
+        return response.body();
+    }
+
+    @Override
+    public AuthUser getUserInfo(AuthToken authToken) {
+        String body = doGetUserInfo(authToken);
+        Dict object = JsonUtils.parseMap(body);
+        // oauth/token 验证异常
+        if (object.containsKey("error")) {
+            throw new AuthException(object.getStr("error_description"));
+        }
+        // user 验证异常
+        if (object.containsKey("message")) {
+            throw new AuthException(object.getStr("message"));
+        }
+        return AuthUser.builder()
+                .uuid(object.getStr("sub"))
+                .username(object.getStr("name"))
+                .nickname(object.getStr("preferred_username"))
+                .avatar(object.getStr("picture"))
+                .email(object.getStr("email"))
+                .token(authToken)
+                .source(source.toString())
+                .build();
+    }
+
+}

+ 50 - 0
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/gitea/AuthGiteaSource.java

@@ -0,0 +1,50 @@
+package org.dromara.common.social.gitea;
+
+import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.request.AuthDefaultRequest;
+
+/**
+ * gitea Oauth2 默认接口说明
+ *
+ * @author lcry
+ */
+public enum AuthGiteaSource implements AuthSource {
+
+    /**
+     * 自己搭建的 gitea 私服
+     */
+    GITEA {
+        /**
+         * 授权的api
+         */
+        @Override
+        public String authorize() {
+            return AuthGiteaRequest.SERVER_URL + "/login/oauth/authorize";
+        }
+
+        /**
+         * 获取accessToken的api
+         */
+        @Override
+        public String accessToken() {
+            return AuthGiteaRequest.SERVER_URL + "/login/oauth/access_token";
+        }
+
+        /**
+         * 获取用户信息的api
+         */
+        @Override
+        public String userInfo() {
+            return AuthGiteaRequest.SERVER_URL + "/login/oauth/userinfo";
+        }
+
+        /**
+         * 平台对应的 AuthRequest 实现类,必须继承自 {@link AuthDefaultRequest}
+         */
+        @Override
+        public Class<? extends AuthDefaultRequest> getTargetClass() {
+            return AuthGiteaRequest.class;
+        }
+
+    }
+}

+ 2 - 0
ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java

@@ -10,6 +10,7 @@ import me.zhyd.oauth.request.*;
 import org.dromara.common.core.utils.SpringUtils;
 import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
 import org.dromara.common.social.config.properties.SocialProperties;
+import org.dromara.common.social.gitea.AuthGiteaRequest;
 import org.dromara.common.social.maxkey.AuthMaxKeyRequest;
 import org.dromara.common.social.topiam.AuthTopIamRequest;
 
@@ -66,6 +67,7 @@ public class SocialUtils  {
             case "aliyun" -> new AuthAliyunRequest(builder.build(), STATE_CACHE);
             case "maxkey" -> new AuthMaxKeyRequest(builder.build(), STATE_CACHE);
             case "topiam" -> new AuthTopIamRequest(builder.build(), STATE_CACHE);
+            case "gitea" -> new AuthGiteaRequest(builder.build(), STATE_CACHE);
             default -> throw new AuthException("未获取到有效的Auth配置");
         };
     }

+ 2 - 2
script/sql/oracle/oracle_ry_vue_5.X.sql

@@ -13,9 +13,9 @@ create table sys_social
     nick_name          varchar2(30)      default '',
     email              varchar2(255)     default '',
     avatar             varchar2(500)     default '',
-    access_token       varchar2(255)     not null,
+    access_token       varchar2(2000)    not null,
     expire_in          number(20)        default null,
-    refresh_token      varchar2(255)     default null,
+    refresh_token      varchar2(2000)    default null,
     access_code        varchar2(255)     default null,
     union_id           varchar2(255)     default null,
     scope              varchar2(255)     default null,

+ 2 - 2
script/sql/postgres/postgres_ry_vue_5.X.sql

@@ -13,9 +13,9 @@ create table sys_social
     nick_name          varchar(30)      default ''::varchar,
     email              varchar(255)     default ''::varchar,
     avatar             varchar(500)     default ''::varchar,
-    access_token       varchar(255)     not null,
+    access_token       varchar(2000)    not null,
     expire_in          int8             default null,
-    refresh_token      varchar(255)     default null::varchar,
+    refresh_token      varchar(2000)    default null::varchar,
     access_code        varchar(255)     default null::varchar,
     union_id           varchar(255)     default null::varchar,
     scope              varchar(255)     default null::varchar,

+ 2 - 2
script/sql/ry_vue_5.X.sql

@@ -13,10 +13,10 @@ create table sys_social
     nick_name          varchar(30)      default ''      comment '用户昵称',
     email              varchar(255)     default ''      comment '用户邮箱',
     avatar             varchar(500)     default ''      comment '头像地址',
-    access_token       varchar(255)     not null        comment '用户的授权令牌',
+    access_token       varchar(2000)     not null       comment '用户的授权令牌',
     expire_in          int              default null    comment '用户的授权令牌的有效期,部分平台可能没有',
     refresh_token      varchar(255)     default null    comment '刷新令牌,部分平台可能没有',
-    access_code        varchar(255)     default null    comment '平台的授权信息,部分平台可能没有',
+    access_code        varchar(2000)     default null   comment '平台的授权信息,部分平台可能没有',
     union_id           varchar(255)     default null    comment '用户的 unionid',
     scope              varchar(255)     default null    comment '授予的权限,部分平台可能没有',
     token_type         varchar(255)     default null    comment '个别平台的授权信息,部分平台可能没有',

+ 2 - 2
script/sql/sqlserver/sqlserver_ry_vue_5.X.sql

@@ -10,9 +10,9 @@ create table sys_social
     nick_name          nvarchar(30)      DEFAULT ('')   NULL,
     email              nvarchar(255)     DEFAULT ('')   NULL,
     avatar             nvarchar(500)     DEFAULT ('')   NULL,
-    access_token       nvarchar(255)     NOT NULL,
+    access_token       nvarchar(2000)    NOT NULL,
     expire_in          bigint            NULL,
-    refresh_token      nvarchar(255)     NULL,
+    refresh_token      nvarchar(2000)    NULL,
     access_code        nvarchar(255)     NULL,
     union_id           nvarchar(255)     NULL,
     scope              nvarchar(255)     NULL,

+ 5 - 0
script/sql/update/update_5.3.1-5.3.2.sql

@@ -6,3 +6,8 @@ ALTER TABLE `flow_instance`
 
 ALTER TABLE `flow_his_task`
     MODIFY COLUMN `flow_status` varchar(20) NOT NULL COMMENT '流程状态(0待提交 1审批中 2审批通过 4终止 5作废 6撤销 8已完成 9已退回 10失效 11拿回)' AFTER `skip_type`
+
+ALTER TABLE `sys_social`
+    MODIFY COLUMN `access_token` varchar(2000)  NOT NULL COMMENT '用户的授权令牌' AFTER `avatar`;
+ALTER TABLE `sys_social`
+    MODIFY COLUMN `refresh_token` varchar(2000) NOT NULL COMMENT '刷新令牌,部分平台可能没有' AFTER `expire_in`;