Liang Yong Rui avatar Liang Yong Rui committed b58c2e0

因为Taobao Session改为不过期,所以移除TaobaoUserDetails以及相关逻辑

Comments (0)

Files changed (3)

grails-app/conf/DefaultTaobaoSecurityConfig.groovy

         authRequestMaxSkewedTime = 1800
         userLookup {
             accountsPropertyName = 'taobaoAccounts'
+            nickPropertyName = 'nick'
         }   
     }
 }

src/groovy/com/mingidea/security/taobao/TaobaoAuthenticationUserDetailsService.groovy

         def conf = SpringSecurityUtils.securityConfig
         def taobaoAccountClassName = conf.taobao.accountDomainClassName
         Class<?> TaobaoAccount = grailsApplication.getDomainClass(taobaoAccountClassName).clazz
-        
+
         String taobaoNick = auth.principal
+
         TaobaoAccount.withTransaction { status ->
-            def taobaoAccount = TaobaoAccount.findByNick(taobaoNick)
+            def nickPropertyName = conf.taobao.userLookup.nickPropertyName
+            def taobaoAccount = TaobaoAccount.findWhere((nickPropertyName) : taobaoNick)
             if(!taobaoAccount) {
-                log.info "Taobao account not found: $nick"
-                throw new UsernameNotFoundException('Taobao account not found', nick)
+                log.warn "Taobao account not found: $taobaoNick"
+                throw new UsernameNotFoundException('Taobao account not found', taobaoNick)
             }
             def user = taobaoAccount.owner
-            Collection<GrantedAuthority> authorities = loadAuthorities(user, true)
-            
-            String session = auth.credentials.session
-            
-            return createUserDetails(user, authorities, session, taobaoNick)
+
+            def usernamePropertyName = conf.userLookup.usernamePropertyName
+            Collection<GrantedAuthority> authorities = loadAuthorities(user, user."$usernamePropertyName", true)
+            return createUserDetails(user, authorities)
         }
     }
-    
-    protected Collection<GrantedAuthority> loadAuthorities(user, boolean loadRoles) {
-        if (!loadRoles) {
-            return []
-        }
-
-        def conf = SpringSecurityUtils.securityConfig
-
-        String authoritiesPropertyName = conf.userLookup.authoritiesPropertyName
-        String authorityPropertyName = conf.authority.nameField
-
-        Collection<?> userAuthorities = user."$authoritiesPropertyName"
-        def authorities = userAuthorities.collect { new GrantedAuthorityImpl(it."$authorityPropertyName") }
-        authorities ?: NO_ROLES
-    }
-
-    protected UserDetails createUserDetails(user, Collection<GrantedAuthority> authorities, String session, String taobaoNick) {
-
-        def conf = SpringSecurityUtils.securityConfig
-
-        String usernamePropertyName = conf.userLookup.usernamePropertyName
-        String passwordPropertyName = conf.userLookup.passwordPropertyName
-        String enabledPropertyName = conf.userLookup.enabledPropertyName
-        String accountExpiredPropertyName = conf.userLookup.accountExpiredPropertyName
-        String accountLockedPropertyName = conf.userLookup.accountLockedPropertyName
-        String passwordExpiredPropertyName = conf.userLookup.passwordExpiredPropertyName
-
-        String username = user."$usernamePropertyName"
-        String password = user."$passwordPropertyName"
-        boolean enabled = enabledPropertyName ? user."$enabledPropertyName" : true
-        boolean accountExpired = accountExpiredPropertyName ? user."$accountExpiredPropertyName" : false
-        boolean accountLocked = accountLockedPropertyName ? user."$accountLockedPropertyName" : false
-        boolean passwordExpired = passwordExpiredPropertyName ? user."$passwordExpiredPropertyName" : false
-
-        return new TaobaoUserDetails(username, password, enabled, !accountExpired, !passwordExpired,
-                !accountLocked, authorities, user.id, session, taobaoNick)
-    }
 }

src/groovy/com/mingidea/security/taobao/TaobaoUserDetails.groovy

-package com.mingidea.security.taobao
-
-import java.util.Collection;
-
-import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser;
-import org.springframework.security.core.GrantedAuthority;
-
-class TaobaoUserDetails extends GrailsUser {
-    private String session;
-    private String taobaoNick;
-    public TaobaoUserDetails(String username, String password, boolean enabled, boolean accountNonExpired,
-        boolean credentialsNonExpired, boolean accountNonLocked, Collection<GrantedAuthority> authorities, Object id,
-        String session, String taobaoNick) {
-        super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities, id);
-        this.session = session
-        this.taobaoNick = taobaoNick
-    }
-    
-    String getSession() {session};
-    String getTaobaoNick() {taobaoNick};  
-}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.