feat(WechatAuthenticationProvider.java):微信授权登录用户信息传值由userInfo改成为加密的encryptedData。

youlai-auth/src/main/java/com/youlai/auth/security/extension/wechat/WechatAuthenticationProvider.java

@@ -2,6 +2,7 @@ package com.youlai.auth.security.extension.wechat;
 
 import cn.binarywang.wx.miniapp.api.WxMaService;
 import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
+import cn.binarywang.wx.miniapp.bean.WxMaUserInfo;
 import cn.hutool.core.bean.BeanUtil;
 import com.youlai.auth.security.core.userdetails.member.MemberUserDetailsServiceImpl;
 import com.youlai.common.result.Result;
@@ -43,7 +44,6 @@ public class WechatAuthenticationProvider implements AuthenticationProvider {
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
         WechatAuthenticationToken authenticationToken = (WechatAuthenticationToken) authentication;
         String code = (String) authenticationToken.getPrincipal();
-        WechatUserInfo wechatUserInfo = authenticationToken.getWechatUserInfo();
 
         WxMaJscode2SessionResult sessionInfo = null;
         try {
@@ -55,8 +55,15 @@ public class WechatAuthenticationProvider implements AuthenticationProvider {
         Result<MemberAuthDTO> memberAuthResult = memberFeignClient.loadUserByOpenId(openid);
         // 微信用户不存在，注册成为新会员
         if (memberAuthResult != null && ResultCode.USER_NOT_EXIST.getCode().equals(memberAuthResult.getCode())) {
+
+            String sessionKey = sessionInfo.getSessionKey();
+            String encryptedData = authenticationToken.getEncryptedData();
+            String iv = authenticationToken.getIv();
+            // 解密 encryptedData 获取用户信息
+            WxMaUserInfo userInfo = wxMaService.getUserService().getUserInfo(sessionKey, encryptedData, iv);
+
             UmsMember member = new UmsMember();
-            BeanUtil.copyProperties(wechatUserInfo, member);
+            BeanUtil.copyProperties(userInfo, member);
             member.setOpenid(openid);
             memberFeignClient.add(member);
         }

youlai-auth/src/main/java/com/youlai/auth/security/extension/wechat/WechatAuthenticationToken.java

@@ -13,21 +13,21 @@ import java.util.Collection;
  */
 public class WechatAuthenticationToken extends AbstractAuthenticationToken {
     private static final long serialVersionUID = 550L;
-
     private final Object principal;
-
     @Getter
-    private WechatUserInfo wechatUserInfo;
-
+    private String encryptedData;
+    @Getter
+    private String iv;
     /**
      * 账号校验之前的token构建
      *
      * @param principal
      */
-    public WechatAuthenticationToken(Object principal, WechatUserInfo wechatUserInfo) {
+    public WechatAuthenticationToken(Object principal, String encryptedData,String iv) {
         super(null);
         this.principal = principal;
-        this.wechatUserInfo = wechatUserInfo;
+        this.encryptedData = encryptedData;
+        this.iv=iv;
         setAuthenticated(false);
     }
 

youlai-auth/src/main/java/com/youlai/auth/security/extension/wechat/WechatTokenGranter.java

@@ -30,13 +30,15 @@ public class WechatTokenGranter extends AbstractTokenGranter {
 
         Map<String, String> parameters = new LinkedHashMap(tokenRequest.getRequestParameters());
         String code = parameters.get("code");
-        String userInfo = parameters.get("userInfo");
+        String encryptedData = parameters.get("encryptedData");
+        String iv = parameters.get("iv");
+
 
         parameters.remove("code");
-        parameters.remove("userInfo");
+        parameters.remove("encryptedData");
+        parameters.remove("iv");
 
-        WechatUserInfo wechatUserInfo = JSONUtil.toBean(userInfo, WechatUserInfo.class);
-        Authentication userAuth = new WechatAuthenticationToken(code,wechatUserInfo); // 未认证状态
+        Authentication userAuth = new WechatAuthenticationToken(code, encryptedData,iv); // 未认证状态
         ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
 
         try {