From 7de1396e315896dbc72a9d54e44f77434ea90f18 Mon Sep 17 00:00:00 2001
From: wlzboy <66905212@qq.com>
Date: 星期日, 14 十二月 2025 23:47:34 +0800
Subject: [PATCH] feat:增加企业微信自动登录

---
 ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java |   76 ++++++++++++++++++++++++++++++++------
 1 files changed, 64 insertions(+), 12 deletions(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 511842b..bfa6810 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -20,6 +20,16 @@
 import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;
 import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;
 import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;
+import com.ruoyi.framework.security.WechatAuthenticationProvider;
+import com.ruoyi.framework.security.QyWechatAuthenticationProvider;
+import com.ruoyi.common.annotation.Anonymous;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
+import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
 
 /**
  * spring security閰嶇疆
@@ -66,16 +76,54 @@
     @Autowired
     private PermitAllUrlProperties permitAllUrl;
 
+    @Autowired
+    private RequestMappingHandlerMapping requestMappingHandlerMapping;
+
+    /**
+     * 寰俊璁よ瘉鎻愪緵鑰�
+     */
+    @Autowired
+    private WechatAuthenticationProvider wechatAuthenticationProvider;
+
+    /**
+     * 浼佷笟寰俊璁よ瘉鎻愪緵鑰�
+     */
+    @Autowired
+    private QyWechatAuthenticationProvider qyWechatAuthenticationProvider;
+
+    /**
+     * 鑾峰彇鎵�鏈夋爣娉ㄤ簡@Anonymous鐨刄RL
+     */
+    private Set<String> getAnonymousUrls() {
+        Set<String> urls = new HashSet<>();
+        Map<RequestMappingInfo, HandlerMethod> handlerMethods = requestMappingHandlerMapping.getHandlerMethods();
+        for (Map.Entry<RequestMappingInfo, HandlerMethod> entry : handlerMethods.entrySet()) {
+            HandlerMethod handlerMethod = entry.getValue();
+            Anonymous anonymous = handlerMethod.getMethodAnnotation(Anonymous.class);
+            if (anonymous != null) {
+                Set<String> patterns = entry.getKey().getPatternValues();
+                urls.addAll(patterns);
+                System.out.println("鉁� 妫�娴嬪埌鍖垮悕鎺ュ彛: " + patterns + " - " + handlerMethod.getMethod().getName());
+            }
+        }
+        System.out.println("馃摐 鎵�鏈夊尶鍚嶆帴鍙ｅ垪琛�: " + urls);
+        return urls;
+    }
+
     /**
      * 韬唤楠岃瘉瀹炵幇
+     * 鏀寔鐢ㄦ埛鍚嶅瘑鐮佽璇併�佸井淇¤璇佸拰浼佷笟寰俊璁よ瘉
      */
     @Bean
     public AuthenticationManager authenticationManager()
     {
+        // 鐢ㄦ埛鍚嶅瘑鐮佽璇佹彁渚涜��
         DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
         daoAuthenticationProvider.setUserDetailsService(userDetailsService);
         daoAuthenticationProvider.setPasswordEncoder(bCryptPasswordEncoder());
-        return new ProviderManager(daoAuthenticationProvider);
+        
+        // 杩斿洖ProviderManager,鏀寔澶氱璁よ瘉鏂瑰紡
+        return new ProviderManager(daoAuthenticationProvider, wechatAuthenticationProvider, qyWechatAuthenticationProvider);
     }
 
     /**
@@ -96,6 +144,9 @@
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception
     {
+        // 鑾峰彇鎵�鏈夋爣娉ㄤ簡@Anonymous鐨刄RL
+        Set<String> anonymousUrls = getAnonymousUrls();
+        
         return httpSecurity
             // CSRF绂佺敤锛屽洜涓轰笉浣跨敤session
             .csrf(csrf -> csrf.disable())
@@ -107,17 +158,18 @@
             .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
             // 鍩轰簬token锛屾墍浠ヤ笉闇�瑕乻ession
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-            // 娉ㄨВ鏍囪鍏佽鍖垮悕璁块棶鐨剈rl
-            .authorizeHttpRequests((requests) -> {
-                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
-                // 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
-                requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
-                    // 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
-                    .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
-                    .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
-                    // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
-                    .anyRequest().authenticated();
-            })
+            // 杩囨护璇锋眰
+            .authorizeRequests()
+            // 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
+            .antMatchers("/login", "/register", "/captchaImage").permitAll()
+            // 娣诲姞鏍囨敞浜咢Anonymous鐨刄RL鍒板尶鍚嶈闂垪琛�
+            .antMatchers(anonymousUrls.toArray(new String[0])).permitAll()
+            // 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
+            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
+            .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
+            // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
+            .anyRequest().authenticated()
+            .and()
             // 娣诲姞Logout filter
             .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
             // 娣诲姞JWT filter

--
Gitblit v1.9.1