From 00c162ece158f745a2620a36f6e4476fac1a6378 Mon Sep 17 00:00:00 2001
From: thinkgem <thinkgem@163.com>
Date: Thu, 28 Dec 2023 09:33:20 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BB=A3=E7=A0=81=E4=BC=98=E5=8C=96=E6=8F=90?=
 =?UTF-8?q?=E7=A4=BA?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/shiro/realm/AuthorizingRealm.java  | 23 ++++++++++++++-----
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
index 2b613b0f..d8f7ff48 100644
--- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
+++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
@@ -16,6 +16,9 @@ import com.jeesite.modules.sys.utils.UserUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.subject.Subject;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -25,13 +28,13 @@ import javax.servlet.http.HttpServletRequest;
  * @version 2018-7-11
  */
 public class AuthorizingRealm extends BaseAuthorizingRealm  {
-	
+
 	public static final String HASH_ALGORITHM = "SHA-1";
 	public static final int HASH_INTERATIONS = 1024;
 	public static final int SALT_SIZE = 8;
-	
+
 	private UserService userService;
-	
+
 	public AuthorizingRealm() {
 		super();
 //		// 设定密码校验的Hash算法与迭代次数（V4.1.4及以上版本不需要了，统一使用validatePassword验证密码）
@@ -39,7 +42,7 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 //		matcher.setHashIterations(HASH_INTERATIONS);
 //		this.setCredentialsMatcher(matcher);
 	}
-	
+
 	/**
 	 * 获取登录凭证，将 authcToken 转换为 FormToken，参考 CAS 实现
 	 */
@@ -47,7 +50,7 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 	protected FormToken getFormToken(AuthenticationToken authcToken) {
 		return super.getFormToken(authcToken);
 	}
-	
+
 	/**
 	 * 用于用户根据登录信息获取用户信息<br>
 	 * 1、默认根据登录账号登录信息，如：UserUtils.getByLoginCode(formToken.getUsername(), formToken.getParam("corpCode"));<br>
@@ -58,7 +61,7 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 	protected User getUserInfo(FormToken formToken) {
 		return super.getUserInfo(formToken);
 	}
-	
+
 	/**
 	 * 校验登录凭证，如密码验证，token验证，验证失败抛出 AuthenticationException 异常
 	 */
@@ -66,6 +69,14 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 	protected void assertCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo authcInfo) throws AuthenticationException {
 		super.assertCredentialsMatch(authcToken, authcInfo);
 	}
+
+	/**
+	 * 获取用户授权信息，默认返回类型 SimpleAuthorizationInfo
+	 */
+	@Override
+	protected AuthorizationInfo doGetAuthorizationInfo(LoginInfo loginInfo, Subject subject, Session session, User user) {
+		return super.doGetAuthorizationInfo(loginInfo, subject, session, user);
+	}
 	
 	/**
 	 * 生成密文密码，生成随机的16位salt并经过1024次 sha-1 hash