ibm 系统 单点登录 接口对接及 跳转验证

This commit is contained in:
lmc 2024-11-20 10:55:07 +08:00
parent 6bd755c81e
commit 1c4bf2cd53
7 changed files with 107 additions and 16 deletions

View File

@ -212,9 +212,20 @@
<!-- <version>1.0</version>-->
<!-- </dependency>-->
<dependency>
<groupId>com.banboocloud.Codec </groupId>
<artifactId>banboocloud_Codec</artifactId>
<version>0.0.1</version>
</dependency>
<dependency>
<groupId>org.jodd</groupId>
<artifactId>jodd-http</artifactId>
<version>6.3.0</version>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>

View File

@ -2,6 +2,10 @@ package com.ruoyi.common.OAuth;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.framework.security.service.SysLoginService;
import com.ruoyi.framework.web.domain.AjaxResult;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@ -15,6 +19,7 @@ import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.ArrayList;
/**
* Author:Zhenggang
@ -29,23 +34,24 @@ public class OauthDemo {
//认证地址
public static final String BASE_URL = "http://utuum.sd-gold.com:7021/idp/oauth2";
//应用注册id
public static final String CLIENT_ID = "ERM";
public static final String CLIENT_ID = "hfxyjwzxjc";
//应用注册key
public static final String CLIENT_SECRET = "ermsecret";
public static final String CLIENT_SECRET = "2c9ecb1b6b1f47d297abb6ffa7ede060";
//获取access_token的url
public static final String GET_ACCESS_TOKEN_URL = BASE_URL + "/getToken";
//获取用户信息的url
public static final String GET_USERINFO_URL = BASE_URL + "/getUserInfo?client_id=" + CLIENT_ID + "&access_token=";
@Autowired
private SysLoginService loginService;
/**
* 访问ip:port/root/redirectToAuth时拼接并且重定向到
* http://utuum.sd-gold.com:7021/idp/oauth2/authorize?redirect_uri=ip:port/root/getAccountName&state=sso&client_id=ECD&response_type=code
*/
@RequestMapping("/redirectToAuth")
public void reToAuth(HttpServletRequest request, HttpServletResponse response) {
String url = request.getRequestURL().toString().replaceAll("/redirectToAuth", "/getAccountName");
String url = request.getRequestURL().toString().replaceAll("/prod-api/redirectToAuth", "/prod-api/getAccountName");
String re_url = BASE_URL + "/authorize?redirect_uri=" + url + "&state=sso&client_id=" + CLIENT_ID + "&response_type=code";
try {
response.sendRedirect(re_url);
@ -61,7 +67,7 @@ public class OauthDemo {
*/
@ResponseBody
@RequestMapping(value = "/getAccountName", method = RequestMethod.GET)
public String getAccountName(@RequestParam(name = "code") String code) {
public AjaxResult getAccountName(@RequestParam(name = "code") String code) {
String accessTokenParam = null;
System.out.println("1).authorize code is" + code);
try {
@ -88,12 +94,18 @@ public class OauthDemo {
}
System.out.println("3).userInfo is :" + userInfo);
String acc = getValueFromJson(userInfo, "spRoleList");
String userName = getValueFromJson(userInfo, "userName");
String passWord = getValueFromJson(userInfo, "passWord");
if (acc == null || acc.equals("")) {
System.out.println("cannot get acc");
return null;
}
System.out.println("the acc is :" + acc);
return "the acc is : " + acc;
String s = loginService.loginNoCaptcha(userName, passWord, null);
AjaxResult success = AjaxResult.success();
success.put(Constants.TOKEN,s);
success.put("mgs","登录成功");
return success;
}

View File

@ -36,7 +36,7 @@ public class EquTask {
/**
* 港口原有设备对接
*/
@Scheduled(fixedRate = 10000)
// @Scheduled(fixedRate = 10000)
public void equ(){
String hash = "16EA8A305FB58BE0730DD67F04F022F4";

View File

@ -112,7 +112,7 @@ public class SecurityConfig
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
requests.antMatchers("/login","/bbc/**",
"/register", "/captchaImage","/outside/*").permitAll()
"/register", "/captchaImage","/outside/*","/redirectToAuth","/getAccountName").permitAll()
// 静态资源可匿名访问
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

View File

@ -100,6 +100,48 @@ public class SysLoginService
return tokenService.createToken(loginUser);
}
/**
* 无需验证码登录
* 重写login方法将验证码模块去掉
* @param username
* @param password
* @param uuid
* @return
*/
public String loginNoCaptcha(String username, String password, String uuid)
{
// 用户验证
Authentication authentication = null;
try
{
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
}
catch (Exception e)
{
if (e instanceof BadCredentialsException)
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
}
else
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
throw new ServiceException(e.getMessage());
}
}
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
recordLoginInfo(loginUser.getUserId());
// 生成token
return tokenService.createToken(loginUser);
}
/**
* 校验验证码
*

View File

@ -70,7 +70,7 @@ public class BbcController extends BaseController {
}
// @ApiOperation("对象属性字段查询")
@PostMapping("/schemaService")
@PostMapping("/SchemaService")
public String SchemaService(HttpServletRequest req, HttpServletResponse resp) {
JSONObject jsonObject = new JSONObject();
@ -113,10 +113,16 @@ public class BbcController extends BaseController {
statusMap.put("name","status");
statusMap.put("required",true);
statusMap.put("type","String");
HashMap<String, Object> nickNameMap = new HashMap<>();
nickNameMap.put("multivalued",false);
nickNameMap.put("name","nickName");
nickNameMap.put("required",true);
nickNameMap.put("type","String");
accountList.add(nameMap);
accountList.add(passMap);
accountList.add(mobileMap);
accountList.add(statusMap);
accountList.add(nickNameMap);
jsonObject.put("account", accountList);
// jsonObject.put("organization", mapJson.organizationList());
// jsonObject.put("role", mapJson.roleList());
@ -153,6 +159,7 @@ public class BbcController extends BaseController {
JSONObject jsonObject = new JSONObject();
StringBuilder sb = stringBuilder(req);
logger.info("json--bodyStr-->"+sb);
//修改多值的属性格式方便转换
String bodyparam = sb.toString();
bodyparam = BamboocloudUtils.getPlaintext(bodyparam, "123456", "AES");
@ -178,11 +185,22 @@ public class BbcController extends BaseController {
// User user = createUpdateUser(reqmap);
String userName = (String) reqmap.get("userName");
String pass = (String) reqmap.get("password");
String mobile = (String) reqmap.get("mobile");
String status = (String) reqmap.get("status");
String nickName = (String) reqmap.get("nickName");
logger.info("reqmap---------->"+reqmap);
SysUser user = new SysUser();
user.setUserName(userName);
user.setPassword(pass);
user.setPhonenumber(mobile);
user.setStatus(status);
user.setNickName(nickName);
Random random = new Random();
int min = 8000;
int max = 9000;
int randomNumber = random.nextInt(max - min + 1) + min;
user.setUserId(Long.valueOf(randomNumber));
//用户创建
userService.registerUser(user);
//获取返回给IAM连接器的唯一标识用于后续该条数据的更新修改删除
@ -224,7 +242,7 @@ public class BbcController extends BaseController {
StringBuilder sb = stringBuilder(req);
String bodyparam = sb.toString();
logger.info("json--bodyStr-->"+sb);
bodyparam = BamboocloudUtils.getPlaintext(bodyparam, "123456", "AES");
//修改多值的属性格式方便转换
String p = bodyparam;
@ -242,15 +260,21 @@ public class BbcController extends BaseController {
String username = (String) reqmap.get("bimRemoteUser");
String password = (String) reqmap.get("bimRemotePwd");
if (BamboocloudUtils.checkUsernamePassword(username, password)) {
SysUser user = new SysUser();
//获取用于更新的参数
// user = createUpdateUser(reqmap);
String userName = (String) reqmap.get("userName");
String pass = (String) reqmap.get("password");
String mobile = (String) reqmap.get("mobile");
String status = (String) reqmap.get("status");
String nickName = (String) reqmap.get("nickName");
logger.info("reqmap---------->"+reqmap);
SysUser user = new SysUser();
user.setUserName(userName);
user.setPassword(pass);
user.setPhonenumber(mobile);
user.setStatus(status);
user.setNickName(nickName);
//获取用于更新的唯一标识
user.setUserId(Long.valueOf(String.valueOf(reqmap.get("bimUid"))));
//更新用户

View File

@ -144,11 +144,13 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<select id="checkEmailUnique" parameterType="String" resultMap="SysUserResult">
select user_id, email from sys_user where email = #{email} and del_flag = '0' and rownum <![CDATA[ <= ]]> 1
</select>
<insert id="insertUser" parameterType="SysUser" useGeneratedKeys="true" keyProperty="userId">
<selectKey keyProperty="userId" order="BEFORE" resultType="Long">
select seq_sys_user.nextval as userId from DUAL
</selectKey>
<!-- <selectKey keyProperty="userId" order="BEFORE" resultType="Long">-->
<!-- select seq_sys_user.nextval as userId from DUAL-->
<!-- </selectKey>-->
<!-- <insert id="insertUser" parameterType="SysUser" useGeneratedKeys="true" keyProperty="userId">-->
<insert id="insertUser" parameterType="SysUser" >
insert into sys_user(
<if test="userId != null and userId != 0">user_id,</if>
<if test="deptId != null and deptId != 0">dept_id,</if>