diff --git a/renren-admin/src/main/java/io/renren/common/interceptor/IdentityInterceptor.java b/renren-admin/src/main/java/io/renren/common/interceptor/IdentityInterceptor.java index 5e4920f2..fbba7ca1 100644 --- a/renren-admin/src/main/java/io/renren/common/interceptor/IdentityInterceptor.java +++ b/renren-admin/src/main/java/io/renren/common/interceptor/IdentityInterceptor.java @@ -48,6 +48,7 @@ public class IdentityInterceptor implements HandlerInterceptor { String keeperUrl = yaweiSSOProperties.getKeeperUrl(); keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "=" + URLEncoder.encode(requeststr, "UTF-8"); + response.addHeader("REDIRECT", keeperUrl); response.sendRedirect(keeperUrl); return false; } diff --git a/renren-admin/src/main/java/io/renren/common/interceptor/YaweiSSOProperties.java b/renren-admin/src/main/java/io/renren/common/interceptor/YaweiSSOProperties.java index 5a7b4f17..d50e7542 100644 --- a/renren-admin/src/main/java/io/renren/common/interceptor/YaweiSSOProperties.java +++ b/renren-admin/src/main/java/io/renren/common/interceptor/YaweiSSOProperties.java @@ -7,7 +7,7 @@ import org.springframework.stereotype.Component; @Data @Component -@PropertySource("classpath:/yaweisso.properties") +@PropertySource("classpath:yaweisso.properties") @ConfigurationProperties(prefix = "sso") public class YaweiSSOProperties { private String domain; diff --git a/renren-admin/src/main/java/io/renren/modules/activiti/service/ActTaskService.java b/renren-admin/src/main/java/io/renren/modules/activiti/service/ActTaskService.java index fc65b942..a1f05582 100644 --- a/renren-admin/src/main/java/io/renren/modules/activiti/service/ActTaskService.java +++ b/renren-admin/src/main/java/io/renren/modules/activiti/service/ActTaskService.java @@ -55,6 +55,13 @@ import java.util.*; */ @Service public class ActTaskService extends BaseServiceImpl { + + public static String Task_HANDLE_STATE = "handleState"; //任务节点处理状态key + public static String Task_HANDLE_STATE_AGREE = "agree"; //同意 + public static String Task_HANDLE_STATE_REJECTED = "rejected"; //驳回 + public static String Task_HANDLE_STATE_BACK = "back"; //回退 + public static String Task_HANDLE_STATE_STOP = "stop"; //终止 + @Autowired protected TaskService taskService; @Autowired @@ -226,6 +233,7 @@ public class ActTaskService extends BaseServiceImpl { if (StringUtils.isNotEmpty(comment)) { taskService.addComment(taskId, task.getProcessInstanceId(), comment); } + taskService.setVariable(taskId, Task_HANDLE_STATE, Task_HANDLE_STATE_AGREE); taskService.complete(taskId); } @@ -390,6 +398,7 @@ public class ActTaskService extends BaseServiceImpl { if (StringUtils.isNotEmpty(comment)) { commentMode += "[" + comment + "]"; } + taskService.setVariable(task.getId(), Task_HANDLE_STATE, Task_HANDLE_STATE_BACK); taskService.addComment(task.getId(), task.getProcessInstanceId(), commentMode); taskService.complete(task.getId(), variables); } @@ -477,6 +486,7 @@ public class ActTaskService extends BaseServiceImpl { String message = MessageUtils.getMessage(ErrorCode.END_PROCESS_MESSAGE); comment = message + "[" + comment + "]"; taskService.addComment(task.getId(), task.getProcessInstanceId(), comment); + taskService.setVariable(task.getId(), Task_HANDLE_STATE, Task_HANDLE_STATE_STOP); taskService.complete(taskId); pointActivity.getIncomingTransitions().remove(newTransition); List pvmTransitionListC = currActivity.getOutgoingTransitions(); @@ -606,6 +616,7 @@ public class ActTaskService extends BaseServiceImpl { this.setTaskVariable(taskDTO.getTaskId(), key, taskDTO.getParams().get(key)); } } + taskService.setVariable(taskDTO.getTaskId(), Task_HANDLE_STATE, Task_HANDLE_STATE_REJECTED); this.completeTask(taskDTO.getTaskId(), taskDTO.getComment()); } diff --git a/renren-admin/src/main/java/io/renren/modules/processForm/entity/TAbilityApplicationEntity.java b/renren-admin/src/main/java/io/renren/modules/processForm/entity/TAbilityApplicationEntity.java index 5ceb42dc..d43307cd 100644 --- a/renren-admin/src/main/java/io/renren/modules/processForm/entity/TAbilityApplicationEntity.java +++ b/renren-admin/src/main/java/io/renren/modules/processForm/entity/TAbilityApplicationEntity.java @@ -37,6 +37,7 @@ public class TAbilityApplicationEntity { /** * 申请应用系统 */ + @TableField("`system`") private String system; /** * 申请场景 @@ -81,4 +82,9 @@ public class TAbilityApplicationEntity { * 附件 */ private String enclosure; + + /** + * 流程通过后api网关注册的认证code,用于三方接口调用 + */ + private String gatewayCode; } \ No newline at end of file diff --git a/renren-admin/src/main/java/io/renren/modules/processForm/listener/CorrectionListener.java b/renren-admin/src/main/java/io/renren/modules/processForm/listener/CorrectionListener.java index f5b23541..6f7fd3a5 100644 --- a/renren-admin/src/main/java/io/renren/modules/processForm/listener/CorrectionListener.java +++ b/renren-admin/src/main/java/io/renren/modules/processForm/listener/CorrectionListener.java @@ -13,18 +13,24 @@ import io.renren.modules.sys.service.SysDeptService; import io.renren.modules.sys.service.SysRoleService; import io.renren.modules.sys.service.SysRoleUserService; import io.renren.modules.sys.service.SysUserService; +import org.activiti.engine.HistoryService; +import org.activiti.engine.ProcessEngine; +import org.activiti.engine.ProcessEngines; import org.activiti.engine.TaskService; import org.activiti.engine.delegate.*; import org.activiti.engine.delegate.event.ActivitiEvent; import org.activiti.engine.delegate.event.ActivitiEventListener; +import org.activiti.engine.history.HistoricTaskInstance; +import org.activiti.engine.task.Task; +import org.activiti.engine.task.TaskQuery; +import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import java.util.Map; -import java.util.Optional; +import java.util.*; /** * 部门动态审批人 @@ -105,13 +111,11 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti Gson gson = new Gson(); JsonElement jsonElement = gson.toJsonTree(kv); TAbilityApplicationDTO abilityApplicationDTO = gson.fromJson(jsonElement, TAbilityApplicationDTO.class); - if (abilityApplicationDTO != null && abilityApplicationDTO.getId() != null) { + if (abilityApplicationDTO != null) { abilityApplicationDTO.setDelFlag(0); abilityApplicationDTO.setApproveStatus("通过"); tAbilityApplicationService.update(abilityApplicationDTO); logger.error("审批通过!申请id:" + abilityApplicationDTO.getId()); - } else { - logger.error(kv.toString()); } } @@ -142,7 +146,6 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti logger.error("第二级别审批仍然为 " + bigDateDeptName); taskService.addComment(delegateTask.getId(), delegateTask.getProcessInstanceId(), "默认通过"); taskService.complete(delegateTask.getId(), delegateTask.getVariables()); - endTake(delegateTask.getVariables()); } } else { logger.error("表单内单位名称:" + abilityApplicationDTO.getUnit()); @@ -164,14 +167,5 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti logger.error("未查到该部门对应的 " + roleName); taskService.setAssignee(delegateTask.getId(), "1516728698224427010"); } - - Optional resourceDTOOptional = Optional.ofNullable(resourceService.get(Long.valueOf(abilityApplicationDTO.getResourceId()))); - resourceDTOOptional.ifPresent(resource -> { - if ("免批申请".equals(resource.getShareCondition())) { // 针对免批资源申请 - taskService.addComment(delegateTask.getId(), delegateTask.getProcessInstanceId(), "免批资源申请默认通过"); - taskService.complete(delegateTask.getId(), delegateTask.getVariables()); - endTake(delegateTask.getVariables()); - } - }); } } diff --git a/renren-admin/src/main/java/io/renren/modules/processForm/service/ApiGatewayService.java b/renren-admin/src/main/java/io/renren/modules/processForm/service/ApiGatewayService.java index 156012ee..521e3181 100644 --- a/renren-admin/src/main/java/io/renren/modules/processForm/service/ApiGatewayService.java +++ b/renren-admin/src/main/java/io/renren/modules/processForm/service/ApiGatewayService.java @@ -1,9 +1,14 @@ package io.renren.modules.processForm.service; +import cn.hutool.core.lang.UUID; import com.alibaba.fastjson.JSON; +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper; import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper; +import io.renren.modules.processForm.dao.TAbilityApplicationDao; +import io.renren.modules.processForm.entity.TAbilityApplicationEntity; import io.renren.modules.resource.dao.ResourceDao; import io.renren.modules.resource.entity.ResourceEntity; import lombok.extern.slf4j.Slf4j; @@ -21,40 +26,60 @@ import java.util.regex.Pattern; @Service @Slf4j +/** + * 聚好看网关对接相关 + * + */ public class ApiGatewayService { @Autowired private ResourceDao resourceDao; + @Autowired + private TAbilityApplicationDao abilityApplicationDao; + @Autowired private RestTemplate restTemplate; - @Value("${hisense.gateway.url:http://devtest-security-app.hismarttv.com:8080}") + @Value("${hisense.gateway.url}") private String gatewayUrl; - /** + /** 将api注册到网关 + * 注册流程:创建group -> 创建路由(api)并关联到group下,未来可多个api关联 * @param resourceId 能力资源的id * @return */ public void registerApi2Gateway(String resourceId){ if (resourceId == null) { - log.warn("传入resourceId为空"); - return; + throw new IllegalArgumentException("传入resourceId为空"); } ResourceEntity resourceEntity = resourceDao.selectById(resourceId); + if (resourceEntity == null) { + throw new IllegalArgumentException(String.format("未找到对应的资源id:%s", resourceId)); + } String apiUrl = resourceEntity.getApiUrl(); + String methods = resourceEntity.getApiMethodType().toUpperCase(); - if (apiUrl == null || !apiUrl.startsWith("http")){ - log.warn("非法apiurl!! apiUrl:{} resourceId:{}",apiUrl, resourceId); + if (StringUtils.isBlank(apiUrl) || StringUtils.isBlank(methods)){ + String msg = String.format("注册api参数为空,跳过 apiUrl:%s, methods:%s, resourceId:%s", apiUrl, methods, resourceId); + //重要参数没有当成不需要注册 + log.info(msg); return; } //建group String domain = getIP(apiUrl); + String uris = apiUrl.substring(apiUrl.indexOf(domain) + domain.length()); + if (StringUtils.isBlank(uris)) { + uris = "/"; + } + String apiPrefix = "/juapi/" + resourceId; HashMap groupEntity = new HashMap(); + groupEntity.put("id", resourceId); groupEntity.put("name", resourceEntity.getName()); + groupEntity.put("stripPrefixPattern",String.format("^%s/(.*)", apiPrefix)); groupEntity.put("serviceName",domain ); String groupUrl = gatewayUrl + "/apiops/api/groups"; @@ -63,17 +88,17 @@ public class ApiGatewayService { HashMap body = responseEntity.getBody(); String id = (String) body.get("id"); if (StringUtils.isBlank(id)){ - log.error("创建group时id为空 {} body:{}", JSON.toJSONString(groupEntity), body); - return; + String error = String.format("创建group时id为空 request:%s body:%s", JSON.toJSONString(groupEntity), body); + throw new RuntimeException(error); } //建路由(接口url) - String routeUrl = gatewayUrl + "apiops/api/routers"; + String routeUrl = gatewayUrl + "/apiops/api/routers"; HashMap routeEntity = new HashMap(); routeEntity.put("name", "api:1:" + resourceEntity.getName()); routeEntity.put("group", id); - routeEntity.put("methods", resourceEntity.getApiMethodType().toUpperCase()); - routeEntity.put("uris", apiUrl.substring(apiUrl.indexOf(domain) + domain.length())); + routeEntity.put("methods", methods); + routeEntity.put("uris", apiPrefix + uris); ResponseEntity routeResEntity = restTemplate.postForEntity(routeUrl, routeEntity, HashMap.class); if (routeResEntity.getStatusCode() != HttpStatus.OK || !responseEntity.hasBody()){ //失败则删除group @@ -89,6 +114,55 @@ public class ApiGatewayService { } } + /** + * 将code关联到group,api这希望code由我们来生成 + * 关联流程:创建消费者 -> 订阅接口传入code关联消费者与group + * @param formId + * @param code + */ + public void subscribeCode( String formId, String code){ + + if ( StringUtils.isBlank(formId) || StringUtils.isBlank(code)) { + throw new IllegalArgumentException(String.format("关键参数不能为空 formId:%s code:%s", formId, code)); + } + + TAbilityApplicationEntity applicationEntity = abilityApplicationDao.selectById(formId); + ResourceEntity resourceEntity = resourceDao.selectById(applicationEntity.getResourceId()); + String groupId = resourceEntity.getGroupId(); + if (resourceEntity == null){ + throw new RuntimeException(String.format("找不到资源类 groupId:%s", groupId)); + } + + //注册消费者,一个表单关联一个消费者 + HashMap consumerEntity = new HashMap(); + consumerEntity.put("id", formId); + consumerEntity.put("name", resourceEntity.getName() + "-concumer"); + + String consumerUrl = gatewayUrl + "/apiops/api/consumers"; + HashMap consumerResponse = restTemplate.postForEntity(consumerUrl, consumerEntity, HashMap.class).getBody(); + if (consumerResponse == null || !formId.equals(consumerResponse.get("id"))){ + throw new RuntimeException(String.format("消费者创建失败 response: %s", consumerResponse)); + } + + //订阅 + HashMap subscribeEntity = new HashMap(); + subscribeEntity.put("consumerId", formId); + subscribeEntity.put("routerId", groupId); + subscribeEntity.put("routerType","group"); + subscribeEntity.put("code", code); + + String subscribeUrl = gatewayUrl + "/apiops/api/subscribers"; + HashMap body = restTemplate.postForEntity(subscribeUrl, subscribeEntity, HashMap.class).getBody(); + if (body == null || StringUtils.isBlank((String) body.get("consumerId"))){ + throw new RuntimeException(String.format("订阅失败 response: %s", body)); + } + + LambdaUpdateWrapper updateWrapper = new UpdateWrapper().lambda() + .eq(TAbilityApplicationEntity::getId, formId) + .set(TAbilityApplicationEntity::getGatewayCode, code); + abilityApplicationDao.update(null, updateWrapper); + } + private String getIP(String url) { String re = "((http|ftp|https)://)(([a-zA-Z0-9._-]+)|([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}))(([a-zA-Z]{2,6})|(:[0-9]{1,4})?)"; String str = ""; diff --git a/renren-admin/src/main/java/io/renren/modules/resourceMountApply/listener/ResourceOwnerListener.java b/renren-admin/src/main/java/io/renren/modules/resourceMountApply/listener/ResourceOwnerListener.java index 82cbe990..5396fa21 100644 --- a/renren-admin/src/main/java/io/renren/modules/resourceMountApply/listener/ResourceOwnerListener.java +++ b/renren-admin/src/main/java/io/renren/modules/resourceMountApply/listener/ResourceOwnerListener.java @@ -80,6 +80,9 @@ public class ResourceOwnerListener implements TaskListener, ExecutionListener, A case EVENTNAME_CREATE: // 创建当前审批节点事件 create(delegateTask, roleDTO); break; + case EVENTNAME_COMPLETE: + complete(delegateTask); + break; default: logger.error("未处理该事件:" + eventName); } diff --git a/renren-admin/src/main/java/io/renren/modules/security/config/ShiroConfig.java b/renren-admin/src/main/java/io/renren/modules/security/config/ShiroConfig.java index 9c6b1a12..7ab70721 100644 --- a/renren-admin/src/main/java/io/renren/modules/security/config/ShiroConfig.java +++ b/renren-admin/src/main/java/io/renren/modules/security/config/ShiroConfig.java @@ -9,8 +9,10 @@ import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSource import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.stereotype.Component; import javax.servlet.Filter; import java.util.HashMap; @@ -23,6 +25,9 @@ import java.util.Map; @Configuration public class ShiroConfig { +// @Autowired +// private Oauth2Filter oauth2Filter; + @Bean public DefaultWebSessionManager sessionManager() { DefaultWebSessionManager sessionManager = new DefaultWebSessionManager(); @@ -42,13 +47,13 @@ public class ShiroConfig { } @Bean("shiroFilter") - public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { + public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager, Oauth2Filter oauth2Filter) { ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean(); shiroFilter.setSecurityManager(securityManager); //oauth过滤 Map filters = new HashMap<>(); - filters.put("oauth2", new Oauth2Filter()); + filters.put("oauth2", oauth2Filter); shiroFilter.setFilters(filters); Map filterMap = new LinkedHashMap<>(); diff --git a/renren-admin/src/main/java/io/renren/modules/security/config/WebMvcConfig.java b/renren-admin/src/main/java/io/renren/modules/security/config/WebMvcConfig.java index df41a497..34de09e8 100644 --- a/renren-admin/src/main/java/io/renren/modules/security/config/WebMvcConfig.java +++ b/renren-admin/src/main/java/io/renren/modules/security/config/WebMvcConfig.java @@ -4,8 +4,10 @@ import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.module.SimpleModule; import com.fasterxml.jackson.databind.ser.std.ToStringSerializer; +import io.renren.common.interceptor.IdentityInterceptor; import io.renren.common.utils.DateUtils; import io.renren.modules.pay.Interceptor.AliPayInterceptor; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.converter.ByteArrayHttpMessageConverter; @@ -25,6 +27,9 @@ import java.util.TimeZone; @Configuration public class WebMvcConfig implements WebMvcConfigurer { + @Autowired + private IdentityInterceptor identityInterceptor; + @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") @@ -37,7 +42,7 @@ public class WebMvcConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new AliPayInterceptor()).addPathPatterns("/pay/alipay/**"); -// registry.addInterceptor(new IdentityInterceptor()); +// registry.addInterceptor(identityInterceptor); } @Override diff --git a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java index 1e07ae14..b229ea06 100644 --- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java +++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java @@ -1,8 +1,13 @@ package io.renren.modules.security.oauth2; import com.google.gson.Gson; +import com.yawei.pso.PSORequest; +import com.yawei.pso.SSOResponse; +import com.yawei.pso.TicketManager; import io.renren.common.constant.Constant; import io.renren.common.exception.ErrorCode; +import io.renren.common.interceptor.Validator; +import io.renren.common.interceptor.YaweiSSOProperties; import io.renren.common.utils.HttpContextUtils; import io.renren.common.utils.Result; import org.apache.commons.lang3.StringUtils; @@ -10,20 +15,38 @@ import org.apache.http.HttpStatus; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.web.filter.authc.AuthenticatingFilter; +import org.apache.shiro.web.servlet.ShiroHttpServletRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Lazy; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.lang.reflect.Field; +import java.net.URLEncoder; +import java.util.Iterator; +import java.util.Map; /** * oauth2过滤器 * */ +@Component() +@Scope("prototype") public class Oauth2Filter extends AuthenticatingFilter { + public final static String SEESION_USER = "seesion_user"; + + @Autowired + private YaweiSSOProperties yaweiSSOProperties; + @Override protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception { //获取请求token @@ -47,22 +70,28 @@ public class Oauth2Filter extends AuthenticatingFilter { @Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { + + //获取请求token,如果token不存在,直接返回401 String token = getRequestToken((HttpServletRequest) request); if(StringUtils.isBlank(token)){ - HttpServletResponse httpResponse = (HttpServletResponse) response; - httpResponse.setContentType("application/json;charset=utf-8"); - httpResponse.setHeader("Access-Control-Allow-Credentials", "true"); - httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin()); - String json = new Gson().toJson(new Result().error(ErrorCode.UNAUTHORIZED)); + yaweiHandle((HttpServletRequest)request, (HttpServletResponse)response); - httpResponse.getWriter().print(json); +// HttpServletResponse httpResponse = (HttpServletResponse) response; +// httpResponse.setContentType("application/json;charset=utf-8"); +// httpResponse.setHeader("Access-Control-Allow-Credentials", "true"); +// httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin()); +// +// String json = new Gson().toJson(new Result().error(ErrorCode.UNAUTHORIZED)); +// +// httpResponse.getWriter().print(json); return false; } - return executeLogin(request, response); + boolean executeLogin = executeLogin(request, response); + return executeLogin; } @Override @@ -100,4 +129,86 @@ public class Oauth2Filter extends AuthenticatingFilter { return token; } + public boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception { + // 获取当前请求的url + String requestUri = request.getHeader("REQUESTURI"); + if (requestUri == null){ + requestUri = request.getRequestURI(); + } + + Validator validator = Validator.getInstance(); + + String strResponse = request.getParameter(yaweiSSOProperties.getSsoKey()); + if (org.apache.commons.lang.StringUtils.isEmpty(strResponse)) { + TicketManager tm = new TicketManager(); + if (!tm.LoadTicket(request)) { + PSORequest psoRequest = new PSORequest(request); + //不建新类了,直接反射解决 + Field returnUrl = psoRequest.getClass().getDeclaredField("returnUrl"); + returnUrl.setAccessible(true); + returnUrl.set(psoRequest, requestUri); + String requeststr = psoRequest.CreateHash(); + + String keeperUrl = yaweiSSOProperties.getKeeperUrl(); + keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "=" + + URLEncoder.encode(requeststr, "UTF-8"); + response.addHeader("REDIRECT", keeperUrl); + response.setStatus(HttpStatus.SC_UNAUTHORIZED); + response.getWriter().write(HttpStatus.SC_UNAUTHORIZED); + return false; + } + } else { + // 如果服务器端通过认证后,会返回后执行改操作,然后写入cookie + SSOResponse ssoResp = new SSOResponse(strResponse); + TicketManager tm = ssoResp.CreatePSOTicket(); + if (tm == null) { + PSORequest psoRequest = new PSORequest(request); + String requeststr = psoRequest.CreateHash(); + + String keeperUrl = yaweiSSOProperties.getKeeperUrl(); + keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "=" + + URLEncoder.encode(requeststr, "UTF-8"); + response.sendRedirect(keeperUrl); + } else { + String domainName = yaweiSSOProperties.getDomain(); + tm.SaveTicket(response, domainName); + + //同时添加自己的token +// Cookie cookie = new Cookie(Constant.TOKEN_HEADER, createToken(request, response).toString()); +// response.addCookie(cookie); + + Iterator> iterator = request + .getParameterMap().entrySet().iterator(); + StringBuffer param = new StringBuffer(); + int i = 0; + while (iterator.hasNext()) { + Map.Entry entry = (Map.Entry) iterator + .next(); + if (entry.getKey().equals(yaweiSSOProperties.getSsoKey())) + continue; + else { + i++; + if (i == 1) + param.append("?").append(entry.getKey()) + .append("="); + else + param.append("&").append(entry.getKey()) + .append("="); + + if (entry.getValue() instanceof String[]) { + param.append(((String[]) entry.getValue())[0]); + } else { + param.append(entry.getValue()); + } + } + } + response.sendRedirect(requestUri + param.toString()); + return false; + } + } + validator.SetUserTicket(request); + return true; + } + + } \ No newline at end of file diff --git a/renren-admin/src/main/resources/application-hwx.yml b/renren-admin/src/main/resources/application-hwx.yml new file mode 100644 index 00000000..c6b8b9a3 --- /dev/null +++ b/renren-admin/src/main/resources/application-hwx.yml @@ -0,0 +1,58 @@ +server: + port: 8000 +spring: + datasource: + druid: + #MySQL + driver-class-name: com.mysql.cj.jdbc.Driver + url: jdbc:mysql://127.0.0.1:3306/share_platform?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&nullCatalogMeansCurrent=true + username: root + password: 123456 + initial-size: 10 + max-active: 100 + min-idle: 10 + max-wait: 3000 + pool-prepared-statements: true + max-pool-prepared-statement-per-connection-size: 20 + time-between-eviction-runs-millis: 60000 + min-evictable-idle-time-millis: 300000 + #Oracle需要打开注释 + validation-query: SELECT 1 + test-while-idle: true + test-on-borrow: false + test-on-return: false + stat-view-servlet: + enabled: true + url-pattern: /druid/* + #login-username: admin + #login-password: admin + filter: + stat: + log-slow-sql: true + slow-sql-millis: 1000 + merge-sql: false + wall: + config: + multi-statement-allow: true +#上传的静态资源配置 +resource: + root_url: 15.2.21.238 + path: /data/services/nengli/files/ + devModelFilePath: /data/services/nengli/files/devModelFile +# 大数据部门相关配置 +big_date: + name: 青岛市大数据发展管理局 + assignee_role_name: 部门审批人 + +hisense: + gateway: +# url: http://15.72.184.7:8080 + url: http://devtest-security-app.hismarttv.com:8080 +logging: + level: + org: + activiti: + engine: + impl: + persistence: + entity: debug \ No newline at end of file diff --git a/renren-admin/src/main/resources/application-prod.yml b/renren-admin/src/main/resources/application-prod.yml index f85e42f5..bbf13ad6 100644 --- a/renren-admin/src/main/resources/application-prod.yml +++ b/renren-admin/src/main/resources/application-prod.yml @@ -42,4 +42,8 @@ resource: # 大数据部门相关配置 big_date: name: 青岛市大数据发展管理局 - assignee_role_name: 部门审批人 \ No newline at end of file + assignee_role_name: 部门审批人 + +hisense: + gateway: + url: http://devtest-security-app.hismarttv.com:8080 \ No newline at end of file diff --git a/renren-admin/src/main/resources/yaweisso.properties b/renren-admin/src/main/resources/yaweisso.properties index bb802a06..9d5bcaeb 100644 --- a/renren-admin/src/main/resources/yaweisso.properties +++ b/renren-admin/src/main/resources/yaweisso.properties @@ -1,3 +1,3 @@ -sso.domain=yw.com.cn +sso.domain=127.0.0.1:8080 sso.ssoKey=SSOToken -sso.keeperUrl=http://127.0.0.1:9090/renren-admin/sys/user/123 \ No newline at end of file +sso.keeperUrl=http://jhoa.qd.gov.cn \ No newline at end of file diff --git a/renren-admin/src/test/java/io/renren/ApiGatewayServiceTest.java b/renren-admin/src/test/java/io/renren/ApiGatewayServiceTest.java index 71134cab..6bb4f9d7 100644 --- a/renren-admin/src/test/java/io/renren/ApiGatewayServiceTest.java +++ b/renren-admin/src/test/java/io/renren/ApiGatewayServiceTest.java @@ -1,5 +1,6 @@ package io.renren; +import cn.hutool.core.lang.UUID; import io.renren.common.redis.RedisUtils; import io.renren.modules.processForm.service.ApiGatewayService; import io.renren.modules.sys.entity.SysUserEntity; @@ -17,8 +18,14 @@ public class ApiGatewayServiceTest { private ApiGatewayService apiGatewayService; @Test - public void contextLoads() { - apiGatewayService.registerApi2Gateway("1519505145602723841"); + public void registerApi2Gateway() { + apiGatewayService.registerApi2Gateway("1522550194523152385"); + } + + @Test + public void registerCode2Group() { + String code = UUID.randomUUID().toString(); + apiGatewayService.subscribeCode("1523913824099762177", code); } } \ No newline at end of file