Compare commits
No commits in common. "09becdf80d14f7b402c796431e97dc288a5f04df" and "547c128b2c4c6ce0ff643f161dbc59740f0b5f23" have entirely different histories.
09becdf80d
...
547c128b2c
|
|
@ -1,11 +1,5 @@
|
||||||
package io.renren.modules.security.oauth2;
|
package io.renren.modules.security.oauth2;
|
||||||
|
|
||||||
import cn.hutool.core.date.DateField;
|
|
||||||
import cn.hutool.core.date.DateUnit;
|
|
||||||
import cn.hutool.core.date.DateUtil;
|
|
||||||
import cn.hutool.core.net.url.UrlBuilder;
|
|
||||||
import cn.hutool.core.util.CharsetUtil;
|
|
||||||
import com.alibaba.fastjson.JSONObject;
|
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import com.google.gson.Gson;
|
import com.google.gson.Gson;
|
||||||
|
|
@ -15,17 +9,14 @@ import io.renren.modules.security.service.SysUserTokenService;
|
||||||
import io.renren.modules.security.user.SecurityUser;
|
import io.renren.modules.security.user.SecurityUser;
|
||||||
import io.renren.modules.sys.dao.SysUserDao;
|
import io.renren.modules.sys.dao.SysUserDao;
|
||||||
import io.renren.modules.sys.entity.SysUserEntity;
|
import io.renren.modules.sys.entity.SysUserEntity;
|
||||||
import lombok.Data;
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.apache.http.HttpStatus;
|
import org.apache.http.HttpStatus;
|
||||||
import org.apache.shiro.authc.AuthenticationException;
|
import org.apache.shiro.authc.AuthenticationException;
|
||||||
import org.apache.shiro.authc.AuthenticationToken;
|
import org.apache.shiro.authc.AuthenticationToken;
|
||||||
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
|
||||||
import org.springframework.context.annotation.Scope;
|
import org.springframework.context.annotation.Scope;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import org.springframework.web.client.RestTemplate;
|
|
||||||
|
|
||||||
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import javax.servlet.ServletResponse;
|
||||||
|
|
@ -33,8 +24,6 @@ import javax.servlet.http.Cookie;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Date;
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -54,29 +43,6 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
@Autowired(required = false)
|
@Autowired(required = false)
|
||||||
private SSOValidator ssoValidator;
|
private SSOValidator ssoValidator;
|
||||||
|
|
||||||
|
|
||||||
@Value("${shangdongtong.enable}")
|
|
||||||
private boolean sdtEnable;
|
|
||||||
|
|
||||||
@Value("${shangdongtong.corpid}")
|
|
||||||
private String corpid;
|
|
||||||
@Value("${shangdongtong.agentId}")
|
|
||||||
private String agentId;
|
|
||||||
@Value("${shangdongtong.secret}")
|
|
||||||
private String secret;
|
|
||||||
@Value("${shangdongtong.url}")
|
|
||||||
private String apiUrl;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private RestTemplate restTemplate;
|
|
||||||
|
|
||||||
static class SDTToken{
|
|
||||||
private String accessToken;
|
|
||||||
private Date expiresIn;
|
|
||||||
}
|
|
||||||
|
|
||||||
static private SDTToken sdtToken;
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
||||||
//获取请求token
|
//获取请求token
|
||||||
|
|
@ -191,66 +157,6 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
requestUri = request.getRequestURI();
|
requestUri = request.getRequestURI();
|
||||||
}
|
}
|
||||||
|
|
||||||
//先在这里直接处理山东通逻辑,有时间再重构
|
|
||||||
if (sdtEnable && requestUri.contains("code=") && requestUri.contains("state=")) {
|
|
||||||
if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
|
|
||||||
synchronized (this.getClass()){
|
|
||||||
if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
|
|
||||||
String sdtApiUrl = String.format("%s/cgi-bin/gettoken?corpid=%s&corpsecret=%s",apiUrl, corpid, secret);
|
|
||||||
JSONObject tokenObj = restTemplate.getForObject(sdtApiUrl, JSONObject.class);
|
|
||||||
if (tokenObj.getIntValue("errcode") == 0) {
|
|
||||||
SDTToken token = new SDTToken();
|
|
||||||
token.accessToken = tokenObj.getString("access_token");
|
|
||||||
Integer expiresIn = tokenObj.getInteger("expires_in");
|
|
||||||
//提前5分钟,防止误差
|
|
||||||
Integer expiresOffset = 60 * 5;
|
|
||||||
expiresIn = expiresIn < expiresOffset ? expiresIn / 2 : expiresIn -expiresOffset;
|
|
||||||
token.expiresIn = DateUtil.offset(new Date(), DateField.SECOND, expiresIn);
|
|
||||||
sdtToken = token;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
UrlBuilder urlBuilder = UrlBuilder.ofHttp(requestUri, CharsetUtil.CHARSET_UTF_8);
|
|
||||||
CharSequence code = urlBuilder.getQuery().get("code");
|
|
||||||
String userInfoUrl = String.format("%s/cgi-bin/user/getuserinfo?access_token=%s&code=%s",
|
|
||||||
apiUrl,
|
|
||||||
sdtToken.accessToken,
|
|
||||||
code);
|
|
||||||
JSONObject userInfoObj = restTemplate.getForObject(userInfoUrl, JSONObject.class);
|
|
||||||
String userId = userInfoObj.getString("UserId");
|
|
||||||
//还要再经过另一个接口拿手机号
|
|
||||||
if (StringUtils.isNotBlank(userId)) {
|
|
||||||
String userUrl = String.format("%s/cgi-bin/user/get?access_token=%s&userid=%s",
|
|
||||||
apiUrl,
|
|
||||||
sdtToken.accessToken,
|
|
||||||
userId);
|
|
||||||
JSONObject userObj = restTemplate.getForObject(userUrl, JSONObject.class);
|
|
||||||
String mobile = userObj.getString("mobile");
|
|
||||||
if (StringUtils.isNotBlank(mobile)) {
|
|
||||||
//认证通过
|
|
||||||
LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
|
|
||||||
.eq(SysUserEntity::getMobile, mobile);
|
|
||||||
SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
|
|
||||||
if (sysUserEntity != null) {
|
|
||||||
|
|
||||||
Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
|
|
||||||
Object token = result.getData().get(Constant.TOKEN_HEADER);
|
|
||||||
String currentToken = (String) token;
|
|
||||||
Cookie cookie = new Cookie(Constant.TOKEN_HEADER, currentToken);
|
|
||||||
cookie.setPath("/");
|
|
||||||
response.addCookie(cookie);
|
|
||||||
response.addHeader(Constant.TOKEN_HEADER, currentToken);
|
|
||||||
//回调不涉及其他页面回调,先写死回调首页
|
|
||||||
String removeCreditParame = "http://" + urlBuilder.getHost() + ":" + urlBuilder.getPort() + "/#/home";
|
|
||||||
response.addHeader("REDIRECT", removeCreditParame);
|
|
||||||
request.setAttribute(Constant.TOKEN_HEADER, currentToken);
|
|
||||||
return executeLogin(request, response);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!ssoValidator.hasCrediteInCallBackUrl(requestUri)) {
|
if (!ssoValidator.hasCrediteInCallBackUrl(requestUri)) {
|
||||||
redirectToUrl(ssoValidator.getLoginUrl(requestUri), response);
|
redirectToUrl(ssoValidator.getLoginUrl(requestUri), response);
|
||||||
return false;
|
return false;
|
||||||
|
|
|
||||||
|
|
@ -159,11 +159,3 @@ infrastructure:
|
||||||
# 是否发亚微消息
|
# 是否发亚微消息
|
||||||
notice:
|
notice:
|
||||||
yawei: true
|
yawei: true
|
||||||
|
|
||||||
shangdongtong:
|
|
||||||
enable: true
|
|
||||||
corpid: wwafa1a3005a15a672
|
|
||||||
agentId: 1001129
|
|
||||||
secret: fCcaNBVkCosL_O3cnQVQ0brqUUBZu3ruXuISj5k8FP8
|
|
||||||
url: http://15.72.183.90:7008/sdt
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue