Compare commits
No commits in common. "09becdf80d14f7b402c796431e97dc288a5f04df" and "547c128b2c4c6ce0ff643f161dbc59740f0b5f23" have entirely different histories.
09becdf80d
...
547c128b2c
|
@ -1,11 +1,5 @@
|
|||
package io.renren.modules.security.oauth2;
|
||||
|
||||
import cn.hutool.core.date.DateField;
|
||||
import cn.hutool.core.date.DateUnit;
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.core.net.url.UrlBuilder;
|
||||
import cn.hutool.core.util.CharsetUtil;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.google.gson.Gson;
|
||||
|
@ -15,17 +9,14 @@ import io.renren.modules.security.service.SysUserTokenService;
|
|||
import io.renren.modules.security.user.SecurityUser;
|
||||
import io.renren.modules.sys.dao.SysUserDao;
|
||||
import io.renren.modules.sys.entity.SysUserEntity;
|
||||
import lombok.Data;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.http.HttpStatus;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
@ -33,8 +24,6 @@ import javax.servlet.http.Cookie;
|
|||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
|
@ -54,29 +43,6 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
|||
@Autowired(required = false)
|
||||
private SSOValidator ssoValidator;
|
||||
|
||||
|
||||
@Value("${shangdongtong.enable}")
|
||||
private boolean sdtEnable;
|
||||
|
||||
@Value("${shangdongtong.corpid}")
|
||||
private String corpid;
|
||||
@Value("${shangdongtong.agentId}")
|
||||
private String agentId;
|
||||
@Value("${shangdongtong.secret}")
|
||||
private String secret;
|
||||
@Value("${shangdongtong.url}")
|
||||
private String apiUrl;
|
||||
|
||||
@Autowired
|
||||
private RestTemplate restTemplate;
|
||||
|
||||
static class SDTToken{
|
||||
private String accessToken;
|
||||
private Date expiresIn;
|
||||
}
|
||||
|
||||
static private SDTToken sdtToken;
|
||||
|
||||
@Override
|
||||
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token
|
||||
|
@ -191,66 +157,6 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
|||
requestUri = request.getRequestURI();
|
||||
}
|
||||
|
||||
//先在这里直接处理山东通逻辑,有时间再重构
|
||||
if (sdtEnable && requestUri.contains("code=") && requestUri.contains("state=")) {
|
||||
if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
|
||||
synchronized (this.getClass()){
|
||||
if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
|
||||
String sdtApiUrl = String.format("%s/cgi-bin/gettoken?corpid=%s&corpsecret=%s",apiUrl, corpid, secret);
|
||||
JSONObject tokenObj = restTemplate.getForObject(sdtApiUrl, JSONObject.class);
|
||||
if (tokenObj.getIntValue("errcode") == 0) {
|
||||
SDTToken token = new SDTToken();
|
||||
token.accessToken = tokenObj.getString("access_token");
|
||||
Integer expiresIn = tokenObj.getInteger("expires_in");
|
||||
//提前5分钟,防止误差
|
||||
Integer expiresOffset = 60 * 5;
|
||||
expiresIn = expiresIn < expiresOffset ? expiresIn / 2 : expiresIn -expiresOffset;
|
||||
token.expiresIn = DateUtil.offset(new Date(), DateField.SECOND, expiresIn);
|
||||
sdtToken = token;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
UrlBuilder urlBuilder = UrlBuilder.ofHttp(requestUri, CharsetUtil.CHARSET_UTF_8);
|
||||
CharSequence code = urlBuilder.getQuery().get("code");
|
||||
String userInfoUrl = String.format("%s/cgi-bin/user/getuserinfo?access_token=%s&code=%s",
|
||||
apiUrl,
|
||||
sdtToken.accessToken,
|
||||
code);
|
||||
JSONObject userInfoObj = restTemplate.getForObject(userInfoUrl, JSONObject.class);
|
||||
String userId = userInfoObj.getString("UserId");
|
||||
//还要再经过另一个接口拿手机号
|
||||
if (StringUtils.isNotBlank(userId)) {
|
||||
String userUrl = String.format("%s/cgi-bin/user/get?access_token=%s&userid=%s",
|
||||
apiUrl,
|
||||
sdtToken.accessToken,
|
||||
userId);
|
||||
JSONObject userObj = restTemplate.getForObject(userUrl, JSONObject.class);
|
||||
String mobile = userObj.getString("mobile");
|
||||
if (StringUtils.isNotBlank(mobile)) {
|
||||
//认证通过
|
||||
LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
|
||||
.eq(SysUserEntity::getMobile, mobile);
|
||||
SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
|
||||
if (sysUserEntity != null) {
|
||||
|
||||
Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
|
||||
Object token = result.getData().get(Constant.TOKEN_HEADER);
|
||||
String currentToken = (String) token;
|
||||
Cookie cookie = new Cookie(Constant.TOKEN_HEADER, currentToken);
|
||||
cookie.setPath("/");
|
||||
response.addCookie(cookie);
|
||||
response.addHeader(Constant.TOKEN_HEADER, currentToken);
|
||||
//回调不涉及其他页面回调,先写死回调首页
|
||||
String removeCreditParame = "http://" + urlBuilder.getHost() + ":" + urlBuilder.getPort() + "/#/home";
|
||||
response.addHeader("REDIRECT", removeCreditParame);
|
||||
request.setAttribute(Constant.TOKEN_HEADER, currentToken);
|
||||
return executeLogin(request, response);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!ssoValidator.hasCrediteInCallBackUrl(requestUri)) {
|
||||
redirectToUrl(ssoValidator.getLoginUrl(requestUri), response);
|
||||
return false;
|
||||
|
|
|
@ -159,11 +159,3 @@ infrastructure:
|
|||
# 是否发亚微消息
|
||||
notice:
|
||||
yawei: true
|
||||
|
||||
shangdongtong:
|
||||
enable: true
|
||||
corpid: wwafa1a3005a15a672
|
||||
agentId: 1001129
|
||||
secret: fCcaNBVkCosL_O3cnQVQ0brqUUBZu3ruXuISj5k8FP8
|
||||
url: http://15.72.183.90:7008/sdt
|
||||
|
||||
|
|
Loading…
Reference in New Issue