Merge branch 'dev' of http://192.168.124.50/wangliwen/share-platform into dev

* 'dev' of http://192.168.124.50/wangliwen/share-platform: 。。。
添加山东通单点登录
2022-11-11 14:18:29 +08:00 · 2022-11-11 14:18:14 +08:00 · 2022-11-11 09:50:45 +08:00 · 2022-11-11 09:50:19 +08:00
2 changed files with 102 additions and 0 deletions
--- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
+++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
@ -1,5 +1,11 @@
 package io.renren.modules.security.oauth2;

+import cn.hutool.core.date.DateField;
+import cn.hutool.core.date.DateUnit;
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.core.net.url.UrlBuilder;
+import cn.hutool.core.util.CharsetUtil;
+import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.google.gson.Gson;
@ -9,14 +15,17 @@ import io.renren.modules.security.service.SysUserTokenService;
 import io.renren.modules.security.user.SecurityUser;
 import io.renren.modules.sys.dao.SysUserDao;
 import io.renren.modules.sys.entity.SysUserEntity;
+import lombok.Data;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpStatus;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;

 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@ -24,6 +33,8 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.Map;

 /**
@ -43,6 +54,29 @@ public class Oauth2Filter extends AuthenticatingFilter {
    @Autowired(required = false)
    private SSOValidator ssoValidator;

+
+    @Value("${shangdongtong.enable}")
+    private boolean sdtEnable;
+
+    @Value("${shangdongtong.corpid}")
+    private String corpid;
+    @Value("${shangdongtong.agentId}")
+    private String agentId;
+    @Value("${shangdongtong.secret}")
+    private String secret;
+    @Value("${shangdongtong.url}")
+    private String apiUrl;
+
+    @Autowired
+    private RestTemplate restTemplate;
+
+    static class SDTToken{
+        private String accessToken;
+        private Date expiresIn;
+    }
+
+    static private SDTToken sdtToken;
+
    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
        //获取请求token
@ -157,6 +191,66 @@ public class Oauth2Filter extends AuthenticatingFilter {
            requestUri = request.getRequestURI();
        }

+        //先在这里直接处理山东通逻辑，有时间再重构
+        if (sdtEnable && requestUri.contains("code=") && requestUri.contains("state=")) {
+            if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
+                synchronized (this.getClass()){
+                    if (sdtToken == null || sdtToken.expiresIn.before(new Date()) || sdtToken.accessToken == null) {
+                        String sdtApiUrl = String.format("%s/cgi-bin/gettoken?corpid=%s&corpsecret=%s",apiUrl, corpid, secret);
+                        JSONObject tokenObj = restTemplate.getForObject(sdtApiUrl, JSONObject.class);
+                        if (tokenObj.getIntValue("errcode") == 0) {
+                            SDTToken token = new SDTToken();
+                            token.accessToken = tokenObj.getString("access_token");
+                            Integer expiresIn = tokenObj.getInteger("expires_in");
+                            //提前5分钟，防止误差
+                            Integer expiresOffset = 60 * 5;
+                            expiresIn = expiresIn < expiresOffset ? expiresIn / 2 : expiresIn -expiresOffset;
+                            token.expiresIn = DateUtil.offset(new Date(), DateField.SECOND, expiresIn);
+                            sdtToken = token;
+                        }
+                    }
+                }
+            }
+            UrlBuilder urlBuilder = UrlBuilder.ofHttp(requestUri, CharsetUtil.CHARSET_UTF_8);
+            CharSequence code = urlBuilder.getQuery().get("code");
+            String userInfoUrl = String.format("%s/cgi-bin/user/getuserinfo?access_token=%s&code=%s",
+                    apiUrl,
+                    sdtToken.accessToken,
+                    code);
+            JSONObject userInfoObj = restTemplate.getForObject(userInfoUrl, JSONObject.class);
+            String userId = userInfoObj.getString("UserId");
+            //还要再经过另一个接口拿手机号
+            if (StringUtils.isNotBlank(userId)) {
+                String userUrl = String.format("%s/cgi-bin/user/get?access_token=%s&userid=%s",
+                        apiUrl,
+                        sdtToken.accessToken,
+                        userId);
+                JSONObject userObj = restTemplate.getForObject(userUrl, JSONObject.class);
+                String mobile = userObj.getString("mobile");
+                if (StringUtils.isNotBlank(mobile)) {
+                    //认证通过
+                    LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
+                            .eq(SysUserEntity::getMobile, mobile);
+                    SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
+                    if (sysUserEntity != null) {
+
+                        Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
+                        Object token = result.getData().get(Constant.TOKEN_HEADER);
+                        String currentToken = (String) token;
+                        Cookie cookie = new Cookie(Constant.TOKEN_HEADER, currentToken);
+                        cookie.setPath("/");
+                        response.addCookie(cookie);
+                        response.addHeader(Constant.TOKEN_HEADER, currentToken);
+                        //回调不涉及其他页面回调，先写死回调首页
+                        String removeCreditParame = "http://" + urlBuilder.getHost() + ":" + urlBuilder.getPort() + "/#/home";
+                        response.addHeader("REDIRECT", removeCreditParame);
+                        request.setAttribute(Constant.TOKEN_HEADER, currentToken);
+                        return executeLogin(request, response);
+                    }
+                }
+            }
+        }
+
        if (!ssoValidator.hasCrediteInCallBackUrl(requestUri)) {
            redirectToUrl(ssoValidator.getLoginUrl(requestUri), response);
            return false;
--- a/renren-admin/src/main/resources/application.yml
+++ b/renren-admin/src/main/resources/application.yml
@ -159,3 +159,11 @@ infrastructure:
 # 是否发亚微消息
 notice:
  yawei: true
+
+shangdongtong:
+  enable: true
+  corpid: wwafa1a3005a15a672
+  agentId: 1001129
+  secret: fCcaNBVkCosL_O3cnQVQ0brqUUBZu3ruXuISj5k8FP8
+  url: http://15.72.183.90:7008/sdt
+
Author	SHA1	Message	Date
huangweixiong	09becdf80d	Merge branch 'dev' of http://192.168.124.50/wangliwen/share-platform into dev * 'dev' of http://192.168.124.50/wangliwen/share-platform: 。。。	2022-11-11 14:18:29 +08:00
huangweixiong	35fe09a3e4	添加山东通单点登录	2022-11-11 14:18:14 +08:00
huangweixiong	4ed920651a	Merge branch 'dev' of http://192.168.124.50/wangliwen/share-platform into dev * 'dev' of http://192.168.124.50/wangliwen/share-platform: 全局resttemp配置项调整亚微的详情接口 1.对接政务云资源和云视频列表查询接口 2.全局搜索会客厅统计错误bug修复运行日志文件按时间逆序，下载运行日志无需认证 ... 屮。。。调整上传限制大小 1.我的收藏列表查询增加融合服务查询 2.增加超级管理员删除能力和流程实例接口 3.删除区划标识修改 yawei待办详情 ... 导出失败的处理 ... jira上的bug	2022-11-11 09:50:45 +08:00
huangweixiong	2760c891e8	山东通单点登录	2022-11-11 09:50:19 +08:00