| | |
|---|
| | | import javax.net.ssl.SSLContext; |
|---|
| | | |
|---|
| | | import com.alibaba.fastjson.JSON; |
|---|
| | | import com.alibaba.fastjson.PropertyNamingStrategy; |
|---|
| | | import com.alibaba.fastjson.parser.ParserConfig; |
|---|
| | | import com.baomidou.mybatisplus.core.toolkit.Wrappers; |
|---|
| | | import com.ruoyi.common.config.SsoBean; |
|---|
| | | import com.ruoyi.common.core.domain.entity.User; |
|---|
| | | import com.ruoyi.framework.model.SsoOauthTokenModel; |
|---|
| | | import com.ruoyi.framework.model.SsoUserInfoModel; |
|---|
| | | import com.ruoyi.framework.web.ssoAuth.SsoCodeAuthenticationToken; |
|---|
| | | import com.ruoyi.system.mapper.UserMapper; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | | import org.apache.http.HttpEntity; |
|---|
| | | import org.apache.http.HttpStatus; |
|---|
| | |
|---|
| | | import org.apache.http.ssl.TrustStrategy; |
|---|
| | | import org.apache.http.util.EntityUtils; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.data.redis.core.RedisTemplate; |
|---|
| | | import org.springframework.security.authentication.AuthenticationManager; |
|---|
| | | import org.springframework.security.authentication.BadCredentialsException; |
|---|
| | | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
|---|
| | |
|---|
| | | import java.util.LinkedList; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Map; |
|---|
| | | import java.util.concurrent.TimeUnit; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 登录校验方法 |
|---|
| | |
|---|
| | | private RedisCache redisCache; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private ISysUserService userService; |
|---|
| | | private ISysUserService sysUserService; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private ISysConfigService configService; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private SsoBean ssoBean; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private RedisTemplate redisTemplate; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 登录验证 |
|---|
| | |
|---|
| | | sysUser.setUserId(userId); |
|---|
| | | sysUser.setLoginIp(IpUtils.getIpAddr()); |
|---|
| | | sysUser.setLoginDate(DateUtils.getNowDate()); |
|---|
| | | userService.updateUserProfile(sysUser); |
|---|
| | | sysUserService.updateUserProfile(sysUser); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | // 获取单点登录token |
|---|
| | | SsoOauthTokenModel tokenModel = this.getSsoAccessToken(code); |
|---|
| | | if (tokenModel == null) { |
|---|
| | | return null; |
|---|
| | | throw new RuntimeException("单点登录验证失败"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 获取单点登录用户信息 |
|---|
| | | SsoUserInfoModel userInfo = this.getSsoUserInfo(tokenModel.getAccess_token()); |
|---|
| | | if (userInfo == null) { |
|---|
| | | return null; |
|---|
| | | throw new RuntimeException("单点登录验证失败"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 查询本地用户信息 |
|---|
| | | LoginUser loginUser = this.getSsoLoginToken(userInfo.getEmployeeId()); |
|---|
| | | recordLoginInfo(loginUser.getUserId()); |
|---|
| | | |
|---|
| | | |
|---|
| | | |
|---|
| | | // 创建登录信息 |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(userInfo.getEmployeeId(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.single.login.success"))); |
|---|
| | | redisTemplate.opsForValue().set("ssoOauthToken:idToken:" + userInfo.getEmployeeId(), tokenModel.getId_token(), 3, TimeUnit.DAYS); |
|---|
| | | // 生成token |
|---|
| | | return tokenService.createToken(null); |
|---|
| | | return tokenService.createToken(loginUser); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * ***** 获取本地用户信息 ***** |
|---|
| | | * @param username |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | public LoginUser getSsoLoginToken(String username) { |
|---|
| | | // 用户验证 |
|---|
| | | Authentication authentication = null; |
|---|
| | | SysUser sysUser = sysUserService.selectUserByUserName(username); |
|---|
| | | if (sysUser == null) { |
|---|
| | | throw new ServiceException("用户不存在"); |
|---|
| | | } |
|---|
| | | try |
|---|
| | | { |
|---|
| | | // 无需密码获取用户信息 |
|---|
| | | authentication = authenticationManager.authenticate(new SsoCodeAuthenticationToken(username)); |
|---|
| | | } |
|---|
| | | catch (Exception e) |
|---|
| | | { |
|---|
| | | if (e instanceof BadCredentialsException) |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"))); |
|---|
| | | throw new UserPasswordNotMatchException(); |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage())); |
|---|
| | | throw new ServiceException(e.getMessage()); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | finally |
|---|
| | | { |
|---|
| | | AuthenticationContextHolder.clearContext(); |
|---|
| | | } |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); |
|---|
| | | return (LoginUser) authentication.getPrincipal(); |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * **** 获取单点登录token **** |
|---|
| | | * @param code |
|---|
| | | * @return |
|---|
