yml配置

zss

8 天以前 2bbd50fb56275986e2a8658c373686d56804b99b

 ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java

@@ -4,12 +4,9 @@
import javax.net.ssl.SSLContext;

import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.ruoyi.common.config.SsoBean;
import com.ruoyi.common.core.domain.entity.User;
import com.ruoyi.framework.model.SsoOauthTokenModel;
import com.ruoyi.framework.model.SsoUserInfoModel;
import com.ruoyi.system.mapper.UserMapper;
import com.ruoyi.framework.web.ssoAuth.SsoCodeAuthenticationToken;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpEntity;
import org.apache.http.HttpStatus;
@@ -89,13 +86,7 @@
    private ISysConfigService configService;

    @Autowired
    private SsoBean ssoBean;

    @Autowired
    private RedisTemplate redisTemplate;

    @Autowired
    private UserMapper userMapper;

    /**
     * 登录验证
@@ -108,8 +99,8 @@
     */
    public String login(String username, String password, String code, String uuid)
    {
        // 验证码校验
        validateCaptcha(username, code, uuid);
//        // 验证码校验
//        validateCaptcha(username, code, uuid);
        // 登录前置校验
        loginPreCheck(username, password);
        // 用户验证
@@ -234,24 +225,66 @@
        // 获取单点登录token
        SsoOauthTokenModel tokenModel = this.getSsoAccessToken(code);
        if (tokenModel == null) {
            return null;
            throw new RuntimeException("单点登录验证失败");
        }

        // 获取单点登录用户信息
        SsoUserInfoModel userInfo = this.getSsoUserInfo(tokenModel.getAccess_token());
        if (userInfo == null) {
            return null;
            throw new RuntimeException("单点登录验证失败");
        }

        // 查询本地用户信息
        LoginUser loginUser = this.getSsoLoginToken(userInfo.getEmployeeId());
        recordLoginInfo(loginUser.getUserId());



        AsyncManager.me().execute(AsyncFactory.recordLogininfor(userInfo.getEmployeeId(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.single.login.success")));
        // 创建登录信息
        AsyncManager.me().execute(AsyncFactory.recordLogininfor(userInfo.getEmployeeId(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.sso.login.success")));
        redisTemplate.opsForValue().set("ssoOauthToken:idToken:" + userInfo.getEmployeeId(), tokenModel.getId_token(), 3, TimeUnit.DAYS);
        // 生成token
        return tokenService.createToken(null);
        return tokenService.createToken(loginUser);
    }

    /**
     * ***** 获取本地用户信息 *****
     * @param username
     * @return
     */
    public LoginUser getSsoLoginToken(String username) {
        // 用户验证
        Authentication authentication = null;
        SysUser sysUser = sysUserService.selectUserByUserName(username);
        if (sysUser == null) {
            throw new ServiceException("当前系统没有该用户");
        }
        try
        {
            // 无需密码获取用户信息
            authentication = authenticationManager.authenticate(new SsoCodeAuthenticationToken(username));
        }
        catch (Exception e)
        {
            if (e instanceof BadCredentialsException)
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.sso.not.match")));
                throw new UserPasswordNotMatchException();
            }
            else
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
                throw new ServiceException(e.getMessage());
            }
        }
        finally
        {
            AuthenticationContextHolder.clearContext();
        }
        AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.sso.login.success")));
        return (LoginUser) authentication.getPrincipal();

    }



    /**
     * **** 获取单点登录token ****
@@ -259,21 +292,7 @@
     * @return
     */
    public SsoOauthTokenModel getSsoAccessToken(String code) {
        List<NameValuePair> list = new LinkedList<>();
        list.add(new BasicNameValuePair("grant_type", "authorization_code"));
        list.add(new BasicNameValuePair("code", code));
        list.add(new BasicNameValuePair("client_id", ssoBean.getClientId()));
        list.add(new BasicNameValuePair("client_secret", ssoBean.getClientSecret()));
        list.add(new BasicNameValuePair("redirect_uri", ssoBean.getCallbackUrl()));

        Map<String, String> headers = new HashMap<>();
        headers.put("Content-Type", "application/x-www-form-urlencoded");
        headers.put("Accept", "application/json");
        String result = doPost(ssoBean.getUrl() + "/oauth2/token", headers, list);
        if (org.apache.commons.lang3.StringUtils.isBlank(result)) {
            return null;
        }
        return JSON.parseObject(result, SsoOauthTokenModel.class);
        return null;
    }

    /**
@@ -282,13 +301,7 @@
     * @return
     */
    public SsoUserInfoModel getSsoUserInfo(String accessToken) {
        Map<String, String> headers = new HashMap<>();
        headers.put("Authorization", "Bearer " + accessToken);
        String result = doPost(ssoBean.getUrl() + "/userinfo", headers, null);
        if (org.apache.commons.lang3.StringUtils.isBlank(result)) {
            return null;
        }
        return JSON.parseObject(result, SsoUserInfoModel.class);
        return null;
    }

    public static String doPost(String url, Map<String, String> headers, List<NameValuePair> params) {