From 8f63d5ce747106195b279e1c158fd12f9997a770 Mon Sep 17 00:00:00 2001
From: zouyu <2723363702@qq.com>
Date: 星期二, 18 三月 2025 19:08:40 +0800
Subject: [PATCH] 检验任务代码迁移&爱尚平台对接测试
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java | 208 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 206 insertions(+), 2 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
index fe16427..40581ba 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -1,7 +1,29 @@
package com.ruoyi.framework.web.service;
import javax.annotation.Resource;
+import javax.net.ssl.SSLContext;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.config.SsoBean;
+import com.ruoyi.framework.model.SsoOauthTokenModel;
+import com.ruoyi.framework.model.SsoUserInfoModel;
+import com.ruoyi.framework.web.ssoAuth.SsoCodeAuthenticationToken;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.http.HttpEntity;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.entity.UrlEncodedFormEntity;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicNameValuePair;
+import org.apache.http.ssl.SSLContextBuilder;
+import org.apache.http.ssl.TrustStrategy;
+import org.apache.http.util.EntityUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import org.apache.http.NameValuePair;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -29,11 +51,23 @@
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
/**
* 鐧诲綍鏍¢獙鏂规硶
*
* @author ruoyi
*/
+@Slf4j
@Component
public class SysLoginService
{
@@ -47,10 +81,17 @@
private RedisCache redisCache;
@Autowired
- private ISysUserService userService;
+ private ISysUserService sysUserService;
@Autowired
private ISysConfigService configService;
+
+ @Autowired
+ private SsoBean ssoBean;
+
+ @Autowired
+ private RedisTemplate redisTemplate;
+
/**
* 鐧诲綍楠岃瘉
@@ -176,6 +217,169 @@
sysUser.setUserId(userId);
sysUser.setLoginIp(IpUtils.getIpAddr());
sysUser.setLoginDate(DateUtils.getNowDate());
- userService.updateUserProfile(sysUser);
+ sysUserService.updateUserProfile(sysUser);
}
+
+ /**
+ * 鍗曠偣鐧诲綍
+ * @param code
+ * @return
+ */
+ public String loginBySSO(String code) {
+
+ // 鑾峰彇鍗曠偣鐧诲綍token
+ SsoOauthTokenModel tokenModel = this.getSsoAccessToken(code);
+ if (tokenModel == null) {
+ throw new RuntimeException("鍗曠偣鐧诲綍楠岃瘉澶辫触");
+ }
+
+ // 鑾峰彇鍗曠偣鐧诲綍鐢ㄦ埛淇℃伅
+ SsoUserInfoModel userInfo = this.getSsoUserInfo(tokenModel.getAccess_token());
+ if (userInfo == null) {
+ throw new RuntimeException("鍗曠偣鐧诲綍楠岃瘉澶辫触");
+ }
+
+ // 鏌ヨ鏈湴鐢ㄦ埛淇℃伅
+ LoginUser loginUser = this.getSsoLoginToken(userInfo.getEmployeeId());
+ recordLoginInfo(loginUser.getUserId());
+
+ // 鍒涘缓鐧诲綍淇℃伅
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(userInfo.getEmployeeId(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.sso.login.success")));
+ redisTemplate.opsForValue().set("ssoOauthToken:idToken:" + userInfo.getEmployeeId(), tokenModel.getId_token(), 3, TimeUnit.DAYS);
+ // 鐢熸垚token
+ return tokenService.createToken(loginUser);
+ }
+
+ /**
+ * ***** 鑾峰彇鏈湴鐢ㄦ埛淇℃伅 *****
+ * @param username
+ * @return
+ */
+ public LoginUser getSsoLoginToken(String username) {
+ // 鐢ㄦ埛楠岃瘉
+ Authentication authentication = null;
+ SysUser sysUser = sysUserService.selectUserByUserName(username);
+ if (sysUser == null) {
+ throw new ServiceException("褰撳墠绯荤粺娌℃湁璇ョ敤鎴�");
+ }
+ try
+ {
+ // 鏃犻渶瀵嗙爜鑾峰彇鐢ㄦ埛淇℃伅
+ authentication = authenticationManager.authenticate(new SsoCodeAuthenticationToken(username));
+ }
+ catch (Exception e)
+ {
+ if (e instanceof BadCredentialsException)
+ {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.sso.not.match")));
+ throw new UserPasswordNotMatchException();
+ }
+ else
+ {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
+ throw new ServiceException(e.getMessage());
+ }
+ }
+ finally
+ {
+ AuthenticationContextHolder.clearContext();
+ }
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.sso.login.success")));
+ return (LoginUser) authentication.getPrincipal();
+
+ }
+
+
+ /**
+ * **** 鑾峰彇鍗曠偣鐧诲綍token ****
+ * @param code
+ * @return
+ */
+ public SsoOauthTokenModel getSsoAccessToken(String code) {
+ List<NameValuePair> list = new LinkedList<>();
+ list.add(new BasicNameValuePair("grant_type", "authorization_code"));
+ list.add(new BasicNameValuePair("code", code));
+ list.add(new BasicNameValuePair("client_id", ssoBean.getClientId()));
+ list.add(new BasicNameValuePair("client_secret", ssoBean.getClientSecret()));
+ list.add(new BasicNameValuePair("redirect_uri", ssoBean.getCallbackUrl()));
+
+ Map<String, String> headers = new HashMap<>();
+ headers.put("Content-Type", "application/x-www-form-urlencoded");
+ headers.put("Accept", "application/json");
+ String result = doPost(ssoBean.getUrl() + "/oauth2/token", headers, list);
+ if (org.apache.commons.lang3.StringUtils.isBlank(result)) {
+ return null;
+ }
+ return JSON.parseObject(result, SsoOauthTokenModel.class);
+ }
+
+ /**
+ * ***鑾峰彇鍗曠偣鐧诲綍鐢ㄦ埛淇℃伅***
+ * @param accessToken
+ * @return
+ */
+ public SsoUserInfoModel getSsoUserInfo(String accessToken) {
+ Map<String, String> headers = new HashMap<>();
+ headers.put("Authorization", "Bearer " + accessToken);
+ String result = doPost(ssoBean.getUrl() + "/userinfo", headers, null);
+ if (org.apache.commons.lang3.StringUtils.isBlank(result)) {
+ return null;
+ }
+ return JSON.parseObject(result, SsoUserInfoModel.class);
+ }
+
+ public static String doPost(String url, Map<String, String> headers, List<NameValuePair> params) {
+ CloseableHttpClient client = createSSLClientDefault();
+ CloseableHttpResponse response = null;
+ try {
+ HttpPost method = new HttpPost(url);
+ headers.forEach(method::setHeader);
+ if (params != null) {
+ method.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
+ }
+
+ response = client.execute(method);
+ if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
+ HttpEntity entity = response.getEntity();
+ return EntityUtils.toString(entity);
+ }
+ } catch (Exception e) {
+ log.error("缁熶竴鐧诲綍璇锋眰鍑虹幇寮傚父", e.getMessage());
+ } finally {
+ try {
+ if (client != null) {
+ client.close();
+ }
+ if (response != null) {
+ response.close();
+ }
+ } catch (Exception e) {
+ log.error("缁熶竴鐧诲綍璇锋眰鍑虹幇寮傚父", e.getMessage());
+ }
+ }
+ return null;
+ }
+//
+//
+ private static CloseableHttpClient createSSLClientDefault() {
+ try {
+ SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
+ //淇′换鎵�鏈�
+ @Override
+ public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
+ return true;
+ }
+ }).build();
+ SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
+ return HttpClients.custom().setSSLSocketFactory(sslsf).build();
+ } catch (KeyManagementException e) {
+ e.printStackTrace();
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (KeyStoreException e) {
+ e.printStackTrace();
+ }
+ return HttpClients.createDefault();
+ }
+
}
--
Gitblit v1.9.3