admin/wisdomisite-java
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

三江统一登录

Browse Source
This commit is contained in:
Administrator 2023-03-27 19:48:10 +08:00
parent 4c6dffdf66
commit e204640f2e
10 changed files with 301 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/main/java/com/zhgd/sjmq/service/UopCustomMessageReceiverServiceImpl.java
View File

@ -20,6 +20,11 @@ import com.chinacreator.c2.uop.sync.message.user.UserDeleteMessage;
import com.chinacreator.c2.uop.sync.message.user.UserOrgChangeMessage;
import com.chinacreator.c2.uop.sync.message.user.UserUpdateMessage;
import com.chinacreator.c2.uop.sync.receiver.UopModifyMessageListener;
import com.zhgd.xmgl.modules.basicdata.entity.Company;
import com.zhgd.xmgl.modules.basicdata.mapper.CompanyMapper;
import com.zhgd.xmgl.modules.basicdata.mapper.SystemUserMapper;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.Map;
@ -27,6 +32,10 @@ import java.util.Map;
* 三江统一登录的mq数据同步处理service
*/
public class UopCustomMessageReceiverServiceImpl implements UopModifyMessageListener {
@Autowired
private CompanyMapper companyMapper;
@Autowired
private SystemUserMapper systemUserMapper;
@Override
public void onAppSystemManageMessage(Map<String, Object> arg0) {
@ -90,7 +99,29 @@ public class UopCustomMessageReceiverServiceImpl implements UopModifyMessageList
@Override
public void onOrgCreated(OrgCreateMessage orgCreateMessage) {
Company company = convertToCompany(orgCreateMessage);
companyMapper.insert(company);
}
private Company convertToCompany(OrgCreateMessage orgCreateMessage) {
Map<String, Object> organization = orgCreateMessage.getOrganization();
Company company = new Company();
//company.setCompanyId();
//company.setCompanySn();
//company.setCompanyName();
//company.setCreateTime();
//company.setCompanyTel();
//company.setCompanyType();
//company.setParentId();
//company.setHeadquartersSn();
//company.setLongitude();
//company.setLatitude();
//company.setPropagateFile();
//company.setFullSn();
//company.setRangeAddr();
//company.setParentSn();
//company.setEditType();
return company;
}
@Override

31
src/main/java/com/zhgd/xmgl/modules/basicdata/controller/SjLoginController.java
View File

@ -1,21 +1,24 @@
package com.zhgd.xmgl.modules.basicdata.controller;
import com.zhgd.jeecg.common.api.vo.Result;
import com.zhgd.xmgl.entity.sj.JwtPayloadUserInfo;
import com.zhgd.xmgl.entity.sj.TokenResponse;
import com.zhgd.xmgl.modules.basicdata.service.impl.SystemUserServiceImpl;
import com.zhgd.xmgl.util.MessageUtil;
import com.zhgd.xmgl.util.sj.CookieUtils;
import com.zhgd.xmgl.util.sj.JwtRsaUtils;
import com.zhgd.xmgl.util.sj.SjUnifiedAuthenticationHttpUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.spec.InvalidKeySpecException;
/**
* 三江统一登录
@ -26,6 +29,8 @@ import java.io.IOException;
public class SjLoginController {
@Autowired
private SjUnifiedAuthenticationHttpUtil sjUnifiedAuthenticationHttpUtil;
@Autowired
private SystemUserServiceImpl systemUserService;
/**
* 根据code获取token
@ -41,11 +46,14 @@ public class SjLoginController {
log.info("code{}", code);
TokenResponse tokenByCode = sjUnifiedAuthenticationHttpUtil.getTokenByCode(code);
//将获取到的用户凭证(access_token)值存储到cookie中名称可定为C2AT获取到的用户刷新凭证(refresh_token)值存储到cookie中名称为C2RT接口返回307重定向到应用页面一般为首页
response.addCookie(new Cookie("C2AT", tokenByCode.getAccess_token()));
response.addCookie(new Cookie("C2RT", tokenByCode.getRefresh_token()));
String access_token = tokenByCode.getAccess_token();
CookieUtils.setCookie(request, response, "C2AT", access_token, Integer.valueOf(tokenByCode.getExpires_in()), "UTF-8",
false, "192.168.34.150:8080", "/");
CookieUtils.setCookie(request, response, "C2RT", tokenByCode.getRefresh_token(), Integer.valueOf(tokenByCode.getRe_expires_in()), "UTF-8", false,
"192.168.34.150:8080", "/");
//获取用户信息
//重定向到应用页面一般为首页
response.sendRedirect("http://baidu.com");
response.sendRedirect("http://192.168.34.150:8080/index.html#/login?UID=" + access_token);
}
/**
@ -57,22 +65,27 @@ public class SjLoginController {
*/
@GetMapping("/logout")
public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException {
log.info("logout");
//清除本地请求头request里面存储的cookie:C2ATC2RT返回302重定向到应用页面
CookieUtils.setCookie(request, response, "C2AT", "", 0);
CookieUtils.setCookie(request, response, "C2RT", "", 0);
//重定向到应用页面一般为首页
response.sendRedirect("http://baidu.com");
response.sendRedirect("/index.html#/");
}
/**
* 根据token获取用户登录信息
*
* @param c2at
* @param uid jwt_token
* @return
*/
@GetMapping("getLoginInfoByToken")
public Result getLoginInfoByToken(@CookieValue("C2AT") String c2at) {
return null;
public Result getLoginInfoByToken(@RequestParam String uid) throws InvalidKeySpecException {
JwtPayloadUserInfo jwtPayloadUserInfo = JwtRsaUtils.verifyWithUserInfo(uid);
if (jwtPayloadUserInfo != null) {
return systemUserService.sjLogin(jwtPayloadUserInfo);
}
return Result.error(MessageUtil.get("systemErr"));
}
}

5
src/main/java/com/zhgd/xmgl/modules/basicdata/service/ISystemUserService.java
View File

@ -1,6 +1,8 @@
package com.zhgd.xmgl.modules.basicdata.service;
import com.zhgd.jeecg.common.api.vo.Result;
import com.zhgd.jeecg.common.mybatis.EntityMap;
import com.zhgd.xmgl.entity.sj.JwtPayloadUserInfo;
import com.zhgd.xmgl.modules.basicdata.entity.SystemUser;
import com.baomidou.mybatisplus.extension.service.IService;
@ -46,4 +48,7 @@ public interface ISystemUserService extends IService<SystemUser> {
void sendSafetyHatAccountData(Map<String, Object> map);
void sendSafetyHatProjectData(Map<String, Object> map);
Result sjLogin(JwtPayloadUserInfo jwtPayloadUserInfo);
}

268
src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/SystemUserServiceImpl.java
View File

@ -5,8 +5,10 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.gexin.fastjson.JSON;
import com.zhgd.exception.CustomException;
import com.zhgd.jeecg.common.api.vo.Result;
import com.zhgd.jeecg.common.execption.OpenAlertException;
import com.zhgd.jeecg.common.mybatis.EntityMap;
import com.zhgd.xmgl.entity.sj.JwtPayloadUserInfo;
import com.zhgd.xmgl.modules.basicdata.entity.*;
import com.zhgd.xmgl.modules.basicdata.mapper.*;
import com.zhgd.xmgl.modules.basicdata.service.IBaseMenuService;
@ -120,134 +122,140 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
throw new OpenAlertException("密码不正确");
}*/
}
// 保存 手机传输的clientId 推送消息时使用
if (map.containsKey("clientId") && null != map.get("clientId") && StringUtils.isNotEmpty(map.get("clientId").toString())) {
systemUser.setClientId(map.get("clientId").toString());
log.warn("收到clientId---------" + map.get("clientId").toString());
updateById(systemUser);
} else {
log.warn("未收到clientId-------------------");
}
if (map.containsKey("loginType")) {
if (systemUser.getAccountType() != 1) {
Integer loginType = MapUtils.getInteger(map, "loginType");
if (loginType == 1) {
if (systemUser.getAccountType() != 2 && systemUser.getAccountType() != 3 && systemUser.getAccountType() != 4 && systemUser.getAccountType() != 7) {
log.info("账号类型不正确loginType{}", loginType);
throw new OpenAlertException(MessageUtil.get("loginErr"));
}
} else if (loginType == 2) {
if (systemUser.getAccountType() != 5 && systemUser.getAccountType() != 6) {
log.info("账号类型不正确loginType{}", loginType);
throw new OpenAlertException(MessageUtil.get("loginErr"));
}
}
}
}
Map<String, Object> result = new HashMap<>();
CompanyConfig companyConfig = null;
if (systemUser.getAccountType() == 1) {
companyConfig = new CompanyConfig();
companyConfig.setIsEnable(1);
companyConfig.setEffectiveTime(60 * 60 * 24);
companyConfig.setDiffDay(20);
companyConfig.setModuleShowType(0);
companyConfig.setMobileAttendance(0);
companyConfig.setProjectKanban(0);
companyConfig.setCompanyBigScreen(0);
companyConfig.setInputQrCode(0);
companyConfig.setStyleType(1);
companyConfig.setEnterProjectBackType(0);
companyConfig.setExpireTime(DateUtil.format(DateUtil.tomorrow(), DatePattern.NORM_DATE_PATTERN));
companyConfig.setAddProjectType(0);
companyConfig.setStyleType(1);
} else if (systemUser.getAccountType() == 5 || systemUser.getAccountType() == 6) {
companyConfig = companyConfigMapper.getCompanyConfigByProject(systemUser.getSn());
} else {
companyConfig = companyConfigMapper.getCompanyConfigBySN(systemUser.getSn());
}
log.info("companyConfig{}", JSON.toJSONString(companyConfig));
if (companyConfig.getExpireTime() == null) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
} else {
DateTime expireTime = DateUtil.parse(companyConfig.getExpireTime(), "yyyy-MM-dd");
DateTime currentDate = new DateTime();
if (expireTime.getTime() < currentDate.getTime()) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
} else {
companyConfig.setDiffDay((int) DateUtil.between(currentDate, DateUtil.offset(expireTime, DateField.DAY_OF_MONTH, 1), DateUnit.DAY));
}
}
if (companyConfig == null || companyConfig.getIsEnable() == 0) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
}
if (companyConfig.getDiffDay() == 0) {
throw new OpenAlertException(MessageUtil.get("loginExpiredErr"));
}
if (companyConfig.getEffectiveTime() == null) {
companyConfig.setEffectiveTime(60 * 60 * 24);
}
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(MapUtils.getString(map, "account"), password));
String token = jwtTokenProvider.createToken(MapUtils.getString(map, "account"), companyConfig.getEffectiveTime());
UserEnterprise userEnterprise = userEnterpriseService.selectUserEnterpriseByUserId(systemUser.getUserId());
if (userEnterprise != null) {
result.put("userEnterpriseId", userEnterprise.getEnterpriseId());
} else {
result.put("userEnterpriseId", "");
}
if (systemUser.getAccountType() == 6) {
//项目子账号要判断是否能查看设备中台
BaseRole baseRole = baseRoleMapper.selectRoleByUserId(systemUser.getUserId());
if (baseRole == null) {
result.put("seeEquipment", 1);
} else {
result.put("seeEquipment", baseRole.getSeeEquipment());
}
} else {
result.put("seeEquipment", 0);
}
result.put("token", token);
if (systemUser != null && systemUser.getUserId() != null) {
result.put("userId", systemUser.getUserId().toString());
} else {
result.put("userId", "");
}
result.put("account", systemUser.getAccount());
result.put("userTel", systemUser.getUserTel());
result.put("realName", systemUser.getRealName());
if (systemUser != null && systemUser.getWorkerId() != null) {
result.put("workerId", systemUser.getWorkerId().toString());
} else {
result.put("workerId", "");
}
result.put("sn", systemUser.getSn());
result.put("styleType", companyConfig.getStyleType());
result.put("accountType", systemUser.getAccountType());
result.put("headquartersSn", companyConfig.getHeadquartersSn());
result.put("companyName", companyConfig.getCompanyName());
result.put("propagateFile", companyConfig.getPropagateFile());
result.put("moduleShowType", companyConfig.getModuleShowType());
result.put("mobileAttendance", companyConfig.getMobileAttendance());
result.put("customerServicePhone", companyConfig.getCustomerServicePhone());
result.put("inputQrCode", companyConfig.getInputQrCode());
result.put("projectKanban", companyConfig.getProjectKanban());
result.put("addProjectType", companyConfig.getAddProjectType());
result.put("enterProjectBackType", companyConfig.getEnterProjectBackType());
result.put("companyBigScreen", companyConfig.getCompanyBigScreen());
Map<String, Object> menuAuthority = getUserAuthority(systemUser.getUserId(), systemUser.getAccountType(), systemUser.getSn(), companyConfig.getHeadquartersSn(), companyConfig.getStyleType());
result.put("menuAuthority", menuAuthority);
result.put("scope", scope);
return result;
//return getUserInfo(systemUser);
return doLogin(map, systemUser);
} catch (AuthenticationException e) {
e.printStackTrace();
throw new CustomException("Invalid username/password supplied", HttpStatus.UNPROCESSABLE_ENTITY);
}
}
private Map<String, Object> doLogin(Map<String, Object> map, SystemUser systemUser) {
// 保存 手机传输的clientId 推送消息时使用
if (map.containsKey("clientId") && null != map.get("clientId") && StringUtils.isNotEmpty(map.get("clientId").toString())) {
systemUser.setClientId(map.get("clientId").toString());
log.warn("收到clientId---------" + map.get("clientId").toString());
updateById(systemUser);
} else {
log.warn("未收到clientId-------------------");
}
if (map.containsKey("loginType")) {
if (systemUser.getAccountType() != 1) {
Integer loginType = MapUtils.getInteger(map, "loginType");
if (loginType == 1) {
if (systemUser.getAccountType() != 2 && systemUser.getAccountType() != 3 && systemUser.getAccountType() != 4 && systemUser.getAccountType() != 7) {
log.info("账号类型不正确loginType{}", loginType);
throw new OpenAlertException(MessageUtil.get("loginErr"));
}
} else if (loginType == 2) {
if (systemUser.getAccountType() != 5 && systemUser.getAccountType() != 6) {
log.info("账号类型不正确loginType{}", loginType);
throw new OpenAlertException(MessageUtil.get("loginErr"));
}
}
}
}
Map<String, Object> result = new HashMap<>();
CompanyConfig companyConfig = null;
if (systemUser.getAccountType() == 1) {
companyConfig = new CompanyConfig();
companyConfig.setIsEnable(1);
companyConfig.setEffectiveTime(60 * 60 * 24);
companyConfig.setDiffDay(20);
companyConfig.setModuleShowType(0);
companyConfig.setMobileAttendance(0);
companyConfig.setProjectKanban(0);
companyConfig.setCompanyBigScreen(0);
companyConfig.setInputQrCode(0);
companyConfig.setStyleType(1);
companyConfig.setEnterProjectBackType(0);
companyConfig.setExpireTime(DateUtil.format(DateUtil.tomorrow(), DatePattern.NORM_DATE_PATTERN));
companyConfig.setAddProjectType(0);
companyConfig.setStyleType(1);
} else if (systemUser.getAccountType() == 5 || systemUser.getAccountType() == 6) {
companyConfig = companyConfigMapper.getCompanyConfigByProject(systemUser.getSn());
} else {
companyConfig = companyConfigMapper.getCompanyConfigBySN(systemUser.getSn());
}
log.info("companyConfig{}", JSON.toJSONString(companyConfig));
if (companyConfig.getExpireTime() == null) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
} else {
DateTime expireTime = DateUtil.parse(companyConfig.getExpireTime(), "yyyy-MM-dd");
DateTime currentDate = new DateTime();
if (expireTime.getTime() < currentDate.getTime()) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
} else {
companyConfig.setDiffDay((int) DateUtil.between(currentDate, DateUtil.offset(expireTime, DateField.DAY_OF_MONTH, 1), DateUnit.DAY));
}
}
if (companyConfig == null || companyConfig.getIsEnable() == 0) {
throw new OpenAlertException(MessageUtil.get("loginEnabledErr"));
}
if (companyConfig.getDiffDay() == 0) {
throw new OpenAlertException(MessageUtil.get("loginExpiredErr"));
}
if (companyConfig.getEffectiveTime() == null) {
companyConfig.setEffectiveTime(60 * 60 * 24);
}
String token = jwtTokenProvider.createToken(MapUtils.getString(map, "account"), companyConfig.getEffectiveTime());
UserEnterprise userEnterprise = userEnterpriseService.selectUserEnterpriseByUserId(systemUser.getUserId());
if (userEnterprise != null) {
result.put("userEnterpriseId", userEnterprise.getEnterpriseId());
} else {
result.put("userEnterpriseId", "");
}
if (systemUser.getAccountType() == 6) {
//项目子账号要判断是否能查看设备中台
BaseRole baseRole = baseRoleMapper.selectRoleByUserId(systemUser.getUserId());
if (baseRole == null) {
result.put("seeEquipment", 1);
} else {
result.put("seeEquipment", baseRole.getSeeEquipment());
}
} else {
result.put("seeEquipment", 0);
}
result.put("token", token);
if (systemUser != null && systemUser.getUserId() != null) {
result.put("userId", systemUser.getUserId().toString());
} else {
result.put("userId", "");
}
result.put("account", systemUser.getAccount());
result.put("userTel", systemUser.getUserTel());
result.put("realName", systemUser.getRealName());
if (systemUser != null && systemUser.getWorkerId() != null) {
result.put("workerId", systemUser.getWorkerId().toString());
} else {
result.put("workerId", "");
}
result.put("sn", systemUser.getSn());
result.put("styleType", companyConfig.getStyleType());
result.put("accountType", systemUser.getAccountType());
result.put("headquartersSn", companyConfig.getHeadquartersSn());
result.put("companyName", companyConfig.getCompanyName());
result.put("propagateFile", companyConfig.getPropagateFile());
result.put("moduleShowType", companyConfig.getModuleShowType());
result.put("mobileAttendance", companyConfig.getMobileAttendance());
result.put("customerServicePhone", companyConfig.getCustomerServicePhone());
result.put("inputQrCode", companyConfig.getInputQrCode());
result.put("projectKanban", companyConfig.getProjectKanban());
result.put("addProjectType", companyConfig.getAddProjectType());
result.put("enterProjectBackType", companyConfig.getEnterProjectBackType());
result.put("companyBigScreen", companyConfig.getCompanyBigScreen());
Map<String, Object> menuAuthority = getUserAuthority(systemUser.getUserId(), systemUser.getAccountType(), systemUser.getSn(), companyConfig.getHeadquartersSn(), companyConfig.getStyleType());
result.put("menuAuthority", menuAuthority);
result.put("scope", scope);
return result;
//return getUserInfo(systemUser);
}
@Override
public void register(Map<String, Object> map) {
@ -855,4 +863,22 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
}
}
}
/**
* 三江统一登录获取类似以前登录的数据
*
* @param jwtPayloadUserInfo
* @return
*/
@Override
public Result sjLogin(JwtPayloadUserInfo jwtPayloadUserInfo) {
QueryWrapper<SystemUser> queryWrapper = new QueryWrapper();
queryWrapper.lambda()
.eq(SystemUser::getAccount, jwtPayloadUserInfo.getAc());
SystemUser systemUser = systemUserMapper.selectOne(queryWrapper);
HashMap<String, Object> map = new HashMap<>();
map.put("account", jwtPayloadUserInfo.getAc());
Map<String, Object> rsMap = doLogin(map, systemUser);
return Result.success(rsMap);
}
}

1
src/main/java/com/zhgd/xmgl/modules/highformwork/mapper/xml/HighFormworkMeasureCurrentDataMapper.xml
View File

@ -49,6 +49,7 @@
INNER JOIN high_formwork_measure_point mp ON mp.measure_point_number = cd.measure_point_number
WHERE
cd.project_sn = #{q.projectSn}
order by cd.id DESC
</select>
</mapper>

69
src/main/java/com/zhgd/xmgl/security/JwtTokenFilter.java
View File

@ -1,14 +1,17 @@
package com.zhgd.xmgl.security;
import com.zhgd.exception.CustomException;
import com.zhgd.xmgl.entity.sj.JwtPayloadUserInfo;
import com.zhgd.xmgl.entity.sj.TokenResponse;
import com.zhgd.xmgl.util.ProfileJudgeUtil;
import com.zhgd.xmgl.util.sj.CookieUtils;
import com.zhgd.xmgl.util.sj.JwtRsaUtils;
import com.zhgd.xmgl.util.sj.SjUnifiedAuthenticationHttpUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
@ -16,11 +19,11 @@ import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
/**
* @program: devManage
@ -39,6 +42,8 @@ public class JwtTokenFilter extends OncePerRequestFilter {
@Autowired
private SjUnifiedAuthenticationHttpUtil sjUnifiedAuthenticationHttpUtil;
public static ThreadLocal<JwtPayloadUserInfo> sjUser = new ThreadLocal<>();
/*public JwtTokenFilter(JwtTokenProvider jwtTokenProvider) {
this.jwtTokenProvider = jwtTokenProvider;
}*/
@ -65,7 +70,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
}
//log.info(request.getRequestURI());
filterChain.doFilter(request, response);
sjUser.remove();
}
/**
@ -78,42 +83,64 @@ public class JwtTokenFilter extends OncePerRequestFilter {
* @throws ServletException
*/
private boolean validateSjProfile(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws InvalidKeySpecException, IOException, ServletException {
//不拦截url
String permitUrls = "xmgl/sj/unifiedAuthentication/logout,xmgl/sj/unifiedAuthentication/getTokenByCode,xmgl/sj/unifiedAuthentication/getLoginInfoByToken";
if (Arrays.asList(permitUrls.split(",")).stream().anyMatch(s -> request.getRequestURL().toString().contains(s))) {
return true;
}
//应用过滤器中判断请求头request中是否含有C2AT若C2AT存在C2AT的校验过期更新请参考凭证更新令牌流程
//C2AT不存在且更新令牌失败则返回401并在Location中带上登录页面地址登录页面地址在应用过滤器中拼装拼装方式请参考3.1.1获取授权码接口地址
String c2AT = request.getHeader("C2AT");
String c2rt = request.getHeader("C2RT");
JwtPayloadUserInfo jwtPayloadUserInfo = null;
if (StringUtils.isNotBlank(c2AT)) {
//C2AT的校验
//1.判断是否过期
//2.令牌校验
JwtPayloadUserInfo jwtPayloadUserInfo = JwtRsaUtils.verifyWithUserInfo(c2AT);
jwtPayloadUserInfo = JwtRsaUtils.verifyWithUserInfo(c2AT);
sjUser.set(jwtPayloadUserInfo);
//token校验失败先尝试刷新token失败就重定向统一登录
if (jwtPayloadUserInfo == null) {
String c2rt = request.getHeader("C2RT");
if (StringUtils.isNotBlank(c2rt)) {
//刷新token
TokenResponse rs = sjUnifiedAuthenticationHttpUtil.refreshToken(c2rt);
//刷新token成功
if (rs.getErrorCode() == null) {
response.addCookie(new Cookie("C2AT", rs.getAccess_token()));
response.addCookie(new Cookie("C2RT", rs.getRefresh_token()));
} else {
//刷新token失败重定向登录页面
sjUnifiedAuthenticationHttpUtil.getCodeRedirect(response);
return false;
}
}
return tryRefreshToken(request, response);
}
} else if (StringUtils.isNotBlank(c2rt)) {
return tryRefreshToken(request, response);
} else {
//C2AT不存在
//C2AT和C2RT都不存在
//重定向登录页面
//获取授权码客户端申请授权的URI在浏览器中以GET请求发送到认证服务器
sjUnifiedAuthenticationHttpUtil.getCodeRedirect(response);
return false;
throw new CustomException("Unauthorized", HttpStatus.UNAUTHORIZED);
}
return true;
}
/**
* 刷新令牌
*
* @param request
* @param response
* @return
* @throws IOException
*/
private boolean tryRefreshToken(HttpServletRequest request, HttpServletResponse response) throws IOException {
String c2rt = request.getHeader("C2RT");
if (StringUtils.isNotBlank(c2rt)) {
//刷新token
TokenResponse rs = sjUnifiedAuthenticationHttpUtil.refreshToken(c2rt);
//刷新token成功
if (rs.getErrorCode() == null) {
CookieUtils.setCookie(request, response, "C2AT", rs.getAccess_token(), Integer.valueOf(rs.getExpires_in()));
CookieUtils.setCookie(request, response, "C2RT", rs.getRefresh_token(), Integer.valueOf(rs.getRe_expires_in()));
return true;
} else {
//刷新token失败重定向登录页面
throw new CustomException("Unauthorized", HttpStatus.UNAUTHORIZED);
}
}
return false;
}
/**
* 其他环境的验证token方法
*

7
src/main/java/com/zhgd/xmgl/security/WebSecurityConfig.java
View File

@ -209,6 +209,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/zhgd/**").permitAll()
.antMatchers("/xmgl/lifter/list").permitAll()
.antMatchers("/xmgl/progressTask/downloadTemplate").permitAll() //进度管理系统-分布分项工程管理-下载模板
.antMatchers("/xmgl/sj/unifiedAuthentication/getTokenByCode").permitAll()
.antMatchers("/xmgl/sj/unifiedAuthentication/logout").permitAll()
.antMatchers("/xmgl/sj/unifiedAuthentication/getLoginInfoByToken").permitAll()
.antMatchers("/xmgl/weight/receivingForwardingUnit/list").permitAll()
.antMatchers("/xmgl/weight/goodsName/list").permitAll()
.antMatchers("/xmgl/weight/weighBookVehicleInfo/weighingType").permitAll()
.antMatchers("/xmgl/weight/weighBookVehicleInfo/add").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").anonymous()
.anyRequest().authenticated() // 剩下所有的验证都需要验证
.and()

33
src/main/java/com/zhgd/xmgl/util/sj/CookieUtils.java
View File

@ -150,6 +150,39 @@ public final class CookieUtils {
}
}
/**
* 设置Cookie的值并使其在指定时间内生效
*
* @param cookieMaxAge cookie生效的最大秒数
*/
public static final void setCookie(HttpServletRequest request, HttpServletResponse response, String cookieName, String cookieValue,
Integer cookieMaxAge, String encodeString, Boolean httpOnly,String domain,String path) {
try {
if (StringUtils.isBlank(encodeString)) {
encodeString = "utf-8";
}
if (cookieValue == null) {
cookieValue = "";
} else {
cookieValue = URLEncoder.encode(cookieValue, encodeString);
}
Cookie cookie = new Cookie(cookieName, cookieValue);
if (cookieMaxAge != null && cookieMaxAge > 0)
cookie.setMaxAge(cookieMaxAge);
if (null != request)// 设置域名的cookie
cookie.setDomain(domain);
cookie.setPath(path);
if (httpOnly != null) {
cookie.setHttpOnly(httpOnly);
}
response.addCookie(cookie);
} catch (Exception e) {
logger.error("Cookie Encode Error.", e);
}
}
/**
* 得到cookie的域名
*/

7
src/main/resources/application-sjjt-gsx.properties
View File

@ -74,10 +74,15 @@ license.publicKeysStorePath=C:/jxj/prod/backEnd/license/publicCerts.keystore
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u7684\u6570\u636E\u540C\u6B65
#mq\u768461616\u7AEF\u53E3\u5BF9\u5E94\u7684\u5730\u5740
uop_sync_mq_brokerurl=tcp://192.168.98.48:31089
uop_sync_mq_brokerurl=tcp://116.169.63.183:31089
#mq\u7684\u7528\u6237\u540D
uop_sync_mq_username=admin
#mq\u7684\u5BC6\u7801
uop_sync_mq_password=admin
#\u5F00\u542F\u6D88\u606F\u63A5\u6536
c2_orguser_subscription=true
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u5730\u5740
sj.unifiedAuthentication.login.url=http://116.169.63.183:30913
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u6210\u529F\u8DF3\u8F6C\u540E\u63A5\u6536code\u7684\u5730\u5740
sj.unifiedAuthentication.login.code.url=http://wbtqry.natappfree.cc/xmgl/sj/unifiedAuthentication/getTokenByCode

6
src/main/resources/application-zjsj.properties
View File

@ -76,8 +76,4 @@ high_formwork.netty.port=15333
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u5730\u5740
sj.unifiedAuthentication.login.url=http://116.169.63.183:30913
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u6210\u529F\u8DF3\u8F6C\u540E\u63A5\u6536code\u7684\u5730\u5740
sj.unifiedAuthentication.login.code.url=http://ruau8s.natappfree.cc/test/getTokenByCode
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u5F55\u6210\u529F\u540E\u8DF3\u8F6C\u81EA\u5DF1\u5E94\u7528\u7684\u5730\u5740
sj.unifiedAuthentication.application.home.url=http://baidu.com
#\u4E09\u6C5F\u7EDF\u4E00\u767B\u51FA\u5730\u5740
sj.unifiedAuthentication.logout.redirect.url=
sj.unifiedAuthentication.login.code.url=http://ruau8s.natappfree.cc/test/getTokenByCode