优化

2023-11-29 18:16:16 +08:00 · 2023-11-29 18:16:16 +08:00 · 6d63bc901e
commit 6d63bc901e
parent 96b7393c89
3 changed files with 103 additions and 20 deletions
--- a/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/SsoLoginController.java
+++ b/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/SsoLoginController.java
@ -1,49 +1,122 @@
 package com.zhgd.xmgl.modules.basicdata.controller.admin;


+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.http.HttpUtil;
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.zhgd.annotation.OperLog;
 import com.zhgd.jeecg.common.api.vo.Result;
-import com.zhgd.xmgl.util.HttpUtil;
+import com.zhgd.xmgl.modules.basicdata.dto.SystemUserAuthDto;
+import com.zhgd.xmgl.modules.basicdata.entity.SystemUser;
+import com.zhgd.xmgl.modules.basicdata.entity.SystemUserDataScope;
+import com.zhgd.xmgl.modules.basicdata.service.ISystemUserDataScopeService;
+import com.zhgd.xmgl.modules.basicdata.service.ISystemUserService;
+import com.zhgd.xmgl.security.JwtTokenProvider;
 import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections.MapUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import springfox.documentation.annotations.ApiIgnore;

-import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;

+/**
+ * 临港接入山东通
+ *
+ * @return
+ */
@RestController
@RequestMapping("/xmgl/sso")
@Slf4j
@Api(tags = "统一用户登录")
 public class SsoLoginController {
+    @Autowired
+    ISystemUserService systemUserService;
+    @Autowired
+    private JwtTokenProvider jwtTokenProvider;
+    @Autowired
+    private ISystemUserDataScopeService systemUserDataScopeService;
+    @Value("${lg-corpid}")
+    private String corpid;
+    @Value("${lg-corpsecret}")
+    private String corpsecret;
+    @Value("${lg-corpurl}")
+    private String url;
+    @Value("${lg-agentid}")
+    private String agentid;

-    /**
-     * 临港接入山东通
-     * @return
-     */
-    @OperLog(operModul = "统一用户登录", operType="查询", operDesc = "同一用户登录")
-    @ApiOperation(value = "同一用户登录", notes = "同一用户登录" , httpMethod="GET")
-    @GetMapping(value = "/lgLogin")
-    public Result<Object> lgLogin(HttpServletRequest request) {
-        Result<Object> result = new Result<Object>();
-        String requestUrl = "http://59.206.205.195:80/cgi-bin/gettoken?corpid=id&corpsecret=secrect";
+
+    @OperLog(operModul = "统一用户登录", operType = "查询", operDesc = "获取令牌")
+    @ApiOperation(value = "获取令牌", notes = "获取令牌", httpMethod = "GET")
+    @GetMapping(value = "/getToken")
+    public Result<Object> getToken() {
+        Result<Object> result = new Result<>();
+        String requestUrl = url + "/cgi-bin/gettoken?corpid=" + corpid + "&corpsecret=" + corpsecret;
        //获取令牌
        String accessToken = "";
-        String reqResult = HttpUtil.doGet(requestUrl);
+        log.info("login>url:{}", requestUrl);
+        String reqResult = HttpUtil.get(requestUrl);
+        log.info("login>reqResult:{}", reqResult);
        JSONObject object = JSONObject.parseObject(reqResult);
        if (object.getInteger("errcode") == 0) {
-            accessToken = object.getString("errcode");
+            accessToken = object.getString("access_token");
        }
-        //获取授权码
-//        String getCodeUrl = "http://59.206.205.195:80/oauth2/authorize?appid=CORPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&agentid=AGENTID&state=STATE#wechat_redirect";
-
-        //获取登录用户统一用户编码
-//        String getUserCode = "http://59.206.205.195:80/cgi-bin/user/getuserinfo?access_token=ACCESS_TOKEN&code=CODE";
        result.setResult(accessToken);
+        log.info("getToken:{}", accessToken);
        return result;
    }

+
+    @OperLog(operModul = "统一用户登录", operType = "查询", operDesc = "统一用户登录")
+    @ApiOperation(value = "统一用户登录", notes = "统一用户登录", httpMethod = "GET")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "code", value = "授权码", paramType = "query", required = true, dataType = "String"),
+    })
+    @GetMapping(value = "/login")
+    public Result<SystemUserAuthDto> login(@ApiIgnore @RequestParam HashMap<String, Object> paramMap) {
+        Result<SystemUserAuthDto> result = new Result<>();
+        String code = MapUtils.getString(paramMap, "code");
+        String accessToken = String.valueOf(getToken().getResult());
+        String requestUrl = String.format("%s/cgi-bin/user/getuserinfo?access_token=%s&code=%s",
+                url, accessToken, code);
+        log.info("login>url:{}", requestUrl);
+        //获取令牌
+        String reqResult = HttpUtil.get(requestUrl);
+        log.info("login>reqResult:{}", reqResult);
+        JSONObject object = JSONObject.parseObject(reqResult);
+        if (object.getInteger("errcode") == 0) {
+            String userId = object.getString("UserId");
+            String getUserUrl = String.format("%s/cgi-bin/user/get?access_token=%s&userid=%s&avatar_addr=1",
+                    url, accessToken, userId);
+            log.info("login>getUserUrl:{}", getUserUrl);
+            String rsUser = HttpUtil.get(getUserUrl);
+            log.info("login>getUserUrl.reqResult:{}", rsUser);
+            JSONObject getUserUrlObj = JSONObject.parseObject(rsUser);
+            String mobile = getUserUrlObj.getString("mobile");
+            SystemUser user = systemUserService.getOne(Wrappers.<SystemUser>lambdaQuery()
+                    .eq(SystemUser::getUserTel, mobile));
+            SystemUserAuthDto userInfo = new SystemUserAuthDto();
+            BeanUtil.copyProperties(user, userInfo);
+            String token = jwtTokenProvider.createToken(userInfo.getAccount(), 3600 * 24 * 1000L);
+            userInfo.setToken(token);
+            userInfo.setIsEngineering(systemUserDataScopeService.count(Wrappers.<SystemUserDataScope>lambdaQuery()
+                    .eq(SystemUserDataScope::getUserId, userInfo.getUserId())) > 0);
+            result.setResult(userInfo);
+            result.setSuccess(true);
+            return result;
+        }
+        result.error500("登录失败");
+        return result;
+    }
+
+
 }
--- a/src/main/java/com/zhgd/xmgl/security/WebSecurityConfig.java
+++ b/src/main/java/com/zhgd/xmgl/security/WebSecurityConfig.java
@ -87,6 +87,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                    .antMatchers("/xmgl/baseMenu/getAll").permitAll()
                    .antMatchers("/xmgl/systemUser/analysis").permitAll()
                    .antMatchers("/project/workerAttendance/add").permitAll()
+                    .antMatchers("/xmgl/sso/login").permitAll()
                    .antMatchers(HttpMethod.OPTIONS, "/**").anonymous()
                    .anyRequest().authenticated()       // 剩下所有的验证都需要验证
                    .and()
--- a/src/main/resources/application-dev.properties
+++ b/src/main/resources/application-dev.properties
@ -64,4 +64,13 @@ magic-api.resource.location=D://data//magic-api
 magic-api.security.username=admin
 magic-api.security.password=JXJ@admin

-ufop.localStoragePath=D://qiwenfile
+ufop.localStoragePath=D://qiwenfile
+
+#统一登录的组织ID
+lg-corpid=wwafa1a3005a15a672
+#统一登录的应用的凭证秘钥
+lg-corpsecret=J1pfSAFLefRBvCZDx94y-8M-HuhinLkwZ0MF2EacwSM
+#统一登录的url
+lg-corpurl=http://59.206.205.195:80
+#统一登录的应用ID
+lg-agentid=1004632