From 2de9dc5c0949e9c4ed423c7529ec1de964708f6b Mon Sep 17 00:00:00 2001 From: wenlukang1 Date: Fri, 4 Jul 2025 09:29:33 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=A4=E5=A5=97=E5=8D=95=E7=82=B9=E7=99=BB?= =?UTF-8?q?=E5=BD=95+=E4=B8=A4=E5=A5=97=E7=B3=BB=E7=BB=9F=E5=BE=85?= =?UTF-8?q?=E5=8A=9E=E8=B7=B3=E8=BD=ACbug=E4=BF=AE=E5=A4=8D5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../shkd/sys/sys/eoss/SSOPluginLogin.java | 35 ++++++++++++------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java index f1be003..4d34d2f 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java @@ -41,7 +41,6 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { String ip; String client; String secret; - String queryUrlOld = httpServletRequest.getQueryString(); if (queryUrlOld.contains("isNew")) { ip = EOSS_IP2; @@ -56,6 +55,8 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { logger.info(String.format("eoss_ip:%s,client_id:%s,client_secret:%s,重定向地址:%s", ip, client, secret, s)); String queryUrlNew = Base64.getEncoder().encodeToString(queryUrlOld.getBytes(StandardCharsets.UTF_8)); String redirect = skIP + "/index.html?param=" + queryUrlNew; +// String redirect = "http://127.0.0.1:8881/ierp" + "/index.html?param=" + queryUrlNew; + logger.info(String.format("callTrdSSOLogin→redirect:%s", redirect)); if (queryUrlOld.contains("code")) { return; @@ -96,7 +97,9 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { String ip; String client; String secret; - if (httpServletRequest.getQueryString().contains("isNew")) { + String queryUrlOld = httpServletRequest.getQueryString(); + logger.info(String.format("getTrdSSOAuth→queryUrlOld:%s", queryUrlOld)); + if (queryUrlOld.contains("isNew")) { ip = EOSS_IP2; client = CLIENT_ID2; secret = CLIENT_SECRET2; @@ -117,18 +120,26 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { String param = httpServletRequest.getParameter("param"); //获取返回的 sessionId String sessionId = httpServletRequest.getParameter("sessionId"); + String requestURI = httpServletRequest.getRequestURI(); logger.info(String.format("getTrdSSOAuth→sessionId:%s", sessionId)); - //解码 - if (StringUtils.isNotEmpty(param)) { - byte[] decodedBytes = Base64.getDecoder().decode(param); - String paramString = new String(decodedBytes, StandardCharsets.UTF_8); - //二次重定向到待办页面,并且修改EOSS返回的sessionId的key值 - try { - httpServletResponse.sendRedirect(httpServletRequest.getRequestURI() + "?" + paramString + "&code=" + code + "&eossSessionId=" + sessionId); - } catch (IOException e) { - logger.info(String.format("getTrdSSOAuth→sendRedirect异常:%s", httpServletRequest.getRequestURI() + "?" + paramString + "&code=" + code + "&eossSessionId=" + sessionId)); - throw new RuntimeException(e); + try { + //如果直接携带了code与session,并且未通过加密成param,需要去除session参数,并将其key替换为eossSessionId即可 + if (StringUtils.isNotEmpty(code) && StringUtils.isNotEmpty(sessionId) && StringUtils.isEmpty(param)){ + String replace = queryUrlOld.replace("sessionId", "eossSessionId"); + httpServletResponse.sendRedirect(requestURI+"?"+replace); + logger.info(String.format("getTrdSSOAuth→sendRedirect:%s", replace)); } + //携带了code,并且加密成param,解密param,并重定向进入司库 + else if (StringUtils.isNotEmpty(param)) { + //解码 + byte[] decodedBytes = Base64.getDecoder().decode(param); + String queryUrlNew = new String(decodedBytes, StandardCharsets.UTF_8); + httpServletResponse.sendRedirect(requestURI + "?" + queryUrlNew + "&code=" + code + "&eossSessionId=" + sessionId); + logger.info(String.format("getTrdSSOAuth→sendRedirect:%s", requestURI + "?" + queryUrlNew + "&code=" + code + "&eossSessionId=" + sessionId)); + } + } catch (IOException e) { + logger.info(String.format("getTrdSSOAuth→sendRedirect异常:%s", e)); + throw new RuntimeException(e); } //二次重定向进入 if (StringUtils.isNotEmpty(code) && StringUtils.isEmpty(sessionId)) {