Merge remote-tracking branch 'origin/main' into main

2025-07-01 16:52:20 +08:00 · 2025-07-01 16:52:20 +08:00 · 7267c7a8f4
parent dfd770ac73 99365b776a
commit 7267c7a8f4
1 changed files with 24 additions and 23 deletions
--- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java
+++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java
@ -29,7 +29,7 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler {
    private final String CLIENT_ID2 = System.getProperty("scnyfz-clientKey");
    private final String CLIENT_SECRET2 = System.getProperty("scnyfz-scict");
    private final String EOSS_IP2 = System.getProperty("scnyfz-ip2");
-    private final String skIP = System.getProperty("backlog-ip");
+    private final String skIP = System.getProperty("backlog-url");


    /**
@ -54,12 +54,14 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler {
            secret = CLIENT_SECRET;
        }
        logger.info(String.format("callTrdSSOLogin→queryUrl：%s", queryUrl));
+        logger.info(String.format("eoss_ip:%s,client_id:%s,client_secret:%s,重定向地址：%s", ip, client, secret, s));
+
        String ssourl;
        try {
+            logger.info(String.format("callTrdSSOLogin→true/false：%s", queryUrl.contains("wf_approvalpage")));
            //非待办登录到首页
            if (!queryUrl.contains("wf_approvalpage")) {
                //认证中心的登录地址
-                logger.info(String.format("eoss_ip:%s,client_id:%s,client_secret:%s,重定向地址：%s", ip, client, secret, s));
                //重定向的统一认证的地址 获取授权码
                ssourl = String.format("%s/sso2/authCenter/authorize?client_id=%s&response_type=code&sessionKeep=true&authType=0&redirect_uri=%s",
                        ip, client, s);
@ -117,42 +119,41 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler {
            result.setSucess(false);
            return result;
        }
+        String param = httpServletRequest.getParameter("param");
+        //获取返回的 sessionId
+        String sessionId = httpServletRequest.getParameter("sessionId");
+        logger.info(String.format("getTrdSSOAuth→sessionId：%s", sessionId));
+        //解码
+        if(StringUtils.isNotEmpty(param) ){
+            byte[] decodedBytes = Base64.getDecoder().decode(param);
+            String paramString = new String(decodedBytes, StandardCharsets.UTF_8);
+            //二次重定向到待办页面，并且修改EOSS返回的sessionId的key值
+            try {
+                httpServletResponse.sendRedirect(httpServletRequest.getRequestURI() + "?" + paramString + "&code=" + code+"&eossSessionId="+sessionId);
+            } catch (IOException e) {
+                logger.info(String.format("getTrdSSOAuth→sendRedirect异常：%s", httpServletRequest.getRequestURI() + "?" + paramString + "&code=" + code+"&eossSessionId="+sessionId));
+                throw new RuntimeException(e);
+            }
+        }
+        //二次重定向进入
+        if (StringUtils.isNotEmpty(code) && StringUtils.isEmpty(sessionId) ) {
            //调用EOSS获取token接口
            String access_token = AuthService.accessToken(code, ip, client, secret);
            logger.info(String.format("getTrdSSOAuth→accessToken返回数据：%s", access_token));
            //调用EOSS获取用户信息接口
            String user = AuthService.getUserInfo(access_token, ip, client, secret);
            logger.info(String.format("getTrdSSOAuth→getUserInfo返回数据：%s", user));
-        String param = httpServletRequest.getParameter("param");
-        //解码
-        if (param != null) {
-            byte[] decodedBytes = Base64.getDecoder().decode(param);
-            String paramString = new String(decodedBytes, StandardCharsets.UTF_8);
-            try {
-                //获取返回的 sessionId
-                String sessionId = httpServletRequest.getParameter("sessionId");
-                logger.info(String.format("getTrdSSOAuth→sessionId：%s", sessionId));
            String userKey = "user_sessionId_" + user;
            //存储sessionId用于退出系统
            DistributeSessionlessCache cache = CacheFactory.getCommonCacheFactory().getDistributeSessionlessCache("customRegion");
-                cache.put(userKey, sessionId);
-                //二次重定向到待办页面，并且不携带EOSS返回的sessionId
-                httpServletResponse.sendRedirect(httpServletRequest.getRequestURI() + "?" + paramString + "&code=" + code);
-            } catch (IOException e) {
-                logger.error("二次重定向到待办页面异常！" + e.getMessage());
-                throw new RuntimeException(e);
-            }
-            result.setSucess(false);
-            return result;
-        }
-        //二次重定向进入
-        result.setUserType(UserProperType.UserName);
-        if (StringUtils.isNotEmpty(code) && user != null) {
+            cache.put(userKey, httpServletRequest.getParameter("eossSessionId"));
            //当前返回类型手机，用户名，email，工号
            result.setUserType(UserProperType.UserName);
            result.setUser(user);
            result.setSucess(true);
            logger.info("SSO用户登录成功，进入苍穹系统");
+        }else{
+            result.setSucess(false);
        }
        return result;
    }