From a57a7e2f48d1f24ad98e86ba80b45cf45e0f0f30 Mon Sep 17 00:00:00 2001 From: owan Date: Fri, 8 Nov 2024 15:57:59 +0800 Subject: [PATCH] =?UTF-8?q?EOSS=E5=8D=95=E7=82=B9=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E5=88=9D=E7=A8=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/shkd/sys/sys/eoss/AuthService.java | 84 +++++++++++++++++ .../shkd/sys/sys/eoss/SSOPluginLogin.java | 94 +++++++++++++++++++ 2 files changed, 178 insertions(+) create mode 100644 sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/AuthService.java create mode 100644 sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/AuthService.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/AuthService.java new file mode 100644 index 0000000..60f45d2 --- /dev/null +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/AuthService.java @@ -0,0 +1,84 @@ +package shkd.sys.sys.eoss; + +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import kd.bos.logging.Log; +import kd.bos.logging.LogFactory; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpMethod; +import org.springframework.http.ResponseEntity; +import org.springframework.web.client.RestTemplate; + +import java.util.HashMap; + +/** + * @program: laxv-cosmic + * @author: Lang + * @create: 2024-11-08 10:50 + * @description: 认证服务 + **/ +public class AuthService { + private final static Log logger = LogFactory.getLog(AuthService.class); + private static RestTemplate restTemplate = new RestTemplate(); + /** + * 获取访问 token 信息的接口 + * @param code + * @return + */ + public static String accessToken(String code,String eoss_ip,String client_id,String client_secret) { + HttpHeaders api_headers = new HttpHeaders();//请求头 + api_headers.add("Content-Type", "application/json; charset=utf-8"); +// String param= String.format("client_id=%s&client_secret=%s&grant_type=code&authType=0&code= %s",CLIENT_ID,CLIENT_SECRET,code); + HashMap requestBody = new HashMap<>(); + requestBody.put("client_id", client_id); + requestBody.put("client_secret", client_secret); + requestBody.put("grant_type", "authorization_code"); + requestBody.put("code", code); + requestBody.put("authType", 0); + + String api_jsonBody = JSON.toJSONString(requestBody);//请求体 + HttpEntity api_requestEntity = new HttpEntity<>(api_jsonBody, api_headers); + + String url = String.format("%s/sso2/authCenter/accessToken", eoss_ip); + logger.info(String.format("accessToken→请求地址:%s,请求参数:%s",url,JSON.toJSONString(api_requestEntity))); + + ResponseEntity response = restTemplate.postForEntity(url, api_requestEntity, String.class); + JSONObject jsonObject = JSON.parseObject(response.getBody()); + logger.info(String.format("accessToken→返回结果:%s",jsonObject)); + if ("0".equals(jsonObject.get("code").toString())){ + String data = jsonObject.getString("data"); + return data; + } + return null; + } + + /** + * 该接口主要实现当前登录用户信息的获取 + * @param token + * @return + */ + public static String getUserInfo(String token,String eoss_ip,String client_id,String client_secret){ +// SystemParamServiceHelper.getP + logger.info("getUserInfo→请求地址:%s", token); + HttpHeaders api_headers = new HttpHeaders();//请求头 + api_headers.add("Content-Type", "application/json; charset=utf-8"); + HashMap requestBody = new HashMap<>(); + requestBody.put("access_token", token); + requestBody.put("client_id", client_id); + requestBody.put("client_secret", client_secret); + requestBody.put("authType", 0); + HttpEntity api_requestEntity = new HttpEntity<>(null, api_headers); + + String url = String.format("%s/sso2/authCenter/myAccount", eoss_ip); + logger.info(String.format("getUserInfo→请求地址:%s,请求参数:%s",url,JSON.toJSONString(api_requestEntity))); + ResponseEntity response = restTemplate.exchange(url, HttpMethod.GET, api_requestEntity, String.class, requestBody); + JSONObject jsonObject = JSON.parseObject(response.getBody()); + logger.info(String.format("getUserInfo→返回结果:%s",jsonObject)); + if ("0".equals(jsonObject.get("code").toString())){ + String data = jsonObject.getString("data"); + return data; + } + return null; + } +} diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java new file mode 100644 index 0000000..96f722b --- /dev/null +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java @@ -0,0 +1,94 @@ +package shkd.sys.sys.eoss; + +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import kd.bos.logging.Log; +import kd.bos.logging.LogFactory; +import kd.bos.login.thirdauth.ThirdSSOAuthHandler; +import kd.bos.login.thirdauth.UserAuthResult; +import org.apache.commons.lang3.StringUtils; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +import static kd.bos.login.thirdauth.UserProperType.UserName; + +/** + * @program: laxv-cosmic + * @author: Lang + * @create: 2024-09-27 15:48 + * @description: 单点登录-川投统一认证 + **/ +public class SSOPluginLogin implements ThirdSSOAuthHandler { + private final static Log logger = LogFactory.getLog(SSOPluginLogin.class); + private final String CLIENT_ID = System.getProperty("clientKey-scict"); + private final String CLIENT_SECRET = System.getProperty("clientSecret-scict"); + private final String EOSS_IP = System.getProperty("ip-port"); + /** + * 方法实现用户没有登录的时候跳转认证中心的登录地址 + * @param httpServletRequest + * @param httpServletResponse + * @param s + */ + @Override + public void callTrdSSOLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String s) { + //认证中心的登录地址 + logger.info(String.format("eoss_ip:%s,client_id:%s,client_secret:%s,重定向地址:%s",EOSS_IP,CLIENT_ID,CLIENT_SECRET,s)); + try { + //重定向的统一认证的地址 + /** + * 获取授权码 + */ + String ssourl=String.format("%s/sso2/authCenter/authorize?client_id=%s&response_type=code&authType=0redirect_uri=%s", + EOSS_IP,CLIENT_ID,s); + logger.info(String.format("重定向地址→sendRedirect:%s",ssourl)); + httpServletResponse.sendRedirect(ssourl); + } catch (IOException e) { + throw new RuntimeException(e); + } + } + + /** + * 实现苍穹调用认证系统的接口解析认证凭据返回用户信息,按数据格式返回认证结果。 + * @param httpServletRequest + * @param httpServletResponse + * @return + */ + @Override + public UserAuthResult getTrdSSOAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { + logger.info(String.format("getTrdSSOAuth→httpServletRequest:%s",httpServletRequest)); + String code = httpServletRequest.getParameter("code"); + //返回的认证结果 + UserAuthResult result=new UserAuthResult(); + if (StringUtils.isEmpty(code)){ + logger.error("getTrdSSOAuth→统一认证授权码为空"); + result.setSucess(false); + } + try { + //TODO:调用accessToken方法 + String data = AuthService.accessToken(code,EOSS_IP,CLIENT_ID,CLIENT_SECRET); + logger.info(String.format("accessToken返回数据:%s",data)); + //TODO:调用getUserInfo方法 + String access_token = JSON.parseObject(data).getString("access_token"); + String user = AuthService.getUserInfo(access_token,EOSS_IP,CLIENT_ID,CLIENT_SECRET); + logger.info(String.format("getUserInfo返回数据:%s",user)); + + JSONObject jsonObject = JSON.parseObject(user); + JSONObject loginUser = jsonObject.getJSONObject("data"); + String loginName = loginUser.getString("loginName");//登录账户 + String userName = loginUser.getString("Nm");//用户姓名 + if(loginName!=null){ + //当前返回类型手机,用户名,email,工号 + result.setUserType(UserName); + result.setUser(loginName); + result.setSucess(true); + } + } catch (Exception e) { + e.printStackTrace(); + } + logger.info("SSO用户登录成功,进入苍穹系统"); + return result; + } +} +