From baf9a4decf211a3631fb75a1707dfa14f4e9a1f2 Mon Sep 17 00:00:00 2001 From: luoluogit <1014532975@qq.com> Date: Fri, 20 Dec 2024 09:09:52 +0800 Subject: [PATCH] =?UTF-8?q?update:=E5=8A=A0=E5=AF=86=E8=A7=A3=E5=AF=86?= =?UTF-8?q?=E9=80=BB=E8=BE=91=E4=BF=AE=E5=A4=8D1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../shkd/sys/sys/eoss/SSOPluginLogin.java | 28 +++++++++++++------ .../backlogTack/ToDoResendTack.java | 6 +++- .../servicehandler/BacklogServiceHandle.java | 6 +++- .../main/java/shkd/sys/sys/utils/RSAUtil.java | 2 -- 4 files changed, 30 insertions(+), 12 deletions(-) diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java index 9e3a4a3..e14c268 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java @@ -2,14 +2,17 @@ package shkd.sys.sys.eoss; import kd.bos.cache.CacheFactory; import kd.bos.cache.DistributeSessionlessCache; +import kd.bos.dataentity.entity.DynamicObject; import kd.bos.exception.ErrorCode; import kd.bos.exception.KDBizException; import kd.bos.exception.KDException; +import kd.bos.krpc.container.page.pages.SystemPageHandler; import kd.bos.logging.Log; import kd.bos.logging.LogFactory; import kd.bos.login.thirdauth.ThirdSSOAuthHandler; import kd.bos.login.thirdauth.UserAuthResult; import kd.bos.login.thirdauth.UserProperType; +import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.servicehelper.user.UserServiceHelper; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; @@ -33,7 +36,6 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { /** * 方法实现用户没有登录的时候跳转认证中心的登录地址 - * */ @Override public void callTrdSSOLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String s) { @@ -66,7 +68,6 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { /** * 实现苍穹调用认证系统的接口解析认证凭据返回用户信息,按数据格式返回认证结果。 - * */ @Override public UserAuthResult getTrdSSOAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { @@ -78,6 +79,7 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { //获取返回的 sessionId String sessionId = httpServletRequest.getParameter("sessionId"); String userName = httpServletRequest.getParameter("userName"); + logger.info("获取待办链接中参数userName:" + userName); // RSAUtils. logger.info(String.format("getTrdSSOAuth→授权码code:%s", code)); @@ -86,7 +88,7 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { logger.error("getTrdSSOAuth→授权码code为空"); result.setSucess(false); return result; - } else if (StringUtils.isNotEmpty(code)){ + } else if (StringUtils.isNotEmpty(code)) { try { //TODO:调用accessToken方法 String access_token = AuthService.accessToken(code, EOSS_IP, CLIENT_ID, CLIENT_SECRET); @@ -107,15 +109,25 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { cache.put(userKey, sessionId);//将自定义参数加入缓存 } } catch (Exception e) { - throw new KDBizException("获取用户信息接口异常,SSO用户登录失败!"+e); + throw new KDBizException("获取用户信息接口异常,SSO用户登录失败!" + e); } - }else if (StringUtils.isNotEmpty(userName)){ - try{ - String user = RSAUtil.decrypt(userName,RSAUtil.getPrivateKeyFromString(RSAUtil.privateKeyString)); + } else if (StringUtils.isNotEmpty(userName)) { + try { +// Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_privatekeystring_tag"); +// logger.info("获取公共参数shkd_privatekeystring_tag:"+o); + logger.info("加密后user:" + userName); + String privateKeyString = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVcEZaQoPn+qado8nw5ZvKlbxEh/xQ9AiBMRUFpY0XibkrCa1T2A7bTWztoAkTaBby1ynOOX4q1BSTGiDVOcXkCZgMteqAlvg3y9YZTlV/6MkbPLNPZTuWgNMa2C6bMkkHfJJqkDI8IZbe3IUxNk4Rz6JWsLDaI6PNhSKbRIq3MHj/emsmkQN+ePAz0Elh4b/bD2L63lmJJEtoK9Ira2b/gl+VwqOiaZb8iZ4PrvCKQJucAPkdQAb2Etcv0Clb/VnzdgzzcR+gU5Ak2hJns29IFMS4jOGhAJkdLQX+fW1KS0Am9gsvYznIbv8R0Bv/PDz+jHrd36a9sMr/ixzOy3QBAgMBAAECggEAXOVc+XPxzUm+suXSwtJsmCPLqVg2bVWJThF6wNZpLlF3ElBH7DIhZTmxq0r4KEYpltAnFebYDvP3cH7yw1s90h6K2x1iT01mA4LoUGNTuzQqM3yb3naFFOBFAW4N+uZL+sIxR8gy1REZhS4dmmm0WPQyB+EnWAojBRRpF4MhjND0ncSRJhWLTg3SiOSidedaVuI9AncwXlsH3hvJTM9xrL86tGIuFZe1JDCbg5zCU0Scz6LFnSc4UISajPEy0u7v8l74k2Tqr+XXOCAbG4gSr12BazQ7c7pT0hnwE1t/WKdeu033dbTfz+FkZ/ARFgfsjuGBrc2LA7A/FbOD28mTcQKBgQDrC41Z14Iz4N+hr4fvilCqou/GcF7T5CP//tKqj3RRgCYu3XF1btQ+iXMRc40NzdCdxmH+BMJ9lS51Soi0dzvHuQTn/A/3cviBfmzptqTMp0T2RpXQ0bSe4wqUT3fdenFm39xbw9p+b+eknZ8lrGM6fn06GBP6mQ+USMvZAnkdawKBgQDod5hasx8rMveJsNdqp/vGOFVtCh6RVX0rV8vlJ1tLGAhxBQbPbbmB/H773Fqyhc7NOWPFbSuHXtZtArgTY5wHwHcBZ41nB7E5Y40wMql8eNFhBFAb1M8xy7o+cX5gIsphrBRiGGM9MBhQNea2cH3flKW9NPKdvH3dF0sv/OGDQwKBgQClV60JpDZtdCUcwjPn5+6y+oedmnK6r+Q7MvDTFrMGmhVCJnin2Vzo2RvfDOAO89drBaDtZj/Cw+y4icP831toNdkjsAczVOdHgL3w8pCffpNeg2zkRoC+vIw2pGh3nqija5rB2taa1vGmtVK817W98jj5YvK6+G0jLMppT/oPHQKBgQC7S3Ai02Jvabbq5uIIeqNtxwF8wsRyD9CzVR9f11/Elu5mMMiV4y+tPQQKZDVm1EwUKQLrk9OYU56rYZ9xb7XMwRKgvQ++TQJK3JxqksbfFHCNm+33HnR5CE1b9hD938ny+7PIfSGnsNJF/ceOgf/IXXlTgg9favh1Y0ketr3zBQKBgFKWHvw/i1j4F/6vQIBn4ke22Ja8qXDNLfIUEcgqqvIx5N6Imv8DLyvu56CWveThVzk810VHRqoJ3aIgA8oTs/mQyd8G/S8jbyufl2GeoHap9azSr63HZh4v8ZBMQuA6xP2CEUByEyIWknwo7pp9yj8gJZUFmvTthY6SvkYrqg1H"; + logger.info("私钥string:" + privateKeyString); + String cleanedBase64String = privateKeyString.replaceAll("[^A-Za-z0-9+/=]", ""); + PrivateKey privateKey = RSAUtil.getPrivateKeyFromString(cleanedBase64String); + logger.info("私钥:" + privateKey); + String user = RSAUtil.decrypt(userName, privateKey); + logger.info("SSO用户名:" + user); result.setUser(user); result.setSucess(true); logger.info("SSO用户登录成功,进入苍穹系统"); - }catch (Exception e){ + } catch (Exception e) { + logger.info("私钥解密异常:{}", e); ErrorCode errorCode = new ErrorCode("error_code", "私钥解密出现异常,请联系运维人员排查!"); throw new KDException(errorCode, e); } diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java index 6f17e07..237109f 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java @@ -15,6 +15,7 @@ import kd.bos.login.utils.DateUtils; import kd.bos.orm.query.QFilter; import kd.bos.schedule.executor.AbstractTask; import kd.bos.servicehelper.QueryServiceHelper; +import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.util.StringUtils; import org.apache.commons.codec.binary.Base64; import shkd.sys.sys.midservice.handler.CreateToDoHandler; @@ -176,7 +177,10 @@ public class ToDoResendTack extends AbstractTask { "phone,username", new QFilter[]{new QFilter("id", "=", next.getString("freceiveuserid"))}); String userName; try { - userName = RSAUtil.decrypt(dynamicObject.getString("username"),RSAUtil.getPrivateKeyFromString(RSAUtil.publicKeyString)); + Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring"); + logger.info("公钥:"+o); + userName = RSAUtil.encrypt(dynamicObject.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o))); + logger.info("公钥加密后user:"+userName); }catch (Exception e){ ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!"); throw new KDException(errorCode, e); diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java index 5bdbc94..fc118ef 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java @@ -8,6 +8,7 @@ import kd.bos.logging.Log; import kd.bos.logging.LogFactory; import kd.bos.orm.query.QFilter; import kd.bos.servicehelper.QueryServiceHelper; +import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.workflow.engine.msg.ctx.MessageContext; import kd.bos.workflow.engine.msg.handler.AbstractServiceHandler; import kd.bos.workflow.engine.msg.info.ToDoInfo; @@ -46,7 +47,10 @@ public class BacklogServiceHandle extends AbstractServiceHandler { for (DynamicObject query_one : query) { String userName; try { - userName = RSAUtil.encrypt(query_one.getString("username"),RSAUtil.getPublicKeyFromString(RSAUtil.publicKeyString)); + Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring"); + logger.info("公钥:"+o); + userName = RSAUtil.encrypt(query_one.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o))); + logger.info("公钥加密后user:"+userName); }catch (Exception e){ logger.info("####公钥加密出现异常,请联系运维人员排查!"); ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!"); diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/RSAUtil.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/RSAUtil.java index 38f6dad..edb5b52 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/RSAUtil.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/RSAUtil.java @@ -10,8 +10,6 @@ import java.util.Base64; public class RSAUtil { - public static String publicKeyString = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XBGWkKD5/qmnaPJ8OWbypW8RIf8UPQIgTEVBaWNF4m5KwmtU9gO201s7aAJE2gW8tcpzjl+KtQUkxog1TnF5AmYDLXqgJb4N8vWGU5Vf+jJGzyzT2U7loDTGtgumzJJB3ySapAyPCGW3tyFMTZOEc+iVrCw2iOjzYUim0SKtzB4/3prJpEDfnjwM9BJYeG/2w9i+t5ZiSRLaCvSK2tm/4JflcKjommW/ImeD67wikCbnAD5HUAG9hLXL9ApW/1Z83YM83EfoFOQJNoSZ7NvSBTEuIzhoQCZHS0F/n1tSktAJvYLL2M5yG7/EdAb/zw8/ox63d+mvbDK/4sczst0AQIDAQAB"; - public static String privateKeyString = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVcEZaQoPn+qado8nw5ZvKlbxEh/xQ9AiBMRUFpY0XibkrCa1T2A7bTWztoAkTaBby1ynOOX4q1BSTGiDVOcXkCZgMteqAlvg3y9YZTlV/6MkbPLNPZTuWgNMa2C6bMkkHfJJqkDI8IZbe3IUxNk4Rz6JWsLDaI6PNhSKbRIq3MHj/emsmkQN+ePAz0Elh4b/bD2L63lmJJEtoK9Ira2b/gl+VwqOiaZb8iZ4PrvCKQJucAPkdQAb2Etcv0Clb/VnzdgzzcR+gU5Ak2hJns29IFMS4jOGhAJkdLQX+fW1KS0Am9gsvYznIbv8R0Bv/PDz+jHrd36a9sMr/ixzOy3QBAgMBAAECggEAXOVc+XPxzUm+suXSwtJsmCPLqVg2bVWJThF6wNZpLlF3ElBH7DIhZTmxq0r4KEYpltAnFebYDvP3cH7yw1s90h6K2x1iT01mA4LoUGNTuzQqM3yb3naFFOBFAW4N+uZL+sIxR8gy1REZhS4dmmm0WPQyB+EnWAojBRRpF4MhjND0ncSRJhWLTg3SiOSidedaVuI9AncwXlsH3hvJTM9xrL86tGIuFZe1JDCbg5zCU0Scz6LFnSc4UISajPEy0u7v8l74k2Tqr+XXOCAbG4gSr12BazQ7c7pT0hnwE1t/WKdeu033dbTfz+FkZ/ARFgfsjuGBrc2LA7A/FbOD28mTcQKBgQDrC41Z14Iz4N+hr4fvilCqou/GcF7T5CP//tKqj3RRgCYu3XF1btQ+iXMRc40NzdCdxmH+BMJ9lS51Soi0dzvHuQTn/A/3cviBfmzptqTMp0T2RpXQ0bSe4wqUT3fdenFm39xbw9p+b+eknZ8lrGM6fn06GBP6mQ+USMvZAnkdawKBgQDod5hasx8rMveJsNdqp/vGOFVtCh6RVX0rV8vlJ1tLGAhxBQbPbbmB/H773Fqyhc7NOWPFbSuHXtZtArgTY5wHwHcBZ41nB7E5Y40wMql8eNFhBFAb1M8xy7o+cX5gIsphrBRiGGM9MBhQNea2cH3flKW9NPKdvH3dF0sv/OGDQwKBgQClV60JpDZtdCUcwjPn5+6y+oedmnK6r+Q7MvDTFrMGmhVCJnin2Vzo2RvfDOAO89drBaDtZj/Cw+y4icP831toNdkjsAczVOdHgL3w8pCffpNeg2zkRoC+vIw2pGh3nqija5rB2taa1vGmtVK817W98jj5YvK6+G0jLMppT/oPHQKBgQC7S3Ai02Jvabbq5uIIeqNtxwF8wsRyD9CzVR9f11/Elu5mMMiV4y+tPQQKZDVm1EwUKQLrk9OYU56rYZ9xb7XMwRKgvQ++TQJK3JxqksbfFHCNm+33HnR5CE1b9hD938ny+7PIfSGnsNJF/ceOgf/IXXlTgg9favh1Y0ketr3zBQKBgFKWHvw/i1j4F/6vQIBn4ke22Ja8qXDNLfIUEcgqqvIx5N6Imv8DLyvu56CWveThVzk810VHRqoJ3aIgA8oTs/mQyd8G/S8jbyufl2GeoHap9azSr63HZh4v8ZBMQuA6xP2CEUByEyIWknwo7pp9yj8gJZUFmvTthY6SvkYrqg1H"; /** * 加密