Merge remote-tracking branch 'origin/main'

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/AuthService.java

@@ -0,0 +1,83 @@
+package shkd.sys.sys.eoss;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import kd.bos.logging.Log;
+import kd.bos.logging.LogFactory;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.client.RestTemplate;
+
+import java.util.HashMap;
+
+/**
+ * @program: laxv-cosmic
+ * @author: Lang
+ * @create: 2024-11-08 10:50
+ * @description: 认证服务
+ **/
+public class AuthService {
+    private final static Log logger = LogFactory.getLog(AuthService.class);
+    private static RestTemplate restTemplate = new RestTemplate();
+    /**
+     * 获取访问 token 信息的接口
+     * @param code
+     * @return
+     */
+    public static String accessToken(String code,String eoss_ip,String client_id,String client_secret) {
+        HttpHeaders api_headers = new HttpHeaders();//请求头
+        api_headers.add("Content-Type", "application/json; charset=utf-8");
+//        String param= String.format("client_id=%s&client_secret=%s&grant_type=code&authType=0&code= %s",CLIENT_ID,CLIENT_SECRET,code);
+        HashMap<String, Object> requestBody = new HashMap<>();
+        requestBody.put("client_id", client_id);
+        requestBody.put("client_secret", client_secret);
+        requestBody.put("grant_type", "authorization_code");
+        requestBody.put("code", code);
+        requestBody.put("authType", 0);
+
+        String api_jsonBody = JSON.toJSONString(requestBody);//请求体
+        HttpEntity<String> api_requestEntity = new HttpEntity<>(api_jsonBody, api_headers);
+
+        String url = String.format("%s/sso2/authCenter/accessToken", eoss_ip);
+        logger.info(String.format("accessToken→请求地址：%s,请求参数:%s",url,JSON.toJSONString(api_requestEntity)));
+
+        ResponseEntity<String> response = restTemplate.postForEntity(url, api_requestEntity, String.class);
+        JSONObject jsonObject = JSON.parseObject(response.getBody());
+        logger.info(String.format("accessToken→返回结果:%s",jsonObject));
+        if ("0".equals(jsonObject.get("code").toString())){
+            String data = jsonObject.getString("data");
+            return data;
+        }
+        return null;
+    }
+
+    /**
+     * 该接口主要实现当前登录用户信息的获取
+     * @param token
+     * @return
+     */
+    public static String  getUserInfo(String token,String eoss_ip,String client_id,String client_secret){
+        logger.info("getUserInfo→请求token：%s", token);
+        HttpHeaders api_headers = new HttpHeaders();//请求头
+        api_headers.add("Content-Type", "application/json; charset=utf-8");
+        HashMap<String, Object> requestBody = new HashMap<>();
+        requestBody.put("access_token", token);
+        requestBody.put("client_id", client_id);
+        requestBody.put("client_secret", client_secret);
+        requestBody.put("authType", 0);
+        HttpEntity<String> api_requestEntity = new HttpEntity<>(null, api_headers);
+
+        String url = String.format("%s/sso2/authCenter/myAccount", eoss_ip);
+        logger.info(String.format("getUserInfo→请求地址：%s,请求参数:%s",url,JSON.toJSONString(api_requestEntity)));
+        ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, api_requestEntity, String.class, requestBody);
+        JSONObject jsonObject = JSON.parseObject(response.getBody());
+        logger.info(String.format("getUserInfo→返回结果:%s",jsonObject));
+        if ("0".equals(jsonObject.get("code").toString())){
+            String data = jsonObject.getString("data");
+            return data;
+        }
+        return null;
+    }
+}

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java

@@ -0,0 +1,96 @@
+package shkd.sys.sys.eoss;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import kd.bos.logging.Log;
+import kd.bos.logging.LogFactory;
+import kd.bos.login.thirdauth.ThirdSSOAuthHandler;
+import kd.bos.login.thirdauth.UserAuthResult;
+import org.apache.commons.lang3.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+import static kd.bos.login.thirdauth.UserProperType.UserName;
+
+/**
+ * @program: laxv-cosmic
+ * @author: Lang
+ * @create: 2024-09-27 15:48
+ * @description: 单点登录-川投统一认证
+ **/
+public class SSOPluginLogin implements ThirdSSOAuthHandler {
+    private final static Log logger = LogFactory.getLog(SSOPluginLogin.class);
+    private final String CLIENT_ID = System.getProperty("clientKey-scict");
+    private final String CLIENT_SECRET = System.getProperty("clientSecret-scict");
+    private final String EOSS_IP = System.getProperty("ip-port");
+    /**
+     * 方法实现用户没有登录的时候跳转认证中心的登录地址
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param s
+     */
+    @Override
+    public void callTrdSSOLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String s) {
+        //认证中心的登录地址
+        logger.info(String.format("eoss_ip:%s,client_id:%s,client_secret:%s,重定向地址：%s",EOSS_IP,CLIENT_ID,CLIENT_SECRET,s));
+        try {
+            //重定向的统一认证的地址
+            /**
+             * 获取授权码
+             */
+            String ssourl=String.format("%s/sso2/authCenter/authorize?client_id=%s&response_type=code&authType=0redirect_uri=%s",
+                    EOSS_IP,CLIENT_ID,s);
+            logger.info(String.format("重定向地址→sendRedirect：%s",ssourl));
+            httpServletResponse.sendRedirect(ssourl);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * 实现苍穹调用认证系统的接口解析认证凭据返回用户信息，按数据格式返回认证结果。
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @return
+     */
+    @Override
+    public UserAuthResult getTrdSSOAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
+        logger.info(String.format("getTrdSSOAuth→httpServletRequest：%s",httpServletRequest));
+        String code = httpServletRequest.getParameter("code");
+        //返回的认证结果
+        UserAuthResult result=new UserAuthResult();
+        if (StringUtils.isEmpty(code)){
+            logger.error("getTrdSSOAuth→统一认证授权码为空");
+            result.setSucess(false);
+        }else {
+            try {
+                //TODO:调用accessToken方法
+                String data = AuthService.accessToken(code, EOSS_IP, CLIENT_ID, CLIENT_SECRET);
+                logger.info(String.format("accessToken返回数据：%s", data));
+
+                //TODO:调用getUserInfo方法
+                String access_token = JSON.parseObject(data).getString("access_token");
+                String user = AuthService.getUserInfo(access_token, EOSS_IP, CLIENT_ID, CLIENT_SECRET);
+                logger.info(String.format("getUserInfo返回数据：%s", user));
+
+                JSONObject jsonObject = JSON.parseObject(user);
+                JSONObject loginUser = jsonObject.getJSONObject("data");
+                String loginName = loginUser.getString("loginName");//登录账户
+                String userName = loginUser.getString("Nm");//用户姓名
+                if (loginName != null) {
+                    //当前返回类型手机，用户名，email，工号
+                    result.setUserType(UserName);
+                    result.setUser(loginName);
+                    result.setSucess(true);
+                    logger.info("SSO用户登录成功，进入苍穹系统");
+                }
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+        }
+        return result;
+    }
+}
+