单点登录处理

2025-02-08 12:28:12 +08:00 · 2025-02-08 12:28:12 +08:00 · c4f594a16f
parent e4fc50883e
commit c4f594a16f
1 changed files with 20 additions and 10 deletions
--- a/main/java/shjh/jhzj7/fi/fi/common/JHSSOAuthHandler.java
+++ b/main/java/shjh/jhzj7/fi/fi/common/JHSSOAuthHandler.java
@ -15,9 +15,11 @@ import java.net.URLEncoder;
 import java.util.Date;
 public class JHSSOAuthHandler implements ThirdSSOAuthHandler {
-    private static final String ssologinUrl = "https://www.baidu.com";
+    private static final String ssologinUrl = "https://iamtest.jahwa.com.cn:8443";
-    private static final String client_id = "id";//应用注册ID 由认证系统提供
+    private static final String client_id = "61513465e938cd47abe8";//应用注册ID 由认证系统提供
-    private static final String client_secret = "secret";//应用注册密码 由认证系统提供
+    private static final String client_secret = "ee0f3e7e1e931343bc28d63cf69a616f2842";//应用注册密码 由认证系统提供
    private String callBackUrl = System.getProperty("domain.contextUrl");
    @Override
    public void callTrdSSOLogin(HttpServletRequest hsrequest, HttpServletResponse hsresponse, String backUrl) {
@ -25,6 +27,8 @@ public class JHSSOAuthHandler implements ThirdSSOAuthHandler {
        //实现用户没有登录的时候跳转认证中心的登录地址
        //第一步：认证中心的登录地址（注意拼接参数和回调地址转义）,注意正式地址切换
        System.getProperty("domain.contextUrl");
 //        backUrl = "http://172.20.42.104:8881/ierp/auth/callbackTrdSSO.do?tenantNo=jahwa-uatenv&sandboxNo=2102993326188790784";
        callBackUrl = backUrl;
        StringBuffer ssoURL = new StringBuffer();
        ssoURL.append(ssologinUrl);
        ssoURL.append("/esc-sso/oauth2.0/authorize?client_id=");
@ -35,7 +39,7 @@ public class JHSSOAuthHandler implements ThirdSSOAuthHandler {
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
-        ssoURL.append("/auth/call_back&state=");
+        ssoURL.append("&state=");
        //state 额外参数，如果传递http需要转义。常用需要在登录完成之后跳转回之前的页面
        ssoURL.append(new Date().getTime());
        try {
@ -52,19 +56,20 @@ public class JHSSOAuthHandler implements ThirdSSOAuthHandler {
        UserAuthResult result = new UserAuthResult();
        result.setSucess(false);
        //将用户的认证凭据传输到认证系统进行认证，从而实现对认证凭据进行识别和获取用户信息，request包含请求的认证凭据
-        String workerNumber = getWorkerNumber(hsrequest);//此逻辑需二开实现
+        String numOrName = getWorkerNumberOrUseName(hsrequest);//此逻辑需二开实现
-        if(workerNumber != null){
+        if(numOrName != null){
            //当前返回类型手机，用户名，邮箱、工号
-            result.setUserType(UserProperType.WorkerNumber);
+//            result.setUserType(UserProperType.WorkerNumber);
            result.setUserType(UserProperType.UserName);
            //用户信息标识
-            result.setUser(workerNumber);
+            result.setUser(numOrName);
            result.setSucess(true);
        }
        return result;
    }
-    private String getWorkerNumber(HttpServletRequest hsrequest){
+    private String getWorkerNumberOrUseName(HttpServletRequest hsrequest){
        //第二步：SSO认证系统会携带临时code浏览器重定向至应用方回调地址，直接从请求中获取code
        String tempCode = hsrequest.getParameter("code");
        if(StringUtils.isEmpty(tempCode)){
@ -81,7 +86,12 @@ public class JHSSOAuthHandler implements ThirdSSOAuthHandler {
        ssoURL.append(tempCode);
        ssoURL.append("&redirect_uri=");//应用回调地址,需要http格式化
        try {
-            String linkPostjson = HttpClientUtils.postjson(ssoURL.toString(),null,null);
+            ssoURL.append(URLEncoder.encode(callBackUrl,"UTF-8"));//可能需要http地址转义
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
        try {
            String linkPostjson = HttpClientUtils.post(ssoURL.toString(),null,null);
            if (StringUtils.isNotEmpty(linkPostjson)) {
                JSONObject jsonObject = JSONObject.parseObject(linkPostjson);
                String accessToken = jsonObject.getString("access_token");