diff --git a/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java b/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java index 44ca89df30..f5c8da7ad4 100644 --- a/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java +++ b/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java @@ -9,10 +9,7 @@ import com.epmet.dto.result.UserTokenResultDTO; import com.epmet.service.ThirdLoginService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import java.util.List; @@ -219,4 +216,16 @@ public class ThirdLoginController { ValidatorUtils.validateEntity(formDTO); return new Result().ok(thirdLoginService.govLoginInternalDing(formDTO)); } + + /** + * 根据免登授权码, 获取登录用户身份 + * + * @param authCode 烟台认证中心 授权码 + * @return + */ + @PostMapping("sso-govlogin-yantai/{authCode}") + public Result yantaiSSOLogin(@RequestParam(value = "authCode") String authCode) { + return new Result().ok(thirdLoginService.yanTaiSSOLogin(authCode)); + } + } diff --git a/epmet-auth/src/main/java/com/epmet/service/ThirdLoginService.java b/epmet-auth/src/main/java/com/epmet/service/ThirdLoginService.java index dff5e129e5..f939656023 100644 --- a/epmet-auth/src/main/java/com/epmet/service/ThirdLoginService.java +++ b/epmet-auth/src/main/java/com/epmet/service/ThirdLoginService.java @@ -117,4 +117,11 @@ public interface ThirdLoginService { * @return */ UserTokenResultDTO govLoginInternalDing(DingAppLoginMdFormDTO formDTO); + + /** + * desc:烟台sso根据authCode 获取本系统token + * @param authCode + * @return + */ + UserTokenResultDTO yanTaiSSOLogin(String authCode); } diff --git a/epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java b/epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java index c7c79bb575..5e71f69be0 100644 --- a/epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java +++ b/epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java @@ -25,6 +25,8 @@ import com.epmet.commons.tools.security.dto.TokenDto; import com.epmet.commons.tools.security.password.PasswordUtils; import com.epmet.commons.tools.security.user.LoginUserUtil; import com.epmet.commons.tools.utils.*; +import com.epmet.commons.tools.utils.api.yt.YantaiApi; +import com.epmet.commons.tools.utils.api.yt.YantaiSSOUser; import com.epmet.commons.tools.validator.PhoneValidatorUtils; import com.epmet.constant.AuthHttpUrlConstant; import com.epmet.constant.SmsTemplateConstant; @@ -33,10 +35,7 @@ import com.epmet.dto.dingres.DingUserDetailDTO; import com.epmet.dto.dingres.V2UserGetuserinfoResDTO; import com.epmet.dto.form.*; import com.epmet.dto.result.*; -import com.epmet.feign.EpmetMessageOpenFeignClient; -import com.epmet.feign.EpmetUserFeignClient; -import com.epmet.feign.EpmetUserOpenFeignClient; -import com.epmet.feign.GovOrgOpenFeignClient; +import com.epmet.feign.*; import com.epmet.jwt.JwtTokenProperties; import com.epmet.jwt.JwtTokenUtils; import com.epmet.redis.CaptchaRedis; @@ -96,6 +95,8 @@ public class ThirdLoginServiceImpl implements ThirdLoginService, ResultDataResol private EpmetUserFeignClient epmetUserFeignClient; @Autowired private GovWebService govWebService; + @Autowired + private ThirdOpenFeignClient thirdOpenFeignClient; /** * @param formDTO @@ -1077,6 +1078,20 @@ public class ThirdLoginServiceImpl implements ThirdLoginService, ResultDataResol return govWebService.loginByThirdPlatform(loginGovParam); } + @Override + public UserTokenResultDTO yanTaiSSOLogin(String authCode) { + YantaiSSOUser ssoUserInfo = YantaiApi.getLoginToken(authCode); + if (ssoUserInfo== null){ + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(),"登录失败-sso获取用户失败","登录失败-sso获取用户失败"); + } + + GovWebLoginFormDTO loginGovParam = new GovWebLoginFormDTO(); + loginGovParam.setCustomerId("1535072605621841922"); + loginGovParam.setPhone(ssoUserInfo.getClientId()); + + return govWebService.loginByThirdPlatform(loginGovParam); + } + /** * 最原始的企业内部应用开发,不授权给产品服务商 * @param miniAppId diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/OrgData.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/OrgData.java similarity index 96% rename from epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/OrgData.java rename to epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/OrgData.java index f82b6fdef5..6c7ea48907 100644 --- a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/OrgData.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/OrgData.java @@ -1,5 +1,5 @@ -package com.epmet.utils; +package com.epmet.commons.tools.utils.api.yt; import lombok.Data; diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/SM4UtilsForYanTai.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/SM4UtilsForYanTai.java new file mode 100644 index 0000000000..6c2ca8c60a --- /dev/null +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/SM4UtilsForYanTai.java @@ -0,0 +1,199 @@ +package com.epmet.commons.tools.utils.api.yt; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.codec.binary.Base64; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; +import java.security.InvalidKeyException; +import java.security.Security; + +/** + * 烟台的认证中心-国密sm4加解密 + */ +public class SM4UtilsForYanTai { + private static String SM4_KEY = "yaweisoftware@xy"; + //编码格式 + private static final Charset encryptCharset = StandardCharsets.UTF_8; + + public enum Algorithm { + SM4("SM4","SM4","国密四,key长16byte"); + private String keyAlgorithm; + private String transformation; + private String description;//描述 + Algorithm(String keyAlgorithm, String transformation, String description) { + this.keyAlgorithm = keyAlgorithm; + this.transformation = transformation; + this.description = description; + } + public String getKeyAlgorithm() { + return this.keyAlgorithm; + } + public String getTransformation() { + return this.transformation; + } + public String getDescription() { + return this.description; + } + } + + private static final String PROVIDER_NAME = "BC"; + static { + Security.addProvider(new BouncyCastleProvider()); + } + + /** + * 自定字符串产生密钥 + * @param algorithm 加解密算法 + * @param keyStr 密钥字符串 + * @param charset 编码字符集 + * @return 密钥 + */ + public static SecretKey genKeyByStr(Algorithm algorithm, String keyStr, Charset charset) { + return readKeyFromBytes(algorithm, keyStr.getBytes(charset)); + } + + /** + * 根据指定字节数组产生密钥 + * @param algorithm 加解密算法 + * @param keyBytes 密钥字节数组 + * @return 密钥 + */ + public static SecretKey readKeyFromBytes(Algorithm algorithm, byte[] keyBytes) { + return new SecretKeySpec(keyBytes, algorithm.getKeyAlgorithm()); + } + + /****************************加密*********************************/ + /** + * 加密字符串,并进行base64编码 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 明文 + * @param charset 编码字符集 + * @return 密文 + * @throws InvalidKeyException 密钥错误 + */ + public static String encryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset) throws InvalidKeyException { + return Base64.encodeBase64String(encrypt(algorithm, key, data.getBytes(charset))); + } + + /** + * 加密字节数组 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 明文 + * @return 密文 + * @throws InvalidKeyException 密钥错误 + */ + public static byte[] encrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException { + try { + return cipherDoFinal(algorithm, Cipher.ENCRYPT_MODE, key, data); + } catch (BadPaddingException e) { + throw new RuntimeException(e);//明文没有具体格式要求,不会出错。所以这个异常不需要外部捕获。 + } + } + + /** + * 加解密字节数组 + * @param algorithm 加解密算法 + * @param opmode 操作:1加密,2解密 + * @param key 密钥 + * @param data 数据 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 解密密文错误(加密模式没有) + */ + private static byte[] cipherDoFinal(Algorithm algorithm, int opmode, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException { + Cipher cipher; + try { + cipher = Cipher.getInstance(algorithm.getTransformation(), PROVIDER_NAME); + } catch (Exception e) { + //NoSuchAlgorithmException:加密算法名是本工具类提供的,如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + //NoSuchProviderException:Provider是本工具类提供的,如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + //NoSuchPaddingException:没有特定的填充机制,与环境有关,业务没有办法处理。所以这个异常不需要外部捕获。 + throw new RuntimeException(e); + } + cipher.init(opmode, key); + try { + return cipher.doFinal(data); + } catch (IllegalBlockSizeException e) { + throw new RuntimeException(e);//业务不需要将数据分块(好像由底层处理了),如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + } + } + + /****************************解密*********************************/ + /** + * 对字符串先进行base64解码,再解密 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 密文 + * @param charset 编码字符集 + * @return 明文 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 密文错误 + */ + public static String decryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset) + throws InvalidKeyException, BadPaddingException { + return new String(decrypt(algorithm, key, Base64.decodeBase64(data)), charset); + } + + /** + * 解密字节数组 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 密文 + * @return 明文 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 密文错误 + */ + public static byte[] decrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException { + return cipherDoFinal(algorithm, Cipher.DECRYPT_MODE, key, data); + } + + public static String Encrypt(String data) throws InvalidKeyException { + SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset); + return encryptBase64(Algorithm.SM4, key, data, encryptCharset); + } + public static String Decrypt(String data) throws BadPaddingException, InvalidKeyException { + SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset); + return decryptBase64(Algorithm.SM4, key, data, encryptCharset); + } + //加密 + public static String dealEncryptData(Object data) throws JsonProcessingException, InvalidKeyException { + ObjectMapper objectMapper = new ObjectMapper(); + String dataString = ""; + try { + if(data instanceof String){ + dataString = (String) data; + }else { + dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data); + } + String dataEncrypt = Encrypt(dataString); + return dataEncrypt; + }catch (Exception e){ + return dataString; + } + } + //解密 + public static String dealDecryptData(Object data) throws JsonProcessingException, BadPaddingException, InvalidKeyException { + String dataString = ""; + try { + ObjectMapper objectMapper = new ObjectMapper(); + if (data instanceof String) { + dataString = (String) data; + } else { + dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data); + } + String dataDecrypt = Decrypt(dataString); + return dataDecrypt; + }catch (Exception e){ + return dataString; + } + } +} diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/UserData.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/UserData.java similarity index 94% rename from epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/UserData.java rename to epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/UserData.java index 99d78d63d7..b7d3abca4e 100644 --- a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/UserData.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/UserData.java @@ -1,5 +1,5 @@ -package com.epmet.utils; +package com.epmet.commons.tools.utils.api.yt; import lombok.Data; diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java similarity index 60% rename from epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java rename to epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java index e788f605c1..cbab66f5b8 100644 --- a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java @@ -1,12 +1,12 @@ -package com.epmet.utils; +package com.epmet.commons.tools.utils.api.yt; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; +import com.epmet.commons.tools.constant.NumConstant; import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.EpmetException; import com.epmet.commons.tools.utils.HttpClientManager; import com.epmet.commons.tools.utils.Result; -import com.epmet.controller.yantai.SM4UtilsForYanTai; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -25,6 +25,7 @@ import java.util.Map; @Slf4j public class YantaiApi { private static final String SSO_SERVER = "http://localhost:8080/"; + private static final String CLIENT_ID = "1000006"; /** * desc:根据组织id获取下级组织 @@ -75,7 +76,7 @@ public class YantaiApi { String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId); //pwd = URLEncoder.encode(pwd, "UTF-8"); System.out.println("加密组织Id = " + organizationIdEn); - String url = "ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn; + String url = SSO_SERVER+"ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn; Map headerMap = new HashMap<>(); Map paramMap = new HashMap<>(); @@ -93,4 +94,51 @@ public class YantaiApi { } return new ArrayList<>(); } + + /** + * desc:根据组织id获取下级组织 + * + * @param code + * @return + */ + public static YantaiSSOUser getLoginToken(String code) { + try { + if (StringUtils.isBlank(code)){ + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + } + //加密 + String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(code); + //pwd = URLEncoder.encode(pwd, "UTF-8"); + System.out.println("加密组织Id = " + organizationIdEn); + String url = "logintoken?client_id="+CLIENT_ID+"&client_code=" + code; + + Map headerMap = new HashMap<>(); + Map paramMap = new HashMap<>(); + log.info("getUserByOuGuid request param: url:{},header:{}", url, headerMap); + Result result = HttpClientManager.getInstance().sendGet(url, paramMap, headerMap); + log.info("getUserByOuGuid request result:{}", result); + JSONObject jsonObject = JSONObject.parseObject(result.getData()); + //解密 + String errcode = jsonObject.getString("errcode"); + if (!NumConstant.ZERO_STR.equals(errcode)){ + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(),"获取token失败","获取token失败"); + } + String data = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); + YantaiSSOUser userData = JSON.parseObject(data, YantaiSSOUser.class); + log.info("getUserByOuGuid request real result:{}", JSON.toJSONString(userData)); + return userData; + } catch (Exception e) { + log.error("getUserByOuGuid exception", e); + } + return null; + } + + public static void main(String[] args) { + String serverUrl = "http://172.20.46.155:8080/sso/login"; + Map param = new HashMap<>(); + param.put("client_id","1000006"); + param.put("redirect_url","https://epmet-open.elinkservice.cn/epmet-oper-gov/"); + Result stringResult = HttpClientManager.getInstance().sendGet(serverUrl, param); + System.out.println(JSON.toJSONString(stringResult)); + } } diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java index 0af3a39984..4261969097 100644 --- a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java @@ -1,10 +1,10 @@ package com.epmet.controller.yantai; import com.epmet.commons.tools.constant.NumConstant; -import com.epmet.commons.tools.dto.result.CustomerStaffInfoCacheResult; import com.epmet.commons.tools.page.PageData; -import com.epmet.commons.tools.redis.common.CustomerStaffRedis; import com.epmet.commons.tools.utils.ConvertUtils; +import com.epmet.commons.tools.utils.api.yt.OrgData; +import com.epmet.commons.tools.utils.api.yt.YantaiApi; import com.epmet.dao.yantai.DataSyncOrgDataDao; import com.epmet.dao.yantai.DataSyncUserDataDao; import com.epmet.dto.form.yantai.YtUserPageFormDTO; @@ -14,9 +14,6 @@ import com.epmet.entity.yantai.DataSyncOrgDataEntity; import com.epmet.feign.EpmetUserOpenFeignClient; import com.epmet.service.DataSyncOrgDataService; import com.epmet.service.DataSyncUserDataService; -import com.epmet.utils.OrgData; -import com.epmet.utils.UserData; -import com.epmet.utils.YantaiApi; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; import lombok.extern.slf4j.Slf4j; @@ -26,7 +23,6 @@ import org.springframework.stereotype.Service; import java.util.ArrayList; import java.util.List; -import java.util.Map; import java.util.stream.Collectors; import static com.epmet.constant.YanTaiConstant.YT_CUSTOMER_ID;