From 9901aab51588be97dfccc0737bb4190d964ea27e Mon Sep 17 00:00:00 2001
From: luyan <xgktv007@163.com>
Date: Thu, 3 Aug 2023 09:49:06 +0800
Subject: [PATCH] =?UTF-8?q?=E7=BB=9F=E4=B8=80=E8=AE=A4=E8=AF=81=E7=99=BB?=
 =?UTF-8?q?=E9=99=86,=E4=BF=AE=E6=94=B9=E7=AD=BE=E5=90=8D=E7=A7=98?=
 =?UTF-8?q?=E9=92=A5=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/epmet/constant/SsoConstant.java  |  8 +++
 .../com/epmet/controller/SsoController.java   | 25 ++++---
 .../epmet/service/impl/SsoServiceImpl.java    | 71 ++++++++++++-------
 3 files changed, 71 insertions(+), 33 deletions(-)

diff --git a/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java b/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java
index 5d1bfcdcfa..4bc4c597bb 100644
--- a/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java
+++ b/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java
@@ -16,13 +16,21 @@ public interface SsoConstant {
     String INSERT_UPDATE_USER_FAILURE = "新增或更新user_weChat失败......";
 
     String USER_ID_IS_NULL = "userId为空,生成token失败......";
+
     String CUSTOMER_ID_IS_NULL = "customerId为空,缓存放置token失败......";
+
     /**
      * 日照 Ticket 校验接口地址，SSO调用
      */
     String TICKET_TOKEN_URL = "https://sso.shuzirizhao.cn/sso/checkTicket";
+
     /**
      * 日照 获取登陆身份信息
      */
     String USER_INFO_URL = "https://sso.shuzirizhao.cn/sso/userinfo";
+
+    /**
+     * 签名秘钥
+     */
+    String SECRET_KEY = "YQfyZtAmDbYHTBaHPSx3GZeX7x2ip7ik";
 }
diff --git a/epmet-auth/src/main/java/com/epmet/controller/SsoController.java b/epmet-auth/src/main/java/com/epmet/controller/SsoController.java
index 9f69db7534..5f56479d5b 100644
--- a/epmet-auth/src/main/java/com/epmet/controller/SsoController.java
+++ b/epmet-auth/src/main/java/com/epmet/controller/SsoController.java
@@ -11,12 +11,10 @@ import com.epmet.service.SsoService;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.io.IOException;
+import java.util.Map;
 
 /**
  * @Author zxc
@@ -91,12 +89,21 @@ public class SsoController {
         return new Result<UserTokenResultDTO>().ok(userTokenResultDTO);
     }
 
-    @PostMapping("checkTicket")
-    public Result ssoCheckTicket(@RequestBody SsoCheckTicketFormDTO form) throws IOException {
-        if (StringUtils.isEmpty(form.getTicket())) {
-            return new Result().ok(ssoService.checkTicket(form));
+    @GetMapping("checkTicket")
+    public Result ssoCheckTicket(@RequestParam Map<String, String> params) throws IOException {
+        SsoCheckTicketFormDTO form = new SsoCheckTicketFormDTO();
+        if (StringUtils.isNotEmpty(params.get("ticket"))) {
+            form.setTicket(params.get("ticket"));
+        } else {
+            return new Result().error(-1, "登陆失败，请联系管理员！");
         }
-        return new Result().error(-1,"登陆失败，请联系管理员！");
+        if (StringUtils.isNotEmpty(params.get("ssoLogoutCall"))) {
+            form.setSsoLogoutCall(params.get("ssoLogoutCall"));
+        }
+        if (StringUtils.isNotEmpty(params.get("client"))) {
+            form.setSsoLogoutCall(params.get("client"));
+        }
+        return new Result().ok(ssoService.checkTicket(form));
     }
 
 }
diff --git a/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java b/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java
index f2c487236a..724bc1d7a4 100644
--- a/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java
+++ b/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java
@@ -1,5 +1,7 @@
 package com.epmet.service.impl;
 
+import cn.hutool.core.util.RandomUtil;
+import cn.hutool.crypto.SecureUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.epmet.auth.constants.AuthOperationConstants;
@@ -46,6 +48,7 @@ import org.springframework.http.MediaType;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
+import javax.annotation.Resource;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
@@ -83,7 +86,7 @@ public class SsoServiceImpl implements SsoService {
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
-    @Autowired
+    @Resource
     private EpmetUserFeignClient epmetUserFeignClient;
 
     @Value("${epmet.third.urlPrefix}")
@@ -220,13 +223,15 @@ public class SsoServiceImpl implements SsoService {
             if (result.getString("code").equals("200")) {
                 String ticket = result.getString("data");
                 String timestamp = String.valueOf(System.currentTimeMillis());
+                String nonce = RandomUtil.randomString(18);
                 httpPost = new HttpPost(SsoConstant.USER_INFO_URL);
                 infoJson = new JSONObject();
                 infoJson.put("loginId", ticket);
                 infoJson.put("timestamp", timestamp);
-                infoJson.put("nonce", "");
-                infoJson.put("sign", "");
-                stringEntity = new StringEntity(infoJson.toString(), "UTF-8");
+                infoJson.put("nonce", nonce);
+                infoJson.put("sign", Md5Params(ticket, timestamp, nonce));
+                String params = DigestUtils.md5Hex(infoJson.toString().getBytes(StandardCharsets.UTF_8));
+                stringEntity = new StringEntity(params, "UTF-8");
                 stringEntity.setContentEncoding("UTF-8");
                 stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE);
                 httpPost.setEntity(stringEntity);
@@ -302,6 +307,24 @@ public class SsoServiceImpl implements SsoService {
         return userTokenResultDTO;
     }
 
+    /**
+     * 签名
+     *
+     * @param loginId
+     * @return
+     */
+    private String Md5Params(String loginId, String timestamp, String nonce) {
+        String prefix = "=${";
+        String suffix = "}&";
+        StringBuilder builder = new StringBuilder();
+        builder.append("loginId").append(prefix).append(loginId).append(suffix);
+        builder.append("nonce").append(prefix).append(nonce).append(suffix);
+        builder.append("timestamp").append(prefix).append(timestamp).append(suffix);
+        builder.append("key").append("={").append(SsoConstant.SECRET_KEY).append("}");
+        return SecureUtil.md5(builder.toString());
+    }
+
+
     /**
      * @Description token放缓存
      * @Param formDTO
@@ -657,24 +680,24 @@ public class SsoServiceImpl implements SsoService {
     }
 
 
-    public static void main(String[] args) {
-        String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck";
-        String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468";
-        String appId = "7a5aec009ba4eba8e254ee64fe3775e1";
-        String appKey = "14faef9af508d1c253b720ea5a43f9de";
-        String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595";
-        long ts = System.currentTimeMillis();
-        String message = appId + appKey + appSecret + ts;
-        String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8));
-        //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld");
-        JSONObject jsonObject = new JSONObject();
-        jsonObject.put("platformToken", platformToken);
-
-        Map<String, Object> headerMap = new HashMap<>(4);
-        headerMap.put("AppKey", appKey);
-        headerMap.put("Timestamp", ts);
-        headerMap.put("AccessToken", accessToken);
-        Result<String> stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap);
-        System.out.println(stringResult);
-    }
+//    public static void main(String[] args) {
+//        String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck";
+//        String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468";
+//        String appId = "7a5aec009ba4eba8e254ee64fe3775e1";
+//        String appKey = "14faef9af508d1c253b720ea5a43f9de";
+//        String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595";
+//        long ts = System.currentTimeMillis();
+//        String message = appId + appKey + appSecret + ts;
+//        String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8));
+//        //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld");
+//        JSONObject jsonObject = new JSONObject();
+//        jsonObject.put("platformToken", platformToken);
+//
+//        Map<String, Object> headerMap = new HashMap<>(4);
+//        headerMap.put("AppKey", appKey);
+//        headerMap.put("Timestamp", ts);
+//        headerMap.put("AccessToken", accessToken);
+//        Result<String> stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap);
+//        System.out.println(stringResult);
+//    }
 }