diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgController.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgController.java new file mode 100644 index 0000000000..9df9a6d5c5 --- /dev/null +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgController.java @@ -0,0 +1,42 @@ +package com.epmet.controller.yantai; + +import com.epmet.commons.tools.utils.Result; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +/** + * desc: 从各个平台-同步用户和组织数据到本地 用于生成本系统账号 + * + * @author LiuJanJun + * @date 2022/10/17 3:41 下午 + */ +@RestController +@RequestMapping("dataSync") +public class DataSyncUserAndOrgController { + + @Autowired + private DataSyncUserAndOrgService dataSyncUserAndOrgService; + + /** + * desc:从统一认证中心 拉取用户信息 + * @return + */ + @PostMapping("yantai/sync/user") + public Result templateList(String orgId) { + Boolean flag = dataSyncUserAndOrgService.yanTaiSyncUser(orgId); + return new Result().ok(flag); + } + + /** + * desc:从统一认证中心 拉取组织信息 + * @return + */ + @PostMapping("yantai/sync/org") + public Result getExtJson(String orgId) { + Boolean extJson = dataSyncUserAndOrgService.yanTaiSyncOrg(orgId); + return new Result().ok(extJson); + } + +} diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgService.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgService.java new file mode 100644 index 0000000000..2a7e1bbabc --- /dev/null +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgService.java @@ -0,0 +1,10 @@ +package com.epmet.controller.yantai; + +/** + * @author liujianjun + */ +public interface DataSyncUserAndOrgService { + Boolean yanTaiSyncUser(String organizationId); + + Boolean yanTaiSyncOrg(String organizationId); +} diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java new file mode 100644 index 0000000000..bfc87e0ff4 --- /dev/null +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java @@ -0,0 +1,30 @@ +package com.epmet.controller.yantai; + +import com.epmet.utils.OrgData; +import com.epmet.utils.UserData; +import com.epmet.utils.YantaiApi; + +import java.util.List; + +/** + * desc:烟台 从认证中心同步组织和用户信息 到本地 + * + * @author: LiuJanJun + * @date: 2022/10/17 3:42 下午 + * @version: 1.0 + */ +public class DataSyncUserAndOrgServiceImpl implements DataSyncUserAndOrgService { + @Override + public Boolean yanTaiSyncUser(String organizationId) { + List data = YantaiApi.getChildOuInfoByGuid(organizationId); + //todo 更新或插入数据 + return false; + } + + @Override + public Boolean yanTaiSyncOrg(String organizationId) { + List data = YantaiApi.getUserByOuGuid(organizationId); + + return false; + } +} diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/SM4UtilsForYanTai.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/SM4UtilsForYanTai.java new file mode 100644 index 0000000000..35d90d20ca --- /dev/null +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/SM4UtilsForYanTai.java @@ -0,0 +1,199 @@ +package com.epmet.controller.yantai; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.codec.binary.Base64; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; +import java.security.InvalidKeyException; +import java.security.Security; + +/** + * 烟台的认证中心-国密sm4加解密 + */ +public class SM4UtilsForYanTai { + private static String SM4_KEY = "yaweisoftware@xy"; + //编码格式 + private static final Charset encryptCharset = StandardCharsets.UTF_8; + + public enum Algorithm { + SM4("SM4","SM4","国密四,key长16byte"); + private String keyAlgorithm; + private String transformation; + private String description;//描述 + Algorithm(String keyAlgorithm, String transformation, String description) { + this.keyAlgorithm = keyAlgorithm; + this.transformation = transformation; + this.description = description; + } + public String getKeyAlgorithm() { + return this.keyAlgorithm; + } + public String getTransformation() { + return this.transformation; + } + public String getDescription() { + return this.description; + } + } + + private static final String PROVIDER_NAME = "BC"; + static { + Security.addProvider(new BouncyCastleProvider()); + } + + /** + * 自定字符串产生密钥 + * @param algorithm 加解密算法 + * @param keyStr 密钥字符串 + * @param charset 编码字符集 + * @return 密钥 + */ + public static SecretKey genKeyByStr(Algorithm algorithm, String keyStr, Charset charset) { + return readKeyFromBytes(algorithm, keyStr.getBytes(charset)); + } + + /** + * 根据指定字节数组产生密钥 + * @param algorithm 加解密算法 + * @param keyBytes 密钥字节数组 + * @return 密钥 + */ + public static SecretKey readKeyFromBytes(Algorithm algorithm, byte[] keyBytes) { + return new SecretKeySpec(keyBytes, algorithm.getKeyAlgorithm()); + } + + /****************************加密*********************************/ + /** + * 加密字符串,并进行base64编码 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 明文 + * @param charset 编码字符集 + * @return 密文 + * @throws InvalidKeyException 密钥错误 + */ + public static String encryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset) throws InvalidKeyException { + return Base64.encodeBase64String(encrypt(algorithm, key, data.getBytes(charset))); + } + + /** + * 加密字节数组 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 明文 + * @return 密文 + * @throws InvalidKeyException 密钥错误 + */ + public static byte[] encrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException { + try { + return cipherDoFinal(algorithm, Cipher.ENCRYPT_MODE, key, data); + } catch (BadPaddingException e) { + throw new RuntimeException(e);//明文没有具体格式要求,不会出错。所以这个异常不需要外部捕获。 + } + } + + /** + * 加解密字节数组 + * @param algorithm 加解密算法 + * @param opmode 操作:1加密,2解密 + * @param key 密钥 + * @param data 数据 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 解密密文错误(加密模式没有) + */ + private static byte[] cipherDoFinal(Algorithm algorithm, int opmode, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException { + Cipher cipher; + try { + cipher = Cipher.getInstance(algorithm.getTransformation(), PROVIDER_NAME); + } catch (Exception e) { + //NoSuchAlgorithmException:加密算法名是本工具类提供的,如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + //NoSuchProviderException:Provider是本工具类提供的,如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + //NoSuchPaddingException:没有特定的填充机制,与环境有关,业务没有办法处理。所以这个异常不需要外部捕获。 + throw new RuntimeException(e); + } + cipher.init(opmode, key); + try { + return cipher.doFinal(data); + } catch (IllegalBlockSizeException e) { + throw new RuntimeException(e);//业务不需要将数据分块(好像由底层处理了),如果错了业务没有办法处理。所以这个异常不需要外部捕获。 + } + } + + /****************************解密*********************************/ + /** + * 对字符串先进行base64解码,再解密 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 密文 + * @param charset 编码字符集 + * @return 明文 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 密文错误 + */ + public static String decryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset) + throws InvalidKeyException, BadPaddingException { + return new String(decrypt(algorithm, key, Base64.decodeBase64(data)), charset); + } + + /** + * 解密字节数组 + * @param algorithm 加解密算法 + * @param key 密钥 + * @param data 密文 + * @return 明文 + * @throws InvalidKeyException 密钥错误 + * @throws BadPaddingException 密文错误 + */ + public static byte[] decrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException { + return cipherDoFinal(algorithm, Cipher.DECRYPT_MODE, key, data); + } + + public static String Encrypt(String data) throws InvalidKeyException { + SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset); + return encryptBase64(Algorithm.SM4, key, data, encryptCharset); + } + public static String Decrypt(String data) throws BadPaddingException, InvalidKeyException { + SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset); + return decryptBase64(Algorithm.SM4, key, data, encryptCharset); + } + //加密 + public static String dealEncryptData(Object data) throws JsonProcessingException, InvalidKeyException { + ObjectMapper objectMapper = new ObjectMapper(); + String dataString = ""; + try { + if(data instanceof String){ + dataString = (String) data; + }else { + dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data); + } + String dataEncrypt = Encrypt(dataString); + return dataEncrypt; + }catch (Exception e){ + return dataString; + } + } + //解密 + public static String dealDecryptData(Object data) throws JsonProcessingException, BadPaddingException, InvalidKeyException { + String dataString = ""; + try { + ObjectMapper objectMapper = new ObjectMapper(); + if (data instanceof String) { + dataString = (String) data; + } else { + dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data); + } + String dataDecrypt = Decrypt(dataString); + return dataDecrypt; + }catch (Exception e){ + return dataString; + } + } +} diff --git a/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java new file mode 100644 index 0000000000..e788f605c1 --- /dev/null +++ b/epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java @@ -0,0 +1,96 @@ +package com.epmet.utils; + +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import com.epmet.commons.tools.exception.EpmetErrorCode; +import com.epmet.commons.tools.exception.EpmetException; +import com.epmet.commons.tools.utils.HttpClientManager; +import com.epmet.commons.tools.utils.Result; +import com.epmet.controller.yantai.SM4UtilsForYanTai; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +/** + * desc: + * + * @author: LiuJanJun + * @date: 2022/10/17 3:57 下午 + * @version: 1.0 + */ +@Slf4j +public class YantaiApi { + private static final String SSO_SERVER = "http://localhost:8080/"; + + /** + * desc:根据组织id获取下级组织 + * + * @param organizationId + * @return + */ + public static List getChildOuInfoByGuid(String organizationId) { + try { + if (StringUtils.isBlank(organizationId)){ + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + } + //加密 + String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId); + //pwd = URLEncoder.encode(pwd, "UTF-8"); + System.out.println("加密组织Id = " + organizationIdEn); + String url = "ouinfo/getChildOuInfoByGuid?organizationId=" + organizationIdEn; + + Map headerMap = new HashMap<>(); + Map paramMap = new HashMap<>(); + log.info("getChildOuInfoByGuid request param: url:{},header:{}", url, headerMap); + Result result = HttpClientManager.getInstance().sendGet(url, paramMap, headerMap); + log.info("getChildOuInfoByGuid request result:{}", result); + JSONObject jsonObject = JSONObject.parseObject(result.getData()); + //解密 + String data = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); + List orgData = JSON.parseArray(data, OrgData.class); + log.info("getChildOuInfoByGuid request real result:{}", JSON.toJSONString(orgData)); + return orgData; + } catch (Exception e) { + log.error("getChildOuInfoByGuid exception", e); + } + return new ArrayList<>(); + } + + /** + * desc:根据组织id获取下级组织 + * + * @param organizationId + * @return + */ + public static List getUserByOuGuid(String organizationId) { + try { + if (StringUtils.isBlank(organizationId)){ + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + } + //加密 + String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId); + //pwd = URLEncoder.encode(pwd, "UTF-8"); + System.out.println("加密组织Id = " + organizationIdEn); + String url = "ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn; + + Map headerMap = new HashMap<>(); + Map paramMap = new HashMap<>(); + log.info("getUserByOuGuid request param: url:{},header:{}", url, headerMap); + Result result = HttpClientManager.getInstance().sendGet(url, paramMap, headerMap); + log.info("getUserByOuGuid request result:{}", result); + JSONObject jsonObject = JSONObject.parseObject(result.getData()); + //解密 + String data = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); + List userData = JSON.parseArray(data, UserData.class); + log.info("getUserByOuGuid request real result:{}", JSON.toJSONString(userData)); + return userData; + } catch (Exception e) { + log.error("getUserByOuGuid exception", e); + } + return new ArrayList<>(); + } +}