diff --git a/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java b/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java index 5d1bfcdcfa..4bc4c597bb 100644 --- a/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java +++ b/epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java @@ -16,13 +16,21 @@ public interface SsoConstant { String INSERT_UPDATE_USER_FAILURE = "新增或更新user_weChat失败......"; String USER_ID_IS_NULL = "userId为空,生成token失败......"; + String CUSTOMER_ID_IS_NULL = "customerId为空,缓存放置token失败......"; + /** * 日照 Ticket 校验接口地址,SSO调用 */ String TICKET_TOKEN_URL = "https://sso.shuzirizhao.cn/sso/checkTicket"; + /** * 日照 获取登陆身份信息 */ String USER_INFO_URL = "https://sso.shuzirizhao.cn/sso/userinfo"; + + /** + * 签名秘钥 + */ + String SECRET_KEY = "YQfyZtAmDbYHTBaHPSx3GZeX7x2ip7ik"; } diff --git a/epmet-auth/src/main/java/com/epmet/controller/SsoController.java b/epmet-auth/src/main/java/com/epmet/controller/SsoController.java index 9f69db7534..5f56479d5b 100644 --- a/epmet-auth/src/main/java/com/epmet/controller/SsoController.java +++ b/epmet-auth/src/main/java/com/epmet/controller/SsoController.java @@ -11,12 +11,10 @@ import com.epmet.service.SsoService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import java.io.IOException; +import java.util.Map; /** * @Author zxc @@ -91,12 +89,21 @@ public class SsoController { return new Result().ok(userTokenResultDTO); } - @PostMapping("checkTicket") - public Result ssoCheckTicket(@RequestBody SsoCheckTicketFormDTO form) throws IOException { - if (StringUtils.isEmpty(form.getTicket())) { - return new Result().ok(ssoService.checkTicket(form)); + @GetMapping("checkTicket") + public Result ssoCheckTicket(@RequestParam Map params) throws IOException { + SsoCheckTicketFormDTO form = new SsoCheckTicketFormDTO(); + if (StringUtils.isNotEmpty(params.get("ticket"))) { + form.setTicket(params.get("ticket")); + } else { + return new Result().error(-1, "登陆失败,请联系管理员!"); } - return new Result().error(-1,"登陆失败,请联系管理员!"); + if (StringUtils.isNotEmpty(params.get("ssoLogoutCall"))) { + form.setSsoLogoutCall(params.get("ssoLogoutCall")); + } + if (StringUtils.isNotEmpty(params.get("client"))) { + form.setSsoLogoutCall(params.get("client")); + } + return new Result().ok(ssoService.checkTicket(form)); } } diff --git a/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java b/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java index f2c487236a..724bc1d7a4 100644 --- a/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java +++ b/epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java @@ -1,5 +1,7 @@ package com.epmet.service.impl; +import cn.hutool.core.util.RandomUtil; +import cn.hutool.crypto.SecureUtil; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.epmet.auth.constants.AuthOperationConstants; @@ -46,6 +48,7 @@ import org.springframework.http.MediaType; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; +import javax.annotation.Resource; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.HashMap; @@ -83,7 +86,7 @@ public class SsoServiceImpl implements SsoService { @Autowired private CpUserDetailRedis cpUserDetailRedis; - @Autowired + @Resource private EpmetUserFeignClient epmetUserFeignClient; @Value("${epmet.third.urlPrefix}") @@ -220,13 +223,15 @@ public class SsoServiceImpl implements SsoService { if (result.getString("code").equals("200")) { String ticket = result.getString("data"); String timestamp = String.valueOf(System.currentTimeMillis()); + String nonce = RandomUtil.randomString(18); httpPost = new HttpPost(SsoConstant.USER_INFO_URL); infoJson = new JSONObject(); infoJson.put("loginId", ticket); infoJson.put("timestamp", timestamp); - infoJson.put("nonce", ""); - infoJson.put("sign", ""); - stringEntity = new StringEntity(infoJson.toString(), "UTF-8"); + infoJson.put("nonce", nonce); + infoJson.put("sign", Md5Params(ticket, timestamp, nonce)); + String params = DigestUtils.md5Hex(infoJson.toString().getBytes(StandardCharsets.UTF_8)); + stringEntity = new StringEntity(params, "UTF-8"); stringEntity.setContentEncoding("UTF-8"); stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE); httpPost.setEntity(stringEntity); @@ -302,6 +307,24 @@ public class SsoServiceImpl implements SsoService { return userTokenResultDTO; } + /** + * 签名 + * + * @param loginId + * @return + */ + private String Md5Params(String loginId, String timestamp, String nonce) { + String prefix = "=${"; + String suffix = "}&"; + StringBuilder builder = new StringBuilder(); + builder.append("loginId").append(prefix).append(loginId).append(suffix); + builder.append("nonce").append(prefix).append(nonce).append(suffix); + builder.append("timestamp").append(prefix).append(timestamp).append(suffix); + builder.append("key").append("={").append(SsoConstant.SECRET_KEY).append("}"); + return SecureUtil.md5(builder.toString()); + } + + /** * @Description token放缓存 * @Param formDTO @@ -657,24 +680,24 @@ public class SsoServiceImpl implements SsoService { } - public static void main(String[] args) { - String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck"; - String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468"; - String appId = "7a5aec009ba4eba8e254ee64fe3775e1"; - String appKey = "14faef9af508d1c253b720ea5a43f9de"; - String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595"; - long ts = System.currentTimeMillis(); - String message = appId + appKey + appSecret + ts; - String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8)); - //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld"); - JSONObject jsonObject = new JSONObject(); - jsonObject.put("platformToken", platformToken); - - Map headerMap = new HashMap<>(4); - headerMap.put("AppKey", appKey); - headerMap.put("Timestamp", ts); - headerMap.put("AccessToken", accessToken); - Result stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap); - System.out.println(stringResult); - } +// public static void main(String[] args) { +// String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck"; +// String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468"; +// String appId = "7a5aec009ba4eba8e254ee64fe3775e1"; +// String appKey = "14faef9af508d1c253b720ea5a43f9de"; +// String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595"; +// long ts = System.currentTimeMillis(); +// String message = appId + appKey + appSecret + ts; +// String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8)); +// //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld"); +// JSONObject jsonObject = new JSONObject(); +// jsonObject.put("platformToken", platformToken); +// +// Map headerMap = new HashMap<>(4); +// headerMap.put("AppKey", appKey); +// headerMap.put("Timestamp", ts); +// headerMap.put("AccessToken", accessToken); +// Result stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap); +// System.out.println(stringResult); +// } } diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/ActWithoutProofController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/ActWithoutProofController.java index 4e6b06283b..1c19845728 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/ActWithoutProofController.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/ActWithoutProofController.java @@ -1,6 +1,7 @@ package com.epmet.controller; import com.epmet.commons.tools.utils.Result; +import com.epmet.dto.result.WzmDocumentRsultDTO; import com.epmet.service.ActWithoutProofService; import com.epmet.util.ActWithoutProofUtils; import org.apache.commons.lang3.StringUtils; @@ -11,6 +12,7 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.io.IOException; +import java.util.List; import java.util.Map; /** @@ -50,7 +52,7 @@ public class ActWithoutProofController { * @throws IOException */ @GetMapping("getWzmProject") - public Result getWzmProject(@RequestParam Map params) throws IOException { + public Result> getWzmProject(@RequestParam Map params) throws IOException { String idCard = "", certType = "", qrcode = "", xm = "", zmtaskguid = ""; String token = ActWithoutProofUtils.getToken(); if (StringUtils.isEmpty(token)) { diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/ActWithoutProofService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/ActWithoutProofService.java index bb14db9b76..de5fe7295d 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/ActWithoutProofService.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/ActWithoutProofService.java @@ -34,7 +34,7 @@ public interface ActWithoutProofService { * @param xm 残疾人证和不动产权属状况证明必填 * @param zmtaskguid 证明guid */ - WzmDocumentRsultDTO getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException; + List getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException; /** * 重新开具证明 diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/ActWithoutProofServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/ActWithoutProofServiceImpl.java index ad2d3364ad..02e4b2ca09 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/ActWithoutProofServiceImpl.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/ActWithoutProofServiceImpl.java @@ -102,7 +102,7 @@ public class ActWithoutProofServiceImpl implements ActWithoutProofService { } @Override - public WzmDocumentRsultDTO getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException { + public List getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException { CloseableHttpClient client = null; CloseableHttpResponse response = null; try { @@ -144,22 +144,31 @@ public class ActWithoutProofServiceImpl implements ActWithoutProofService { //返回 JSONObject result = JSONObject.parseObject(EntityUtils.toString(response.getEntity())); WzmDocumentRsultDTO dto = null; + List dtoList= new ArrayList<>(); if (result.getString("code").equals("200")) { - JSONArray jsonArray = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getJSONArray("result"); + JSONArray jsonArray = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getJSONArray("resultlist"); if (null != jsonArray && jsonArray.size() > 0) { JSONObject j = JSONObject.parseObject(jsonArray.get(0).toString()); dto = new WzmDocumentRsultDTO(); dto.setZmresultname(j.getString("zmresultname")); - dto.setDownloadurl(j.getString("downloadurl")); + if(StringUtils.isNotEmpty(j.getString("downloadurl"))){ + String url = j.getString("downloadurl"); + if (url.startsWith("http://172.20.84.138/")) { + url = url.replaceAll("http://172.20.84.138/", "https://rzzhsq.shuzirizhao.cn/"); + } + dto.setDownloadurl(url); + } dto.setTimeqrcode(j.getString("timeqrcode")); - dto.setBase64str(j.getString("base64str")); + if(StringUtils.isNotEmpty(j.getString("base64str"))){ + dto.setBase64str("data:image/jpeg;base64," + j.getString("base64str")); + } + dtoList.add(dto); } - log.info(result.toString()); - return dto; + return dtoList; } else { String erro = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getString("text"); log.error(erro, result.toString()); - return new WzmDocumentRsultDTO(); + throw new EpmetException(erro); } } catch (Exception e) { throw new EpmetException("获取失败,请联系管理员!"); diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/util/ActWithoutProofUtils.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/util/ActWithoutProofUtils.java index 8d622de0fd..79fbf8a34f 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/util/ActWithoutProofUtils.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/util/ActWithoutProofUtils.java @@ -35,7 +35,7 @@ public class ActWithoutProofUtils { public static final String LOGIN_ID = "zhihuishequ"; /** - * 数据加解密密钥 + * 数据加解密秘钥 */ public static final String KEY = "1122334455667788"; @@ -169,11 +169,10 @@ public class ActWithoutProofUtils { json.put("loginid", "zhihuishequ"); String content = json.toString(); - String key = "1122334455667788"; // 加密 System.out.println("加密前:" + content); - byte[] encryptResult = encrypt(content, key); + byte[] encryptResult = encrypt(content, ActWithoutProofUtils.KEY); String encryptResultStr = parseByte2HexStr(encryptResult); String baseEncode = Base64.getEncoder().encodeToString(encryptResultStr.getBytes()); System.out.println("加密后:" + baseEncode); @@ -181,7 +180,7 @@ public class ActWithoutProofUtils { //解密 String baseDecode = new String(Base64.getDecoder().decode(baseEncode)); byte[] decryptFrom = parseHexStr2Byte(baseDecode); - byte[] decryptResult = decrypt(decryptFrom, key); + byte[] decryptResult = decrypt(decryptFrom, ActWithoutProofUtils.KEY); System.out.println("解密后:" + new String(decryptResult)); }