第三方接口暴露

epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java

@@ -9,10 +9,7 @@ import com.epmet.dto.result.UserTokenResultDTO;
 import com.epmet.service.ThirdLoginService;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
@@ -219,4 +216,16 @@ public class ThirdLoginController {
         ValidatorUtils.validateEntity(formDTO);
         return new Result<UserTokenResultDTO>().ok(thirdLoginService.govLoginInternalDing(formDTO));
     }
+
+    /**
+     * 根据免登授权码, 获取登录用户身份
+     *
+     * @param authCode 烟台认证中心 授权码
+     * @return
+     */
+    @PostMapping("sso-govlogin-yantai/{authCode}")
+    public Result<UserTokenResultDTO> yantaiSSOLogin(@RequestParam(value = "authCode") String authCode) {
+        return new Result<UserTokenResultDTO>().ok(thirdLoginService.yanTaiSSOLogin(authCode));
+    }
+
 }

epmet-auth/src/main/java/com/epmet/service/ThirdLoginService.java

@@ -117,4 +117,11 @@ public interface ThirdLoginService {
 	 * @return
 	 */
 	UserTokenResultDTO govLoginInternalDing(DingAppLoginMdFormDTO formDTO);
+
+	/**
+	 * desc:烟台sso根据authCode 获取本系统token
+	 * @param authCode
+	 * @return
+	 */
+	UserTokenResultDTO yanTaiSSOLogin(String authCode);
 }

epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java

@@ -25,6 +25,8 @@ import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.security.password.PasswordUtils;
 import com.epmet.commons.tools.security.user.LoginUserUtil;
 import com.epmet.commons.tools.utils.*;
+import com.epmet.commons.tools.utils.api.yt.YantaiApi;
+import com.epmet.commons.tools.utils.api.yt.YantaiSSOUser;
 import com.epmet.commons.tools.validator.PhoneValidatorUtils;
 import com.epmet.constant.AuthHttpUrlConstant;
 import com.epmet.constant.SmsTemplateConstant;
@@ -33,10 +35,7 @@ import com.epmet.dto.dingres.DingUserDetailDTO;
 import com.epmet.dto.dingres.V2UserGetuserinfoResDTO;
 import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
-import com.epmet.feign.EpmetMessageOpenFeignClient;
-import com.epmet.feign.EpmetUserFeignClient;
-import com.epmet.feign.EpmetUserOpenFeignClient;
-import com.epmet.feign.GovOrgOpenFeignClient;
+import com.epmet.feign.*;
 import com.epmet.jwt.JwtTokenProperties;
 import com.epmet.jwt.JwtTokenUtils;
 import com.epmet.redis.CaptchaRedis;
@@ -96,6 +95,8 @@ public class ThirdLoginServiceImpl implements ThirdLoginService, ResultDataResol
     private EpmetUserFeignClient epmetUserFeignClient;
     @Autowired
     private GovWebService govWebService;
+    @Autowired
+    private ThirdOpenFeignClient thirdOpenFeignClient;
 
     /**
      * @param formDTO
@@ -1077,6 +1078,20 @@ public class ThirdLoginServiceImpl implements ThirdLoginService, ResultDataResol
         return govWebService.loginByThirdPlatform(loginGovParam);
     }
 
+    @Override
+    public UserTokenResultDTO yanTaiSSOLogin(String authCode) {
+        YantaiSSOUser ssoUserInfo = YantaiApi.getLoginToken(authCode);
+        if (ssoUserInfo== null){
+            throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(),"登录失败-sso获取用户失败","登录失败-sso获取用户失败");
+        }
+
+        GovWebLoginFormDTO loginGovParam = new GovWebLoginFormDTO();
+        loginGovParam.setCustomerId("1535072605621841922");
+        loginGovParam.setPhone(ssoUserInfo.getClientId());
+
+        return govWebService.loginByThirdPlatform(loginGovParam);
+    }
+
     /**
      * 最原始的企业内部应用开发，不授权给产品服务商
      * @param miniAppId

epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/OrgData.java → epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/OrgData.java

@@ -1,5 +1,5 @@
 
-package com.epmet.utils;
+package com.epmet.commons.tools.utils.api.yt;
 
 import lombok.Data;
 

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/SM4UtilsForYanTai.java

@@ -0,0 +1,199 @@
+package com.epmet.commons.tools.utils.api.yt;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.apache.commons.codec.binary.Base64;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
+import java.security.Security;
+
+/**
+ * 烟台的认证中心-国密sm4加解密
+ */
+public class SM4UtilsForYanTai {
+    private static String SM4_KEY = "yaweisoftware@xy";
+    //编码格式
+    private static final Charset encryptCharset = StandardCharsets.UTF_8;
+
+    public enum Algorithm {
+        SM4("SM4","SM4","国密四,key长16byte");
+        private String keyAlgorithm;
+        private String transformation;
+        private String description;//描述
+        Algorithm(String keyAlgorithm, String transformation, String description) {
+            this.keyAlgorithm = keyAlgorithm;
+            this.transformation = transformation;
+            this.description = description;
+        }
+        public String getKeyAlgorithm() {
+            return this.keyAlgorithm;
+        }
+        public String getTransformation() {
+            return this.transformation;
+        }
+        public String getDescription() {
+            return this.description;
+        }
+    }
+
+    private static final String PROVIDER_NAME = "BC";
+    static {
+        Security.addProvider(new BouncyCastleProvider());
+    }
+
+    /**
+     * 自定字符串产生密钥
+     * @param algorithm 加解密算法
+     * @param keyStr 密钥字符串
+     * @param charset 编码字符集
+     * @return 密钥
+     */
+    public static SecretKey genKeyByStr(Algorithm algorithm, String keyStr, Charset charset) {
+        return readKeyFromBytes(algorithm, keyStr.getBytes(charset));
+    }
+
+    /**
+     * 根据指定字节数组产生密钥
+     * @param algorithm 加解密算法
+     * @param keyBytes 密钥字节数组
+     * @return 密钥
+     */
+    public static SecretKey readKeyFromBytes(Algorithm algorithm, byte[] keyBytes) {
+        return new SecretKeySpec(keyBytes, algorithm.getKeyAlgorithm());
+    }
+
+    /****************************加密*********************************/
+    /**
+     * 加密字符串，并进行base64编码
+     * @param algorithm 加解密算法
+     * @param key 密钥
+     * @param data 明文
+     * @param charset 编码字符集
+     * @return 密文
+     * @throws InvalidKeyException 密钥错误
+     */
+    public static String encryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset) throws InvalidKeyException {
+        return Base64.encodeBase64String(encrypt(algorithm, key, data.getBytes(charset)));
+    }
+
+    /**
+     * 加密字节数组
+     * @param algorithm 加解密算法
+     * @param key 密钥
+     * @param data 明文
+     * @return 密文
+     * @throws InvalidKeyException 密钥错误
+     */
+    public static byte[] encrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException {
+        try {
+            return cipherDoFinal(algorithm, Cipher.ENCRYPT_MODE, key, data);
+        } catch (BadPaddingException e) {
+            throw new RuntimeException(e);//明文没有具体格式要求，不会出错。所以这个异常不需要外部捕获。
+        }
+    }
+
+    /**
+     * 加解密字节数组
+     * @param algorithm 加解密算法
+     * @param opmode 操作：1加密，2解密
+     * @param key 密钥
+     * @param data 数据
+     * @throws InvalidKeyException 密钥错误
+     * @throws BadPaddingException 解密密文错误(加密模式没有)
+     */
+    private static byte[] cipherDoFinal(Algorithm algorithm, int opmode, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException {
+        Cipher cipher;
+        try {
+            cipher = Cipher.getInstance(algorithm.getTransformation(), PROVIDER_NAME);
+        } catch (Exception e) {
+            //NoSuchAlgorithmException：加密算法名是本工具类提供的，如果错了业务没有办法处理。所以这个异常不需要外部捕获。
+            //NoSuchProviderException：Provider是本工具类提供的，如果错了业务没有办法处理。所以这个异常不需要外部捕获。
+            //NoSuchPaddingException：没有特定的填充机制，与环境有关，业务没有办法处理。所以这个异常不需要外部捕获。
+            throw new RuntimeException(e);
+        }
+        cipher.init(opmode, key);
+        try {
+            return cipher.doFinal(data);
+        } catch (IllegalBlockSizeException e) {
+            throw new RuntimeException(e);//业务不需要将数据分块(好像由底层处理了)，如果错了业务没有办法处理。所以这个异常不需要外部捕获。
+        }
+    }
+
+    /****************************解密*********************************/
+    /**
+     * 对字符串先进行base64解码，再解密
+     * @param algorithm 加解密算法
+     * @param key 密钥
+     * @param data 密文
+     * @param charset 编码字符集
+     * @return 明文
+     * @throws InvalidKeyException 密钥错误
+     * @throws BadPaddingException 密文错误
+     */
+    public static String decryptBase64(Algorithm algorithm, SecretKey key, String data, Charset charset)
+            throws InvalidKeyException, BadPaddingException {
+        return new String(decrypt(algorithm, key, Base64.decodeBase64(data)), charset);
+    }
+
+    /**
+     * 解密字节数组
+     * @param algorithm 加解密算法
+     * @param key 密钥
+     * @param data 密文
+     * @return 明文
+     * @throws InvalidKeyException 密钥错误
+     * @throws BadPaddingException 密文错误
+     */
+    public static byte[] decrypt(Algorithm algorithm, SecretKey key, byte[] data) throws InvalidKeyException, BadPaddingException {
+        return cipherDoFinal(algorithm, Cipher.DECRYPT_MODE, key, data);
+    }
+
+    public static String Encrypt(String data) throws InvalidKeyException {
+        SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset);
+        return encryptBase64(Algorithm.SM4, key, data, encryptCharset);
+    }
+    public static String Decrypt(String data) throws BadPaddingException, InvalidKeyException {
+        SecretKey key = genKeyByStr(Algorithm.SM4, SM4_KEY, encryptCharset);
+        return decryptBase64(Algorithm.SM4, key, data, encryptCharset);
+    }
+	//加密
+	public static String dealEncryptData(Object data) throws JsonProcessingException, InvalidKeyException {
+        ObjectMapper objectMapper = new ObjectMapper();
+        String dataString = "";
+        try {
+            if(data instanceof String){
+                dataString = (String) data;
+            }else {
+                dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data);
+            }
+            String dataEncrypt = Encrypt(dataString);
+            return dataEncrypt;
+        }catch (Exception e){
+            return dataString;
+        }
+    }
+    //解密
+    public static String dealDecryptData(Object data) throws JsonProcessingException, BadPaddingException, InvalidKeyException {
+        String dataString = "";
+        try {
+            ObjectMapper objectMapper = new ObjectMapper();
+            if (data instanceof String) {
+                dataString = (String) data;
+            } else {
+                dataString = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(data);
+            }
+            String dataDecrypt = Decrypt(dataString);
+            return dataDecrypt;
+        }catch (Exception e){
+            return dataString;
+        }
+    }
+}

epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/UserData.java → epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/UserData.java

@@ -1,5 +1,5 @@
 
-package com.epmet.utils;
+package com.epmet.commons.tools.utils.api.yt;
 
 import lombok.Data;
 

epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/utils/YantaiApi.java → epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java

@@ -1,12 +1,12 @@
-package com.epmet.utils;
+package com.epmet.commons.tools.utils.api.yt;
 
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
+import com.epmet.commons.tools.constant.NumConstant;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.EpmetException;
 import com.epmet.commons.tools.utils.HttpClientManager;
 import com.epmet.commons.tools.utils.Result;
-import com.epmet.controller.yantai.SM4UtilsForYanTai;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 
@@ -25,6 +25,7 @@ import java.util.Map;
 @Slf4j
 public class YantaiApi {
     private static final String SSO_SERVER = "http://localhost:8080/";
+    private static final String CLIENT_ID = "1000006";
 
     /**
      * desc:根据组织id获取下级组织
@@ -75,7 +76,7 @@ public class YantaiApi {
             String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId);
             //pwd = URLEncoder.encode(pwd, "UTF-8");
             System.out.println("加密组织Id = " + organizationIdEn);
-            String url = "ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn;
+            String url = SSO_SERVER+"ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn;
 
             Map<String, Object> headerMap = new HashMap<>();
             Map<String, Object> paramMap = new HashMap<>();
@@ -93,4 +94,51 @@ public class YantaiApi {
         }
         return new ArrayList<>();
     }
+
+    /**
+     * desc:根据组织id获取下级组织
+     *
+     * @param code
+     * @return
+     */
+    public static YantaiSSOUser getLoginToken(String code) {
+        try {
+            if (StringUtils.isBlank(code)){
+                throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg());
+            }
+            //加密
+            String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(code);
+            //pwd = URLEncoder.encode(pwd, "UTF-8");
+            System.out.println("加密组织Id = " + organizationIdEn);
+            String url = "logintoken?client_id="+CLIENT_ID+"&client_code=" + code;
+
+            Map<String, Object> headerMap = new HashMap<>();
+            Map<String, Object> paramMap = new HashMap<>();
+            log.info("getUserByOuGuid request param: url:{},header:{}", url, headerMap);
+            Result<String> result = HttpClientManager.getInstance().sendGet(url, paramMap, headerMap);
+            log.info("getUserByOuGuid request result:{}", result);
+            JSONObject jsonObject = JSONObject.parseObject(result.getData());
+            //解密
+            String errcode = jsonObject.getString("errcode");
+            if (!NumConstant.ZERO_STR.equals(errcode)){
+                throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(),"获取token失败","获取token失败");
+            }
+            String data = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data"));
+            YantaiSSOUser userData = JSON.parseObject(data, YantaiSSOUser.class);
+            log.info("getUserByOuGuid request real result:{}", JSON.toJSONString(userData));
+            return userData;
+        } catch (Exception e) {
+            log.error("getUserByOuGuid exception", e);
+        }
+        return null;
+    }
+
+    public static void main(String[] args) {
+        String serverUrl = "http://172.20.46.155:8080/sso/login";
+        Map<String,Object> param = new HashMap<>();
+        param.put("client_id","1000006");
+        param.put("redirect_url","https://epmet-open.elinkservice.cn/epmet-oper-gov/");
+        Result<String> stringResult = HttpClientManager.getInstance().sendGet(serverUrl, param);
+        System.out.println(JSON.toJSONString(stringResult));
+    }
 }

epmet-module/epmet-third/epmet-third-server/src/main/java/com/epmet/controller/yantai/DataSyncUserAndOrgServiceImpl.java

@@ -1,10 +1,10 @@
 package com.epmet.controller.yantai;
 
 import com.epmet.commons.tools.constant.NumConstant;
-import com.epmet.commons.tools.dto.result.CustomerStaffInfoCacheResult;
 import com.epmet.commons.tools.page.PageData;
-import com.epmet.commons.tools.redis.common.CustomerStaffRedis;
 import com.epmet.commons.tools.utils.ConvertUtils;
+import com.epmet.commons.tools.utils.api.yt.OrgData;
+import com.epmet.commons.tools.utils.api.yt.YantaiApi;
 import com.epmet.dao.yantai.DataSyncOrgDataDao;
 import com.epmet.dao.yantai.DataSyncUserDataDao;
 import com.epmet.dto.form.yantai.YtUserPageFormDTO;
@@ -14,9 +14,6 @@ import com.epmet.entity.yantai.DataSyncOrgDataEntity;
 import com.epmet.feign.EpmetUserOpenFeignClient;
 import com.epmet.service.DataSyncOrgDataService;
 import com.epmet.service.DataSyncUserDataService;
-import com.epmet.utils.OrgData;
-import com.epmet.utils.UserData;
-import com.epmet.utils.YantaiApi;
 import com.github.pagehelper.PageHelper;
 import com.github.pagehelper.PageInfo;
 import lombok.extern.slf4j.Slf4j;
@@ -26,7 +23,6 @@ import org.springframework.stereotype.Service;
 
 import java.util.ArrayList;
 import java.util.List;
-import java.util.Map;
 import java.util.stream.Collectors;
 
 import static com.epmet.constant.YanTaiConstant.YT_CUSTOMER_ID;