Merge remote-tracking branch 'origin/master'

epmet-auth/src/main/java/com/epmet/constant/SsoConstant.java

@@ -16,13 +16,21 @@ public interface SsoConstant {
     String INSERT_UPDATE_USER_FAILURE = "新增或更新user_weChat失败......";
 
     String USER_ID_IS_NULL = "userId为空,生成token失败......";
+
     String CUSTOMER_ID_IS_NULL = "customerId为空,缓存放置token失败......";
+
     /**
      * 日照 Ticket 校验接口地址，SSO调用
      */
     String TICKET_TOKEN_URL = "https://sso.shuzirizhao.cn/sso/checkTicket";
+
     /**
      * 日照 获取登陆身份信息
      */
     String USER_INFO_URL = "https://sso.shuzirizhao.cn/sso/userinfo";
+
+    /**
+     * 签名秘钥
+     */
+    String SECRET_KEY = "YQfyZtAmDbYHTBaHPSx3GZeX7x2ip7ik";
 }

epmet-auth/src/main/java/com/epmet/controller/SsoController.java

@@ -11,12 +11,10 @@ import com.epmet.service.SsoService;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.io.IOException;
+import java.util.Map;
 
 /**
  * @Author zxc
@@ -91,12 +89,21 @@ public class SsoController {
         return new Result<UserTokenResultDTO>().ok(userTokenResultDTO);
     }
 
-    @PostMapping("checkTicket")
-    public Result ssoCheckTicket(@RequestBody SsoCheckTicketFormDTO form) throws IOException {
-        if (StringUtils.isEmpty(form.getTicket())) {
-            return new Result().ok(ssoService.checkTicket(form));
+    @GetMapping("checkTicket")
+    public Result ssoCheckTicket(@RequestParam Map<String, String> params) throws IOException {
+        SsoCheckTicketFormDTO form = new SsoCheckTicketFormDTO();
+        if (StringUtils.isNotEmpty(params.get("ticket"))) {
+            form.setTicket(params.get("ticket"));
+        } else {
+            return new Result().error(-1, "登陆失败，请联系管理员！");
+        }
+        if (StringUtils.isNotEmpty(params.get("ssoLogoutCall"))) {
+            form.setSsoLogoutCall(params.get("ssoLogoutCall"));
         }
-        return new Result().error(-1,"登陆失败，请联系管理员！");
+        if (StringUtils.isNotEmpty(params.get("client"))) {
+            form.setSsoLogoutCall(params.get("client"));
+        }
+        return new Result().ok(ssoService.checkTicket(form));
     }
 
 }

epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java

@@ -1,5 +1,7 @@
 package com.epmet.service.impl;
 
+import cn.hutool.core.util.RandomUtil;
+import cn.hutool.crypto.SecureUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.epmet.auth.constants.AuthOperationConstants;
@@ -46,6 +48,7 @@ import org.springframework.http.MediaType;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
+import javax.annotation.Resource;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
@@ -83,7 +86,7 @@ public class SsoServiceImpl implements SsoService {
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
-    @Autowired
+    @Resource
     private EpmetUserFeignClient epmetUserFeignClient;
 
     @Value("${epmet.third.urlPrefix}")
@@ -220,13 +223,15 @@ public class SsoServiceImpl implements SsoService {
             if (result.getString("code").equals("200")) {
                 String ticket = result.getString("data");
                 String timestamp = String.valueOf(System.currentTimeMillis());
+                String nonce = RandomUtil.randomString(18);
                 httpPost = new HttpPost(SsoConstant.USER_INFO_URL);
                 infoJson = new JSONObject();
                 infoJson.put("loginId", ticket);
                 infoJson.put("timestamp", timestamp);
-                infoJson.put("nonce", "");
-                infoJson.put("sign", "");
-                stringEntity = new StringEntity(infoJson.toString(), "UTF-8");
+                infoJson.put("nonce", nonce);
+                infoJson.put("sign", Md5Params(ticket, timestamp, nonce));
+                String params = DigestUtils.md5Hex(infoJson.toString().getBytes(StandardCharsets.UTF_8));
+                stringEntity = new StringEntity(params, "UTF-8");
                 stringEntity.setContentEncoding("UTF-8");
                 stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE);
                 httpPost.setEntity(stringEntity);
@@ -302,6 +307,24 @@ public class SsoServiceImpl implements SsoService {
         return userTokenResultDTO;
     }
 
+    /**
+     * 签名
+     *
+     * @param loginId
+     * @return
+     */
+    private String Md5Params(String loginId, String timestamp, String nonce) {
+        String prefix = "=${";
+        String suffix = "}&";
+        StringBuilder builder = new StringBuilder();
+        builder.append("loginId").append(prefix).append(loginId).append(suffix);
+        builder.append("nonce").append(prefix).append(nonce).append(suffix);
+        builder.append("timestamp").append(prefix).append(timestamp).append(suffix);
+        builder.append("key").append("={").append(SsoConstant.SECRET_KEY).append("}");
+        return SecureUtil.md5(builder.toString());
+    }
+
+
     /**
      * @Description token放缓存
      * @Param formDTO
@@ -657,24 +680,24 @@ public class SsoServiceImpl implements SsoService {
     }
 
 
-    public static void main(String[] args) {
-        String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck";
-        String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468";
-        String appId = "7a5aec009ba4eba8e254ee64fe3775e1";
-        String appKey = "14faef9af508d1c253b720ea5a43f9de";
-        String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595";
-        long ts = System.currentTimeMillis();
-        String message = appId + appKey + appSecret + ts;
-        String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8));
-        //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld");
-        JSONObject jsonObject = new JSONObject();
-        jsonObject.put("platformToken", platformToken);
-
-        Map<String, Object> headerMap = new HashMap<>(4);
-        headerMap.put("AppKey", appKey);
-        headerMap.put("Timestamp", ts);
-        headerMap.put("AccessToken", accessToken);
-        Result<String> stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap);
-        System.out.println(stringResult);
-    }
+//    public static void main(String[] args) {
+//        String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck";
+//        String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468";
+//        String appId = "7a5aec009ba4eba8e254ee64fe3775e1";
+//        String appKey = "14faef9af508d1c253b720ea5a43f9de";
+//        String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595";
+//        long ts = System.currentTimeMillis();
+//        String message = appId + appKey + appSecret + ts;
+//        String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8));
+//        //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld");
+//        JSONObject jsonObject = new JSONObject();
+//        jsonObject.put("platformToken", platformToken);
+//
+//        Map<String, Object> headerMap = new HashMap<>(4);
+//        headerMap.put("AppKey", appKey);
+//        headerMap.put("Timestamp", ts);
+//        headerMap.put("AccessToken", accessToken);
+//        Result<String> stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap);
+//        System.out.println(stringResult);
+//    }
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/ActWithoutProofController.java

@@ -1,6 +1,7 @@
 package com.epmet.controller;
 
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.result.WzmDocumentRsultDTO;
 import com.epmet.service.ActWithoutProofService;
 import com.epmet.util.ActWithoutProofUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -11,6 +12,7 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.io.IOException;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -50,7 +52,7 @@ public class ActWithoutProofController {
      * @throws IOException
      */
     @GetMapping("getWzmProject")
-    public Result getWzmProject(@RequestParam Map<String, Object> params) throws IOException {
+    public Result<List<WzmDocumentRsultDTO>> getWzmProject(@RequestParam Map<String, Object> params) throws IOException {
         String idCard = "", certType = "", qrcode = "", xm = "", zmtaskguid = "";
         String token = ActWithoutProofUtils.getToken();
         if (StringUtils.isEmpty(token)) {

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/ActWithoutProofService.java

@@ -34,7 +34,7 @@ public interface ActWithoutProofService {
      * @param xm         残疾人证和不动产权属状况证明必填
      * @param zmtaskguid 证明guid
      */
-    WzmDocumentRsultDTO getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException;
+    List<WzmDocumentRsultDTO> getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException;
 
     /**
      * 重新开具证明

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/ActWithoutProofServiceImpl.java

@@ -102,7 +102,7 @@ public class ActWithoutProofServiceImpl implements ActWithoutProofService {
     }
 
     @Override
-    public WzmDocumentRsultDTO getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException {
+    public List<WzmDocumentRsultDTO> getWzmProject(String token, String idCard, String certType, String qrcode, String xm, String zmtaskguid) throws IOException {
         CloseableHttpClient client = null;
         CloseableHttpResponse response = null;
         try {
@@ -144,22 +144,31 @@ public class ActWithoutProofServiceImpl implements ActWithoutProofService {
             //返回
             JSONObject result = JSONObject.parseObject(EntityUtils.toString(response.getEntity()));
             WzmDocumentRsultDTO dto = null;
+            List<WzmDocumentRsultDTO> dtoList= new ArrayList<>();
             if (result.getString("code").equals("200")) {
-                JSONArray jsonArray = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getJSONArray("result");
+                JSONArray jsonArray = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getJSONArray("resultlist");
                 if (null != jsonArray && jsonArray.size() > 0) {
                     JSONObject j = JSONObject.parseObject(jsonArray.get(0).toString());
                     dto = new WzmDocumentRsultDTO();
                     dto.setZmresultname(j.getString("zmresultname"));
-                    dto.setDownloadurl(j.getString("downloadurl"));
+                    if(StringUtils.isNotEmpty(j.getString("downloadurl"))){
+                        String url = j.getString("downloadurl");
+                        if (url.startsWith("http://172.20.84.138/")) {
+                            url = url.replaceAll("http://172.20.84.138/", "https://rzzhsq.shuzirizhao.cn/");
+                        }
+                        dto.setDownloadurl(url);
+                    }
                     dto.setTimeqrcode(j.getString("timeqrcode"));
-                    dto.setBase64str(j.getString("base64str"));
+                    if(StringUtils.isNotEmpty(j.getString("base64str"))){
+                        dto.setBase64str("data:image/jpeg;base64," + j.getString("base64str"));
                     }
-                log.info(result.toString());
-                return dto;
+                    dtoList.add(dto);
+                }
+                return dtoList;
             } else {
                 String erro = JSONObject.parseObject(result.getJSONObject("data").getString("custom")).getString("text");
                 log.error(erro, result.toString());
-                return new WzmDocumentRsultDTO();
+                throw new EpmetException(erro);
             }
         } catch (Exception e) {
             throw new EpmetException("获取失败，请联系管理员！");

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/util/ActWithoutProofUtils.java

@@ -35,7 +35,7 @@ public class ActWithoutProofUtils {
     public static final String LOGIN_ID = "zhihuishequ";
 
     /**
-     * 数据加解密密钥
+     * 数据加解密秘钥
      */
     public static final String KEY = "1122334455667788";
 
@@ -169,11 +169,10 @@ public class ActWithoutProofUtils {
 
         json.put("loginid", "zhihuishequ");
         String content = json.toString();
-        String key = "1122334455667788";
         // 加密
         System.out.println("加密前：" + content);
 
-        byte[] encryptResult = encrypt(content, key);
+        byte[] encryptResult = encrypt(content, ActWithoutProofUtils.KEY);
         String encryptResultStr = parseByte2HexStr(encryptResult);
         String baseEncode = Base64.getEncoder().encodeToString(encryptResultStr.getBytes());
         System.out.println("加密后：" + baseEncode);
@@ -181,7 +180,7 @@ public class ActWithoutProofUtils {
         //解密
         String baseDecode = new String(Base64.getDecoder().decode(baseEncode));
         byte[] decryptFrom = parseHexStr2Byte(baseDecode);
-        byte[] decryptResult = decrypt(decryptFrom, key);
+        byte[] decryptResult = decrypt(decryptFrom, ActWithoutProofUtils.KEY);
         System.out.println("解密后：" + new String(decryptResult));
     }