package com.epmet.service.impl; import cn.hutool.core.util.RandomUtil; import cn.hutool.crypto.SecureUtil; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.epmet.auth.constants.AuthOperationConstants; import com.epmet.common.token.constant.LoginConstant; import com.epmet.commons.thirdplat.apiservice.AbstractApiService; import com.epmet.commons.thirdplat.bean.ThirdPlatUserInfo; import com.epmet.commons.thirdplat.constants.PyldConstants; import com.epmet.commons.tools.constant.AppClientConstant; import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.EpmetException; import com.epmet.commons.tools.exception.ExceptionUtils; import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.security.dto.GovTokenDto; import com.epmet.commons.tools.security.dto.TokenDto; import com.epmet.commons.tools.security.password.PasswordUtils; import com.epmet.commons.tools.utils.*; import com.epmet.constant.SsoConstant; import com.epmet.dto.*; import com.epmet.dto.form.*; import com.epmet.dto.result.*; import com.epmet.enums.ThirdPlatformEnum; import com.epmet.feign.EpmetUserFeignClient; import com.epmet.feign.EpmetUserOpenFeignClient; import com.epmet.feign.GovOrgOpenFeignClient; import com.epmet.feign.OperCrmOpenFeignClient; import com.epmet.jwt.JwtTokenProperties; import com.epmet.jwt.JwtTokenUtils; import com.epmet.redis.SsoRedis; import com.epmet.service.SsoService; import com.epmet.service.ThirdLoginService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; import org.apache.http.HttpEntity; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.util.EntityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.MediaType; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; import javax.annotation.Resource; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Set; import java.util.stream.Collectors; /** * @Author zxc * @DateTime 2021/1/18 下午4:35 */ @Service @Slf4j public class SsoServiceImpl implements SsoService { @Autowired private SsoRedis ssoRedis; @Autowired private JwtTokenUtils jwtTokenUtils; @Autowired private JwtTokenProperties jwtTokenProperties; @Autowired private EpmetUserOpenFeignClient epmetUserOpenFeignClient; @Autowired private OperCrmOpenFeignClient operCrmOpenFeignClient; @Autowired private GovOrgOpenFeignClient govOrgOpenFeignClient; @Autowired private CpUserDetailRedis cpUserDetailRedis; @Resource private EpmetUserFeignClient epmetUserFeignClient; @Value("${epmet.third.urlPrefix}") private String epmetThirdUrlPrefix; /** * @Description 0、入口:得到token * @Param formDTO * @author zxc * @date 2021/1/18 下午4:59 */ @Override public SsoLoginResultDTO ssoResiLogin(SsoLoginFormDTO formDTO) { String customerId = getCustomerId(formDTO.getAppId()); //String customerId = "3a4f923665a7a07701bcb311aac9a156"; String userId = ""; Result apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(customerId)); if (!apiServiceResult.success()) { throw new RenException("【SSO登录】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg()); } if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) { throw new RenException("【SSO登录】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString()); } ThirdPlatUserInfo userInfo; try { AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName()); userInfo = apiService.getCUserInfoByTicket(formDTO.getTicket()); } catch (Exception e) { throw new RenException(e.getMessage()); } if (null == userInfo) { throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(), "【SSO登录】调用第三方平台查询用户信息失败,用户信息为空"); } UserInfoFormDTO userInfoFormDTO = new UserInfoFormDTO(); userInfoFormDTO.setApp(formDTO.getApp()); userInfoFormDTO.setUid(userInfo.getOpenId()); userInfoFormDTO.setName(userInfo.getName()); userInfoFormDTO.setMobile(userInfo.getMobile()); userInfoFormDTO.setCustomerId(customerId); Result userDTOResult = epmetUserOpenFeignClient.saveUserInfo(userInfoFormDTO); if (!userDTOResult.success()) { throw new RenException("【SSO登录】新增或更新user_weChat失败"); } userId = userDTOResult.getData().getId(); if (StringUtils.isBlank(userId)) { throw new RenException("【SSO登录】userId为空,生成token失败"); } //生成业务token String token = this.generateToken(formDTO.getApp(), formDTO.getClient(), userId); //存放Redis if (StringUtils.isBlank(customerId)) { throw new RenException("【SSO登录】customerId为空,缓存放置token失败"); } this.disposeTokenDto(formDTO.getApp(), formDTO.getClient(), userId, token, customerId); return new SsoLoginResultDTO(token); } @Override public UserTokenResultDTO thirdLoginOperWork(SsoLoginOperFormDTO formDTO) { ThirdPlatUserInfo thirdUser; try { ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum(formDTO.getPlatform()); String apiService = platformEnum.getApiService(); AbstractApiService apiServiceImpl = (AbstractApiService) SpringContextUtils.getBean(apiService); thirdUser = apiServiceImpl.getGUserInfoBySSOToken(formDTO.getThirdToken()); } catch (RenException e) { throw new RenException(e.getCode(), e.getMessage()); } catch (Exception e) { throw new RenException(e.getMessage()); } if (thirdUser == null) { throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(), PyldConstants.REPONSE_USER_NOT_LOGIN); } //获取用户信息 GovWebOperLoginFormDTO form = new GovWebOperLoginFormDTO(); form.setCustomerId(thirdUser.getCustomerId()); form.setMobile(thirdUser.getMobile()); Result result = epmetUserFeignClient.getStaffIdAndPwd(form); //todo userId 写死测试 3f7f852ce22c511aa67ecb695395295d start /* GovWebOperLoginResultDTO demo = new GovWebOperLoginResultDTO(); demo.setUserId("3f7f852ce22c511aa67ecb695395295d"); result = new Result<>(); result.ok(demo);*/ //test end if (!result.success() || null == result.getData() || null == result.getData().getUserId()) { log.warn("根据手机号查询PC工作端登陆人员信息失败,返回10003账号不存在,param:{}", JSON.toJSONString(form)); throw new RenException(EpmetErrorCode.ERR10003.getCode()); } //4、生成token返回,且将TokenDto存到redis //生成业务token GovWebOperLoginResultDTO epmetUser = result.getData(); String token = this.generateToken(formDTO.getApp(), formDTO.getClient(), epmetUser.getUserId()); //存放Redis this.disposeTokenDto(formDTO.getApp(), formDTO.getClient(), epmetUser.getUserId(), token, thirdUser.getCustomerId()); UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO(); userTokenResultDTO.setToken(token); userTokenResultDTO.setCustomerId(thirdUser.getCustomerId()); return userTokenResultDTO; } @Override public UserTokenResultDTO checkTicket(SsoCheckTicketFormDTO form) throws IOException { CloseableHttpClient httpclient = null; CloseableHttpResponse response = null; UserTokenResultDTO userTokenResultDTO = null; try { httpclient = HttpClients.createDefault(); HttpPost httpPost = new HttpPost(SsoConstant.TICKET_TOKEN_URL); JSONObject infoJson = new JSONObject(); infoJson.put("ticket", form.getTicket()); StringEntity stringEntity = new StringEntity(infoJson.toString(), "UTF-8"); stringEntity.setContentEncoding("UTF-8"); stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE); httpPost.setEntity(stringEntity); response = httpclient.execute(httpPost); HttpEntity entity = response.getEntity(); if (entity != null) { EntityUtils.toString(entity, "UTF-8"); } JSONObject result = JSONObject.parseObject(EntityUtils.toString(entity)); if (result.getString("code").equals("200")) { String ticket = result.getString("data"); String timestamp = String.valueOf(System.currentTimeMillis()); String nonce = RandomUtil.randomString(18); httpPost = new HttpPost(SsoConstant.USER_INFO_URL); infoJson = new JSONObject(); infoJson.put("loginId", ticket); infoJson.put("timestamp", timestamp); infoJson.put("nonce", nonce); infoJson.put("sign", Md5Params(ticket, timestamp, nonce)); String params = DigestUtils.md5Hex(infoJson.toString().getBytes(StandardCharsets.UTF_8)); stringEntity = new StringEntity(params, "UTF-8"); stringEntity.setContentEncoding("UTF-8"); stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE); httpPost.setEntity(stringEntity); response = httpclient.execute(httpPost); entity = response.getEntity(); if (entity != null) { EntityUtils.toString(entity, "UTF-8"); } result = JSONObject.parseObject(EntityUtils.toString(entity)); if (result.getString("code").equals("200")) { JSONObject data = JSONObject.parseObject(result.getString("data")); String mobile = data.getString("phone"); String password = data.getString("password"); //1、根据手机号查询政府端工作人员基本信息,校验用户是否存在 Result> staffData = epmetUserFeignClient.checkCustomerStaff(mobile); String customerId = ""; String userId = ""; if (null != staffData && staffData.getData().size() > 0) { //2、根据客户Id和手机号查询登陆用户信息(代码逻辑来源于web端登陆接口) CustomerStaffDTO staffDTO = staffData.getData().get(0); customerId = staffDTO.getCustomerId(); userId = staffDTO.getUserId(); GovWebOperLoginFormDTO checkDto = new GovWebOperLoginFormDTO(); checkDto.setCustomerId(staffDTO.getCustomerId()); checkDto.setMobile(staffDTO.getMobile()); GovWebOperLoginResultDTO resData = epmetUserFeignClient.getStaffIdAndPwd(checkDto).getData(); if (null == resData || null == resData.getUserId()) { log.warn("根据手机号查询PC工作端登陆人员信息失败,返回10003账号不存在"); throw new EpmetException(EpmetErrorCode.ERR10003.getCode()); } //3、未禁用enable,已禁用disabled if ("disabled".equals(resData.getEnableFlag())) { throw new EpmetException(EpmetErrorCode.GOV_STAFF_DISABLED.getCode(), String.format("当前账号已被禁用staffId:%s", resData.getUserId()), EpmetErrorCode.GOV_STAFF_DISABLED.getMsg()); } GovWebOperLoginResultDTO resultDTO = resData; //4.密码是否正确 if (!PasswordUtils.matches(password, resultDTO.getPassWord())) { log.warn("登陆密码错误"); throw new EpmetException(EpmetErrorCode.ERR10004.getCode(), "登陆密码错误!"); } } //5.生成token存到redis并返回 userTokenResultDTO = new UserTokenResultDTO(); userTokenResultDTO.setCustomerId(customerId); String token = generateToken(AppClientConstant.APP_GOV, AppClientConstant.CLIENT_SSO, userId); userTokenResultDTO.setToken(token); disposeTokenDto(AppClientConstant.APP_GOV, AppClientConstant.CLIENT_SSO, userId, token, customerId); // 6.发送登录事件 try { SpringContextUtils.getBean(ThirdLoginService.class).sendLoginEvent(userId, "数字社区登录", AppClientConstant.APP_GOV, AppClientConstant.CLIENT_SSO, AuthOperationConstants.LOGIN); } catch (Exception e) { log.error("【数字社区web端登录】发送登录事件失败,程序继续执行。错误信息"); } } } else { log.error("校验失败,没有查询到Ticket为:'" + form.getTicket() + "'的人员信息", result.getString("msg")); throw new EpmetException(EpmetErrorCode.ERR10008.getCode(), "校验失败,没有查询到Ticket为:'" + form.getTicket() + "'的人员信息"); } } catch (Exception e) { e.printStackTrace(); } finally { if (null != httpclient) { httpclient.close(); response.close(); } } return userTokenResultDTO; } /** * 签名 * * @param loginId * @return */ private String Md5Params(String loginId, String timestamp, String nonce) { String prefix = "=${"; String suffix = "}&"; StringBuilder builder = new StringBuilder(); builder.append("loginId").append(prefix).append(loginId).append(suffix); builder.append("nonce").append(prefix).append(nonce).append(suffix); builder.append("timestamp").append(prefix).append(timestamp).append(suffix); builder.append("key").append("={").append(SsoConstant.SECRET_KEY).append("}"); return SecureUtil.md5(builder.toString()); } /** * @Description token放缓存 * @Param formDTO * @Param userId * @Param token * @Param customerId * @author zxc * @date 2021/1/18 下午5:32 */ public void disposeTokenDto(String app, String client, String userId, String token, String customerId) { int expire = jwtTokenProperties.getExpire(); TokenDto tokenDto = new TokenDto(); tokenDto.setCustomerId(customerId); tokenDto.setApp(app); tokenDto.setClient(client); tokenDto.setUserId(userId); tokenDto.setToken(token); tokenDto.setUpdateTime(System.currentTimeMillis()); tokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime()); ssoRedis.set(tokenDto, expire); log.info("截止时间:" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss")); } /** * @Description 居民端登陆生成业务token的key * @Param app * @Param client * @Param userId * @author zxc * @date 2021/1/18 下午5:14 */ private String generateToken(String app, String client, String userId) { Map map = new HashMap<>(16); map.put("app", app); map.put("client", client); map.put("userId", userId); String token = jwtTokenUtils.createToken(map); log.info("app:" + app + ";client:" + client + ";userId:" + userId + ";生成token[" + token + "]"); return token; } /** * @Description 获取customerId * @Param appId * @author zxc * @date 2021/1/19 下午1:47 */ public String getCustomerId(String appId) { JSONObject jsonObject = new JSONObject(); String customerMsgUrl = epmetThirdUrlPrefix + "/api/third/customermp/getcustomermsg/"; String data = HttpClientManager.getInstance().sendPostByJSON(customerMsgUrl + appId, JSON.toJSONString(jsonObject)).getData(); log.info("调用third服务,根据appId查询客户信息:httpclient->url:" + customerMsgUrl + ",结果->" + data); JSONObject toResult = JSON.parseObject(data); Result mapToResult = ConvertUtils.mapToEntity(toResult, Result.class); if (null != toResult.get("code")) { mapToResult.setCode(((Integer) toResult.get("code")).intValue()); } if (!mapToResult.success()) { log.error(String.format("根据appId查询客户信息失败,对应appId->" + appId)); throw new RenException(mapToResult.getMsg()); } Object publicCustomerResultDTO = mapToResult.getData(); JSONObject json = JSON.parseObject(publicCustomerResultDTO.toString()); Map map = (Map) json.get("customer"); PaCustomerDTO customer = ConvertUtils.mapToEntity(map, PaCustomerDTO.class); log.info("小程序登陆third服务获取客户用户信息PaCustomerDTO->" + customer); return customer.getId(); } /** * @param formDTO * @Author sun * @Description 1、ticket自动登录获取内部token **/ @Override public UserTokenResultDTO ssoWorkLogin(SsoWorkLoginFormDTO formDTO) { //1.根据appId查询客户id String customerId = getCustomerId(formDTO.getAppId()); //String customerId = "3a4f923665a7a07701bcb311aac9a156"; //2.客户Id换取第三方apiService,根据ticket换取华为Id Result apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(customerId)); if (!apiServiceResult.success()) { throw new RenException("【SSO登录】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg()); } if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) { throw new RenException("【SSO登录】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString()); } ThirdPlatUserInfo userInfo; try { AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName()); userInfo = apiService.getGUserInfoBySSOToken(formDTO.getToken()); } catch (Exception e) { throw new RenException(e.getMessage()); } if (null == userInfo) { throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(), "【SSO登录】调用第三方平台查询用户信息失败,用户信息为空"); } //3.根据华为openId查询用户是否存在历史登陆信息 Result latestStaffWechat = epmetUserOpenFeignClient.getLatestStaffWechatLoginRecord(userInfo.getOpenId()); if (!latestStaffWechat.success() || null == latestStaffWechat.getData()) { log.warn(String.format("没有获取到用户最近一次登录账户信息,code[%s],msg[%s]", EpmetErrorCode.PLEASE_LOGIN.getCode(), EpmetErrorCode.PLEASE_LOGIN.getMsg())); throw new RenException(EpmetErrorCode.PLEASE_LOGIN.getCode()); } StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = latestStaffWechat.getData(); //4.记录staff_wechat this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), userInfo.getOpenId()); //5.记录登录日志 this.saveStaffLoginRecord(staffLatestAgencyResultDTO); //6.获取用户token String token = this.generateGovWxmpToken(staffLatestAgencyResultDTO.getStaffId(), formDTO.getApp(), formDTO.getClient()); //7.保存到redis this.saveLatestGovTokenDto(staffLatestAgencyResultDTO, userInfo, token); UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO(); userTokenResultDTO.setToken(token); return userTokenResultDTO; } /** * @param userId openid * @Author sun * @Description 保存微信和当前登录用户关系 **/ private Result savestaffwechat(String userId, String openid) { StaffWechatFormDTO staffWechatFormDTO = new StaffWechatFormDTO(); staffWechatFormDTO.setUserId(userId); staffWechatFormDTO.setWxOpenId(openid); return epmetUserOpenFeignClient.saveStaffWechat(staffWechatFormDTO); } /** * @param latestStaffWechatLoginDTO * @Author sun * @Description 保存登录日志 **/ private Result saveStaffLoginRecord(StaffLatestAgencyResultDTO latestStaffWechatLoginDTO) { StaffLoginAgencyRecordFormDTO staffLoginAgencyRecordFormDTO = new StaffLoginAgencyRecordFormDTO(); staffLoginAgencyRecordFormDTO.setCustomerId(latestStaffWechatLoginDTO.getCustomerId()); staffLoginAgencyRecordFormDTO.setStaffId(latestStaffWechatLoginDTO.getStaffId()); staffLoginAgencyRecordFormDTO.setWxOpenId(latestStaffWechatLoginDTO.getWxOpenId()); staffLoginAgencyRecordFormDTO.setMobile(latestStaffWechatLoginDTO.getMobile()); staffLoginAgencyRecordFormDTO.setAgencyId(latestStaffWechatLoginDTO.getAgencyId()); Result staffLoginRecordResult = epmetUserOpenFeignClient.saveStaffLoginRecord(staffLoginAgencyRecordFormDTO); return staffLoginRecordResult; } /** * @Description 生成政府端小程序业务token Key * @Author sun **/ private String generateGovWxmpToken(String staffId, String app, String client) { Map map = new HashMap<>(); map.put("app", app); map.put("client", client); map.put("userId", staffId); String token = jwtTokenUtils.createToken(map); log.info("app:" + app + ";client:" + client + ";userId:" + staffId + ";生成token[" + token + "]"); return token; } /** * @Description 保存tokenDto到redis * @Author sun **/ private void saveLatestGovTokenDto(StaffLatestAgencyResultDTO staffLatestAgency, ThirdPlatUserInfo userInfo, String token) { int expire = jwtTokenProperties.getExpire(); GovTokenDto govTokenDto = new GovTokenDto(); govTokenDto.setApp(LoginConstant.APP_GOV); govTokenDto.setClient(LoginConstant.CLIENT_APP); govTokenDto.setUserId(staffLatestAgency.getStaffId()); govTokenDto.setOpenId(userInfo.getOpenId()); govTokenDto.setSessionKey(""); govTokenDto.setUnionId(""); govTokenDto.setToken(token); govTokenDto.setUpdateTime(System.currentTimeMillis()); govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime()); govTokenDto.setRootAgencyId(staffLatestAgency.getAgencyId()); govTokenDto.setCustomerId(staffLatestAgency.getCustomerId()); //设置部门,网格,角色列表 govTokenDto.setDeptIdList(getDeptartmentIdList(staffLatestAgency.getStaffId())); govTokenDto.setGridIdList(getGridIdList(staffLatestAgency.getStaffId())); CustomerAgencyDTO agency = getAgencyByStaffId(staffLatestAgency.getStaffId()); if (agency != null) { govTokenDto.setAgencyId(agency.getId()); govTokenDto.setRoleList(queryGovStaffRoles(staffLatestAgency.getStaffId(), agency.getId())); } govTokenDto.setOrgIdPath(getOrgIdPath(staffLatestAgency.getStaffId())); cpUserDetailRedis.set(govTokenDto, expire); log.info("截止时间:" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss")); } public Set getDeptartmentIdList(String staffId) { try { Result> deptListResult = govOrgOpenFeignClient.getDepartmentListByStaffId(staffId); if (deptListResult.success()) { if (!CollectionUtils.isEmpty(deptListResult.getData())) { Set deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet()); return deptIdLists; } } else { log.error("登录:查询部门列表,远程调用返回错误:{}", deptListResult.getMsg()); } } catch (Exception e) { String errorStackTrace = ExceptionUtils.getErrorStackTrace(e); log.error("登录:查询部门列表异常:{}", errorStackTrace); } return null; } /** * 根据工作人员ID查询网格ID列表 * * @param staffId */ public Set getGridIdList(String staffId) { Result> result = govOrgOpenFeignClient.listGridsbystaffid(staffId); if (!result.success()) { log.error("登录:查询网格列表,远程调用返回错误:{}", result.getMsg()); return null; } else { List grids = result.getData(); return grids.stream().map(grid -> grid.getGridId()).collect(Collectors.toSet()); } } /** * 根据staffId查询所属的组织机构 * * @param staffId */ public CustomerAgencyDTO getAgencyByStaffId(String staffId) { Result result = govOrgOpenFeignClient.getAgencyByStaff(staffId); if (!result.success()) { log.error("登录:查询登录人所属的机关OrgIdPath失败:{}", result.getMsg()); return null; } return result.getData(); } /** * 查询人员在某机关单位下的角色列表 * * @param staffId orgId */ public List queryGovStaffRoles(String staffId, String orgId) { StaffRoleFormDTO formDTO = new StaffRoleFormDTO(); formDTO.setStaffId(staffId); formDTO.setOrgId(orgId); Result> gridResult = epmetUserOpenFeignClient.getRolesOfStaff(formDTO); if (!CollectionUtils.isEmpty(gridResult.getData())) { //return gridResult.getData().stream().map(role -> role.getId()).collect(Collectors.toSet()); return ConvertUtils.sourceToTarget(gridResult.getData(), GovTokenDto.Role.class); } return null; } /** * 查询工作人员的OrgIdPath * * @param staffId */ public String getOrgIdPath(String staffId) { Result result = govOrgOpenFeignClient.getAgencyByStaff(staffId); if (!result.success()) { log.error("登录:查询登录人所属的机关OrgIdPath失败:{}", result.getMsg()); return null; } CustomerAgencyDTO agency = result.getData(); if (agency != null) { if ("0".equals(agency.getPid())) { // 顶级 return agency.getId(); } else { return agency.getPids().concat(":").concat(agency.getId()); } } return null; } /** * @param formDTO * @Author sun * @Description 4、自动进入组织-返回token **/ @Override public UserTokenResultDTO enterOrg(SsoEnteOrgFormDTO formDTO) { //1、需要校验要登录的客户,是否被禁用 CustomerStaffFormDTO customerStaffFormDTO = new CustomerStaffFormDTO(); customerStaffFormDTO.setCustomerId(formDTO.getCustomerId()); customerStaffFormDTO.setMobile(formDTO.getMobile()); Result customerStaffDTOResult = epmetUserOpenFeignClient.getCustomerStaffInfo(customerStaffFormDTO); if (!customerStaffDTOResult.success() || null == customerStaffDTOResult.getData()) { log.warn(String.format("获取工作人员信息失败,手机号[%s],客户id:[%s],code[%s],msg[%s]", formDTO.getMobile(), formDTO.getCustomerId(), customerStaffDTOResult.getCode(), customerStaffDTOResult.getMsg())); throw new RenException(customerStaffDTOResult.getCode()); } CustomerStaffDTO customerStaff = customerStaffDTOResult.getData(); //2.客户Id换取第三方apiService,根据ticket换取华为Id Result apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(formDTO.getCustomerId())); if (!apiServiceResult.success()) { throw new RenException("【SSO enterOrg】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg()); } if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) { throw new RenException("【SSO enterOrg】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString()); } ThirdPlatUserInfo userInfo; try { AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName()); userInfo = apiService.getGUserInfoBySSOToken(formDTO.getToken()); } catch (Exception e) { throw new RenException(e.getMessage()); } if (null == userInfo) { throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(), "【SSO enterOrg】调用第三方平台查询用户信息失败,用户信息为空"); } //3、记录staff_wechat,并记录用户激活状态,激活时间 this.savestaffwechat(customerStaff.getUserId(), userInfo.getOpenId()); //4、记录登录日志 StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = new StaffLatestAgencyResultDTO(); staffLatestAgencyResultDTO.setCustomerId(formDTO.getCustomerId()); staffLatestAgencyResultDTO.setStaffId(customerStaff.getUserId()); staffLatestAgencyResultDTO.setWxOpenId(userInfo.getOpenId()); staffLatestAgencyResultDTO.setMobile(formDTO.getMobile()); staffLatestAgencyResultDTO.setAgencyId(formDTO.getRootAgencyId()); this.saveStaffLoginRecord(staffLatestAgencyResultDTO); //5.1、获取用户token String token = this.generateGovWxmpToken(customerStaff.getUserId(), formDTO.getApp(), formDTO.getClient()); //5.2、保存到redis StaffLatestAgencyResultDTO staffLatestAgency = new StaffLatestAgencyResultDTO(); staffLatestAgency.setAgencyId(formDTO.getRootAgencyId()); staffLatestAgency.setCustomerId(formDTO.getCustomerId()); staffLatestAgency.setStaffId(customerStaff.getUserId()); this.saveLatestGovTokenDto(staffLatestAgency, userInfo, token); UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO(); userTokenResultDTO.setToken(token); return userTokenResultDTO; } // public static void main(String[] args) { // String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck"; // String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468"; // String appId = "7a5aec009ba4eba8e254ee64fe3775e1"; // String appKey = "14faef9af508d1c253b720ea5a43f9de"; // String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595"; // long ts = System.currentTimeMillis(); // String message = appId + appKey + appSecret + ts; // String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8)); // //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld"); // JSONObject jsonObject = new JSONObject(); // jsonObject.put("platformToken", platformToken); // // Map headerMap = new HashMap<>(4); // headerMap.put("AppKey", appKey); // headerMap.put("Timestamp", ts); // headerMap.put("AccessToken", accessToken); // Result stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap); // System.out.println(stringResult); // } }