You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
703 lines
33 KiB
703 lines
33 KiB
package com.epmet.service.impl;
|
|
|
|
import cn.hutool.core.util.RandomUtil;
|
|
import cn.hutool.crypto.SecureUtil;
|
|
import com.alibaba.fastjson.JSON;
|
|
import com.alibaba.fastjson.JSONObject;
|
|
import com.epmet.auth.constants.AuthOperationConstants;
|
|
import com.epmet.common.token.constant.LoginConstant;
|
|
import com.epmet.commons.thirdplat.apiservice.AbstractApiService;
|
|
import com.epmet.commons.thirdplat.bean.ThirdPlatUserInfo;
|
|
import com.epmet.commons.thirdplat.constants.PyldConstants;
|
|
import com.epmet.commons.tools.constant.AppClientConstant;
|
|
import com.epmet.commons.tools.exception.EpmetErrorCode;
|
|
import com.epmet.commons.tools.exception.EpmetException;
|
|
import com.epmet.commons.tools.exception.ExceptionUtils;
|
|
import com.epmet.commons.tools.exception.RenException;
|
|
import com.epmet.commons.tools.security.dto.GovTokenDto;
|
|
import com.epmet.commons.tools.security.dto.TokenDto;
|
|
import com.epmet.commons.tools.security.password.PasswordUtils;
|
|
import com.epmet.commons.tools.utils.*;
|
|
import com.epmet.constant.SsoConstant;
|
|
import com.epmet.dto.*;
|
|
import com.epmet.dto.form.*;
|
|
import com.epmet.dto.result.*;
|
|
import com.epmet.enums.ThirdPlatformEnum;
|
|
import com.epmet.feign.EpmetUserFeignClient;
|
|
import com.epmet.feign.EpmetUserOpenFeignClient;
|
|
import com.epmet.feign.GovOrgOpenFeignClient;
|
|
import com.epmet.feign.OperCrmOpenFeignClient;
|
|
import com.epmet.jwt.JwtTokenProperties;
|
|
import com.epmet.jwt.JwtTokenUtils;
|
|
import com.epmet.redis.SsoRedis;
|
|
import com.epmet.service.SsoService;
|
|
import com.epmet.service.ThirdLoginService;
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import org.apache.commons.codec.digest.DigestUtils;
|
|
import org.apache.commons.lang3.StringUtils;
|
|
import org.apache.http.HttpEntity;
|
|
import org.apache.http.client.methods.CloseableHttpResponse;
|
|
import org.apache.http.client.methods.HttpPost;
|
|
import org.apache.http.entity.StringEntity;
|
|
import org.apache.http.impl.client.CloseableHttpClient;
|
|
import org.apache.http.impl.client.HttpClients;
|
|
import org.apache.http.util.EntityUtils;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.beans.factory.annotation.Value;
|
|
import org.springframework.http.MediaType;
|
|
import org.springframework.stereotype.Service;
|
|
import org.springframework.util.CollectionUtils;
|
|
|
|
import javax.annotation.Resource;
|
|
import java.io.IOException;
|
|
import java.nio.charset.StandardCharsets;
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
import java.util.Set;
|
|
import java.util.stream.Collectors;
|
|
|
|
/**
|
|
* @Author zxc
|
|
* @DateTime 2021/1/18 下午4:35
|
|
*/
|
|
@Service
|
|
@Slf4j
|
|
public class SsoServiceImpl implements SsoService {
|
|
|
|
@Autowired
|
|
private SsoRedis ssoRedis;
|
|
|
|
@Autowired
|
|
private JwtTokenUtils jwtTokenUtils;
|
|
|
|
@Autowired
|
|
private JwtTokenProperties jwtTokenProperties;
|
|
|
|
@Autowired
|
|
private EpmetUserOpenFeignClient epmetUserOpenFeignClient;
|
|
|
|
@Autowired
|
|
private OperCrmOpenFeignClient operCrmOpenFeignClient;
|
|
|
|
@Autowired
|
|
private GovOrgOpenFeignClient govOrgOpenFeignClient;
|
|
|
|
@Autowired
|
|
private CpUserDetailRedis cpUserDetailRedis;
|
|
|
|
@Resource
|
|
private EpmetUserFeignClient epmetUserFeignClient;
|
|
|
|
@Value("${epmet.third.urlPrefix}")
|
|
private String epmetThirdUrlPrefix;
|
|
|
|
/**
|
|
* @Description 0、入口:得到token
|
|
* @Param formDTO
|
|
* @author zxc
|
|
* @date 2021/1/18 下午4:59
|
|
*/
|
|
@Override
|
|
public SsoLoginResultDTO ssoResiLogin(SsoLoginFormDTO formDTO) {
|
|
String customerId = getCustomerId(formDTO.getAppId());
|
|
//String customerId = "3a4f923665a7a07701bcb311aac9a156";
|
|
String userId = "";
|
|
|
|
Result<ThirdplatApiserviceResultDTO> apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(customerId));
|
|
if (!apiServiceResult.success()) {
|
|
throw new RenException("【SSO登录】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg());
|
|
}
|
|
|
|
if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) {
|
|
throw new RenException("【SSO登录】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString());
|
|
}
|
|
|
|
ThirdPlatUserInfo userInfo;
|
|
try {
|
|
AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName());
|
|
userInfo = apiService.getCUserInfoByTicket(formDTO.getTicket());
|
|
} catch (Exception e) {
|
|
throw new RenException(e.getMessage());
|
|
}
|
|
|
|
if (null == userInfo) {
|
|
throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(),
|
|
"【SSO登录】调用第三方平台查询用户信息失败,用户信息为空");
|
|
}
|
|
UserInfoFormDTO userInfoFormDTO = new UserInfoFormDTO();
|
|
userInfoFormDTO.setApp(formDTO.getApp());
|
|
userInfoFormDTO.setUid(userInfo.getOpenId());
|
|
userInfoFormDTO.setName(userInfo.getName());
|
|
userInfoFormDTO.setMobile(userInfo.getMobile());
|
|
userInfoFormDTO.setCustomerId(customerId);
|
|
|
|
Result<UserDTO> userDTOResult = epmetUserOpenFeignClient.saveUserInfo(userInfoFormDTO);
|
|
if (!userDTOResult.success()) {
|
|
throw new RenException("【SSO登录】新增或更新user_weChat失败");
|
|
}
|
|
userId = userDTOResult.getData().getId();
|
|
|
|
if (StringUtils.isBlank(userId)) {
|
|
throw new RenException("【SSO登录】userId为空,生成token失败");
|
|
}
|
|
//生成业务token
|
|
String token = this.generateToken(formDTO.getApp(), formDTO.getClient(), userId);
|
|
//存放Redis
|
|
|
|
if (StringUtils.isBlank(customerId)) {
|
|
throw new RenException("【SSO登录】customerId为空,缓存放置token失败");
|
|
}
|
|
this.disposeTokenDto(formDTO.getApp(), formDTO.getClient(), userId, token, customerId);
|
|
return new SsoLoginResultDTO(token);
|
|
}
|
|
|
|
@Override
|
|
public UserTokenResultDTO thirdLoginOperWork(SsoLoginOperFormDTO formDTO) {
|
|
ThirdPlatUserInfo thirdUser;
|
|
try {
|
|
ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum(formDTO.getPlatform());
|
|
String apiService = platformEnum.getApiService();
|
|
AbstractApiService apiServiceImpl = (AbstractApiService) SpringContextUtils.getBean(apiService);
|
|
thirdUser = apiServiceImpl.getGUserInfoBySSOToken(formDTO.getThirdToken());
|
|
} catch (RenException e) {
|
|
throw new RenException(e.getCode(), e.getMessage());
|
|
} catch (Exception e) {
|
|
throw new RenException(e.getMessage());
|
|
}
|
|
if (thirdUser == null) {
|
|
throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(), PyldConstants.REPONSE_USER_NOT_LOGIN);
|
|
}
|
|
//获取用户信息
|
|
GovWebOperLoginFormDTO form = new GovWebOperLoginFormDTO();
|
|
form.setCustomerId(thirdUser.getCustomerId());
|
|
form.setMobile(thirdUser.getMobile());
|
|
Result<GovWebOperLoginResultDTO> result = epmetUserFeignClient.getStaffIdAndPwd(form);
|
|
//todo userId 写死测试 3f7f852ce22c511aa67ecb695395295d start
|
|
/* GovWebOperLoginResultDTO demo = new GovWebOperLoginResultDTO();
|
|
demo.setUserId("3f7f852ce22c511aa67ecb695395295d");
|
|
result = new Result<>();
|
|
result.ok(demo);*/
|
|
//test end
|
|
|
|
if (!result.success() || null == result.getData() || null == result.getData().getUserId()) {
|
|
log.warn("根据手机号查询PC工作端登陆人员信息失败,返回10003账号不存在,param:{}", JSON.toJSONString(form));
|
|
throw new RenException(EpmetErrorCode.ERR10003.getCode());
|
|
}
|
|
|
|
//4、生成token返回,且将TokenDto存到redis
|
|
//生成业务token
|
|
GovWebOperLoginResultDTO epmetUser = result.getData();
|
|
|
|
|
|
String token = this.generateToken(formDTO.getApp(), formDTO.getClient(), epmetUser.getUserId());
|
|
//存放Redis
|
|
|
|
this.disposeTokenDto(formDTO.getApp(), formDTO.getClient(), epmetUser.getUserId(), token, thirdUser.getCustomerId());
|
|
UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO();
|
|
userTokenResultDTO.setToken(token);
|
|
userTokenResultDTO.setCustomerId(thirdUser.getCustomerId());
|
|
return userTokenResultDTO;
|
|
}
|
|
|
|
@Override
|
|
public UserTokenResultDTO checkTicket(SsoCheckTicketFormDTO form) throws IOException {
|
|
CloseableHttpClient httpclient = null;
|
|
CloseableHttpResponse response = null;
|
|
UserTokenResultDTO userTokenResultDTO = null;
|
|
try {
|
|
httpclient = HttpClients.createDefault();
|
|
HttpPost httpPost = new HttpPost(SsoConstant.TICKET_TOKEN_URL);
|
|
JSONObject infoJson = new JSONObject();
|
|
infoJson.put("ticket", form.getTicket());
|
|
StringEntity stringEntity = new StringEntity(infoJson.toString(), "UTF-8");
|
|
stringEntity.setContentEncoding("UTF-8");
|
|
stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
|
httpPost.setEntity(stringEntity);
|
|
response = httpclient.execute(httpPost);
|
|
HttpEntity entity = response.getEntity();
|
|
if (entity != null) {
|
|
EntityUtils.toString(entity, "UTF-8");
|
|
}
|
|
JSONObject result = JSONObject.parseObject(EntityUtils.toString(entity));
|
|
if (result.getString("code").equals("200")) {
|
|
String ticket = result.getString("data");
|
|
String timestamp = String.valueOf(System.currentTimeMillis());
|
|
String nonce = RandomUtil.randomString(18);
|
|
httpPost = new HttpPost(SsoConstant.USER_INFO_URL);
|
|
infoJson = new JSONObject();
|
|
infoJson.put("loginId", ticket);
|
|
infoJson.put("timestamp", timestamp);
|
|
infoJson.put("nonce", nonce);
|
|
infoJson.put("sign", Md5Params(ticket, timestamp, nonce));
|
|
String params = DigestUtils.md5Hex(infoJson.toString().getBytes(StandardCharsets.UTF_8));
|
|
stringEntity = new StringEntity(params, "UTF-8");
|
|
stringEntity.setContentEncoding("UTF-8");
|
|
stringEntity.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
|
httpPost.setEntity(stringEntity);
|
|
response = httpclient.execute(httpPost);
|
|
entity = response.getEntity();
|
|
if (entity != null) {
|
|
EntityUtils.toString(entity, "UTF-8");
|
|
}
|
|
result = JSONObject.parseObject(EntityUtils.toString(entity));
|
|
if (result.getString("code").equals("200")) {
|
|
JSONObject data = JSONObject.parseObject(result.getString("data"));
|
|
String mobile = data.getString("phone");
|
|
String password = data.getString("password");
|
|
//1、根据手机号查询政府端工作人员基本信息,校验用户是否存在
|
|
Result<List<CustomerStaffDTO>> staffData = epmetUserFeignClient.checkCustomerStaff(mobile);
|
|
String customerId = "";
|
|
String userId = "";
|
|
if (null != staffData && staffData.getData().size() > 0) {
|
|
//2、根据客户Id和手机号查询登陆用户信息(代码逻辑来源于web端登陆接口)
|
|
CustomerStaffDTO staffDTO = staffData.getData().get(0);
|
|
customerId = staffDTO.getCustomerId();
|
|
userId = staffDTO.getUserId();
|
|
GovWebOperLoginFormDTO checkDto = new GovWebOperLoginFormDTO();
|
|
checkDto.setCustomerId(staffDTO.getCustomerId());
|
|
checkDto.setMobile(staffDTO.getMobile());
|
|
GovWebOperLoginResultDTO resData = epmetUserFeignClient.getStaffIdAndPwd(checkDto).getData();
|
|
if (null == resData || null == resData.getUserId()) {
|
|
log.warn("根据手机号查询PC工作端登陆人员信息失败,返回10003账号不存在");
|
|
throw new EpmetException(EpmetErrorCode.ERR10003.getCode());
|
|
}
|
|
//3、未禁用enable,已禁用disabled
|
|
if ("disabled".equals(resData.getEnableFlag())) {
|
|
throw new EpmetException(EpmetErrorCode.GOV_STAFF_DISABLED.getCode(),
|
|
String.format("当前账号已被禁用staffId:%s", resData.getUserId()),
|
|
EpmetErrorCode.GOV_STAFF_DISABLED.getMsg());
|
|
}
|
|
GovWebOperLoginResultDTO resultDTO = resData;
|
|
//4.密码是否正确
|
|
if (!PasswordUtils.matches(password, resultDTO.getPassWord())) {
|
|
log.warn("登陆密码错误");
|
|
throw new EpmetException(EpmetErrorCode.ERR10004.getCode(), "登陆密码错误!");
|
|
}
|
|
}
|
|
//5.生成token存到redis并返回
|
|
userTokenResultDTO = new UserTokenResultDTO();
|
|
userTokenResultDTO.setCustomerId(customerId);
|
|
String token = generateToken(AppClientConstant.APP_GOV, AppClientConstant.CLIENT_SSO, userId);
|
|
userTokenResultDTO.setToken(token);
|
|
disposeTokenDto(AppClientConstant.APP_GOV, AppClientConstant.CLIENT_SSO, userId, token, customerId);
|
|
// 6.发送登录事件
|
|
try {
|
|
SpringContextUtils.getBean(ThirdLoginService.class).sendLoginEvent(userId, "数字社区登录",
|
|
AppClientConstant.APP_GOV,
|
|
AppClientConstant.CLIENT_SSO,
|
|
AuthOperationConstants.LOGIN);
|
|
|
|
} catch (Exception e) {
|
|
log.error("【数字社区web端登录】发送登录事件失败,程序继续执行。错误信息");
|
|
}
|
|
}
|
|
} else {
|
|
log.error("校验失败,没有查询到Ticket为:'" + form.getTicket() + "'的人员信息", result.getString("msg"));
|
|
throw new EpmetException(EpmetErrorCode.ERR10008.getCode(), "校验失败,没有查询到Ticket为:'" + form.getTicket() + "'的人员信息");
|
|
}
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
} finally {
|
|
if (null != httpclient) {
|
|
httpclient.close();
|
|
response.close();
|
|
}
|
|
}
|
|
return userTokenResultDTO;
|
|
}
|
|
|
|
/**
|
|
* 签名
|
|
*
|
|
* @param loginId
|
|
* @return
|
|
*/
|
|
private String Md5Params(String loginId, String timestamp, String nonce) {
|
|
String prefix = "=${";
|
|
String suffix = "}&";
|
|
StringBuilder builder = new StringBuilder();
|
|
builder.append("loginId").append(prefix).append(loginId).append(suffix);
|
|
builder.append("nonce").append(prefix).append(nonce).append(suffix);
|
|
builder.append("timestamp").append(prefix).append(timestamp).append(suffix);
|
|
builder.append("key").append("={").append(SsoConstant.SECRET_KEY).append("}");
|
|
return SecureUtil.md5(builder.toString());
|
|
}
|
|
|
|
|
|
/**
|
|
* @Description token放缓存
|
|
* @Param formDTO
|
|
* @Param userId
|
|
* @Param token
|
|
* @Param customerId
|
|
* @author zxc
|
|
* @date 2021/1/18 下午5:32
|
|
*/
|
|
public void disposeTokenDto(String app, String client, String userId, String token, String customerId) {
|
|
int expire = jwtTokenProperties.getExpire();
|
|
TokenDto tokenDto = new TokenDto();
|
|
tokenDto.setCustomerId(customerId);
|
|
tokenDto.setApp(app);
|
|
tokenDto.setClient(client);
|
|
tokenDto.setUserId(userId);
|
|
tokenDto.setToken(token);
|
|
tokenDto.setUpdateTime(System.currentTimeMillis());
|
|
tokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
|
|
ssoRedis.set(tokenDto, expire);
|
|
log.info("截止时间:" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
|
|
}
|
|
|
|
/**
|
|
* @Description 居民端登陆生成业务token的key
|
|
* @Param app
|
|
* @Param client
|
|
* @Param userId
|
|
* @author zxc
|
|
* @date 2021/1/18 下午5:14
|
|
*/
|
|
private String generateToken(String app, String client, String userId) {
|
|
Map<String, Object> map = new HashMap<>(16);
|
|
map.put("app", app);
|
|
map.put("client", client);
|
|
map.put("userId", userId);
|
|
String token = jwtTokenUtils.createToken(map);
|
|
log.info("app:" + app + ";client:" + client + ";userId:" + userId + ";生成token[" + token + "]");
|
|
return token;
|
|
}
|
|
|
|
/**
|
|
* @Description 获取customerId
|
|
* @Param appId
|
|
* @author zxc
|
|
* @date 2021/1/19 下午1:47
|
|
*/
|
|
public String getCustomerId(String appId) {
|
|
JSONObject jsonObject = new JSONObject();
|
|
String customerMsgUrl = epmetThirdUrlPrefix + "/api/third/customermp/getcustomermsg/";
|
|
String data = HttpClientManager.getInstance().sendPostByJSON(customerMsgUrl + appId, JSON.toJSONString(jsonObject)).getData();
|
|
log.info("调用third服务,根据appId查询客户信息:httpclient->url:" + customerMsgUrl + ",结果->" + data);
|
|
JSONObject toResult = JSON.parseObject(data);
|
|
Result mapToResult = ConvertUtils.mapToEntity(toResult, Result.class);
|
|
if (null != toResult.get("code")) {
|
|
mapToResult.setCode(((Integer) toResult.get("code")).intValue());
|
|
}
|
|
if (!mapToResult.success()) {
|
|
log.error(String.format("根据appId查询客户信息失败,对应appId->" + appId));
|
|
throw new RenException(mapToResult.getMsg());
|
|
}
|
|
Object publicCustomerResultDTO = mapToResult.getData();
|
|
JSONObject json = JSON.parseObject(publicCustomerResultDTO.toString());
|
|
Map<String, Object> map = (Map) json.get("customer");
|
|
PaCustomerDTO customer = ConvertUtils.mapToEntity(map, PaCustomerDTO.class);
|
|
log.info("小程序登陆third服务获取客户用户信息PaCustomerDTO->" + customer);
|
|
return customer.getId();
|
|
}
|
|
|
|
/**
|
|
* @param formDTO
|
|
* @Author sun
|
|
* @Description 1、ticket自动登录获取内部token
|
|
**/
|
|
@Override
|
|
public UserTokenResultDTO ssoWorkLogin(SsoWorkLoginFormDTO formDTO) {
|
|
|
|
//1.根据appId查询客户id
|
|
String customerId = getCustomerId(formDTO.getAppId());
|
|
//String customerId = "3a4f923665a7a07701bcb311aac9a156";
|
|
|
|
//2.客户Id换取第三方apiService,根据ticket换取华为Id
|
|
Result<ThirdplatApiserviceResultDTO> apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(customerId));
|
|
if (!apiServiceResult.success()) {
|
|
throw new RenException("【SSO登录】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg());
|
|
}
|
|
if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) {
|
|
throw new RenException("【SSO登录】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString());
|
|
}
|
|
ThirdPlatUserInfo userInfo;
|
|
try {
|
|
AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName());
|
|
userInfo = apiService.getGUserInfoBySSOToken(formDTO.getToken());
|
|
} catch (Exception e) {
|
|
throw new RenException(e.getMessage());
|
|
}
|
|
if (null == userInfo) {
|
|
throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(),
|
|
"【SSO登录】调用第三方平台查询用户信息失败,用户信息为空");
|
|
}
|
|
|
|
//3.根据华为openId查询用户是否存在历史登陆信息
|
|
Result<StaffLatestAgencyResultDTO> latestStaffWechat = epmetUserOpenFeignClient.getLatestStaffWechatLoginRecord(userInfo.getOpenId());
|
|
if (!latestStaffWechat.success() || null == latestStaffWechat.getData()) {
|
|
log.warn(String.format("没有获取到用户最近一次登录账户信息,code[%s],msg[%s]", EpmetErrorCode.PLEASE_LOGIN.getCode(), EpmetErrorCode.PLEASE_LOGIN.getMsg()));
|
|
throw new RenException(EpmetErrorCode.PLEASE_LOGIN.getCode());
|
|
}
|
|
StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = latestStaffWechat.getData();
|
|
|
|
//4.记录staff_wechat
|
|
this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), userInfo.getOpenId());
|
|
|
|
//5.记录登录日志
|
|
this.saveStaffLoginRecord(staffLatestAgencyResultDTO);
|
|
|
|
//6.获取用户token
|
|
String token = this.generateGovWxmpToken(staffLatestAgencyResultDTO.getStaffId(), formDTO.getApp(), formDTO.getClient());
|
|
|
|
//7.保存到redis
|
|
this.saveLatestGovTokenDto(staffLatestAgencyResultDTO, userInfo, token);
|
|
UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO();
|
|
userTokenResultDTO.setToken(token);
|
|
|
|
return userTokenResultDTO;
|
|
|
|
}
|
|
|
|
/**
|
|
* @param userId openid
|
|
* @Author sun
|
|
* @Description 保存微信和当前登录用户关系
|
|
**/
|
|
private Result savestaffwechat(String userId, String openid) {
|
|
StaffWechatFormDTO staffWechatFormDTO = new StaffWechatFormDTO();
|
|
staffWechatFormDTO.setUserId(userId);
|
|
staffWechatFormDTO.setWxOpenId(openid);
|
|
return epmetUserOpenFeignClient.saveStaffWechat(staffWechatFormDTO);
|
|
}
|
|
|
|
/**
|
|
* @param latestStaffWechatLoginDTO
|
|
* @Author sun
|
|
* @Description 保存登录日志
|
|
**/
|
|
private Result saveStaffLoginRecord(StaffLatestAgencyResultDTO latestStaffWechatLoginDTO) {
|
|
StaffLoginAgencyRecordFormDTO staffLoginAgencyRecordFormDTO = new StaffLoginAgencyRecordFormDTO();
|
|
staffLoginAgencyRecordFormDTO.setCustomerId(latestStaffWechatLoginDTO.getCustomerId());
|
|
staffLoginAgencyRecordFormDTO.setStaffId(latestStaffWechatLoginDTO.getStaffId());
|
|
staffLoginAgencyRecordFormDTO.setWxOpenId(latestStaffWechatLoginDTO.getWxOpenId());
|
|
staffLoginAgencyRecordFormDTO.setMobile(latestStaffWechatLoginDTO.getMobile());
|
|
staffLoginAgencyRecordFormDTO.setAgencyId(latestStaffWechatLoginDTO.getAgencyId());
|
|
Result staffLoginRecordResult = epmetUserOpenFeignClient.saveStaffLoginRecord(staffLoginAgencyRecordFormDTO);
|
|
return staffLoginRecordResult;
|
|
}
|
|
|
|
/**
|
|
* @Description 生成政府端小程序业务token Key
|
|
* @Author sun
|
|
**/
|
|
private String generateGovWxmpToken(String staffId, String app, String client) {
|
|
Map<String, Object> map = new HashMap<>();
|
|
map.put("app", app);
|
|
map.put("client", client);
|
|
map.put("userId", staffId);
|
|
String token = jwtTokenUtils.createToken(map);
|
|
log.info("app:" + app + ";client:" + client + ";userId:" + staffId + ";生成token[" + token + "]");
|
|
return token;
|
|
}
|
|
|
|
/**
|
|
* @Description 保存tokenDto到redis
|
|
* @Author sun
|
|
**/
|
|
private void saveLatestGovTokenDto(StaffLatestAgencyResultDTO staffLatestAgency, ThirdPlatUserInfo userInfo, String token) {
|
|
int expire = jwtTokenProperties.getExpire();
|
|
GovTokenDto govTokenDto = new GovTokenDto();
|
|
govTokenDto.setApp(LoginConstant.APP_GOV);
|
|
govTokenDto.setClient(LoginConstant.CLIENT_APP);
|
|
govTokenDto.setUserId(staffLatestAgency.getStaffId());
|
|
govTokenDto.setOpenId(userInfo.getOpenId());
|
|
govTokenDto.setSessionKey("");
|
|
govTokenDto.setUnionId("");
|
|
govTokenDto.setToken(token);
|
|
govTokenDto.setUpdateTime(System.currentTimeMillis());
|
|
govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
|
|
govTokenDto.setRootAgencyId(staffLatestAgency.getAgencyId());
|
|
govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
|
|
|
|
//设置部门,网格,角色列表
|
|
govTokenDto.setDeptIdList(getDeptartmentIdList(staffLatestAgency.getStaffId()));
|
|
govTokenDto.setGridIdList(getGridIdList(staffLatestAgency.getStaffId()));
|
|
CustomerAgencyDTO agency = getAgencyByStaffId(staffLatestAgency.getStaffId());
|
|
if (agency != null) {
|
|
govTokenDto.setAgencyId(agency.getId());
|
|
govTokenDto.setRoleList(queryGovStaffRoles(staffLatestAgency.getStaffId(), agency.getId()));
|
|
}
|
|
govTokenDto.setOrgIdPath(getOrgIdPath(staffLatestAgency.getStaffId()));
|
|
|
|
cpUserDetailRedis.set(govTokenDto, expire);
|
|
log.info("截止时间:" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
|
|
}
|
|
|
|
public Set<String> getDeptartmentIdList(String staffId) {
|
|
try {
|
|
Result<List<DepartmentListResultDTO>> deptListResult = govOrgOpenFeignClient.getDepartmentListByStaffId(staffId);
|
|
if (deptListResult.success()) {
|
|
if (!CollectionUtils.isEmpty(deptListResult.getData())) {
|
|
Set<String> deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet());
|
|
return deptIdLists;
|
|
}
|
|
} else {
|
|
log.error("登录:查询部门列表,远程调用返回错误:{}", deptListResult.getMsg());
|
|
}
|
|
} catch (Exception e) {
|
|
String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
|
|
log.error("登录:查询部门列表异常:{}", errorStackTrace);
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* 根据工作人员ID查询网格ID列表
|
|
*
|
|
* @param staffId
|
|
*/
|
|
public Set<String> getGridIdList(String staffId) {
|
|
Result<List<GridByStaffResultDTO>> result = govOrgOpenFeignClient.listGridsbystaffid(staffId);
|
|
if (!result.success()) {
|
|
log.error("登录:查询网格列表,远程调用返回错误:{}", result.getMsg());
|
|
return null;
|
|
} else {
|
|
List<GridByStaffResultDTO> grids = result.getData();
|
|
return grids.stream().map(grid -> grid.getGridId()).collect(Collectors.toSet());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 根据staffId查询所属的组织机构
|
|
*
|
|
* @param staffId
|
|
*/
|
|
public CustomerAgencyDTO getAgencyByStaffId(String staffId) {
|
|
Result<CustomerAgencyDTO> result = govOrgOpenFeignClient.getAgencyByStaff(staffId);
|
|
if (!result.success()) {
|
|
log.error("登录:查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
|
|
return null;
|
|
}
|
|
return result.getData();
|
|
}
|
|
|
|
/**
|
|
* 查询人员在某机关单位下的角色列表
|
|
*
|
|
* @param staffId orgId
|
|
*/
|
|
public List<GovTokenDto.Role> queryGovStaffRoles(String staffId, String orgId) {
|
|
StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
|
|
formDTO.setStaffId(staffId);
|
|
formDTO.setOrgId(orgId);
|
|
Result<List<GovStaffRoleDTO>> gridResult = epmetUserOpenFeignClient.getRolesOfStaff(formDTO);
|
|
if (!CollectionUtils.isEmpty(gridResult.getData())) {
|
|
//return gridResult.getData().stream().map(role -> role.getId()).collect(Collectors.toSet());
|
|
return ConvertUtils.sourceToTarget(gridResult.getData(), GovTokenDto.Role.class);
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* 查询工作人员的OrgIdPath
|
|
*
|
|
* @param staffId
|
|
*/
|
|
public String getOrgIdPath(String staffId) {
|
|
Result<CustomerAgencyDTO> result = govOrgOpenFeignClient.getAgencyByStaff(staffId);
|
|
if (!result.success()) {
|
|
log.error("登录:查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
|
|
return null;
|
|
}
|
|
CustomerAgencyDTO agency = result.getData();
|
|
if (agency != null) {
|
|
if ("0".equals(agency.getPid())) {
|
|
// 顶级
|
|
return agency.getId();
|
|
} else {
|
|
return agency.getPids().concat(":").concat(agency.getId());
|
|
}
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* @param formDTO
|
|
* @Author sun
|
|
* @Description 4、自动进入组织-返回token
|
|
**/
|
|
@Override
|
|
public UserTokenResultDTO enterOrg(SsoEnteOrgFormDTO formDTO) {
|
|
//1、需要校验要登录的客户,是否被禁用
|
|
CustomerStaffFormDTO customerStaffFormDTO = new CustomerStaffFormDTO();
|
|
customerStaffFormDTO.setCustomerId(formDTO.getCustomerId());
|
|
customerStaffFormDTO.setMobile(formDTO.getMobile());
|
|
Result<CustomerStaffDTO> customerStaffDTOResult = epmetUserOpenFeignClient.getCustomerStaffInfo(customerStaffFormDTO);
|
|
if (!customerStaffDTOResult.success() || null == customerStaffDTOResult.getData()) {
|
|
log.warn(String.format("获取工作人员信息失败,手机号[%s],客户id:[%s],code[%s],msg[%s]", formDTO.getMobile(), formDTO.getCustomerId(), customerStaffDTOResult.getCode(), customerStaffDTOResult.getMsg()));
|
|
throw new RenException(customerStaffDTOResult.getCode());
|
|
}
|
|
CustomerStaffDTO customerStaff = customerStaffDTOResult.getData();
|
|
|
|
//2.客户Id换取第三方apiService,根据ticket换取华为Id
|
|
Result<ThirdplatApiserviceResultDTO> apiServiceResult = operCrmOpenFeignClient.getApiServiceByCustomerId(new ApiServiceFormDTO(formDTO.getCustomerId()));
|
|
if (!apiServiceResult.success()) {
|
|
throw new RenException("【SSO enterOrg】调用OperCrm获取ApiService接口失败:", apiServiceResult.getInternalMsg());
|
|
}
|
|
if (apiServiceResult.getData() == null || StringUtils.isBlank(apiServiceResult.getData().getApiServiceName())) {
|
|
throw new RenException("【SSO enterOrg】调用OperCrm获取ApiService,查询到的结果为空:", apiServiceResult.toString());
|
|
}
|
|
ThirdPlatUserInfo userInfo;
|
|
try {
|
|
AbstractApiService apiService = (AbstractApiService) SpringContextUtils.getBean(apiServiceResult.getData().getApiServiceName());
|
|
userInfo = apiService.getGUserInfoBySSOToken(formDTO.getToken());
|
|
} catch (Exception e) {
|
|
throw new RenException(e.getMessage());
|
|
}
|
|
if (null == userInfo) {
|
|
throw new RenException(EpmetErrorCode.THIRD_PLAT_REQUEST_ERROR.getCode(),
|
|
"【SSO enterOrg】调用第三方平台查询用户信息失败,用户信息为空");
|
|
}
|
|
|
|
//3、记录staff_wechat,并记录用户激活状态,激活时间
|
|
this.savestaffwechat(customerStaff.getUserId(), userInfo.getOpenId());
|
|
|
|
//4、记录登录日志
|
|
StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = new StaffLatestAgencyResultDTO();
|
|
staffLatestAgencyResultDTO.setCustomerId(formDTO.getCustomerId());
|
|
staffLatestAgencyResultDTO.setStaffId(customerStaff.getUserId());
|
|
staffLatestAgencyResultDTO.setWxOpenId(userInfo.getOpenId());
|
|
staffLatestAgencyResultDTO.setMobile(formDTO.getMobile());
|
|
staffLatestAgencyResultDTO.setAgencyId(formDTO.getRootAgencyId());
|
|
this.saveStaffLoginRecord(staffLatestAgencyResultDTO);
|
|
|
|
//5.1、获取用户token
|
|
String token = this.generateGovWxmpToken(customerStaff.getUserId(), formDTO.getApp(), formDTO.getClient());
|
|
//5.2、保存到redis
|
|
StaffLatestAgencyResultDTO staffLatestAgency = new StaffLatestAgencyResultDTO();
|
|
staffLatestAgency.setAgencyId(formDTO.getRootAgencyId());
|
|
staffLatestAgency.setCustomerId(formDTO.getCustomerId());
|
|
staffLatestAgency.setStaffId(customerStaff.getUserId());
|
|
this.saveLatestGovTokenDto(staffLatestAgency, userInfo, token);
|
|
|
|
UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO();
|
|
userTokenResultDTO.setToken(token);
|
|
return userTokenResultDTO;
|
|
}
|
|
|
|
|
|
// public static void main(String[] args) {
|
|
// String url = "https://epmet-ext9.elinkservice.cn/platform/unifiedAuth/loginCheck";
|
|
// String platformToken = "1348803062424166401_dd08e23b0d524879a5c67e7f2ffd1468";
|
|
// String appId = "7a5aec009ba4eba8e254ee64fe3775e1";
|
|
// String appKey = "14faef9af508d1c253b720ea5a43f9de";
|
|
// String appSecret = "38e7c2604c8dd33c445705d25eebbfc12a2f7ed8a87111e9e10a40312d3a1595";
|
|
// long ts = System.currentTimeMillis();
|
|
// String message = appId + appKey + appSecret + ts;
|
|
// String accessToken = DigestUtils.md5Hex(message.getBytes(StandardCharsets.UTF_8));
|
|
// //ThirdPlatformEnum platformEnum = ThirdPlatformEnum.getEnum("pyld");
|
|
// JSONObject jsonObject = new JSONObject();
|
|
// jsonObject.put("platformToken", platformToken);
|
|
//
|
|
// Map<String, Object> headerMap = new HashMap<>(4);
|
|
// headerMap.put("AppKey", appKey);
|
|
// headerMap.put("Timestamp", ts);
|
|
// headerMap.put("AccessToken", accessToken);
|
|
// Result<String> stringResult = HttpClientManager.getInstance().sendPost(url, url.startsWith("https://"), jsonObject.toJSONString(), headerMap);
|
|
// System.out.println(stringResult);
|
|
// }
|
|
}
|
|
|