|
|
|
@ -1,13 +1,13 @@ |
|
|
|
package org.springblade.auth.granter; |
|
|
|
package org.springblade.auth.granter; |
|
|
|
|
|
|
|
|
|
|
|
import com.yawei.pso.DateHelper; |
|
|
|
import com.yawei.pso.DateHelper; |
|
|
|
import com.yawei.pso.PSORequest; |
|
|
|
|
|
|
|
import com.yawei.pso.SSOResponse; |
|
|
|
import com.yawei.pso.SSOResponse; |
|
|
|
import com.yawei.pso.TicketManager; |
|
|
|
import com.yawei.pso.TicketManager; |
|
|
|
import com.yawei.pso.security.Encrypter; |
|
|
|
import com.yawei.pso.security.Encrypter; |
|
|
|
import org.springblade.auth.constant.AuthConstant; |
|
|
|
import org.springblade.auth.constant.AuthConstant; |
|
|
|
import org.springblade.auth.service.BladeUserDetails; |
|
|
|
import org.springblade.auth.service.BladeUserDetails; |
|
|
|
import org.springblade.auth.utils.TokenUtil; |
|
|
|
import org.springblade.auth.utils.TokenUtil; |
|
|
|
|
|
|
|
import org.springblade.auth.utils.YaweiConstant; |
|
|
|
import org.springblade.core.tool.api.R; |
|
|
|
import org.springblade.core.tool.api.R; |
|
|
|
import org.springblade.core.tool.utils.*; |
|
|
|
import org.springblade.core.tool.utils.*; |
|
|
|
import org.springblade.system.feign.IDictBizClient; |
|
|
|
import org.springblade.system.feign.IDictBizClient; |
|
|
|
@ -35,9 +35,6 @@ import java.util.Map; |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
|
|
|
|
|
|
|
|
private static final String GRANT_TYPE = "yawei"; |
|
|
|
|
|
|
|
private static final Integer AUTH_SUCCESS_CODE = 2000; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private final IUserClient userClient; |
|
|
|
private final IUserClient userClient; |
|
|
|
private final IDictBizClient dictBizClient; |
|
|
|
private final IDictBizClient dictBizClient; |
|
|
|
|
|
|
|
|
|
|
|
@ -45,7 +42,7 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
ClientDetailsService clientDetailsService, |
|
|
|
ClientDetailsService clientDetailsService, |
|
|
|
OAuth2RequestFactory requestFactory, |
|
|
|
OAuth2RequestFactory requestFactory, |
|
|
|
IUserClient userClient, IDictBizClient dictBizClient) { |
|
|
|
IUserClient userClient, IDictBizClient dictBizClient) { |
|
|
|
super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE); |
|
|
|
super(tokenServices, clientDetailsService, requestFactory, YaweiConstant.GRANT_TYPE); |
|
|
|
this.userClient = userClient; |
|
|
|
this.userClient = userClient; |
|
|
|
this.dictBizClient = dictBizClient; |
|
|
|
this.dictBizClient = dictBizClient; |
|
|
|
} |
|
|
|
} |
|
|
|
@ -65,7 +62,7 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
// 1. 未传ssotoken
|
|
|
|
// 1. 未传ssotoken
|
|
|
|
if (Func.isBlank(ssoToken)) { |
|
|
|
if (Func.isBlank(ssoToken)) { |
|
|
|
// 调用feign接口获取重定向地址
|
|
|
|
// 调用feign接口获取重定向地址
|
|
|
|
String redirectAddr = "http://jhoa.qd.gov.cn/Keeper.aspx"; |
|
|
|
String redirectAddr = YaweiConstant.REDIRECT_ADDR; |
|
|
|
R<String> bizResult = dictBizClient.getValue("redirectAddr", "redirectAddrKey"); |
|
|
|
R<String> bizResult = dictBizClient.getValue("redirectAddr", "redirectAddrKey"); |
|
|
|
// 若从字段配置中获取到重定向地址, 返回该地址, 否者返回默认地址
|
|
|
|
// 若从字段配置中获取到重定向地址, 返回该地址, 否者返回默认地址
|
|
|
|
if (bizResult.isSuccess() && Func.isNotBlank(bizResult.getData())) { |
|
|
|
if (bizResult.isSuccess() && Func.isNotBlank(bizResult.getData())) { |
|
|
|
@ -74,7 +71,7 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
|
|
|
|
|
|
|
|
// 获取回调地址
|
|
|
|
// 获取回调地址
|
|
|
|
String fallbackUrl = parameters.get("fallbackUrl"); |
|
|
|
String fallbackUrl = parameters.get("fallbackUrl"); |
|
|
|
fallbackUrl = Func.isBlank(fallbackUrl) ? "http://10.133.191.105/#/login" : fallbackUrl; |
|
|
|
fallbackUrl = Func.isBlank(fallbackUrl) ? YaweiConstant.FALLBACK_ADDR : fallbackUrl; |
|
|
|
Encrypter en = new Encrypter("qP70966AcZCQyXR+3P1mfjmqqxdkagom", "FnZ+19kJbQ8="); |
|
|
|
Encrypter en = new Encrypter("qP70966AcZCQyXR+3P1mfjmqqxdkagom", "FnZ+19kJbQ8="); |
|
|
|
String posStr = "PSOSite$" + en.EncryptString(DateHelper.getCurrentStrTime() + "|" + fallbackUrl + "|" + null + "|"); |
|
|
|
String posStr = "PSOSite$" + en.EncryptString(DateHelper.getCurrentStrTime() + "|" + fallbackUrl + "|" + null + "|"); |
|
|
|
// PSORequest psoRequest = new PSORequest(request);
|
|
|
|
// PSORequest psoRequest = new PSORequest(request);
|
|
|
|
@ -82,7 +79,7 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
try { |
|
|
|
try { |
|
|
|
redirectAddr = redirectAddr + "?SSOToken=" + URLEncoder.encode(posStr, "UTF-8"); |
|
|
|
redirectAddr = redirectAddr + "?SSOToken=" + URLEncoder.encode(posStr, "UTF-8"); |
|
|
|
} catch (Exception e) { |
|
|
|
} catch (Exception e) { |
|
|
|
throw new InvalidGrantException("回调地址加密失败!"); |
|
|
|
throw new InvalidGrantException(YaweiConstant.MSG_FALLBACK_ADDR_ENCODE_FAILE); |
|
|
|
} |
|
|
|
} |
|
|
|
throw new InvalidRequestException(redirectAddr); |
|
|
|
throw new InvalidRequestException(redirectAddr); |
|
|
|
} |
|
|
|
} |
|
|
|
@ -96,12 +93,12 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
tm = ssoResp.CreatePSOTicket(); |
|
|
|
tm = ssoResp.CreatePSOTicket(); |
|
|
|
result = userClient.userInfo(StringPool.EMPTY, tm.getUserID()); |
|
|
|
result = userClient.userInfo(StringPool.EMPTY, tm.getUserID()); |
|
|
|
} catch (Exception e) { |
|
|
|
} catch (Exception e) { |
|
|
|
throw new InvalidGrantException("SSOToken解析失败!"); |
|
|
|
throw new InvalidGrantException(YaweiConstant.MSG_SSO_TOKEN_DECODE_FAILE); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// 调用用户模块获取用户信息失败
|
|
|
|
// 调用用户模块获取用户信息失败
|
|
|
|
if (!result.isSuccess()) { |
|
|
|
if (!result.isSuccess()) { |
|
|
|
throw new InvalidGrantException("调用用户模块获取用户信息失败!"); |
|
|
|
throw new InvalidGrantException(YaweiConstant.MSG_GET_USER_INFO_FAILED); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// 3. 解析成功, 未找到用户
|
|
|
|
// 3. 解析成功, 未找到用户
|
|
|
|
@ -110,7 +107,7 @@ public class YaweiTokenGranter extends AbstractTokenGranter { |
|
|
|
|
|
|
|
|
|
|
|
// 用户不存在,但提示用户名与密码错误并锁定账号
|
|
|
|
// 用户不存在,但提示用户名与密码错误并锁定账号
|
|
|
|
if (user == null || user.getId() == null) { |
|
|
|
if (user == null || user.getId() == null) { |
|
|
|
throw new InvalidGrantException(TokenUtil.USER_NOT_FOUND); |
|
|
|
throw new InvalidGrantException(YaweiConstant.MSG_USER_NO_GRANT); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// 用户角色不存在
|
|
|
|
// 用户角色不存在
|
|
|
|
|
ytl
3 years ago