统一业务系统系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
ludc
2025-03-05 27cddefb0cb28da699954ba1a1756d6bcabafbbe 
 Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java


@@ -3,8 +3,10 @@


import com.alibaba.fastjson.JSON;


import com.vci.ubcs.code.entity.TokenUserObject;


import com.vci.ubcs.code.service.IPasswordFreeLoginService;


import com.vci.ubcs.code.util.HttpUtils;


import com.vci.ubcs.starter.util.HttpUtils;


import com.vci.ubcs.system.cache.NacosConfigCache;


import io.jsonwebtoken.Claims;


import lombok.extern.slf4j.Slf4j;


import org.apache.http.auth.AuthenticationException;


import org.springblade.core.jwt.JwtUtil;


import org.springblade.core.jwt.props.JwtProperties;


@@ -30,7 +32,10 @@


import javax.servlet.http.HttpServletRequest;


import java.util.List;


import java.util.Map;


import java.util.logging.Logger;




import static com.vci.ubcs.starter.util.AESUtils.aesDecrypt;


import static com.vci.ubcs.starter.util.AESUtils.aesEncrypt;


import static org.springblade.core.secure.utils.AuthUtil.parseJWT;




/**


@@ -39,17 +44,30 @@


 * @date 2023/9/11 15:45


 */


@Service


@Slf4j


public class PasswordFreeLoginServiceImpl implements IPasswordFreeLoginService {




   // 通过服务注册中心获取网关的端口号


   @Autowired


   private DiscoveryClient discoveryClient;




   // 配置的免密登录的账号所属的租户id


   @Value("${password-free.pwd-free-tenant-id}")


   // 配置的token在redis中的生存时间


   @Value("${password-free.pwd-free-tenant-id:000000}")


   private String pwdFreeTenantId;


   @Value("${password-free.token-redis-expire}")




   // 配置的token在redis中的生存时间


   @Value("${password-free.token-redis-expire:36000}")


   private Long tokenRedisExpire;




   @Value("${password-free.pwd-free-addr:localhost}")


   private String pwdFreeAddr;




   @Value("${password-free.client-id:a104c4fd2f0e4958}")


   private String clientId;//应用ID




   @Value("${password-free.secret-key:9fbd170bd83eb869}")


   private String secretKey;//应用秘钥




   @Autowired


   private BladeRedis bladeRedis;




@@ -74,39 +92,24 @@


   /**


    * 免密登录,改变当前webservice请求的header


    * @param userName 账号


    * @return


    * @param servletRequest


    * @return boolean


    * @throws AuthenticationException


    */


   @Override


   public boolean passwordFreeLogin(String userName, ServletRequest servletRequest) throws AuthenticationException {


   public boolean pwdFreeLoginByBoolean(String userName, ServletRequest servletRequest) throws AuthenticationException {


      //进来先判断缓存中是否存在token


      // 请求来自己哪个ip地址


      HttpServletRequest request = (HttpServletRequest) servletRequest;


      String ipAddr = request.getRemoteAddr();


      // 先尝试从缓存当中取,存在就直接从缓存中获取


      String authToken = bladeRedis.get(PWD_FREE_LOGIN_TOKEN+ipAddr+":"+userName);


      BladeUser user = null;


      // 解析token存放进attr中


      String token2 = JwtUtil.getToken(authToken);


      BladeUser user = this.getUser(token2);


      //不存在就请求


      if(Func.isEmpty(authToken)){


         // 免密登录接口地址


         String loginUrl = "http://localhost:"+this.getGatewayPort("ubcs-gateway")+"/ubcs-auth/oauth/token";


         // 请求ubcs-auth服务获取token,先设置请求头


         HttpHeaders headers = new HttpHeaders();


         headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);


         headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");


         headers.set("Tenant-Id", pwdFreeTenantId);


         //设置请求体参数


         MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();


         parameters.add("username",userName);


         parameters.add("grant_type", "passwordfree");


         parameters.add("scope", "all");


         parameters.add("type", "account");


         String responseBody = null;


         try {


            // 发送POST请求


            responseBody = HttpUtils.post(loginUrl, parameters,headers);


         }catch (Exception e){


            throw new AuthenticationException("调用鉴权服务ubcs-auth失败,原因:"+e.getMessage());


         }


      if(Func.isEmpty(authToken) || Func.isEmpty(user) || !user.getTenantId().equals(NacosConfigCache.getAdminUserInfo().getTenantId())){


         String responseBody = this.passwordFreeLogin(userName);


         //拿到响应体其中包含token,用request中的ip地址作为键值,将token存入缓存


         TokenUserObject tokenUserObject = null;


         try {


@@ -118,13 +121,69 @@


         authToken = "bearer " + tokenUserObject.getAccess_token();


         // 将token存入缓存当中,过期时间为24小时


         bladeRedis.setEx(PWD_FREE_LOGIN_TOKEN+ipAddr+":"+userName,"bearer "+tokenUserObject.getAccess_token(),tokenRedisExpire);


         token2 = JwtUtil.getToken(authToken);


         user = this.getUser(token2);


      }


      // 解析token存放进attr中


      String token2 = JwtUtil.getToken(authToken);


      user = this.getUser(token2);


      //request.setAttribute("Blade-Auth",token);


      request.setAttribute("Blade-Auth",authToken);


      request.setAttribute("_BLADE_USER_REQUEST_ATTR_",user);


      request.setAttribute("Authorization",authToken);


      return true;


   }




   /**


    * 免密登录请求发送


    * @param userName 账号


    * @return 返回token


    * @throws AuthenticationException


    */


   @Override


   public String passwordFreeLogin(String userName) throws AuthenticationException {


      // 免密登录接口地址


      String loginUrl = "http://"+pwdFreeAddr+":"+this.getGatewayPort("ubcs-gateway")+"/ubcs-auth/oauth/token";


      log.debug("当前免密登录调用地址:"+loginUrl);


      // 请求ubcs-auth服务获取token,先设置请求头


      HttpHeaders headers = new HttpHeaders();


      headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);


      headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");


      headers.set("Tenant-Id", pwdFreeTenantId);


      //设置请求体参数


      MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();


      parameters.add("username",userName);


      parameters.add("grant_type", "passwordfree");


      parameters.add("scope", "all");


      parameters.add("type", "account");


      String responseBody = null;


      try {


         // 发送POST请求


         responseBody = HttpUtils.post(loginUrl, parameters,headers);


      }catch (Exception e){


         throw new AuthenticationException("调用鉴权服务ubcs-auth失败,原因:"+e.getMessage());


      }


      return responseBody;


   }




   /**


    * 单点登录


    * @param empCode


    * @return


    * @throws Exception


    */


   @Override


   public String ssoFreeLogin(String empCode) throws Exception {


      if(Func.isBlank(empCode)){


         throw new ServiceException("未获取到empCode参数");


      }


      String enStr2;


      try {


         String enStr1 = aesDecrypt(empCode, secretKey);


         enStr2 = aesDecrypt(enStr1, clientId);


      }catch (Exception e){


         throw new ServiceException("empCode参数解密失败!原因:"+e.getMessage());


      }


      // 解密


      log.debug("单点登录参数解密后:"+enStr2);


      String token = this.passwordFreeLogin(enStr2);


      return token;


   }




   /**


@@ -186,11 +245,9 @@


      if (StringUtil.isNotBlank(authToken)) {


         token = JwtUtil.getToken(authToken);


      }




      if (StringUtil.isNotBlank(token)) {


         claims = parseJWT(token);


      }




      if (ObjectUtil.isNotEmpty(claims) && getJwtProperties().getState()) {


         tenantId = Func.toStr(claims.get("tenant_id"));


         String userId = Func.toStr(claims.get("user_id"));


@@ -210,6 +267,5 @@




      return jwtProperties;


   }






}