统一业务系统系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
xiejun
2023-09-21 52ffefd06e59cbd56c1a919972866592379cfed2 
 Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java


@@ -3,8 +3,9 @@


import com.alibaba.fastjson.JSON;


import com.vci.ubcs.code.entity.TokenUserObject;


import com.vci.ubcs.code.service.IPasswordFreeLoginService;


import com.vci.ubcs.code.util.HttpUtils;


import com.vci.ubcs.starter.util.HttpUtils;


import io.jsonwebtoken.Claims;


import lombok.extern.slf4j.Slf4j;


import org.apache.http.auth.AuthenticationException;


import org.springblade.core.jwt.JwtUtil;


import org.springblade.core.jwt.props.JwtProperties;


@@ -30,7 +31,10 @@


import javax.servlet.http.HttpServletRequest;


import java.util.List;


import java.util.Map;


import java.util.logging.Logger;




import static com.vci.ubcs.starter.util.AESUtils.aesDecrypt;


import static com.vci.ubcs.starter.util.AESUtils.aesEncrypt;


import static org.springblade.core.secure.utils.AuthUtil.parseJWT;




/**


@@ -39,15 +43,32 @@


 * @date 2023/9/11 15:45


 */


@Service


@Slf4j


public class PasswordFreeLoginServiceImpl implements IPasswordFreeLoginService {




   // 通过服务注册中心获取网关的端口号


   @Autowired


   private DiscoveryClient discoveryClient;


   @Value("${user-info.pwd-free-tenant-id}")




   // 配置的免密登录的账号所属的租户id


   @Value("${password-free.pwd-free-tenant-id:000000}")


   private String pwdFreeTenantId;




   // 配置的token在redis中的生存时间


   @Value("${password-free.token-redis-expire:36000}")


   private Long tokenRedisExpire;




   @Value("${password-free.pwd-free-addr:localhost}")


   private String pwdFreeAddr;




   @Value("${password-free.client-id:a104c4fd2f0e4958}")


   private String clientId;//应用ID




   @Value("${password-free.secret-key:9fbd170bd83eb869}")


   private String secretKey;//应用秘钥


   @Autowired


   private BladeRedis bladeRedis;




   // 缓存名


   public static final String PWD_FREE_LOGIN_TOKEN = "pwdFreeLogin:Token:";


   private static JwtProperties jwtProperties;


@@ -68,40 +89,25 @@




   /**


    * 免密登录,改变当前webservice请求的header


    * @param username 账号


    * @return


    * @param userName 账号


    * @param servletRequest


    * @return boolean


    * @throws AuthenticationException


    */


   @Override


   public boolean passwordFreeLogin(String username, ServletRequest servletRequest) throws AuthenticationException {


   public boolean pwdFreeLoginByBoolean(String userName, ServletRequest servletRequest) throws AuthenticationException {


      //进来先判断缓存中是否存在token


      // 请求来自己哪个ip地址


      HttpServletRequest request = (HttpServletRequest) servletRequest;


      String ipAddr = request.getRemoteAddr();


      // 先尝试从缓存当中取,存在就直接从缓存中获取


      String authToken = bladeRedis.get(PWD_FREE_LOGIN_TOKEN+ipAddr);


      BladeUser user = null;


      String authToken = bladeRedis.get(PWD_FREE_LOGIN_TOKEN+ipAddr+":"+userName);


      // 解析token存放进attr中


      String token2 = JwtUtil.getToken(authToken);


      BladeUser user = this.getUser(token2);


      //不存在就请求


      if(Func.isEmpty(authToken)){


         // 免密登录接口地址


         String loginUrl = "http://localhost:"+this.getGatewayPort("ubcs-gateway")+"/ubcs-auth/oauth/token";


         // 请求ubcs-auth服务获取token,先设置请求头


         HttpHeaders headers = new HttpHeaders();


         headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);


         headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");


         headers.set("Tenant-Id", pwdFreeTenantId);


         //设置请求体参数


         MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();


         parameters.add("username",username);


         parameters.add("grant_type", "passwordfree");


         parameters.add("scope", "all");


         parameters.add("type", "account");


         String responseBody = null;


         try {


            // 发送POST请求


            responseBody = HttpUtils.post(loginUrl, parameters,headers);


         }catch (Exception e){


            throw new AuthenticationException("调用鉴权服务ubcs-auth失败,原因:"+e.getMessage());


         }


      if(Func.isEmpty(authToken) || Func.isEmpty(user)){


         String responseBody = this.passwordFreeLogin(userName);


         //拿到响应体其中包含token,用request中的ip地址作为键值,将token存入缓存


         TokenUserObject tokenUserObject = null;


         try {


@@ -112,14 +118,70 @@


         // 拼接token格式


         authToken = "bearer " + tokenUserObject.getAccess_token();


         // 将token存入缓存当中,过期时间为24小时


         bladeRedis.setEx(PWD_FREE_LOGIN_TOKEN+ipAddr,"bearer "+tokenUserObject.getAccess_token(),60*60*60*24L);


         bladeRedis.setEx(PWD_FREE_LOGIN_TOKEN+ipAddr+":"+userName,"bearer "+tokenUserObject.getAccess_token(),tokenRedisExpire);


         token2 = JwtUtil.getToken(authToken);


         user = this.getUser(token2);


      }


      // 解析token存放进attr中


      String token2 = JwtUtil.getToken(authToken);


      user = this.getUser(token2);


      //request.setAttribute("Blade-Auth",token);


      request.setAttribute("_BLADE_USER_REQUEST_ATTR_",user);


      return true;


   }




   /**


    * 免密登录请求发送


    * @param userName 账号


    * @return 返回token


    * @throws AuthenticationException


    */


   @Override


   public String passwordFreeLogin(String userName) throws AuthenticationException {


      // 免密登录接口地址


      String loginUrl = "http://"+pwdFreeAddr+":"+this.getGatewayPort("ubcs-gateway")+"/ubcs-auth/oauth/token";


      log.debug("当前免密登录调用地址:"+loginUrl);


      // 请求ubcs-auth服务获取token,先设置请求头


      HttpHeaders headers = new HttpHeaders();


      headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);


      headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");


      headers.set("Tenant-Id", pwdFreeTenantId);


      //设置请求体参数


      MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();


      parameters.add("username",userName);


      parameters.add("grant_type", "passwordfree");


      parameters.add("scope", "all");


      parameters.add("type", "account");


      String responseBody = null;


      try {


         // 发送POST请求


         responseBody = HttpUtils.post(loginUrl, parameters,headers);


      }catch (Exception e){


         throw new AuthenticationException("调用鉴权服务ubcs-auth失败,原因:"+e.getMessage());


      }


      return responseBody;


   }




   /**


    * 单点登录


    * @param servletRequest


    * @return


    * @throws Exception


    */


   @Override


   public String ssoFreeLogin(ServletRequest servletRequest) throws Exception {


      HttpServletRequest request = (HttpServletRequest) servletRequest;


      String content = request.getHeader("empCode");


      if(Func.isBlank(content)){


         throw new ServiceException("未获取到empCode参数");


      }


      //加密


      String str1 = aesEncrypt(content, clientId);


      String str2 = aesEncrypt(str1, secretKey);




      String enStr1 = aesDecrypt(str2, secretKey);


      String enStr2 = aesDecrypt(enStr1, clientId);


      // 解密


      log.debug("单点登录参数解密后:"+enStr2);


      String token = this.passwordFreeLogin("pwdfree");


      return token;


   }




   /**


@@ -181,11 +243,9 @@


      if (StringUtil.isNotBlank(authToken)) {


         token = JwtUtil.getToken(authToken);


      }




      if (StringUtil.isNotBlank(token)) {


         claims = parseJWT(token);


      }




      if (ObjectUtil.isNotEmpty(claims) && getJwtProperties().getState()) {


         tenantId = Func.toStr(claims.get("tenant_id"));


         String userId = Func.toStr(claims.get("user_id"));


@@ -205,6 +265,5 @@




      return jwtProperties;


   }






}