From fbdbcfab736a7d6ed18e032ed65cf981bbc50ee9 Mon Sep 17 00:00:00 2001
From: ludc
Date: 星期日, 17 九月 2023 21:41:32 +0800
Subject: [PATCH] 免密登录接口增加,免密登录调用方法增加
---
Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java | 236 +++++++++++++++++++++++++++++++++++++---------------------
1 files changed, 149 insertions(+), 87 deletions(-)
diff --git a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java
index 9385ed8..fbedf76 100644
--- a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java
+++ b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/PasswordFreeLoginServiceImpl.java
@@ -1,14 +1,21 @@
package com.vci.ubcs.code.service.impl;
import com.alibaba.fastjson.JSON;
-import com.vci.ubcs.code.config.HeaderMapRequestWrapper;
import com.vci.ubcs.code.entity.TokenUserObject;
import com.vci.ubcs.code.service.IPasswordFreeLoginService;
import com.vci.ubcs.code.util.HttpUtils;
-import org.springblade.core.cache.utils.CacheUtil;
+import io.jsonwebtoken.Claims;
+import org.apache.http.auth.AuthenticationException;
+import org.springblade.core.jwt.JwtUtil;
+import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.core.log.exception.ServiceException;
import org.springblade.core.redis.cache.BladeRedis;
+import org.springblade.core.secure.BladeUser;
+import org.springblade.core.tool.support.Kv;
import org.springblade.core.tool.utils.Func;
+import org.springblade.core.tool.utils.ObjectUtil;
+import org.springblade.core.tool.utils.SpringUtil;
+import org.springblade.core.tool.utils.StringUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.client.ServiceInstance;
@@ -19,11 +26,12 @@
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
-import javax.annotation.Resource;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import java.util.List;
+import java.util.Map;
+
+import static org.springblade.core.secure.utils.AuthUtil.parseJWT;
/**
* 鍏嶅瘑鐧诲綍鏈嶅姟
@@ -42,64 +50,20 @@
private BladeRedis bladeRedis;
// 缂撳瓨鍚�
public static final String PWD_FREE_LOGIN_TOKEN = "pwdFreeLogin:Token:";
+ private static JwtProperties jwtProperties;
/**
- * 鑾峰彇缃戝叧绔彛
+ * 鏍规嵁鏈嶅姟鍚嶈幏鍙栫鍙e彿
+ * @param serviceId
* @return
*/
- private String getGatewayPort() {
- List<ServiceInstance> instances = discoveryClient.getInstances("ubcs-gateway");
+ public String getGatewayPort(String serviceId) {
+ List<ServiceInstance> instances = discoveryClient.getInstances(serviceId);
if (!instances.isEmpty()) {
ServiceInstance gatewayInstance = instances.get(0);
return String.valueOf(gatewayInstance.getPort());
}
- return "80";
- }
-
- /**
- * 鍏嶅瘑鐧诲綍骞跺瓨鍏ョ紦瀛橈紝閰嶅悎杩囨护鍣ㄥ啓娉�
- * @param username 璐﹀彿
- * @return
- */
- @Override
- public String passwordFreeLogin(String username, ServletRequest servletRequest) {
- // 鍏嶅瘑鐧诲綍鎺ュ彛鍦板潃
- String loginUrl = "http://localhost:"+this.getGatewayPort()+"/ubcs-auth/oauth/token";
- // 璇锋眰鏉ヨ嚜宸卞摢涓猧p鍦板潃
- HttpServletRequest request = (HeaderMapRequestWrapper) servletRequest;
- String ipAddr = request.getRemoteAddr();
- // 鍏堝皾璇曚粠缂撳瓨褰撲腑鍙栵紝濡傛灉涓嶅瓨鍦ㄥ氨鐧诲綍
- String redisToken = (String)bladeRedis.get(PWD_FREE_LOGIN_TOKEN+ipAddr);
- if(Func.isNotBlank(redisToken)){
- // 缂撳瓨涓凡缁忓瓨鍦ㄥ氨鐩存帴鍒犻櫎璇ョ紦瀛橈紝涓昏涓轰簡閬垮厤缁熶竴ip涓嬪瓨鍦ㄥ涓猼oken鐨勬儏鍐�
- bladeRedis.del(PWD_FREE_LOGIN_TOKEN+ipAddr);
- }
- // 涓嶅瓨鍦ㄥ氨閲嶆柊鑾峰彇token
- // 璁剧疆璇锋眰澶�
- HttpHeaders headers = new HttpHeaders();
- headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
- headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");
- headers.set("Tenant-Id", pwdFreeTenantId);
-
- //璁剧疆璇锋眰浣撳弬鏁�
- MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();
- parameters.add("username",username);
- parameters.add("grant_type", "passwordfree");
- parameters.add("scope", "all");
- parameters.add("type", "account");
-
- // 鍙戦�丳OST璇锋眰
- String responseBody = HttpUtils.post(loginUrl, parameters,headers);
- //鎷垮埌鍝嶅簲浣撳叾涓寘鍚玹oken,鐢╮equest涓殑ip鍦板潃浣滀负閿�硷紝灏唗oken瀛樺叆缂撳瓨
- TokenUserObject tokenUserObject = null;
- try {
- tokenUserObject = JSON.parseObject(responseBody, TokenUserObject.class);
- }catch (Exception e){
- throw new ServiceException("responseBody杞崲TokenUserObject澶辫触:"+e.getMessage());
- }
- // 灏唗oken瀛樺叆缂撳瓨褰撲腑,杩囨湡鏃堕棿涓�24灏忔椂
- bladeRedis.setEx(PWD_FREE_LOGIN_TOKEN+ipAddr,"bearer "+tokenUserObject.getAccess_token(),60*60*60*24L);
- return responseBody;
+ return "8080";
}
/**
@@ -108,41 +72,139 @@
* @return
*/
@Override
- public boolean passwordFreeLogin2(String username, HttpServletRequest servletRequest) {
- // 鍏嶅瘑鐧诲綍鎺ュ彛鍦板潃
- String loginUrl = "http://localhost:"+this.getGatewayPort()+"/ubcs-auth/oauth/token";
-
- // 鑾峰彇token锛屽厛璁剧疆璇锋眰澶�
- HttpHeaders headers = new HttpHeaders();
- headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
- headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");
- headers.set("Tenant-Id", pwdFreeTenantId);
- //璁剧疆璇锋眰浣撳弬鏁�
- MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();
- parameters.add("username",username);
- parameters.add("grant_type", "passwordfree");
- parameters.add("scope", "all");
- parameters.add("type", "account");
- // 鍙戦�丳OST璇锋眰
- String responseBody = HttpUtils.post(loginUrl, parameters,headers);
- //鎷垮埌鍝嶅簲浣撳叾涓寘鍚玹oken,鐢╮equest涓殑ip鍦板潃浣滀负閿�硷紝灏唗oken瀛樺叆缂撳瓨
- TokenUserObject tokenUserObject = null;
- try {
- tokenUserObject = JSON.parseObject(responseBody, TokenUserObject.class);
- }catch (Exception e){
- throw new ServiceException("responseBody杞崲TokenUserObject澶辫触:"+e.getMessage());
+ public boolean passwordFreeLogin(String username, ServletRequest servletRequest) throws AuthenticationException {
+ //杩涙潵鍏堝垽鏂紦瀛樹腑鏄惁瀛樺湪token
+ // 璇锋眰鏉ヨ嚜宸卞摢涓猧p鍦板潃
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ String ipAddr = request.getRemoteAddr();
+ // 鍏堝皾璇曚粠缂撳瓨褰撲腑鍙栵紝瀛樺湪灏辩洿鎺ヤ粠缂撳瓨涓幏鍙�
+ String authToken = bladeRedis.get(PWD_FREE_LOGIN_TOKEN+ipAddr);
+ BladeUser user = null;
+ //涓嶅瓨鍦ㄥ氨璇锋眰
+ if(Func.isEmpty(authToken)){
+ // 鍏嶅瘑鐧诲綍鎺ュ彛鍦板潃
+ String loginUrl = "http://localhost:"+this.getGatewayPort("ubcs-gateway")+"/ubcs-auth/oauth/token";
+ // 璇锋眰ubcs-auth鏈嶅姟鑾峰彇token锛屽厛璁剧疆璇锋眰澶�
+ HttpHeaders headers = new HttpHeaders();
+ headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+ headers.set("Authorization", "Basic c3dvcmQ6c3dvcmRfc2VjcmV0");
+ headers.set("Tenant-Id", pwdFreeTenantId);
+ //璁剧疆璇锋眰浣撳弬鏁�
+ MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();
+ parameters.add("username",username);
+ parameters.add("grant_type", "passwordfree");
+ parameters.add("scope", "all");
+ parameters.add("type", "account");
+ String responseBody = null;
+ try {
+ // 鍙戦�丳OST璇锋眰
+ responseBody = HttpUtils.post(loginUrl, parameters,headers);
+ }catch (Exception e){
+ throw new AuthenticationException("璋冪敤閴存潈鏈嶅姟ubcs-auth澶辫触锛屽師鍥狅細"+e.getMessage());
+ }
+ //鎷垮埌鍝嶅簲浣撳叾涓寘鍚玹oken,鐢╮equest涓殑ip鍦板潃浣滀负閿�硷紝灏唗oken瀛樺叆缂撳瓨
+ TokenUserObject tokenUserObject = null;
+ try {
+ tokenUserObject = JSON.parseObject(responseBody, TokenUserObject.class);
+ }catch (Exception e){
+ throw new ServiceException("閴存潈鍝嶅簲鍐呭杞崲涓篢okenUserObject澶辫触:"+e.getMessage());
+ }
+ // 鎷兼帴token鏍煎紡
+ authToken = "bearer " + tokenUserObject.getAccess_token();
+ // 灏唗oken瀛樺叆缂撳瓨褰撲腑,杩囨湡鏃堕棿涓�24灏忔椂
+ bladeRedis.setEx(PWD_FREE_LOGIN_TOKEN+ipAddr,"bearer "+tokenUserObject.getAccess_token(),60*60*60*24L);
}
- HttpServletRequest request = (HeaderMapRequestWrapper) servletRequest;
- HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(request);
-
- //璁剧疆褰撳墠web鎺ュ彛鐨勮姹傚ご
- String token = "bearer " + tokenUserObject.getAccess_token();
- // 灏唗oken璁剧疆鍒癶eader涓�
- requestWrapper.setHeader("Blade-Auth", token);
- requestWrapper.setHeader("Authorization","Basic c3dvcmQ6c3dvcmRfc2VjcmV0");
-
- // 灏唗oken瀛樺叆缂撳瓨褰撲腑,杩囨湡鏃堕棿涓�24灏忔椂
+ // 瑙f瀽token瀛樻斁杩沘ttr涓�
+ String token2 = JwtUtil.getToken(authToken);
+ user = this.getUser(token2);
+ //request.setAttribute("Blade-Auth",token);
+ request.setAttribute("_BLADE_USER_REQUEST_ATTR_",user);
return true;
}
+ /**
+ * 鏍规嵁token鑾峰彇鐢ㄦ埛淇℃伅
+ * @param token
+ * @return
+ */
+ private static BladeUser getUser(String token) {
+ Claims claims = getClaims(token);
+ if (claims == null) {
+ return null;
+ } else {
+ String clientId = Func.toStr(claims.get("client_id"));
+ Long userId = Func.toLong(claims.get("user_id"));
+ String tenantId = Func.toStr(claims.get("tenant_id"));
+ String oauthId = Func.toStr(claims.get("oauth_id"));
+ String deptId = Func.toStrWithEmpty(claims.get("dept_id"), "-1");
+ String postId = Func.toStrWithEmpty(claims.get("post_id"), "-1");
+ String roleId = Func.toStrWithEmpty(claims.get("role_id"), "-1");
+ String account = Func.toStr(claims.get("account"));
+ String roleName = Func.toStr(claims.get("role_name"));
+ String userName = Func.toStr(claims.get("user_name"));
+ String nickName = Func.toStr(claims.get("nick_name"));
+ String tenantName = Func.toStr(claims.get("tenantName"));
+ String email = Func.toStr(claims.get("email"));
+ String deptName = Func.toStr(claims.get("deptName"));
+ String secretGrade = Func.toStr(claims.get("secretGrade"));
+ Kv detail = Kv.create().setAll((Map)claims.get("detail"));
+ BladeUser bladeUser = new BladeUser();
+ bladeUser.setClientId(clientId);
+ bladeUser.setUserId(userId);
+ bladeUser.setTenantId(tenantId);
+ bladeUser.setOauthId(oauthId);
+ bladeUser.setAccount(account);
+ bladeUser.setDeptId(deptId);
+ bladeUser.setPostId(postId);
+ bladeUser.setRoleId(roleId);
+ bladeUser.setRoleName(roleName);
+ bladeUser.setUserName(userName);
+ bladeUser.setNickName(nickName);
+ detail.put("tenantName", tenantName);
+ detail.put("deptName", deptName);
+ detail.put("email", email);
+ detail.put("secretGrade", secretGrade);
+ bladeUser.setDetail(detail);
+ return bladeUser;
+ }
+ }
+
+ /**
+ * 瑙f瀽token
+ * @param authToken
+ * @return
+ */
+ private static Claims getClaims(String authToken) {
+ Claims claims = null;
+ String token = null;
+ String tenantId;
+ if (StringUtil.isNotBlank(authToken)) {
+ token = JwtUtil.getToken(authToken);
+ }
+
+ if (StringUtil.isNotBlank(token)) {
+ claims = parseJWT(token);
+ }
+
+ if (ObjectUtil.isNotEmpty(claims) && getJwtProperties().getState()) {
+ tenantId = Func.toStr(claims.get("tenant_id"));
+ String userId = Func.toStr(claims.get("user_id"));
+ String accessToken = JwtUtil.getAccessToken(tenantId, userId, token);
+ if (!token.equalsIgnoreCase(accessToken)) {
+ return null;
+ }
+ }
+
+ return claims;
+ }
+
+ private static JwtProperties getJwtProperties() {
+ if (jwtProperties == null) {
+ jwtProperties = (JwtProperties) SpringUtil.getBean(JwtProperties.class);
+ }
+
+ return jwtProperties;
+ }
+
+
}
--
Gitblit v1.9.3