单点登录调整333

241430e0 · wqc · fd5e68ec · 241430e0 · 241430e0 · 241430e0
Commit 241430e0 authored Jun 21, 2023 by wqc
9 changed files
--- a/api-server/src/main/java/com/zq/api/feign/SysFeign.java
+++ b/api-server/src/main/java/com/zq/api/feign/SysFeign.java
@@ -30,7 +30,7 @@ public interface SysFeign {
    ResultVo modifyPasswd(@RequestBody Map<String, Object> paramsMap);

    @PostMapping("/sso/verifyToken")
-    ResultVo getVerifyToken(@RequestBody Map<String, Object> paramsMap);
+    ResultVo getVerifyToken(@RequestBody Map<Object, Object> paramsMap);

    @GetMapping("/api/version/getAppVersion")
    ResultVo getAppVersion(@RequestParam String appName);

--- a/api-server/src/main/java/com/zq/api/service/ApiService.java
+++ b/api-server/src/main/java/com/zq/api/service/ApiService.java
@@ -111,6 +111,8 @@ public class ApiService {
                .userId(apiUser.getId())
                .name(apiUser.getName())
                .roleLevel(apiUser.getRoleLevel())
+                .token(token)
+                .sessionKey(key)
                .build();

        form.setUserId(apiUser.getId() == null ? null : apiUser.getId().toString());

--- a/api-server/src/main/java/com/zq/api/service/impl/ApiV100Logic.java
+++ b/api-server/src/main/java/com/zq/api/service/impl/ApiV100Logic.java
 package com.zq.api.service.impl;

+import cn.hutool.core.map.MapUtil;
 import com.zq.api.feign.OpenFeign;
 import com.zq.api.feign.PortalFeign;
 import com.zq.api.feign.SysFeign;
@@ -13,6 +14,7 @@ import com.zq.common.vo.ResultVo;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

+import java.util.HashMap;
 import java.util.Map;

 @Component
@@ -52,7 +54,10 @@ public class ApiV100Logic extends BaseApiLogic implements IApiLogic {

    @Override
    public ApiResp getVerifyToken(ApiForm form) {
-        return ApiUtils.toApiResp(form, sysFeign.getVerifyToken(form.getParamsMap()));
+        Map<Object, Object> params = MapUtil.builder()
+                .put("appId",form.getAppId())
+                .build();
+        return ApiUtils.toApiResp(form, sysFeign.getVerifyToken(params));
    }

    @Override

--- a/sys-server/src/main/java/com/zq/system/modules/system/domain/vo/SsoLoginVo.java
+++ b/sys-server/src/main/java/com/zq/system/modules/system/domain/vo/SsoLoginVo.java
@@ -19,9 +19,9 @@ public class SsoLoginVo {

    private String uuid = "";

-    private String loginToken;
+    private String token;

-    private String loginKey;
+    private String key;

    private String appId;


--- a/sys-server/src/main/java/com/zq/system/modules/system/entity/SysInfo.java
+++ b/sys-server/src/main/java/com/zq/system/modules/system/entity/SysInfo.java
@@ -42,12 +42,6 @@ public class SysInfo {
    @ApiModelProperty("状态 0-禁用 1-启用")
    private Integer state;

-    @ApiModelProperty("生成的token")
-    private String loginToken;
-
-    @ApiModelProperty("生成的key")
-    private String loginKey;
-
    @ApiModelProperty("创建时间")
    private Date createTime;


--- a/sys-server/src/main/java/com/zq/system/modules/system/rest/SsoController.java
+++ b/sys-server/src/main/java/com/zq/system/modules/system/rest/SsoController.java
@@ -102,10 +102,9 @@ public class SsoController {

    @ApiOperation("验证token和key")
    @PostMapping(value = "/verifyToken")
-    public ResultVo verifyToken(@RequestParam String loginToken,String loginKey ,HttpServletRequest request, HttpServletResponse response) {
-        AssertUtils.notNull(loginToken,"token不为空");
-        AssertUtils.notNull(loginKey,"key不为空");
-        return ResultVo.success(ssoService.verifyToken(loginToken,loginKey,request,response));
+    public ResultVo verifyToken(@RequestBody SsoLoginVo vo  ,HttpServletRequest request, HttpServletResponse response) {
+        AssertUtils.notNull(vo.getAppId(),"APPID不为空");
+        return ResultVo.success(ssoService.verifyToken(vo,request,response));
    }



--- a/sys-server/src/main/java/com/zq/system/modules/system/rest/api/testAPI.java
+++ b/sys-server/src/main/java/com/zq/system/modules/system/rest/api/testAPI.java
+package com.zq.system.modules.system.rest.api;
+
+import cn.hutool.core.codec.Base64;
+import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.core.util.URLUtil;
+import cn.hutool.crypto.digest.MD5;
+import cn.hutool.http.HttpRequest;
+import cn.hutool.http.HttpResponse;
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import com.zq.system.modules.mnt.rest.AppController;
+
+import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.TreeMap;
+
+public class testAPI {
+
+    public static void main(String[] args) {
+        String appId = "a5cbfc5ac3704f848e12f464a8289bfc";
+        String apiNo = IdUtil.simpleUUID();
+        String method = "getVerifyToken";
+        String timestamp = System.currentTimeMillis() + "";
+        String version = "1.0.0";
+        String bizContent = "";//JSON字符串
+        bizContent = StrUtil.isBlank(bizContent) ? "" : URLUtil.encode(Base64.encode(bizContent), StandardCharsets.UTF_8);
+        Map<String, String> params = new HashMap<>();
+        params.put("appId", appId);
+        params.put("apiNo", apiNo);
+        params.put("method", method);
+        params.put("timestamp", timestamp);
+        params.put("bizContent", bizContent);
+        params.put("version", version);
+
+        // 签名参数排序
+        TreeMap<String, String> signTreeMap = new TreeMap<>();
+        signTreeMap.put("appId", appId);
+        signTreeMap.put("apiNo", apiNo);
+        signTreeMap.put("timestamp", timestamp);
+        signTreeMap.put("method", method);
+        signTreeMap.put("version", version);
+        signTreeMap.put("bizContent", bizContent);
+
+        // 拼接签名参数
+        StringBuilder src = new StringBuilder();
+        for (Map.Entry<String, String> entry : signTreeMap.entrySet()) {
+            src.append(entry.getKey()).append("=").append(entry.getValue()).append("&");
+        }
+        //key，单点登录后由我方返回
+        src.append("key=").append("99edda8498cd465c84b08a41bcfe1c7b");
+
+        params.put("sign", MD5.create().digestHex(src.toString()).toUpperCase());
+        String sign=MD5.create().digestHex(src.toString()).toUpperCase();
+        //请求头中Authorization既为token,单点登录后由我方返回
+        HttpRequest request = HttpRequest.post("http://127.0.0.1:9888/api/action")
+                .header("appId", appId)
+                .header("appSecret", "5ba197db5cbb4863a829d7deabf9d238")
+                .header("key","99edda8498cd465c84b08a41bcfe1c7b")
+                .header("Authorization", "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0MTIyNyIsImF1dGgiOiIiLCJqdGkiOiI2ZDU5YzIxNGY5NTA0OTc4YjFiNDYwYjdiZGU5YmY0ZCJ9.mQ0HmX4k6JelSObgzwasIlZk6Dx7fmmkso7TL0aEFivJO_1x92KOHy6FmHyX7ttyb7AMNv7bjWZ5x20zufbTOw")
+                .contentType("application/x-www-form-urlencoded")
+                .formStr(params);
+
+        HttpResponse execute = request.execute();
+        String body = execute.body();
+        System.out.println("响应 => " + body);
+        // 失败 => {"apiNo":"09c1ad82ec0f4b2d80cae0cfb1d7059b","code":"103","msg":"调用方法异常","timestamp":1638176339560,"data":null,"success":false}
+        // 成功 => {"apiNo":"bc070a7c31ac4b8eb1180b2d82a2096b","code":"200","msg":"成功","timestamp":1638176552353,"data":{"userId":"123","username":"admin@gxfy.com"},"success":true}
+        int status = execute.getStatus();
+        if (status == 200) {
+            JSONObject obj = JSONUtil.parseObj(body);
+            Integer code = obj.getInt("code");
+            if (code == 200) {
+                JSONObject data = obj.getJSONObject("data");
+                System.out.println("成功拿到数据 => " + data);
+            }
+        }
+
+    }
+}
--- a/sys-server/src/main/java/com/zq/system/modules/system/service/SsoService.java
+++ b/sys-server/src/main/java/com/zq/system/modules/system/service/SsoService.java
@@ -86,7 +86,7 @@ public class SsoService {

        verificationCode(vo.getPhone(), vo.getPhoneVerificationCode());

-        User resources=new User();
+        User resources = new User();
        resources.setPassword(passwordEncoder.encode(passwd));
        resources.setDept(vo.getDept());
        resources.setEnabled(vo.getEnabled());
@@ -210,7 +210,7 @@ public class SsoService {

    }

-    public Object tokenLogin(SsoLoginVo vo,HttpServletRequest request, HttpServletResponse response) {
+    public Object tokenLogin(SsoLoginVo vo, HttpServletRequest request, HttpServletResponse response) {
        String toUrl = request.getParameter("service");
        AssertUtils.hasText(toUrl, "跳转地址为空");

@@ -230,8 +230,6 @@ public class SsoService {
        AssertUtils.hasText(sysInfo.getHomeUrl(), "业务系统主页地址未配置");
        SysInfo build = SysInfo.builder()
                .appId(sysInfo.getAppId())
-                    .loginKey(key)
-                    .loginToken(token)
                .systemName(vo.getSystemName())
                .systemTag(vo.getSystemTag())
                .state(1)
@@ -293,11 +291,13 @@ public class SsoService {
        redisUtils.deleteStr(CacheKeys.authCodeKey(phone));
    }

-    public ResultVo verifyToken(String loginToken,String loginKey, HttpServletRequest request, HttpServletResponse response) {
-        SysInfo sysInfo = sysInfoDao.selectOne(Wrappers.lambdaQuery(SysInfo.builder().loginToken(loginToken).loginKey(loginKey).build()));
-        if (sysInfo==null){
-            return ResultVo.success(sysInfo.getAppId());
-        }else{
+    public ResultVo verifyToken(SsoLoginVo vo, HttpServletRequest request, HttpServletResponse response) {
+        OnlineUserDto adminContext = ContextUtils.getAdminContext();
+        SysInfo sysInfo = sysInfoDao.selectOne(Wrappers.lambdaQuery(SysInfo.class).eq(SysInfo::getAppId, vo.getAppId()));
+        BindUserInfo bindUserInfo = blindUserInfoDao.selectOne(Wrappers.lambdaQuery(BindUserInfo.builder().sysId(sysInfo.getId()).userId(adminContext.getUserId()).build()));
+        if (sysInfo != null) {
+            return ResultVo.success(bindUserInfo.getSystemUserId());
+        } else {
            return ResultVo.fail("校验失败");
        }
    }

--- a/sys-server/src/main/resources/Mapper/SysInfoMapper.xml
+++ b/sys-server/src/main/resources/Mapper/SysInfoMapper.xml
@@ -11,13 +11,11 @@
        <result property="homeUrl" column="home_url" jdbcType="OTHER"/>
        <result property="loginUrl" column="login_url" jdbcType="OTHER"/>
        <result property="state" column="state" jdbcType="OTHER"/>
-        <result property="loginToken" column="login_token" jdbcType="OTHER"/>
-        <result property="loginKey" column="login_key" jdbcType="OTHER"/>
        <result property="createTime" column="create_time" jdbcType="TIMESTAMP"/>
        <result property="updateTime" column="update_time" jdbcType="TIMESTAMP"/>
    </resultMap>
    <update id="updateByappId">
-        update sys_info
+        UPDATE sys_info
        <set>
            <if test="appId != null">
                app_id = #{appId, jdbcType=OTHER},
@@ -28,12 +26,6 @@
            <if test="systemTag != null">
                system_tag = #{systemTag, jdbcType=OTHER},
            </if>
-            <if test="loginToken != null">
-                login_token = #{loginToken, jdbcType=OTHER},
-            </if>
-            <if test="loginKey != null">
-                login_key = #{loginKey, jdbcType=OTHER},
-            </if>
            <if test="createTime != null">
                create_time = #{createTime, jdbcType=TIMESTAMP},
            </if>