BNSTechnologyDevelopment
/
IntelligentRecognition
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
IntelligentRecognition/ah-jjsp-service/.svn/pristine/4a/4ada9fec9ddda4c5e5f0722aa04...

442 lines
18 KiB
Plaintext
Raw Normal View History

first commit
2024-05-24 16:09:40 +08:00
package com.securityControl.auth.controller;
import cn.hutool.core.lang.TypeReference;
import com.alibaba.fastjson2.JSONObject;
import com.google.common.collect.Maps;
import com.securityControl.auth.form.Aes;
import com.securityControl.auth.form.LoginBody;
import com.securityControl.auth.service.SysLoginService;
import com.securityControl.common.core.constant.SecurityConstants;
import com.securityControl.common.core.domain.R;
import com.securityControl.common.core.utils.JwtUtils;
import com.securityControl.common.core.utils.ServletUtils;
import com.securityControl.common.core.utils.StringUtils;
import com.securityControl.common.core.utils.aes.DateTimeHelper;
import com.securityControl.common.core.utils.aes.ListHelper;
import com.securityControl.common.core.utils.ip.IpUtils;
import com.securityControl.common.redis.service.RedisService;
import com.securityControl.common.security.auth.AuthUtil;
import com.securityControl.common.security.service.TokenService;
import com.securityControl.common.security.utils.SecurityUtils;
import com.securityControl.system.api.RemoteLogService;
import com.securityControl.system.api.domain.SysOperLog;
import com.securityControl.system.api.domain.SysUser;
import com.securityControl.system.api.domain.decision.IscMenu;
import com.securityControl.system.api.domain.decision.SysMenu;
import com.securityControl.system.api.model.LoginUser;
import com.sgcc.isc.core.orm.complex.FunctionNode;
import com.sgcc.isc.core.orm.complex.FunctionTree;
import com.sgcc.isc.core.orm.identity.User;
import com.sgcc.isc.core.orm.resource.Function;
import com.sgcc.isc.framework.common.constant.Constants;
import com.sgcc.isc.service.adapter.factory.AdapterFactory;
import com.sgcc.isc.service.adapter.helper.IIdentityService;
import com.sgcc.isc.service.adapter.helper.IResourceService;
import com.sgcc.isc.service.adapter.impl.ResourceService;
import com.sgcc.isc.ualogin.client.CASClient;
import com.sgcc.isc.ualogin.client.CASTicket;
import com.sgcc.isc.ualogin.client.IscServiceTicketValidator;
import com.sgcc.isc.ualogin.client.util.IscSSOResourceUtil;
import com.sgcc.isc.ualogin.client.vo.IscSSOUserBean;
import io.jsonwebtoken.Claims;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
import org.xml.sax.SAXException;
import test.org.jasig.cas.client.Base64Util;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.lang.reflect.Member;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.*;
/**
* token 控制
*
* @author czc
*/
@Api(tags = "系统登录")
@RestController
@Slf4j
public class TokenController {
@Autowired
private TokenService tokenService;
@Autowired
private RedisService redisUtil;
@Autowired
private SysLoginService sysLoginService;
@Autowired
private RemoteLogService remoteLogService;
private String[] userList={"wangzh0059","jysp","!jysp","ahsbd","weit0037","zhuy461x","wb_chennh0013","wb_guoc7712","lijf431X","wangyl253x","zhouxf8318","liurw0614","wb_zhux4635","liyy6816","bonus","!bns"};
/**
* 统一权限性能地址
*/
@Value("${isc.url_xn}")
private String url_xn;
@Value("${isc.appId}")
private String appId;
@Value("${isc.dateUrl}")
private String dateUrl;
@Value("${isc.dateLogin}")
private String dateLogin;
@Value("${isc.menu_url}")
private String menu_url;
@PostMapping("login")
public R<?> login(LoginBody form) {
form.setPassword(Aes.aesDecrypt(form.getPassword()));
form.setUsername(Aes.aesDecrypt(form.getUsername()));
Map<String,Object> map= iscLogin(form.getUsername(),form.getPassword());
String pwd=(String) map.get("pwd");
// List<SysMenu> menu= (List) map.get("menu");
String isL=map.get("isL").toString();//是否成功
if(getUserNoLj(form.getUsername())){//过滤账号不走isc
pwd=form.getPassword();
}
// pwd=form.getPassword();
List<SysMenu> menu=null;
LoginUser userInfo = sysLoginService.login(form.getUsername(), pwd,menu);
// 获取登录token
return R.ok(tokenService.createToken(userInfo));
}
//isc登录
public Map<String,Object> iscLogin(String username,String password){
Map<String,Object> map= Maps.newHashMap();
Boolean isLogin=false;
try{
if(StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)){
String server = url_xn + "/v1/tickets";
String service = dateLogin;
String pwd = new String(Base64Util.encode(password.getBytes("UTF-8")));
CASTicket ticket = CASClient.getTicket(server, username, pwd, service);
/* ticket校验器 */
IscServiceTicketValidator sv = new IscServiceTicketValidator();
/*统一认证服务端校验器地址*/
sv.setCasValidateUrl(dateUrl);
/*业务系统LoginModule访问地址*/
sv.setService(dateLogin);
/*设置Ticket*/
sv.setServiceTicket(ticket.getServiceTicket());
/*校验*/
sv.validate();
String user = "";
if (sv.isAuthenticationSuccesful()) {
user = sv.getUser();
} else {
String errorCode = sv.getErrorCode();
String errorMessage = sv.getErrorMessage();
System.out.println("errorInfo -----------> " + errorCode + "\r\n" + errorMessage);
}
IscSSOUserBean iscSSOUserBean = null;
/*获取当前用户登录信息*/
iscSSOUserBean = IscSSOResourceUtil.transferIscUserBean(user);
/*当前登录用户ID*/
String userid = iscSSOUserBean.getIscUserId();
/*当前登录用户账号*/
String loginName = iscSSOUserBean.getIscUserSourceId();
LoginUser loginUser = new LoginUser();
// sysUser.setMenus(getMenuList(userid));
List<SysMenu> list=getMenuList(userid);
map.put("menu",list);
map.put("isL","true");
map.put("pwd","jysp@Bns2023**");
map.put("loginName",loginName);
}
}catch (Exception e){
map.put("menu",new ArrayList<>());
map.put("isL","false");
map.put("pwd","1233");
map.put("loginName",username);
e.printStackTrace();
}
return map;
}
/**
* 不拦截用户
* @return
*/
public Boolean getUserNoLj(String userName){
return Arrays.asList(userList).contains(userName);
}
/**
* 本地推出登录
*
* @param request
* @return
*/
@PostMapping("logout")
public R<?> loginOut(HttpServletRequest request) {
String jwtToken = SecurityUtils.getToken(request);
Claims claims = JwtUtils.parseToken(jwtToken);
Integer userId = (Integer) claims.get(SecurityConstants.DETAILS_USER_ID);
String iscUser = (String) claims.get(SecurityConstants.DETAILS_ISC_USER_ID);
String userName = (String) claims.get(SecurityConstants.DETAILS_USERNAME);
redisUtil.delete("token:" + jwtToken);
redisUtil.delete("userId:" + userId);
redisUtil.delete("ISCUserId:" + iscUser);
redisUtil.delete("userName:" + userName);
return R.ok();
}
@PostMapping("refresh")
public R<?> refresh(HttpServletRequest request) {
/* String sessionConfigStr = (String) (new RestTemplate()).getForObject(url_aq + "/loadSessionPolicy" + "?appid=" + appId,
String.class, new Object[0]);
com.alibaba.fastjson2.JSONObject sessionInfo = com.alibaba.fastjson2.JSONObject.parseObject(sessionConfigStr);
*/ //刷新进行时间
String jwtToken = SecurityUtils.getToken(request);
Claims claims = JwtUtils.parseToken(jwtToken);
String userId = (String) claims.get(SecurityConstants.DETAILS_USER_ID);
String iscUser = (String) claims.get(SecurityConstants.DETAILS_ISC_USER_ID);
String userName = (String) claims.get(SecurityConstants.DETAILS_USERNAME);
Integer times = 60 * 30;
/* if (sessionInfo.containsKey("sessionTimeout")) {
Integer sessionTimeout = sessionInfo.getInteger("sessionTimeout") / 60;
times = sessionInfo.getInteger("sessionTimeout");
}*/
redisUtil.set("token:" + jwtToken, jwtToken, times);
redisUtil.set("userId::" + userId, jwtToken, times);
redisUtil.set("ISCUserId:" + jwtToken, iscUser, times);
redisUtil.set("userName:" + jwtToken, userName, times);
LoginUser loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser)) {
// 刷新令牌有效期
tokenService.refreshToken(loginUser);
return R.ok();
}
return R.ok();
}
@ApiOperation(value = "3.0根据统一权限获取人员基本信息")
@GetMapping("getUserTicket")
public R<?> getUserTicketPlus(HttpServletRequest request, HttpServletResponse response) throws Exception {
IscSSOUserBean userbean = IscSSOResourceUtil.getIscUserBean(request);
String ticket = request.getParameter("ticket");
System.out.println("ticket -----------> " + ticket);
if(StringUtils.isNotNull(userbean)) {
System.out.println("userbean -----------> iscId= " + userbean.getIscUserId());
}
/* *//*判断ticket是否存在不存在重定向到统一认证客户端*//*
if (null == request.getParameter("ticket") || "".equals(request.getParameter("ticket"))) {
*//*重定向到统一认证服务端service参数是业务系统LoginModule请求地址*//*
response.sendRedirect(dateLogin + "?service=http://127.0.0.1:8082/sap_sso/login");
return R.ok();
}*/
/* ticket校验器 */
IscServiceTicketValidator sv = new IscServiceTicketValidator();
System.out.println("tick校验器 dateUrl >>>>>>>>>>>> " + dateUrl);
/*统一认证服务端校验器地址*/
sv.setCasValidateUrl(dateUrl);
System.out.println("tick校验器 dateLogin >>>>>>>>>>>> " + dateLogin);
/*业务系统LoginModule访问地址*/
sv.setService(dateLogin);
/*设置Ticket*/
sv.setServiceTicket(request.getParameter("ticket"));
/*校验*/
try {
sv.validate();
} catch (SAXException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ParserConfigurationException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String user = "";
if (sv.isAuthenticationSuccesful()) {
user = sv.getUser();
} else {
String errorCode = sv.getErrorCode();
String errorMessage = sv.getErrorMessage();
/* handle the error */
System.out.println("errorInfo -----------> " + errorCode + "\r\n" + errorMessage);
}
System.out.println("tick校验器 userinfo >>>>>>>>>>>> " + user);
IscSSOUserBean iscSSOUserBean = null;
try {
/*获取当前用户登录信息*/
iscSSOUserBean = IscSSOResourceUtil.transferIscUserBean(user);
/*当前登录用户ID*/
String userid = iscSSOUserBean.getIscUserId();
System.out.println(userid);
/*当前登录用户账号*/
String loginName = iscSSOUserBean.getIscUserSourceId();
System.out.println("当前登录用户名:"+loginName);
LoginUser loginUser = new LoginUser();
SysUser sysUser = new SysUser();
sysUser.setMenus(getMenuList(userid));
loginUser.setSysUser(sysUser);
loginUser.getSysUser().setRoleId(3L);
loginUser.getSysUser().setRoleName("继远管理员");
loginUser.getSysUser().setOrgName("建设分公司");
loginUser.getSysUser().setOrgId("***12Z0");
loginUser.getSysUser().setUserId(2L);
loginUser.getSysUser().setIsSup("1");
loginUser.getSysUser().setUserName(loginName);
loginUser.getSysUser().setIscUserId(userid);
String pers = "sys:violationStatistics:add,sys:violationStatistics:setVoiType,team:dev:detail,team:dev:edit,sys:dev:add," +
"sys:dev:edit,sys:dev:del,sys:dev:exp,sys:type:add,sys:type:edit,sys:type:del,sys:user:add," +
"sys:user:pwd,sys:user:edit,sys:user:del,sys:role:add,sys:role:edit,sys:role:aux,sys:role:del," +
"sys:menu:add,sys:menu:edit,sys:menu:del,sys:dict:add,sys:dict:edit,sys:dict:del";
String[] persArr = pers.split(",");
List<String> persList = Arrays.asList(persArr);
HashSet<String> hashSet = new HashSet<>(persList);
loginUser.setPermissions(hashSet);
loginUser.getSysUser().setPers(persList);
Map<String, Object> resultMap = tokenService.createToken(loginUser);
//添加登录日志
addLoginLog(loginName, "用户登录", "系统登录", "com.securityControl.auth.controller.getUserTicket()", "/auth/getUserTicket");
return R.ok(resultMap);
} catch (Exception e) {
log.error(e.toString(),e);
// TODO Auto-generated catch block
e.printStackTrace();
}
return R.ok();
}
public static void main(String[] args) {
IResourceService service = (IResourceService) AdapterFactory.getInstance(Constants.CLASS_RESOURCE);
System.out.println("IscMenu 请求路径-----------------01------------------------------------------------------>service");
}
private List<SysMenu> getMenuList(String userId){
List<SysMenu> menuList=new ArrayList<>();
System.out.println("IscMenu 请求路径----------->"+menu_url + "/userResource/all/" + userId+"/"+appId);
String data = (String) (new RestTemplate()).getForObject(menu_url + "/userResource/all/" + userId+"/"+appId,
String.class, new Object[0]);
System.out.println("IscMenu 菜单数据----------->"+data);
try{
com.alibaba.fastjson2.JSONObject obj = com.alibaba.fastjson2.JSONObject.parseObject(data);
com.alibaba.fastjson2.JSONArray jsonArray=obj.getJSONArray("data");
List<IscMenu> list= jsonArray.toList(IscMenu.class);
getChilderList(menuList,list);
}catch (Exception e){
log.error(e.toString(),e);
e.printStackTrace();
}
return menuList;
}
private static void getChilderList(List<SysMenu> menuList, List<IscMenu> iscList){
try{
for (IscMenu isc: iscList) {
if(StringUtils.isEmpty(isc.getParentId())){//没有上级节点的为父节点
SysMenu menu=new SysMenu();
menu.setMenuId(isc.getId());
menu.setMenuName(isc.getName());
menu.setUrl(isc.getConent());
menu.setLast(false);
getChilderList2(menu,iscList);
if("Y".equals(isc.getStatus())){
menuList.add(menu);
}
}
}
}catch (Exception e){
log.error(e.toString(),e);
}
}
private static void getChilderList2(SysMenu sysMenu,List<IscMenu> iscLis){
List<SysMenu> childer=new ArrayList<>();
for (IscMenu isc:iscLis) {
if(StringUtils.isNotEmpty(sysMenu.getMenuId())){
if (sysMenu.getMenuId().equals(isc.getParentId())){
SysMenu menu=new SysMenu();
menu.setMenuId(isc.getId());
menu.setMenuName(isc.getName());
menu.setUrl(isc.getConent());
menu.setLast(true);
if("Y".equals(isc.getStatus())){
childer.add(menu);
}
}
}
}
if(ListHelper.isEmpty(childer)){
sysMenu.setLast(true);
}else{
sysMenu.setLast(false);
sysMenu.setChilder(childer );
}
}
/**
* 记录登录信息
*
* @param username 用户名
* @param title 标题
* @param detail 详情
* @return
*/
public void addLoginLog(String username, String title, String detail, String method, String url) {
SysOperLog sysOperLog = new SysOperLog();
sysOperLog.setGrade(title);
sysOperLog.setTimes(DateTimeHelper.getNowTime());
sysOperLog.setOperName(username);
String roleName = "继远管理员";
String deptName = "";
LoginUser loginUser = SecurityUtils.getLoginUser();
if (null != loginUser && null != loginUser.getSysUser()) {
SysUser sysUser = loginUser.getSysUser();
roleName = sysUser.getRoleName();
deptName = sysUser.getOrgName();
}
sysOperLog.setRoleName(roleName);
sysOperLog.setDeptName(deptName);
sysOperLog.setOperIp(IpUtils.getIpAddr(ServletUtils.getRequest()));
sysOperLog.setTitle(title);
sysOperLog.setRequestMethod("POST");
sysOperLog.setMethod(method);
sysOperLog.setBusinessType(0);
sysOperLog.setOperUrl(url);
sysOperLog.setOperParam(username);
sysOperLog.setDetail(detail);
sysOperLog.setLogType("系统日志");
sysOperLog.setSysMenu("");
remoteLogService.saveLogs(sysOperLog, SecurityConstants.INNER);
}
}