GitBucket
Newer
package com.casic.missiles.controller;
import cn.hutool.json.JSONObject;
import com.casic.missiles.core.base.controller.BaseController;
import com.casic.missiles.core.base.language.I18nFactory;
import com.casic.missiles.core.base.language.constant.I18nConst;
import com.casic.missiles.core.base.response.ResponseData;
import com.casic.missiles.core.base.response.SuccessResponseData;
import com.casic.missiles.core.common.service.ICommonPermissionService;
import com.casic.missiles.core.log.LogManager;
import com.casic.missiles.core.log.factory.LogTaskFactory;
import com.casic.missiles.core.shiro.CasicCustomeToken;
import com.casic.missiles.core.shiro.LoginType;
import com.casic.missiles.core.shiro.ShiroKit;
import com.casic.missiles.core.shiro.ShiroUser;
import com.casic.missiles.core.util.RSAUtils;
import com.casic.missiles.dto.CaseTokenVO;
import com.casic.missiles.modular.constant.PermissionContant;
import com.casic.missiles.modular.system.dto.LoginResult;
import com.tmhc.sso.common.model.CommonResult;
import com.tmhc.sso.common.util.CommonUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import static com.casic.missiles.core.support.HttpKit.getIp;
/**
* 用户中心登录对接
*/
@Slf4j
@RestController
@RequestMapping("/client")
public class UcLoginTokenController extends BaseController {
@Autowired
private ICommonPermissionService service;
@Value("${sso.client.server}")
private String ssoServer;
@Value("${ykt.clientId:ykt}")
private String clientId;
@Value("${ykt.privateKey:MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ7p+vrj9g2go0SwDzlYKwi4QvtFAhTGy97JjIYcXd/4lq2kCJXZenl78Mr/vd1Yn3GcQXOZ4cV86uzVzM6iWdh0ulug5FlGwQjrNf7GrfsSYUbrfUKaBBw7HD6tvWKkU8E/EL2N0Gbjqra2neGb0gKF5u218oIgCir2PQcWHX8LAgMBAAECgYBnhjowk61Jd2qlZqSkUOHIDnHkSzJt4owRmO9otrYZIFLYz9Gf/UuiNLHLLQu9VOyaEJc6/fZst1I785Q20OEB8D/YVnBnfZFDJ1AA3lPc/P5hL/M8Lr9EtfXqj1DpoWAKHHz9L0AEi4b2YOUW3zY3FRoKPjsCiw1VnHyl9sEucQJBANyVmFBY6XQ7rcKfRV/xdvPIcYRxWA+3KAbRZUBaEcRW7i2NP/+bCRjXNkTKoO2fyuajomPHFXSV4SgdyRKKCf0CQQC4bZ/vgqiqhaO7jDS0T3AlrR+e+eclgirGII+w7o2UDeFxrGXw8iy14Oji9sNoKp/W5oaMpg2kal3ej9wBHFenAkEAmyIOY/uT/C34j1bKSKaeXOcMhvPb1fmfCeR8TBzMQARPL/QWHWLgq/q3bPwA3/2wijJtA7VA7qR2HGuOPR6d1QJAE60ecx8tf4PihA/hT5tqC5r81Kk0z/ujNKAktGu/DxysAMSz25D61Cy6q/xHvMVPaE4P7NGKgxAWE7ilcDjl4QJAMWnycg0gisTjnSppw0S0VE+NA5uhb4YMAgBARPO4mocGvTMytOQHz3UivZIBN8IJkpW3NXE1qm6bLAFXiM+/nA==}")
private String privateKey;
@Value("${ykt.account:hjzxgly}")
private String account;
// public_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCe6fr64/YNoKNEsA85WCsIuEL7RQIUxsveyYyGHF3f+JatpAiV2Xp5e/DK/73dWJ9xnEFzmeHFfOrs1czOolnYdLpboORZRsEI6zX+xq37EmFG631CmgQcOxw+rb1ipFPBPxC9jdBm46q2tp3hm9IChebttfKCIAoq9j0HFh1/CwIDAQAB";
// private_key = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ7p+vrj9g2go0SwDzlYKwi4QvtFAhTGy97JjIYcXd/4lq2kCJXZenl78Mr/vd1Yn3GcQXOZ4cV86uzVzM6iWdh0ulug5FlGwQjrNf7GrfsSYUbrfUKaBBw7HD6tvWKkU8E/EL2N0Gbjqra2neGb0gKF5u218oIgCir2PQcWHX8LAgMBAAECgYBnhjowk61Jd2qlZqSkUOHIDnHkSzJt4owRmO9otrYZIFLYz9Gf/UuiNLHLLQu9VOyaEJc6/fZst1I785Q20OEB8D/YVnBnfZFDJ1AA3lPc/P5hL/M8Lr9EtfXqj1DpoWAKHHz9L0AEi4b2YOUW3zY3FRoKPjsCiw1VnHyl9sEucQJBANyVmFBY6XQ7rcKfRV/xdvPIcYRxWA+3KAbRZUBaEcRW7i2NP/+bCRjXNkTKoO2fyuajomPHFXSV4SgdyRKKCf0CQQC4bZ/vgqiqhaO7jDS0T3AlrR+e+eclgirGII+w7o2UDeFxrGXw8iy14Oji9sNoKp/W5oaMpg2kal3ej9wBHFenAkEAmyIOY/uT/C34j1bKSKaeXOcMhvPb1fmfCeR8TBzMQARPL/QWHWLgq/q3bPwA3/2wijJtA7VA7qR2HGuOPR6d1QJAE60ecx8tf4PihA/hT5tqC5r81Kk0z/ujNKAktGu/DxysAMSz25D61Cy6q/xHvMVPaE4P7NGKgxAWE7ilcDjl4QJAMWnycg0gisTjnSppw0S0VE+NA5uhb4YMAgBARPO4mocGvTMytOQHz3UivZIBN8IJkpW3NXE1qm6bLAFXiM+/nA==";
@ResponseBody
@PostMapping(value = "getToken", produces = "application/json;charset=UTF-8")
public Object getTokenByClientId(@RequestBody CaseTokenVO caseTokenVO) {
if (clientId.equals(caseTokenVO.getClientId())) {
try {
String decryptStr = RSAUtils.decrypt(caseTokenVO.getClientSecret(), privateKey);
if (decryptStr.equals(caseTokenVO.getClientId() + "-" + caseTokenVO.getSalt())) {
LoginResult result = (LoginResult) login(account).getData();
return ResponseData.success(result.getToken());
}
} catch (Exception e) {
e.printStackTrace();
return ResponseData.error("无效认证");
}
}
return ResponseData.error("无效认证");
}
@ResponseBody
@PostMapping(value = "getTokenByTicket", produces = "application/json;charset=UTF-8")
public Object getTokenByTicket(HttpServletRequest request, HttpServletResponse resp, String ticket) {
Object account = super.getSession().getAttribute("sso_login_name");
System.out.println("sso verify");
CommonResult<JSONObject> result = CommonUtils.verifyTicket(ssoServer, ticket);
if (result != null) {
return login((String) result.getData().get("username"));
}
return ResponseData.error("用户信息获取异常");
}
private ResponseData login(String userName) {
ShiroKit.getSession().setAttribute(PermissionContant.IS_APP, false);
Subject currentUser = ShiroKit.getSubject();
try {
Map<String, String> key = RSAUtils.genKeyPair();
ShiroKit.getSession().setAttribute(PermissionContant.PRIVATE_KEY, key.get(RSAUtils.RSAPrivateKey));
log.info("秘钥:".concat(key.get(RSAUtils.RSAPublicKey)));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
CasicCustomeToken token = new CasicCustomeToken(userName);
token.setRememberMe(false);
token.setType(LoginType.NOPASSWD);
try {
System.out.println("CallCenter login ..");
currentUser.login(token);
} catch (Exception e) {
e.printStackTrace();
return ResponseData.error("该用户未授权");
}
ShiroUser shiroUser = ShiroKit.getUser();
super.getSession().setAttribute("shiroUser", shiroUser);
super.getSession().setAttribute("username", shiroUser.getAccount());
super.getSession().setAttribute(PermissionContant.SESSION_KEY, shiroUser.getId());
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
ShiroKit.getSession().setAttribute("sessionFlag", true);
SuccessResponseData resultData = new SuccessResponseData();
resultData.setData(new LoginResult(ShiroKit.getSession().getId().toString(), null));
resultData.setMessage(I18nFactory.getMessage(I18nConst.LOGIN_SUCESS));
return resultData;
}
}