package com.fawjiefang.modules.sys.controller; import cn.hutool.core.codec.Base64; import com.fawjiefang.common.cmodules.log.entity.SysLogLoginEntity; import com.fawjiefang.common.cmodules.log.enums.LoginOperationEnum; import com.fawjiefang.common.cmodules.log.enums.LoginStatusEnum; import com.fawjiefang.common.cmodules.log.service.SysLogLoginService; import com.fawjiefang.common.common.redis.RedisUtils; import com.fawjiefang.common.common.utils.IpUtils; import com.fawjiefang.common.common.utils.Result; import com.fawjiefang.common.entity.UserCache; import com.fawjiefang.common.utils.AesEncryptUtil; import com.fawjiefang.modules.security.service.SysUserTokenService; import com.fawjiefang.modules.sys.dto.SysUserDTO; import com.fawjiefang.modules.sys.service.SysDictService; import com.fawjiefang.modules.sys.service.SysUserService; import io.swagger.annotations.ApiOperation; import org.activiti.engine.impl.util.json.JSONObject; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpHeaders; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import javax.servlet.ServletRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.*; import java.net.HttpURLConnection; import java.net.URL; import java.nio.charset.Charset; import java.util.Date; import java.util.Map; @RestController @RequestMapping("/idm") public class SysOamOauth { @Autowired private SysUserTokenService sysUserTokenService; @Autowired private SysLogLoginService sysLogLoginService; @Autowired private RedisUtils redisUtils; @Autowired private SysDictService sysDictService; //private static String AUTHORIZATION_URL = "https://www.fawidmdev.com/ms_oauth/oauth2/endpoints/oauthservice/authorize"; @Value("${jiefang.admin.authorization-url}") private String AUTHORIZATION_URL; @Value("${jiefang.admin.access-token-url}") private String ACCESS_TOKEN_URL; @Value("${jiefang.admin.user-profile-url}") private String USER_PROFILE_URL; @Value("${jiefang.admin.customer-service-url}") private String CUSTOMER_SERVICE_URL; @Value("${jiefang.admin.redirect-uri}") private String REDIRECT_URI; private static String CLIENT_ID = "qakz5cr8r61gzzqq5sqioga8ulrfi483"; private static String CLIENT_SECRET = "1aspst1979wz4nt296unf51lvbfng0bs"; private static String BASE_64_CREDENTIALS = "Basic " + new String(Base64.encode(CLIENT_ID+":"+ CLIENT_SECRET)); @Value("${jiefang.admin.home-url}") private String HOME_URL; private static String RESPONSE_TYPE = "code"; private static String OAUTH_SCOPE = "Customer.Info UserProfile.me"; private static String GRANT_TYPE = "AUTHORIZATION_CODE"; private static CloseableHttpClient httpClient; static { PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(); cm.setMaxTotal(100); cm.setDefaultMaxPerRoute(20); cm.setDefaultMaxPerRoute(50); httpClient = HttpClients.custom().setConnectionManager(cm).build(); } @Autowired private SysUserService sysUserService; @RequestMapping("validation") @ApiOperation("idm验证") public void validation(@RequestParam(value="code",required=false) String code, HttpServletRequest request, HttpServletResponse response) throws Exception { if(code == null || "".equals(code)){ //response.sendRedirect(AUTHORIZATION_URL+"?client_id=" + CLIENT_ID + "&response_type=" + RESPONSE_TYPE + "&redirect_uri=" + REDIRECT_URI + "&scope=" + OAUTH_SCOPE + "&domain=IdmDomain"); //response.sendRedirect(AUTHORIZATION_URL+"?response_type=code&client_id= xcoiv98y2kd22vusuye3kch &domain=IdmDomain &scope=ResServer.Customer.Info ResServer.UserProfile.me&redirect_uri="+REDIRECT_URI); //response.sendRedirect("http://10.60.25.66/oauth2/rest/authz?response_type=code&client_id="+CLIENT_ID+"&domain=IdmDomain&state=xcoiv98y2kd22vusuye3kch&scope=IdmResServer.Customer.Info%20IdmResServer.UserProfile.me&redirect_uri="+REDIRECT_URI); // response.sendRedirect("https://iamuat.fawjiefang.com.cn/oauth2/rest/authz?response_type=code&client_id=qakz5cr8r61gzzqq5sqioga8ulrfi483&domain=IdmDomain&state=xyz&scope=IdmResServer.UserProfile.me openid email phone profile&redirect_uri=http://10.58.52.112:8686/jiefang-admin/idm/validation"); response.sendRedirect(AUTHORIZATION_URL+"?response_type="+RESPONSE_TYPE+"&client_id="+CLIENT_ID+"&domain=IdmDomain&state=xyz&scope=IdmResServer.UserProfile.me openid email phone profile&redirect_uri="+REDIRECT_URI); }else{ String accessToken = getAccessToken(code); System.out.println("accessToken:"+accessToken); String username = getUserInfo(accessToken); getCustomerInfo(accessToken,username); SysUserDTO user = sysUserService.getByUsername(username); SysLogLoginEntity log = new SysLogLoginEntity(); log.setOperation(LoginOperationEnum.LOGIN.value()); log.setCreateDate(new Date()); log.setIp(IpUtils.getIpAddr(request)); log.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT)); log.setIp(IpUtils.getIpAddr(request)); if(user == null){ log.setStatus(LoginStatusEnum.FAIL.value()); log.setCreatorName(username); sysLogLoginService.save(log); response.sendRedirect(HOME_URL); }else{ sysDictService.refRedisDict(); } Result r = sysUserTokenService.createToken(user.getId()); //用户信息 Map map = (Map) r.getData(); SetUserCacheToRedis(user); redisUtils.hSet("userinfo",user.getId().toString(),user); String key = String.valueOf(System.currentTimeMillis()); String aesUserId = AesEncryptUtil.encrypt(new String(map.get("userId").toString().getBytes(),"UTF-8"),"123"+key,"123"+key); String aesToken = AesEncryptUtil.encrypt(new String(map.get("token").toString().getBytes(),"UTF-8"),"123"+key,"123"+key); log.setStatus(LoginStatusEnum.SUCCESS.value()); log.setCreator(user.getId()); log.setCreatorName(user.getUsername()); sysLogLoginService.save(log); response.sendRedirect(HOME_URL+"?userId="+aesUserId+"&token="+aesToken+"&key="+key); } } private void SetUserCacheToRedis(SysUserDTO user) { try { UserCache userCache = new UserCache(); userCache.setEmail(user.getEmail()); userCache.setId(user.getId()); userCache.setMobile(user.getMobile()); userCache.setUsername(user.getUsername()); userCache.setSuperAdmin(user.getSuperAdmin()); redisUtils.hSet("userCache",user.getId().toString(),userCache); } catch (Exception e) { } } public void getCustomerInfo(String token ,String uid){ if(token != null && uid != null){ for(int i=0;i<100;i++){ System.out.println("token:"+token); System.out.println("uid:"+uid); } }else{ if(token == null){ System.out.println("token空了"); }else{ System.out.println("uid空了"); } } } public String getAccessToken(String code){ String accessToken = null; String params = "redirect_uri=" + REDIRECT_URI + "&grant_type=" + GRANT_TYPE + "&code=" + code; System.out.println("参数:"+params); byte[] postData = params.getBytes(Charset.forName("UTF-8")); HttpURLConnection connection = null; OutputStream wr = null; try { URL url = new URL(ACCESS_TOKEN_URL); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Authorization",BASE_64_CREDENTIALS); connection.setRequestProperty("cache-control","no-cache"); connection.setRequestProperty("Content-Type","application/x-www-form-urlencoded;charset=UTF-8"); connection.setRequestProperty("X-OAUTH-IDENTITY-DOMAIN-NAME","IdmDomain "); connection.setDoOutput(true); wr = new DataOutputStream(connection.getOutputStream()); wr.write(postData); wr.flush(); wr.close(); BufferedReader rd = new BufferedReader(new InputStreamReader(connection.getInputStream(),Charset.forName("UTF-8"))); String line; StringBuffer resp = new StringBuffer(); while((line = rd.readLine()) != null){ resp.append(line); } rd.close(); JSONObject obj; obj = new JSONObject(resp.toString()); accessToken = obj.getString("access_token"); }catch (Exception e){ e.printStackTrace(); throw new RuntimeException(); }finally { if(connection != null){ connection.disconnect(); } try { if(wr != null){ wr.flush(); wr.close(); } } catch (IOException e) { e.printStackTrace(); } } return accessToken; } public String getUserInfo(String accessToken){ String uid = null; CloseableHttpResponse response = null; BufferedReader in = null; String result = ""; String params = "Authorization=" + accessToken; byte[] postData = params.getBytes(Charset.forName("UTF-8")); HttpURLConnection connection = null; try { HttpGet httpGet = new HttpGet(USER_PROFILE_URL); RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(30000).setConnectionRequestTimeout(30000).setSocketTimeout(30000).build(); httpGet.setConfig(requestConfig); httpGet.addHeader("X-OAUTH-IDENTITY-DOMAIN-NAME", "IdmDomain"); httpGet.setHeader("Authorization", "Bearer "+accessToken); response = httpClient.execute(httpGet); BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent())); String line; StringBuffer resp = new StringBuffer(); while((line = rd.readLine()) != null){ resp.append(line); } rd.close(); JSONObject obj; obj = new JSONObject(resp.toString()); uid = obj.getString("sub"); }catch (Exception e){ e.printStackTrace(); throw new RuntimeException(); }finally { if(connection != null){ connection.disconnect(); } } return uid; } }