提交 19533c75 编写于 作者: sq3536's avatar sq3536

Merge remote-tracking branch 'origin/master'

......@@ -232,30 +232,25 @@
* @param thirdpart
*/
public tencentHandleClick(thirdpart: any) {
// window.QC.Login.showPopup({
// appId:"101884990",
// redirectURI:"http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin" //登录成功后会自动跳往该地址
// });
var _this = this;
// // 网站应用appid
const client_id = '101885024';
// 回调地址,即授权登录成功后跳转的地址(需要UrlEncode转码)
const redirect_uri = 'http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin';
// 随机生成一段字符串,防止CSRF攻击的
const state = Math.random().toString(36).substr(2);
// this.$store.dispatch(state);
// // qq授权登录地址
const url = 'https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=' + client_id + '&redirect_uri=' + redirect_uri + "&scope=get_user_info" + "&state=" + state;
// // 打开qq授权登录窗口,授权登录成功后会重定向到回调地址
this.openWindow(url, thirdpart, 540, 540);
this.$Message.warning("QQ授权登录暂未支持");
// var _this = this;
// const client_id = '101885024';// 网站应用appid
// const redirect_uri = 'http%3A%2F%2Fh6s33i.natappfree.cc%2F%23%2FqqLoginRedirect';// 回调地址,即授权登录成功后跳转的地址,需要UrlEncode转码
// const state = Math.random().toString(36).substr(2);// 随机生成一段字符串,防止CSRF攻击的
// const url = 'https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=' + client_id + '&redirect_uri=' + redirect_uri + "&scope=get_user_info" + "&state=" + state;// qq授权登录地址
// this.openWindow(url, thirdpart, 540, 540);
}
/**
* 微信授权登录
* @param thirddpart
* @param thirdpart
*/
public wechatHandleClick(thirddpart: any) {
public wechatHandleClick(thirdpart: any) {
this.$Message.warning("微信授权登录暂未支持");
// let appId = 'wxcfe83301b6e6615f'; //微信开放平台提供的appId
// let redirectURI = 'http%3A%2F%2Fh6s33i.natappfree.cc%2F%23%2FweixinLoginRedirect'; //微信扫码后回调地址,需要UrlEncode转码
// let url = 'https://open.weixin.qq.com/connect/qrconnect?appid=' + appId + '&redirect_uri=' + redirectURI + '&response_type=code&scope=snsapi_login&state=STATE#wechat_redirect';//微信扫码url
// this.openWindow(url, thirdpart, 540, 540);
}
/**
......
......@@ -232,7 +232,8 @@
param.registerType = "qq";
param.openId = this.openId;
param.accessToken = this.accessToken;
} else {
}
else {
this.$Message.error({
content: "注册并绑定QQ失败",
duration: 3,
......@@ -262,7 +263,7 @@
}
}).catch((e: any) => {
const data = e.data;
if (data && data.detail) {
if (data && data.message) {
this.$Message.error({
content: "注册失败," + data.message,
duration: 3,
......
......@@ -6,9 +6,7 @@
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<link rel="icon" href="<%= BASE_URL %>favicon.ico">
<title><%= htmlWebpackPlugin.options.title %></title>
<script type="text/javascript" src="http://qzonestyle.gtimg.cn/qzone/openapi/qc_loader.js" data-callback="true"
data-appid="101885024" data-redirecturi="http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin" charset="utf-8">
</script>
</head>
<body>
......
......@@ -37,6 +37,11 @@
git clone -b master $para2 ibzuaa/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzuaa/
mvn clean package -Pweb
cd ibzuaa-app/ibzuaa-app-web
mvn -Pweb docker:build
mvn -Pweb docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-app-web.yaml ibzlab-rt --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
......
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBIZ_SLEEP}s..." && \
sleep ${IBIZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-app-web.jar
EXPOSE 8080
EXPOSE 30002
ADD ibzuaa-app-web.jar /ibzuaa-app-web.jar
......@@ -3,9 +3,23 @@ services:
ibzuaa-app-web:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-app-web:latest
ports:
- "8080:8080"
- "30002:30002"
networks:
- agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=30002
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
- ABC=1
- DEC=2
deploy:
resources:
limits:
......
......@@ -107,6 +107,7 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/uaa/login").permitAll()
.antMatchers("/uaa/register").permitAll()
.antMatchers("/uaa/queryUserByOpenId").permitAll()
.antMatchers("/uaa/responseTokenToWeiXin").permitAll()
.anyRequest().authenticated()
// 防止iframe 造成跨域
.and().headers().frameOptions().disable();
......
server:
port: 8080
qqconnection:
app_ID: 101880571
app_KEY: d52af9b56e62d771ddde749a6ee0a4f9
redirect_URI: http://127.0.0.1:8111/#/qqLoginRedirect
scope: get_user_info,add_topic,add_one_blog,add_album,upload_pic,list_album,add_share,check_page_fans,add_t,add_pic_t,del_t,get_repost_list,get_info,get_other_info,get_fanslist,get_idollist,add_idol,del_ido,get_tenpay_addr
baseURL: https://graph.qq.com/
getUserInfoURL: https://graph.qq.com/user/get_user_info
accessTokenURL: https://graph.qq.com/oauth2.0/token
authorizeURL: https://graph.qq.com/oauth2.0/authorize
getOpenIDURL: https://graph.qq.com/oauth2.0/me
\ No newline at end of file
......@@ -26,9 +26,11 @@ import org.springframework.data.annotation.Transient;
/**
* [应用] 对象
*/
@Builder
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class SysApp extends EntityBase implements Serializable {
/**
......
......@@ -23,9 +23,9 @@ public class UserRegisterService{
@Autowired
private IBZUSERService ibzuserService;
@Value("${qqconnection.app_ID}")
@Value("${ibiz.auth.qq.app_id:}")
private String app_ID;
@Value("${qqconnection.getUserInfoURL}")
@Value("${ibiz.auth.qq.userinfo_uri:}")
private String getUserInfoURL;
/**
......@@ -42,32 +42,6 @@ public class UserRegisterService{
return ibzuser;
}
/**
* qq授权注册并登录
* @param ibzuser 注册用户
* @param qqAuthorizationInfo qq授权信息
*/
public IBZUSER qqRegisterAndLogin(IBZUSER ibzuser, JSONObject qqAuthorizationInfo) {
// 1.根据qqAuthorizationInfo获取AccessToken
String code = qqAuthorizationInfo.getString("code");
String state = qqAuthorizationInfo.getString("state");
String redirect_uri = "";
String appid = "";
String appkey = "";
String url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&client_id=" + appid + "&client_secret=" + appkey + "&code=" + code + "&redirect_uri=" + redirect_uri;
// 2.根据AccessToken获取OpenID值
// 3.根据OpenID获取该QQ用户的相关信息
// 4.创建ibzuser,成功则登录
boolean flag = ibzuserService.save(ibzuser);
if (!flag) {
return null;
}
return ibzuser;
}
/**
* qq授权注册
......
......@@ -125,3 +125,4 @@ public class SysAppServiceImpl implements ISysAppService {
}
......@@ -96,7 +96,6 @@ public class SysAuthLogServiceImpl extends ServiceImpl<SysAuthLogMapper, SysAuth
public boolean checkKey(SysAuthLog et) {
return (!ObjectUtils.isEmpty(et.getLogid()))&&(!Objects.isNull(this.getById(et.getLogid())));
}
@Override
@Transactional
public SysAuthLog get(String key) {
......@@ -184,3 +183,4 @@ public class SysAuthLogServiceImpl extends ServiceImpl<SysAuthLogMapper, SysAuth
}
......@@ -51,7 +51,6 @@ public class SysPSSystemServiceImpl extends ServiceImpl<SysPSSystemMapper, SysPS
public boolean checkKey(SysPSSystem et) {
return (!ObjectUtils.isEmpty(et.getPssystemid()))&&(!Objects.isNull(this.getById(et.getPssystemid())));
}
@Override
@Transactional
public SysPSSystem get(String key) {
......@@ -193,3 +192,4 @@ public class SysPSSystemServiceImpl extends ServiceImpl<SysPSSystemMapper, SysPS
}
......@@ -130,7 +130,6 @@ public class SysPermissionServiceImpl extends ServiceImpl<SysPermissionMapper, S
public boolean checkKey(SysPermission et) {
return (!ObjectUtils.isEmpty(et.getPermissionid()))&&(!Objects.isNull(this.getById(et.getPermissionid())));
}
@Override
@Transactional
public SysPermission get(String key) {
......@@ -187,3 +186,4 @@ public class SysPermissionServiceImpl extends ServiceImpl<SysPermissionMapper, S
}
......@@ -104,7 +104,6 @@ public class SysRolePermissionServiceImpl extends ServiceImpl<SysRolePermissionM
public boolean checkKey(SysRolePermission et) {
return (!ObjectUtils.isEmpty(et.getRolepermissionid()))&&(!Objects.isNull(this.getById(et.getRolepermissionid())));
}
@Override
@Transactional
public boolean save(SysRolePermission et) {
......@@ -245,3 +244,4 @@ public class SysRolePermissionServiceImpl extends ServiceImpl<SysRolePermissionM
}
......@@ -148,7 +148,6 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
}
/**
* 查询集合 DEFAULT
*/
......@@ -190,3 +189,4 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
}
......@@ -57,7 +57,6 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
public boolean checkKey(SysUserRole et) {
return (!ObjectUtils.isEmpty(et.getUserroleid()))&&(!Objects.isNull(this.getById(et.getUserroleid())));
}
@Override
public SysUserRole getDraft(SysUserRole et) {
fillParentData(et);
......@@ -243,3 +242,4 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
}
......@@ -80,7 +80,6 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
public boolean checkKey(SysUser et) {
return (!ObjectUtils.isEmpty(et.getUserid()))&&(!Objects.isNull(this.getById(et.getUserid())));
}
@Override
@Transactional
public SysUser get(String key) {
......@@ -187,3 +186,4 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
}
......@@ -73,9 +73,5 @@ public class ClientAuthenticationResource
}
@GetMapping(value = "uaa/publickey")
public ResponseEntity<String> getPublicKey(){
return ResponseEntity.ok().body(uaaCoreService.getPublicKey());
}
}
......@@ -93,4 +93,10 @@ public class UAACoreResource {
return ResponseEntity.ok(sysAppService.saveAppSwitcher(id,AuthenticationUser.getAuthenticationUser().getUserid(),config));
}
@GetMapping(value = "uaa/publickey")
public ResponseEntity<String> getPublicKey(){
return ResponseEntity.ok().body(uaaCoreService.getPublicKey());
}
}
......@@ -9,14 +9,13 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.*;
@RestController
......@@ -27,7 +26,7 @@ public class UserRegisterResource {
@Autowired
private ISysPSSystemService iSysPSSystemService;
@Value("${qqconnection.redirect_URI}")
@Value("${ibiz.auth.qq.redirect_uri:http://127.0.0.1:8111/#/qqLoginRedirect}")
private String redirect_URI;
@PostMapping(value = "/uaa/register")
......@@ -40,7 +39,7 @@ public class UserRegisterResource {
String registerType = param.getString("registerType");
if (StringUtils.isEmpty(loginname))
throw new BadRequestAlertException("用户名为空", "register", "");
if (StringUtils.isEmpty(personname))
if (StringUtils.isEmpty(personname) && (!"qq".equals(registerType) && !"weixin".equals(registerType)))
throw new BadRequestAlertException("用户姓名为空", "register", "");
if (StringUtils.isEmpty(password))
throw new BadRequestAlertException("密码为空", "register", "");
......@@ -67,12 +66,11 @@ public class UserRegisterResource {
userRegisterService.commomRegister(ibzuser);
break;
case "qq":// qq授权注册
ibzuser.setUserid("qq-" + uuid);
String openId = param.getString("openId");
String accessToken = param.getString("accessToken");
userRegisterService.qqRegister(ibzuser, openId, accessToken);
// JSONObject qqAuthorizationInfo = (JSONObject) param.get("qqAuthorizationInfo");
// userRegisterService.qqRegisterAndLogin(ibzuser, qqAuthorizationInfo);
ibzuser = null;
// ibzuser.setUserid("qq-" + uuid);
// String openId = param.getString("openId");
// String accessToken = param.getString("accessToken");
// userRegisterService.qqRegister(ibzuser, openId, accessToken);
break;
default:
ibzuser.setUserid("commom-" + uuid);
......@@ -86,6 +84,7 @@ public class UserRegisterResource {
/**
* 根据openId查用户
*
* @param param
* @return
*/
......@@ -111,5 +110,40 @@ public class UserRegisterResource {
return ResponseEntity.ok().body(object);
}
//这里的token要和微信测试号网页填写的token一样
public static final String TOKEN = "weixin";
/**
* 响应微信发送的Token验证
*
* @param signature  微信加密签名,signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数
* @param timestamp  时间戳
* @param nonce  随机数
* @param echostr  随机字符串
* @param response 响应对象
* @throws IOException
* @throws NoSuchAlgorithmException
*/
@GetMapping(value = "/uaa/responseTokenToWeiXin")
public void responseTokenToWeiXin(String signature, String timestamp, String nonce, String echostr, HttpServletResponse response) throws IOException, NoSuchAlgorithmException {
// 将token、timestamp、nonce三个参数进行字典序排序
System.out.println("signature:" + signature);
System.out.println("timestamp:" + timestamp);
System.out.println("nonce:" + nonce);
System.out.println("echostr:" + echostr);
System.out.println("TOKEN:" + TOKEN);
String[] params = new String[]{TOKEN, timestamp, nonce};
Arrays.sort(params);
// 将三个参数字符串拼接成一个字符串进行sha1加密
String clearText = params[0] + params[1] + params[2];
String algorithm = "SHA-1";
String sign = new String(org.apache.commons.codec.binary.Hex.encodeHex(MessageDigest.getInstance(algorithm).digest((clearText).getBytes()), true));
// 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
if (signature.equals(sign)) {
// 确认此次GET请求来自微信服务器,原样返回echostr参数内容,则接入生效,成为开发者成功
response.getWriter().print(echostr);
}
}
}
......@@ -10,6 +10,10 @@ public class CustomJacksonSerializer<T> extends Jackson2JsonRedisSerializer<T>
public static final String DEFAULT_PACKAGE ="[\\w+\\.]+\\.AuthenticationUser";
public static final String CLASSNAME_EX="_$$_";
public static final String CLASSNAME_EX_PATTEN="(_\\$\\$_)(\\w+)";
public static final String USER_PACKAGE= AuthenticationUser.class.getName();
public CustomJacksonSerializer(Class type) {
......@@ -20,6 +24,12 @@ public class CustomJacksonSerializer<T> extends Jackson2JsonRedisSerializer<T>
public T deserialize(byte[] bytes) throws SerializationException {
String serializerContent = new String(bytes, DEFAULT_CHARSET);
Matcher matcher = Pattern.compile(DEFAULT_PACKAGE).matcher(serializerContent);
return matcher.find()?super.deserialize(serializerContent.replaceAll(DEFAULT_PACKAGE,USER_PACKAGE).getBytes()):super.deserialize(bytes);
if(matcher.find()){
serializerContent=serializerContent.replaceAll(DEFAULT_PACKAGE,USER_PACKAGE);
}
if(serializerContent.contains(CLASSNAME_EX)){
serializerContent=serializerContent.replaceAll(CLASSNAME_EX_PATTEN,"");
}
return super.deserialize(serializerContent.getBytes());
}
}
......@@ -98,3 +98,14 @@ xxl:
logpath: /app/joblog
logretentiondays: -1
#qq授权接入
qqconnection:
app_ID: 101880571
app_KEY: d52af9b56e62d771ddde749a6ee0a4f9
redirect_URI: http://127.0.0.1:8111/#/qqLoginRedirect
scope: get_user_info,add_topic,add_one_blog,add_album,upload_pic,list_album,add_share,check_page_fans,add_t,add_pic_t,del_t,get_repost_list,get_info,get_other_info,get_fanslist,get_idollist,add_idol,del_ido,get_tenpay_addr
baseURL: https://graph.qq.com/
getUserInfoURL: https://graph.qq.com/user/get_user_info
accessTokenURL: https://graph.qq.com/oauth2.0/token
authorizeURL: https://graph.qq.com/oauth2.0/authorize
getOpenIDURL: https://graph.qq.com/oauth2.0/me
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册