Skip to content

I
ibzuaa
提交 64fca33d 编写于 作者: laizhilong's avatar laizhilong
浏览文件
操作

修改第三方授权应用信息获取方式

上级 f2f6aee0
隐藏空白字符变更
内嵌 并排
正在显示 包含 86 行增加68 行删除
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UserDingtalkRegisterService.java
浏览文件 @ 64fca33d
......@@ -69,24 +69,24 @@ public class UserDingtalkRegisterService {
*
* @param code
* @param currentTimeMillis
* @param dingTalkAppId
* @param dingTalkAppSecret
* @param appId
* @param appSecret
* @return
*/
public JSONObject requestDingtalkUserByCode(String code, long currentTimeMillis, String dingTalkAppId, String dingTalkAppSecret) {
public JSONObject requestDingtalkUserByCode(String code, long currentTimeMillis, String appId, String appSecret) {
JSONObject returnObj = null;
CloseableHttpClient client = null;
try {
// 根据timestamp, appSecret计算签名值
String stringToSign = String.valueOf(currentTimeMillis);
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(dingTalkAppSecret.getBytes("UTF-8"), "HmacSHA256"));
mac.init(new SecretKeySpec(appSecret.getBytes("UTF-8"), "HmacSHA256"));
byte[] signatureBytes = mac.doFinal(stringToSign.getBytes("UTF-8"));
String signature = new String(Base64.encodeBase64(signatureBytes));
String urlEncodeSignature = URLEncoder.encode(signature, "UTF-8");
// 通过临时授权码Code获取用户信息,临时授权码只能使用一次
String url = "https://oapi.dingtalk.com/sns/getuserinfo_bycode?accessKey=" + dingTalkAppId
String url = "https://oapi.dingtalk.com/sns/getuserinfo_bycode?accessKey=" + appId
+ "&timestamp=" + currentTimeMillis
+ "&signature=" + urlEncodeSignature;
......
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UserQQRegisterService.java
浏览文件 @ 64fca33d
......@@ -55,21 +55,21 @@ public class UserQQRegisterService {
* 通过code获取QQ用户信息
*
* @param code
* @param qqRedirectUri
* @param qqAppid
* @param qqAppkey
* @param redirectUri
* @param appId
* @param appSecret
* @return
*/
public JSONObject requestQQUserByCode(String code, String qqRedirectUri, String qqAppid, String qqAppkey) {
public JSONObject requestQQUserByCode(String code, String redirectUri, String appId, String appSecret) {
JSONObject returnObj = null;
try {
// 1.根据code获取access_token
String getAccessTokenUrl = "https://graph.qq.com/oauth2.0/token?" +
"grant_type=authorization_code" +
"&client_id=" + qqAppid +
"&client_secret=" + qqAppkey +
"&client_id=" + appId +
"&client_secret=" + appSecret +
"&code=" + code +
"&redirect_uri=" + qqRedirectUri;
"&redirect_uri=" + redirectUri;
String responserStr = HttpUtils.get(getAccessTokenUrl, null, null);
JSONObject responseObj = new JSONObject();
if (StringUtils.isEmpty(responserStr)) {
......@@ -108,7 +108,7 @@ public class UserQQRegisterService {
// 3.使用access_token以及OpenID来访问和修改用户数据
String getQQUserInfoUrl = "https://graph.qq.com/user/get_user_info?" +
"access_token=" + access_token +
"&oauth_consumer_key=" + qqAppid +
"&oauth_consumer_key=" + appId +
"&openid=" + openid;
returnObj = JSONObject.parseObject(HttpUtils.get(getQQUserInfoUrl, null, null));
if (StringUtils.isEmpty(returnObj)) {
......
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UserWechatRegisterService.java
浏览文件 @ 64fca33d
......@@ -57,17 +57,17 @@ public class UserWechatRegisterService {
*
* @param code
* @param state
* @param wechatAppId
* @param wechatappsecret
* @param appId
* @param appSecret
* @return
*/
public JSONObject requestWechatUserByCode(String code, String state, String wechatAppId, String wechatappsecret) {
public JSONObject requestWechatUserByCode(String code, String state, String appId, String appSecret) {
JSONObject returnObj = null;
try {
// 1.根据code获取access_token、openid、refresh_token
String getAccessTokenUrl = "https://api.weixin.qq.com/sns/oauth2/access_token?" +
"appid=" + wechatAppId +
"&secret=" + wechatappsecret +
"appid=" + appId +
"&secret=" + appSecret +
"&code=" + code +
"&grant_type=authorization_code";
JSONObject responseObj = JSONObject.parseObject(HttpUtils.get(getAccessTokenUrl, null, null));
......@@ -86,7 +86,7 @@ public class UserWechatRegisterService {
if (responseObj2.getInteger("errcode") != 0) {
// access_token已失效,使用refresh_token刷新access_token
String refreshAccess_token = "https://api.weixin.qq.com/sns/oauth2/refresh_token?" +
"appid=" + wechatAppId +
"appid=" + appId +
"&grant_type=refresh_token" +
"&refresh_token=" + refresh_token;
JSONObject responseObj3 = JSONObject.parseObject(HttpUtils.get(refreshAccess_token, null, null));
......
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/UserDingtalkRegisterResource.java
浏览文件 @ 64fca33d
package cn.ibizlab.api.rest.extensions;
import cn.ibizlab.core.uaa.domain.SysOpenAccess;
import cn.ibizlab.core.uaa.domain.SysUserAuth;
import cn.ibizlab.core.uaa.extensions.service.UserDingtalkRegisterService;
import cn.ibizlab.core.uaa.service.ISysOpenAccessService;
import cn.ibizlab.core.uaa.service.ISysUserAuthService;
import cn.ibizlab.util.domain.IBZUSER;
import cn.ibizlab.util.errors.BadRequestAlertException;
......@@ -14,7 +16,6 @@ import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
......@@ -22,7 +23,6 @@ import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
import java.util.UUID;
......@@ -40,11 +40,8 @@ public class UserDingtalkRegisterResource {
@Autowired
@Qualifier("UAAUserService")
private AuthenticationUserService userDetailsService;
@Value("${ibiz.auth.dingtalk.appid:}")// 个人应用开发过程中的唯一性标识AppId,最好在配置文件进行初始化
private String DingtalkAppid;
@Value("${ibiz.auth.dingtalk.appsecret:}")// 个人应用AppSecret,最好在配置文件进行初始化
private String DingtalkAppSecret;
@Autowired
private ISysOpenAccessService openAccessService;
/**
* 获取钉钉开放平台创建的网站应用appid
......@@ -52,9 +49,12 @@ public class UserDingtalkRegisterResource {
@GetMapping(value = "/uaa/getDingtalkAppId")
public ResponseEntity<JSONObject> getDingtalkAppId() {
JSONObject obj = new JSONObject();
String appid = DingtalkAppid;
if (!StringUtils.isEmpty(appid)) {
obj.put("appid", appid);
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","dingtalk"));
if (!"1".equals(openAccess.getDisabled())) {
String appId = openAccess.getAccessKey();
if (!StringUtils.isEmpty(appId)) {
obj.put("appid", appId);
}
}
return ResponseEntity.ok(obj);
......@@ -75,11 +75,19 @@ public class UserDingtalkRegisterResource {
if (StringUtils.isEmpty(code))
throw new BadRequestAlertException("code为空", "UserDingtalkRegisterResource", "");
// 从数据库中获取钉钉授权应用信息
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","dingtalk"));
if ("1".equals(openAccess.getDisabled()) || StringUtils.isEmpty(openAccess)) {
throw new BadRequestAlertException("未获得钉钉授权", "UserDingtalkRegisterResource", "");
}
String appId = openAccess.getAccessKey();// 个人应用开发过程中的唯一性标识AppId
String appSecret = openAccess.getSecretKey();// 个人应用AppSecret
// 通过code获取钉钉用户信息
String openid = null;
String nickname = null;
long currentTimeMillis = System.currentTimeMillis();
JSONObject returnObj = userDingtalkRegisterService.requestDingtalkUserByCode(code, currentTimeMillis, DingtalkAppid, DingtalkAppSecret);
JSONObject returnObj = userDingtalkRegisterService.requestDingtalkUserByCode(code, currentTimeMillis, appId, appSecret);
if (!StringUtils.isEmpty(returnObj) && !returnObj.containsKey("errcode")) {
openid = returnObj.getString("openid");
nickname = returnObj.getString("nick");
......@@ -88,11 +96,10 @@ public class UserDingtalkRegisterResource {
}
// 根据openid查用户授权信息
List<SysUserAuth> sysUserAuths = sysUserAuthService.list(Wrappers.<SysUserAuth>query().eq("identifier", openid));
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>query().eq("identifier", openid));
// 该钉钉用户注册过账号,登录系统
if (sysUserAuths.size()>0) {
SysUserAuth userauth = sysUserAuths.get(0);
IBZUSER ibzuser = ibzuserService.getById(userauth.getUserid());
if (!StringUtils.isEmpty(userAuth)) {
IBZUSER ibzuser = ibzuserService.getById(userAuth.getUserid());
JSONObject ibzuserObj = new JSONObject();
ibzuserObj.put("loginname", ibzuser.getLoginname());
ibzuserObj.put("password", ibzuser.getPassword());
......@@ -153,7 +160,6 @@ public class UserDingtalkRegisterResource {
userAuth.setIdentityType("dingtalk");
userDingtalkRegisterService.toCreateUserAuth(userAuth);
// 注册成功,登录系统
if (!StringUtils.isEmpty(ibzuser)) {
JSONObject ibzuserObj = new JSONObject();
......
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/UserQQRegisterResource.java
浏览文件 @ 64fca33d
package cn.ibizlab.api.rest.extensions;
import cn.ibizlab.core.uaa.domain.SysOpenAccess;
import cn.ibizlab.core.uaa.domain.SysUserAuth;
import cn.ibizlab.core.uaa.extensions.service.UserQQRegisterService;
import cn.ibizlab.core.uaa.service.ISysOpenAccessService;
import cn.ibizlab.core.uaa.service.ISysUserAuthService;
import cn.ibizlab.util.domain.IBZUSER;
import cn.ibizlab.util.errors.BadRequestAlertException;
......@@ -14,7 +16,6 @@ import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
......@@ -40,14 +41,8 @@ public class UserQQRegisterResource {
@Autowired
@Qualifier("UAAUserService")
private AuthenticationUserService userDetailsService;
@Value("${ibiz.auth.qq.appid:}")// qq互联appid,在配置文件进行初始化
private String qqAppId;
@Value("${ibiz.auth.qq.appkey:}")// qq互联appkey,在配置文件进行初始化
private String qqAppKey;
@Value("${ibiz.auth.qq.redirect_uri:}")// qq互联应用回调地址,在配置文件进行初始化
private String qqRedirectUri;
@Autowired
private ISysOpenAccessService openAccessService;
/**
* 获取QQ互联平台创建的网站应用appid
......@@ -55,9 +50,12 @@ public class UserQQRegisterResource {
@GetMapping(value = "/uaa/getQQAppId")
public ResponseEntity<JSONObject> getQQAppId() {
JSONObject obj = new JSONObject();
String appid = qqAppId;
if (!StringUtils.isEmpty(appid)) {
obj.put("appid", appid);
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","qq"));
if (!"1".equals(openAccess.getDisabled())) {
String appId = openAccess.getAccessKey();// qq互联appid
if (!StringUtils.isEmpty(appId)) {
obj.put("appid", appId);
}
}
return ResponseEntity.ok(obj);
......@@ -76,11 +74,19 @@ public class UserQQRegisterResource {
String code = param.getString("code");
if (StringUtils.isEmpty(code))
throw new BadRequestAlertException("code为空", "UserQQRegisterResource", "");
// 从数据库中获取qq互联信息
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","qq"));
if ("1".equals(openAccess.getDisabled()) || StringUtils.isEmpty(openAccess)) {
throw new BadRequestAlertException("未获得qq授权", "UserQQRegisterResource", "");
}
String appId = openAccess.getAccessKey();// qq互联appid
String appSecret = openAccess.getSecretKey();// qq互联appkey
String redirectUri = openAccess.getRedirectUri();// qq互联应用回调地址
// 通过code获取QQ用户信息
String openid = null;
String nickname = null;
JSONObject returnObj = userQQRegisterService.requestQQUserByCode(code, qqRedirectUri, qqAppId, qqAppKey);
JSONObject returnObj = userQQRegisterService.requestQQUserByCode(code, redirectUri, appId, appSecret);
if (!StringUtils.isEmpty(returnObj) && !returnObj.containsKey("errcode")) {
openid = returnObj.getString("openid");
nickname = returnObj.getString("nickname");
......@@ -89,11 +95,10 @@ public class UserQQRegisterResource {
}
// 根据openid查用户授权信息
List<SysUserAuth> sysUserAuths = sysUserAuthService.list(Wrappers.<SysUserAuth>query().eq("identifier", openid));
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>query().eq("identifier", openid));
// 该QQ用户注册过账号,登录系统
if (sysUserAuths.size()>0) {
SysUserAuth userauth = sysUserAuths.get(0);
IBZUSER ibzuser = ibzuserService.getById(userauth.getUserid());
if (!StringUtils.isEmpty(userAuth)) {
IBZUSER ibzuser = ibzuserService.getById(userAuth.getUserid());
JSONObject ibzuserObj = new JSONObject();
ibzuserObj.put("loginname", ibzuser.getLoginname());
ibzuserObj.put("password", ibzuser.getPassword());
......
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/UserWechatRegisterResource.java
浏览文件 @ 64fca33d
package cn.ibizlab.api.rest.extensions;
import cn.ibizlab.core.uaa.domain.SysOpenAccess;
import cn.ibizlab.core.uaa.domain.SysUserAuth;
import cn.ibizlab.core.uaa.extensions.service.UserWechatRegisterService;
import cn.ibizlab.core.uaa.service.ISysOpenAccessService;
import cn.ibizlab.core.uaa.service.ISysUserAuthService;
import cn.ibizlab.util.domain.IBZUSER;
import cn.ibizlab.util.errors.BadRequestAlertException;
......@@ -14,7 +16,6 @@ import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
......@@ -40,12 +41,8 @@ public class UserWechatRegisterResource {
@Autowired
@Qualifier("UAAUserService")
private AuthenticationUserService userDetailsService;
@Value("${ibiz.auth.wechat.appID:}")// 微信开放平台appid,最好在配置文件进行初始化
private String WechatAppid;
@Value("${ibiz.auth.wechat.appsecret:}")// 微信开放平台appsecret,最好在配置文件进行初始化
private String WechatAppsecret;
@Autowired
private ISysOpenAccessService openAccessService;
/**
* 获取微信开放平台创建的网站应用appid
......@@ -53,9 +50,12 @@ public class UserWechatRegisterResource {
@GetMapping(value = "/uaa/getWechatAppId")
public ResponseEntity<JSONObject> getWechatAppId() {
JSONObject obj = new JSONObject();
String appid = WechatAppid;
if (!StringUtils.isEmpty(appid)) {
obj.put("appid", appid);
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","webchart"));
if (!"1".equals(openAccess.getDisabled())) {
String appId = openAccess.getAccessKey();
if (!StringUtils.isEmpty(appId)) {
obj.put("appid", appId);
}
}
return ResponseEntity.ok(obj);
......@@ -74,12 +74,20 @@ public class UserWechatRegisterResource {
// 空校验
String code = param.getString("code");
if (StringUtils.isEmpty(code))
throw new BadRequestAlertException("code为空", "UserRegisterResource", "");
throw new BadRequestAlertException("code为空", "UserWechatRegisterResource", "");
// 从数据库中获取微信授权应用信息
SysOpenAccess openAccess = openAccessService.getOne(Wrappers.<SysOpenAccess>query().eq("open_type","webchart"));
if ("1".equals(openAccess.getDisabled()) || StringUtils.isEmpty(openAccess)) {
throw new BadRequestAlertException("未获得微信授权", "UserWechatRegisterResource", "");
}
String appId = openAccess.getAccessKey();// 微信开放平台appid
String appSecret = openAccess.getSecretKey();// 微信开放平台appsecret
// 通过code获取微信用户信息
String openid = null;
String nickname = null;
JSONObject returnObj = userWechatRegisterService.requestWechatUserByCode(code, null, WechatAppid, WechatAppsecret);
JSONObject returnObj = userWechatRegisterService.requestWechatUserByCode(code, null, appId, appSecret);
if (!StringUtils.isEmpty(returnObj) && !returnObj.containsKey("errcode")) {
openid = returnObj.getString("openid");
nickname = returnObj.getString("nickname");
......@@ -88,11 +96,10 @@ public class UserWechatRegisterResource {
}
// 根据openid查用户授权信息
List<SysUserAuth> sysUserAuths = sysUserAuthService.list(Wrappers.<SysUserAuth>query().eq("identifier", openid));
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>query().eq("identifier", openid));
// 该微信用户注册过账号,登录系统
if (sysUserAuths.size()>0) {
SysUserAuth userauth = sysUserAuths.get(0);
IBZUSER ibzuser = ibzuserService.getById(userauth.getUserid());
if (!StringUtils.isEmpty(userAuth)) {
IBZUSER ibzuser = ibzuserService.getById(userAuth.getUserid());
JSONObject ibzuserObj = new JSONObject();
ibzuserObj.put("loginname", ibzuser.getLoginname());
ibzuserObj.put("password", ibzuser.getPassword());
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册