Skip to content

I
ibzuaa
提交 c966ea0d 编写于 作者: nancy's avatar nancy
浏览文件
操作

Revert "钉钉认证。" 

This reverts commit bbbfdc6b
上级 8daa166d
隐藏空白字符变更
内嵌 并排
正在显示 包含 91 行增加57 行删除
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UserDingtalkRegisterService.java
浏览文件 @ c966ea0d
......@@ -11,22 +11,34 @@ import cn.ibizlab.util.security.AuthenticationUser;
import cn.ibizlab.util.service.AuthenticationUserService;
import cn.ibizlab.util.service.IBZUSERService;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.nacos.client.identify.Base64;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.dingtalk.api.DefaultDingTalkClient;
import com.dingtalk.api.DingTalkClient;
import com.dingtalk.api.request.OapiGettokenRequest;
import com.dingtalk.api.request.OapiSnsGetuserinfoBycodeRequest;
import com.dingtalk.api.request.OapiUserGetuserinfoRequest;
import com.dingtalk.api.response.OapiGettokenResponse;
import com.dingtalk.api.response.OapiSnsGetuserinfoBycodeResponse;
import com.dingtalk.api.response.OapiUserGetuserinfoResponse;
import com.dingtalk.api.request.*;
import com.dingtalk.api.response.*;
import com.taobao.api.ApiException;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.sql.Timestamp;
import java.sql.Wrapper;
import java.util.Date;
/**
* 实体[IBZUSER] 钉钉用户注册接口实现
......@@ -37,63 +49,83 @@ public class UserDingtalkRegisterService {
@Autowired
private IBZUSERService ibzuserService;
@Autowired
private AuthenticationUserService authenticationUserService;
@Autowired
private ISysUserAuthService sysUserAuthService;
@Autowired
private ISysOpenAccessService sysOpenAccessService;
public synchronized String getAccessToken(SysOpenAccess sysOpenAccess) {
if (sysOpenAccess == null) {
log.error("无法获取对应的第三方认证信息,数据信息[{}],请检查数据库信息。", sysOpenAccess);
throw new BadRequestAlertException("无法获取对应的第三方认证信息,数据信息[{}],请检查数据库信息。", null, null);
private long lastRefreshTime=System.currentTimeMillis()-7200001;
private String accessToken="";
public boolean isExpire()
{
if(System.currentTimeMillis()<(lastRefreshTime+7200000))
{
System.currentTimeMillis();
return false;
}
return true;
}
if (sysOpenAccess.getExpiresTime() == null || System.currentTimeMillis() < (sysOpenAccess.getExpiresTime().getTime() + 7200000)) {
public synchronized String getAccessToken(String appKey,String appSecret)
{
if(isExpire()) {
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");
OapiGettokenRequest request = new OapiGettokenRequest();
request.setAppkey(sysOpenAccess.getAccessKey());
request.setAppsecret(sysOpenAccess.getSecretKey());
request.setAppkey("appKey");
request.setAppsecret("appSecret");
request.setHttpMethod("GET");
try {
OapiGettokenResponse response = client.execute(request);
if (response.getErrcode() != 0 || StringUtils.isEmpty(response.getAccessToken()))
throw new BadRequestAlertException("获取access_token失败", "UserDingtalkRegisterService", response.getErrmsg());
sysOpenAccess.setExpiresTime(new Timestamp(System.currentTimeMillis()));
sysOpenAccess.setAccessToken(response.getAccessToken());
if(response.getErrcode()!=0||StringUtils.isEmpty(response.getAccessToken()))
throw new BadRequestAlertException("获取access_token失败","UserDingtalkRegisterService",response.getErrmsg());
lastRefreshTime = System.currentTimeMillis();
accessToken = response.getAccessToken();
} catch (ApiException e) {
e.printStackTrace();
throw new InternalServerErrorException("获取access_token失败");
}
}
sysOpenAccessService.update(sysOpenAccess);
return sysOpenAccess.getAccessToken();
return accessToken;
}
@Autowired
private ISysOpenAccessService sysOpenAccessService;
public SysOpenAccess getOpenAccess(String id) {
return getOpenAccess(id, true);
public SysOpenAccess getOpenAccess(String id)
{
return getOpenAccess(id,true);
}
public SysOpenAccess getOpenAccess(String id, boolean throwEx) {
final String accessid = StringUtils.isEmpty(id) ? "dingtalk" : id;
SysOpenAccess sysOpenAccess = sysOpenAccessService.getOne(Wrappers.<SysOpenAccess>lambdaQuery().eq(SysOpenAccess::getOpenType, "dingtalk").
and(wrapper -> wrapper.eq(SysOpenAccess::getAccessKey, accessid).or().eq(SysOpenAccess::getId, accessid)), false);
if ((sysOpenAccess == null || (sysOpenAccess.getDisabled() != null && sysOpenAccess.getDisabled() == 1)) && throwEx)
throw new BadRequestAlertException("获取接入配置失败", "UserDingtalkRegisterService", "");
String accessToken = getAccessToken(sysOpenAccess);
public SysOpenAccess getOpenAccess(String id,boolean throwEx)
{
final String accessid = StringUtils.isEmpty(id)?"dingtalk":id;
SysOpenAccess sysOpenAccess=sysOpenAccessService.getOne(Wrappers.<SysOpenAccess>lambdaQuery().eq(SysOpenAccess::getOpenType,"dingtalk").
and(wrapper -> wrapper.eq(SysOpenAccess::getAccessKey,accessid).or().eq(SysOpenAccess::getId,accessid)),false);
if((sysOpenAccess==null|| (sysOpenAccess.getDisabled()!=null && sysOpenAccess.getDisabled()==1))&&throwEx)
throw new BadRequestAlertException("获取接入配置失败","UserDingtalkRegisterService","");
String accessToken = getAccessToken(sysOpenAccess.getAccessKey(),sysOpenAccess.getSecretKey());
if(!accessToken.equals(sysOpenAccess.getAccessToken()))
{
sysOpenAccess.setAccessToken(accessToken);
sysOpenAccess.setExpiresTime(new Timestamp(lastRefreshTime));
sysOpenAccessService.update(sysOpenAccess);
}
return sysOpenAccess;
}
public AuthenticationUser getUserByToken(String id, String requestAuthCode) {
public AuthenticationUser getUserByToken(String id,String requestAuthCode)
{
SysOpenAccess openAccess = getOpenAccess(id);
if (openAccess == null || (openAccess.getDisabled() != null && openAccess.getDisabled() == 1))
if (openAccess==null || (openAccess.getDisabled()!=null && openAccess.getDisabled()==1))
throw new BadRequestAlertException("未找到配置", "UserDingtalkRegisterService", "");
DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/getuserinfo");
......@@ -103,8 +135,8 @@ public class UserDingtalkRegisterService {
OapiUserGetuserinfoResponse response = null;
try {
response = client.execute(request, openAccess.getAccessToken());
if (response.getErrcode() != 0 || StringUtils.isEmpty(response.getUserid()))
throw new BadRequestAlertException("获取user失败", "UserDingtalkRegisterService", response.getErrmsg());
if(response.getErrcode()!=0||StringUtils.isEmpty(response.getUserid()))
throw new BadRequestAlertException("获取user失败","UserDingtalkRegisterService",response.getErrmsg());
} catch (ApiException e) {
e.printStackTrace();
throw new InternalServerErrorException("获取user失败");
......@@ -112,18 +144,19 @@ public class UserDingtalkRegisterService {
String userId = response.getUserid();
//先按userid或者username查
IBZUSER user = ibzuserService.getOne(Wrappers.<IBZUSER>lambdaQuery().eq(IBZUSER::getUserid, userId).or().eq(IBZUSER::getUsername, userId), false);
IBZUSER user = ibzuserService.getOne(Wrappers.<IBZUSER>lambdaQuery().eq(IBZUSER::getUserid,userId).or().eq(IBZUSER::getUsername,userId),false);
if (user == null) {
if(user==null)
{
//查不到情况下到auth表查真实userId
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>lambdaQuery().eq(SysUserAuth::getIdentityType, "dingtalk").eq(SysUserAuth::getIdentifier, userId), false);
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>lambdaQuery().eq(SysUserAuth::getIdentityType,"dingtalk").eq(SysUserAuth::getIdentifier, userId),false);
// 该钉钉用户注册过账号,登录系统
if (userAuth != null) {
if (userAuth!=null) {
user = ibzuserService.getById(userAuth.getUserid());
if (user == null)
throw new BadRequestAlertException("未找到" + userId + "对应系统用户", "UserDingtalkRegisterService", "");
if(user==null)
throw new BadRequestAlertException("未找到"+userId+"对应系统用户","UserDingtalkRegisterService","");
AuthenticationUser curUser = authenticationUserService.loadUserByUsername(user.getLoginname() + (StringUtils.isEmpty(user.getDomains()) ? "" : ("|" + user.getDomains())));
AuthenticationUser curUser = authenticationUserService.loadUserByUsername(user.getLoginname()+(StringUtils.isEmpty(user.getDomains())?"":("|"+user.getDomains())));
return curUser;
}
}
......@@ -137,41 +170,41 @@ public class UserDingtalkRegisterService {
*
* @return
*/
public JSONObject getUserBySnsToken(String id, String requestAuthCode) {
public JSONObject getUserBySnsToken(String id,String requestAuthCode) {
JSONObject returnObj = null;
SysOpenAccess openAccess = getOpenAccess(id);
if (openAccess == null || (openAccess.getDisabled() != null && openAccess.getDisabled() == 1))
if (openAccess==null || (openAccess.getDisabled()!=null && openAccess.getDisabled()==1))
throw new BadRequestAlertException("未找到配置", "UserDingtalkRegisterService", "");
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.setTmpAuthCode(requestAuthCode);
try {
OapiSnsGetuserinfoBycodeResponse response = client.execute(req, openAccess.getAccessKey(), openAccess.getSecretKey());
OapiSnsGetuserinfoBycodeResponse response = client.execute(req,openAccess.getAccessKey(),openAccess.getSecretKey());
if (response.getErrcode() != 0) {
if(response.getErrcode()!=0)
{
throw new BadRequestAlertException("获取user失败", "UserDingtalkRegisterService", response.getErrmsg());
}
returnObj.put("openid", response.getUserInfo().getOpenid());
returnObj.put("nickname", response.getUserInfo().getNick());
returnObj.put("unionid", response.getUserInfo().getUnionid());
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>lambdaQuery().eq(SysUserAuth::getIdentityType, "dingtalk")
SysUserAuth userAuth = sysUserAuthService.getOne(Wrappers.<SysUserAuth>lambdaQuery().eq(SysUserAuth::getIdentityType,"dingtalk")
.and(wrapper -> wrapper.eq(SysUserAuth::getIdentifier, response.getUserInfo().getOpenid()).or().eq(SysUserAuth::getIdentifier, response.getUserInfo().getUnionid())
), false);
),false);
IBZUSER user = null;
// 该钉钉用户注册过账号,登录系统
if (userAuth != null) {
if (userAuth!=null) {
user = ibzuserService.getById(userAuth.getUserid());
if (user == null)
user = ibzuserService.getOne(Wrappers.<IBZUSER>lambdaQuery().eq(IBZUSER::getUserid, response.getUserInfo().getOpenid()).or().eq(IBZUSER::getUsername, response.getUserInfo().getOpenid()), false);
user = ibzuserService.getOne(Wrappers.<IBZUSER>lambdaQuery().eq(IBZUSER::getUserid,response.getUserInfo().getOpenid()).or().eq(IBZUSER::getUsername,response.getUserInfo().getOpenid()),false);
if (user != null) {
returnObj.put("username", user.getLoginname() + (StringUtils.isEmpty(user.getDomains()) ? "" : ("|" + user.getDomains())));
if(user!=null)
{
returnObj.put("username",user.getLoginname()+(StringUtils.isEmpty(user.getDomains())?"":("|"+user.getDomains())));
}
}
......@@ -184,4 +217,5 @@ public class UserDingtalkRegisterService {
return returnObj;
}
}
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册